template-blog-webapp-nextjs
template-blog-webapp-nextjs copied to clipboard
Published
20 hours ago •
contentful
contentful
chore: update node.js to v18.20.8 (main-private)
This PR contains the following updates:
| Package | Type | Update | Change | Age | Confidence |
|---|---|---|---|---|---|
| node (source) | minor | v18.16.1 -> 18.20.8 |
|||
| @types/node (source) | devDependencies | minor | 18.11.9 -> 18.19.130 |
[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
nodejs/node (node)
v18.20.8: 2025-03-27, Version 18.20.8 'Hydrogen' (LTS), @richardlau
Notable Changes
This release updates OpenSSL to 3.0.16 and root certificates to NSS 3.108.
Commits
- [
f737a79073] - async_hooks,inspector: implement inspector api without async_wrap (Gabriel Bota) #51501 - [
fce923ba69] - build: update gcovr to 7.2 and codecov config (Benjamin E. Coe) #54019 - [
8b7ffd807c] - build: fix compatibility with V8'sdepot_tools(Richard Lau) #57330 - [
ee9a343413] - crypto: update root certificates to NSS 3.108 (Node.js GitHub Bot) #57381 - [
738bf8aea4] - crypto: update root certificates to NSS 3.104 (Richard Lau) #55681 - [
69d661d591] - deps: update undici to v5.29.0 (Matteo Collina) #57557 - [
59fcf43b0e] - deps: update corepack to 0.32.0 (Node.js GitHub Bot) #57265 - [
1b72869503] - deps: update archs files for openssl-3.0.16 (Node.js GitHub Bot) #57335 - [
a566560235] - deps: upgrade openssl sources to quictls/openssl-3.0.16 (Node.js GitHub Bot) #57335 - [
50c4e1da2f] - doc: add missingdeprecatedbadges infs.md(Yukihiro Hasegawa) #57384 - [
c3babb4671] - doc: update Xcode version used for arm64 and pkg (Michaël Zasso) #57104 - [
784da606a6] - doc: fix link and history ofSourceMapsections (Antoine du Hamel) #57098 - [
f5dbceccbe] - test: update error code in tls-psk-circuit for for OpenSSL 3.4 (sebastianas) #56420
v18.20.7: 2025-02-20, Version 18.20.7 'Hydrogen' (LTS), @aduh95
Notable Changes
- [
ea5eb0e98b] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #56566
Commits
- [
bb2977ca6c] - build: use glob for dependencies of out/Makefile (Richard Lau) #55789 - [
92896945b8] - build: support python 3.13 (Chengzhong Wu) #53190 - [
ea5eb0e98b] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #56566 - [
d03a23577d] - deps: V8: cherry-pick26fd1df(Shu-yu Guo) #55873 - [
53bb21b093] - deps: V8: backportae5a4db(Shu-yu Guo) #55873 - [
5eb6dfe284] - deps: update zlib to 1.3.0.1-motley-82a5fec (Node.js GitHub Bot) #55980 - [
734515a0f7] - deps: update zlib to 1.3.0.1-motley-7e2e4d7 (Node.js GitHub Bot) #54432 - [
d64cc98324] - deps: update simdutf to 5.6.4 (Node.js GitHub Bot) #56255 - [
9eab21dd1d] - deps: update simdutf to 5.6.3 (Node.js GitHub Bot) #55973 - [
2e3367b46a] - deps: update simdutf to 5.6.2 (Node.js GitHub Bot) #55889 - [
df74d66207] - deps: update simdutf to 5.6.1 (Node.js GitHub Bot) #55850 - [
ade37ee0b3] - deps: update acorn to 8.14.0 (Node.js GitHub Bot) #55699 - [
a3c367adbd] - deps: update corepack to 0.31.0 (Node.js GitHub Bot) #56795 - [
2cff6a8428] - deps: update corepack to 0.30.0 (Node.js GitHub Bot) #55977 - [
8b8c9a2cf5] - doc: update macOS and Xcode versions for releases (Michaël Zasso) #56337 - [
706af28113] - doc: add "Skip to content" button (Antoine du Hamel) #56750 - [
634a6b3a14] - doc: improve accessibility of expandable lists (Antoine du Hamel) #56749 - [
f0b60c5bf9] - doc: fix arrow vertical alignment in HTML version (Akash Yeole) #52193 - [
91cce27ebb] - doc: remove flicker on page load on dark theme (Dima Demakov) #50942 - [
522fbb00a8] - doc: make theme consistent across api and other docs (Dima Demakov) #50877 - [
1486465520] - doc: save user preference for JS flavor (Vidar Eldøy) #49526 - [
d74cff7e59] - doc: rename possibly confusing variable and CSS class (Antoine du Hamel) #49536 - [
4829d976fe] - doc: add main ARIA landmark to API docs (Rich Trott) #49882 - [
6c4ce1f1d4] - doc: add navigation ARIA landmark to doc ToC (Rich Trott) #49882 - [
33548f8c1f] - doc: add history entries for JSON modules stabilization (Antoine du Hamel) #55855 - [
e12bdf6141] - meta: bumpactions/upload-artifactfrom 4.4.3 to 4.6.0 (dependabot[bot]) #56861 - [
6f44ef388b] - meta: bump actions/upload-artifact from 4.4.0 to 4.4.3 (dependabot[bot]) #55685 - [
ae39211117] - meta: bump actions/upload-artifact from 4.3.4 to 4.4.0 (dependabot[bot]) #54703 - [
4cf80b37c7] - meta: bumpactions/upload-artifactfrom 4.3.3 to 4.3.4 (dependabot[bot]) #54166 - [
4d402b79cb] - meta: bumpactions/download-artifactfrom 4.1.7 to 4.1.8 (dependabot[bot]) #54167 - [
1c01f93497] - meta: bump actions/upload-artifact from 4.3.1 to 4.3.3 (dependabot[bot]) #52785 - [
6558a516ec] - meta: bump actions/download-artifact from 4.1.4 to 4.1.7 (dependabot[bot]) #52784 - [
dd70860ec8] - meta: bump actions/download-artifact from 4.1.3 to 4.1.4 (dependabot[bot]) #52314 - [
4a24d92a45] - meta: bump actions/upload-artifact from 4.3.0 to 4.3.1 (dependabot[bot]) #51941 - [
655b9071b9] - meta: bump actions/download-artifact from 4.1.1 to 4.1.3 (dependabot[bot]) #51938 - [
0e6ad795aa] - meta: bump actions/download-artifact from 4.1.0 to 4.1.1 (dependabot[bot]) #51644 - [
61babc5037] - meta: bump actions/upload-artifact from 4.0.0 to 4.3.0 (dependabot[bot]) #51643 - [
8b16d80029] - meta: update artifact actions to v4 (Michaël Zasso) #51219 - [
d47e8cb86d] - test: do not use deprecated import assertions (Antoine du Hamel) #55873 - [
06c523d693] - test: marktest-inspector-stop-profile-after-doneas flaky (Antoine du Hamel) #57001 - [
dafea86962] - test: marktest-perf-hooksas flaky on macOS (Antoine du Hamel) #57001 - [
8e53f1f43d] - test: mark test-inspector-multisession-ws as flaky (Antoine du Hamel) #57001 - [
350eb50bbe] - test: marktest-performance-functionas flaky (Antoine du Hamel) #57001 - [
a1f428a343] - test: skiptest-perf-hookson SmartOS (Antoine du Hamel) #57001 - [
199f52fcc0] - test: make test-crypto-hash compatible with OpenSSL > 3.4.0 (Jelle van der Waa) #56160 - [
b08ce67d48] - test: compare paths on Windows without considering case (Early Riser) #53993 - [
6e84d211a1] - test: deflake test-perf-hooks.js (Joyee Cheung) #49892 - [
a7f565fc7f] - tools: fix failinglint-shworkflow (Antoine du Hamel) #56995
v18.20.6: 2025-01-21, Version 18.20.6 'Hydrogen' (LTS), @RafaelGSS
This is a security release.
Notable Changes
- CVE-2025-23085 - src: fix HTTP2 mem leak on premature close and ERR_PROTO (Medium)
- CVE-2025-23084 - path: fix path traversal in normalize() on Windows (Medium)
Dependency update:
- CVE-2025-22150 - Use of Insufficiently Random Values in undici fetch() (Medium)
Commits
- [
c03ad5ed63] - build: use rclone instead of aws CLI (Michaël Zasso) #55617 - [
8232463294] - build, tools: drop leading/fromr2dir(Richard Lau) #53951 - [
b26bcd3394] - build, tools: copy release assets to staging R2 bucket once built (flakey5) #51394 - [
56df127b7b] - build,tools: simplify upload of shasum signatures (Michaël Zasso) #53892 - [
a63e9372ed] - (CVE-2025-22150) deps: update undici to v5.28.5 (Matteo Collina) nodejs-private/node-private#657 - [
da2d177f91] - (CVE-2025-23084) path: fix path traversal in normalize() on Windows (Tobias Nießen) nodejs-private/node-private#555 - [
6cc8d58e6f] - (CVE-2025-23085) src: fix HTTP2 mem leak on premature close and ERR_PROTO (RafaelGSS) nodejs-private/node-private#650
v18.20.5: 2024-11-12, Version 18.20.5 'Hydrogen' (LTS), @aduh95
Notable Changes
- [
ac37e554a5] - esm: mark import attributes and JSON module as stable (Nicolò Ribaudo) #55333
Commits
- [
c2e6a8f215] - benchmark: fix napi/ref addon (Michaël Zasso) #53233 - [
4c2e07aaac] - build: pin doc workflow to Node.js 20 (Richard Lau) #55755 - [
6ba4ebd060] - build: fix build with Python 3.12 (Luigi Pinca) #50582 - [
c50f01399e] - crypto: ensure invalid SubtleCrypto JWK data import results in DataError (Filip Skokan) #55041 - [
5c46782137] - crypto: make deriveBits length parameter optional and nullable (Filip Skokan) #53601 - [
6e7274fa53] - crypto: reject dh,x25519,x448 in {Sign,Verify}Final (Huáng Jùnliàng) #53774 - [
d2442044db] - crypto: rejectEd25519/Ed448 in Sign/Verify prototypes (Filip Skokan) #52340 - [
93670de499] - deps: upgrade npm to 10.8.2 (npm team) #53799 - [
8531c95587] - deps: upgrade npm to 10.8.1 (npm team) #53207 - [
fd9933ea0f] - deps: upgrade npm to 10.8.0 (npm team) #53014 - [
03852495d7] - deps: update simdutf to 5.6.0 (Node.js GitHub Bot) #55379 - [
3597be4146] - deps: update simdutf to 5.5.0 (Node.js GitHub Bot) #54434 - [
52d2c03738] - deps: update simdutf to 5.3.4 (Node.js GitHub Bot) #54312 - [
dd882ac483] - deps: update simdutf to 5.3.1 (Node.js GitHub Bot) #54196 - [
5fb8e1b428] - deps: update simdutf to 5.3.0 (Node.js GitHub Bot) #53837 - [
c952fd886d] - deps: update simdutf to 5.2.8 (Node.js GitHub Bot) #52727 - [
a1ae050ed5] - deps: update simdutf to 5.2.6 (Node.js GitHub Bot) #52727 - [
96ec48da7f] - deps: update brotli to 1.1.0 (Node.js GitHub Bot) #50804 - [
11242bcfb4] - deps: update zlib to 1.3.0.1-motley-71660e1 (Node.js GitHub Bot) #53464 - [
64f98a9869] - deps: update zlib to 1.3.0.1-motley-c2469fd (Node.js GitHub Bot) #53464 - [
4b815550e0] - deps: update zlib to 1.3.0.1-motley-68e57e6 (Node.js GitHub Bot) #53464 - [
f6b2f68ce7] - deps: update zlib to 1.3.0.1-motley-8b7eff8 (Node.js GitHub Bot) #53464 - [
e151ebef86] - deps: update zlib to 1.3.0.1-motley-e432200 (Node.js GitHub Bot) #53464 - [
637a306e02] - deps: update zlib to 1.3.0.1-motley-887bb57 (Node.js GitHub Bot) #53464 - [
569a739569] - deps: update zlib to 1.3.0.1-motley-209717d (Node.js GitHub Bot) #53156 - [
033f1e2ba5] - deps: update zlib to 1.3.0.1-motley-4f653ff (Node.js GitHub Bot) #53052 - [
aaa857fc01] - deps: update ada to 2.8.0 (Node.js GitHub Bot) #53254 - [
d577321877] - deps: update acorn to 8.13.0 (Node.js GitHub Bot) #55558 - [
55b3c8a41f] - deps: update acorn-walk to 8.3.4 (Node.js GitHub Bot) #54950 - [
50a9456f1e] - deps: update acorn-walk to 8.3.3 (Node.js GitHub Bot) #53466 - [
f56cfe776b] - deps: update acorn to 8.12.1 (Node.js GitHub Bot) #53465 - [
fce3ab686d] - deps: update archs files for openssl-3.0.15+quic1 (Node.js GitHub Bot) #55184 - [
46c782486e] - deps: upgrade openssl sources to quictls/openssl-3.0.15+quic1 (Node.js GitHub Bot) #55184 - [
4a18581dc3] - deps: update corepack to 0.29.4 (Node.js GitHub Bot) #54845 - [
67e98831ab] - deps: update archs files for openssl-3.0.14+quic1 (Node.js GitHub Bot) #54336 - [
c60c6630af] - deps: upgrade openssl sources to quictls/openssl-3.0.14+quic1 (Node.js GitHub Bot) #54336 - [
935a506377] - deps: update corepack to 0.29.3 (Node.js GitHub Bot) #54072 - [
dbdfdd0226] - deps: update corepack to 0.29.2 (Node.js GitHub Bot) #53838 - [
395ee44608] - deps: update corepack to 0.28.2 (Node.js GitHub Bot) #53253 - [
6ba8bc0618] - deps: update c-ares to 1.29.0 (Node.js GitHub Bot) #53155 - [
81c3260cd2] - deps: update corepack to 0.28.1 (Node.js GitHub Bot) #52946 - [
e4739e9aa6] - doc: only apply content-visibility on all.html (Filip Skokan) #53510 - [
4d2ac5d98f] - doc: move release key for Myles Borins (Richard Lau) #54059 - [
1c4decc998] - doc: add release key for aduh95 (Antoine du Hamel) #55349 - [
a4f6f0918f] - doc: add names next to release key bash commands (Aviv Keller) #52878 - [
c679348f83] - errors: usedetermineSpecificTypein more error messages (Antoine du Hamel) #49580 - [
3059262185] - esm: fix broken assertion inlegacyMainResolve(Antoine du Hamel) #55708 - [
ac37e554a5] - esm: mark import attributes and JSON module as stable (Nicolò Ribaudo) #55333 - [
84b0ead758] - esm: fix hook name in error message (Bruce MacNaughton) #50466 - [
0092358d00] - http: handle multi-value content-disposition header (Arsalan Ahmad) #50977 - [
d814fe935c] - src: account for OpenSSL unexpected version (Shelley Vohr) #54038 - [
6615fe5db1] - src: fix dynamically linked OpenSSL version (Richard Lau) #53456 - [
d6114cb2e2] - test: fix test when compiled without engine support (Richard Lau) #53232 - [
ac3a39051c] - test: fix test-tls-junk-closes-server (Michael Dawson) #55089 - [
c8520ff7d2] - test: fix OpenSSL version checks (Richard Lau) #53503 - [
9824827937] - test: update tls test to support OpenSSL32 (Michael Dawson) #55030 - [
1a4d497936] - test: adjust tls-set-ciphers for OpenSSL32 (Michael Dawson) #55016 - [
341496a5a2] - test: add asserts to validate test assumptions (Michael Dawson) #54997 - [
37a2f7eaa4] - test: adjust key sizes to support OpenSSL32 (Michael Dawson) #54972 - [
75ff0cdf66] - test: update test to support OpenSSL32 (Michael Dawson) #54968 - [
b097d85dfe] - test: adjust test-tls-junk-server for OpenSSL32 (Michael Dawson) #54926 - [
e9997388a6] - test: adjust tls test for OpenSSL32 (Michael Dawson) #54909 - [
c7de027adb] - test: fix test test-tls-dhe for OpenSSL32 (Michael Dawson) #54903 - [
68156cbae1] - test: fix test-tls-client-mindhsize for OpenSSL32 (Michael Dawson) #54739 - [
d5b73e5683] - test: increase key size for ca2-cert.pem (Michael Dawson) #54599 - [
5316314755] - test: update TLS test for OpenSSL 3.2 (Richard Lau) #54612 - [
a1f0c87859] - test: fix test-tls-client-auth test for OpenSSL32 (Michael Dawson) #54610 - [
e9e3306426] - test: use assert.{s,deepS}trictEqual() (Sonny) #54208 - [
1320fb9475] - test: update TLS trace tests for OpenSSL >= 3.2 (Richard Lau) #53229 - [
cc3cdf7cc0] - test: check against run-time OpenSSL version (Richard Lau) #53456 - [
fc43c6803e] - test: update TLS tests for OpenSSL 3.2 (Richard Lau) #53384 - [
627d3993f0] - test: fix unreliable assumption in js-native-api/test_cannot_run_js (Joyee Cheung) #51898 - [
9f521f456e] - test: update tests for OpenSSL 3.0.14 (Richard Lau) #53373 - [
0fb652eba9] - tools: update gyp-next to v0.16.1 (Michaël Zasso) #50380 - [
fa72b2c2de] - tools: skip ruff on tools/gyp (Michaël Zasso) #50380
v18.20.4: 2024-07-08, Version 18.20.4 'Hydrogen' (LTS), @RafaelGSS
This is a security release.
Notable Changes
- CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
- CVE-2024-22020 - Bypass network import restriction via data URL (Medium)
Commits
- [
85abedf1ff] - lib,esm: handle bypass network-import via data: (RafaelGSS) nodejs-private/node-private#522 - [
eccd63b865] - src: handle permissive extension on cmd check (RafaelGSS) nodejs-private/node-private#596
v18.20.3: 2024-05-21, Version 18.20.3 'Hydrogen' (LTS), @richardlau
Notable Changes
This release fixes a regression introduced in Node.js 18.19.0 where http.server.close() was incorrectly closing idle connections.
A fix has also been included for compiling Node.js from source with newer versions of Clang.
The list of keys used to sign releases has been synchronized with the current list from the main branch.
Updated dependencies
- acorn updated to 8.11.3.
- acorn-walk updated to 8.3.2.
- ada updated to 2.7.8.
- c-ares updated to 1.28.1.
- corepack updated to 0.28.0.
- nghttp2 updated to 1.61.0.
- ngtcp2 updated to 1.3.0.
- npm updated to 10.7.0. Includes a fix from npm@10.5.1 to limit the number of open connections npm/cli#7324.
- simdutf updated to 5.2.4.
- zlib updated to 1.3.0.1-motley-7d77fb7.
Commits
- [
0c260e10e7] - deps: update zlib to 1.3.0.1-motley-7d77fb7 (Node.js GitHub Bot) #52516 - [
1152d7f919] - deps: update zlib to 1.3.0.1-motley-24c07df (Node.js GitHub Bot) #52199 - [
755399db9d] - deps: update zlib to 1.3.0.1-motley-24342f6 (Node.js GitHub Bot) #52123 - [
af3e32073b] - deps: update ada to 2.7.8 (Node.js GitHub Bot) #52517 - [
e4ea2db58b] - deps: update c-ares to 1.28.1 (Node.js GitHub Bot) #52285 - [
14e857bea2] - deps: update corepack to 0.28.0 (Node.js GitHub Bot) #52616 - [
7f5dd44ca6] - deps: upgrade npm to 10.7.0 (npm team) #52767 - [
78f84ebb09] - deps: update ngtcp2 to 1.3.0 (Node.js GitHub Bot) #51796 - [
1f489a3753] - deps: update ngtcp2 to 1.2.0 (Node.js GitHub Bot) #51584 - [
3034968225] - deps: update ngtcp2 to 1.1.0 (Node.js GitHub Bot) #51319 - [
1aa9da467f] - deps: add nghttp3/**/.deps to .gitignore (Luigi Pinca) #51400 - [
28c0c78c9a] - deps: update ngtcp2 and nghttp3 (James M Snell) #51291 - [
8fd5a35364] - deps: upgrade npm to 10.5.2 (npm team) #52458 - [
2c53ff31c9] - deps: update acorn-walk to 8.3.2 (Node.js GitHub Bot) #51457 - [
12f28f33c2] - deps: update acorn to 8.11.3 (Node.js GitHub Bot) #51317 - [
dddb7eb3e0] - deps: update acorn-walk to 8.3.1 (Node.js GitHub Bot) #50457 - [
c86550e607] - deps: update acorn-walk to 8.3.0 (Node.js GitHub Bot) #50457 - [
9500817f66] - deps: update acorn to 8.11.2 (Node.js GitHub Bot) #50460 - [
7a8c7b6275] - deps: update ada to 2.7.7 (Node.js GitHub Bot) #52028 - [
b199889943] - deps: update corepack to 0.26.0 (Node.js GitHub Bot) #52027 - [
052b0ba0c6] - deps: upgrade npm to 10.5.1 (npm team) #52351 - [
209823d3af] - deps: update simdutf to 5.2.4 (Node.js GitHub Bot) #52473 - [
5114cbe18a] - deps: update simdutf to 5.2.3 (Yagiz Nizipli) #52381 - [
be30309ea0] - deps: update simdutf to 5.0.0 (Daniel Lemire) #52138 - [
b56f66e250] - deps: update simdutf to 4.0.9 (Node.js GitHub Bot) #51655 - [
a9f3b9d9d1] - deps: update nghttp2 to 1.61.0 (Node.js GitHub Bot) #52395 - [
1b6fa70620] - deps: update nghttp2 to 1.60.0 (Node.js GitHub Bot) #51948 - [
3c9dbbf4d4] - deps: update nghttp2 to 1.59.0 (Node.js GitHub Bot) #51581 - [
e28316da54] - deps: update nghttp2 to 1.58.0 (Node.js GitHub Bot) #50441 - [
678641f470] - deps: V8: cherry-pickd15d49b(Bo Anderson) #52337 - [
1147fee7d9] - doc: remove ableist language from crypto (Jamie King) #52063 - [
5e93eae972] - doc: add release key for marco-ippolito (marco-ippolito) #52257 - [
6689a98488] - http: remove closeIdleConnections function while calling server close (Kumar Rishav) #52336 - [
71616e8a8a] - node-api: make tsfn accept napi_finalize once more (Gabriel Schulhof) #51801 - [
d9d9e62474] - src: avoid draining platform tasks at FreeEnvironment (Chengzhong Wu) #51290 - [
e5fc8ec9fc] - test: skip v8-updates/test-linux-perf (Michaël Zasso) #49639 - [
351ef189ca] - test: v8: Add test-linux-perf-logger test suite (Luke Albao) #50352 - [
5cec2efc31] - test: reduce the number of requests and parsers (Luigi Pinca) #50240 - [
5186e453d9] - test: deflake test-http-regr-gh-2928 (Luigi Pinca) #49574 - [
c60cd67e1c] - test: skip test for dynamically linked OpenSSL (Richard Lau) #52542
v18.20.2: 2024-04-10, Version 18.20.2 'Hydrogen' (LTS), @RafaelGSS
This is a security release.
Notable Changes
- CVE-2024-27980 - Command injection via args parameter of
child_process.spawnwithout shell option enabled on Windows
Commits
- [
6627222409] - src: disallow direct .bat and .cmd file spawning (Ben Noordhuis) nodejs-private/node-private#564
v18.20.1: 2024-04-03, Version 18.20.1 'Hydrogen' (LTS), @RafaelGSS
This is a security release.
Notable Changes
- CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
- CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
- llhttp version 9.2.1
- undici version 5.28.4
Commits
- [
60d24938de] - deps: update undici to v5.28.4 (Matteo Collina) nodejs-private/node-private#577 - [
5d4d5848cf] - http: do not allow OBS fold in headers by default (Paolo Insogna) nodejs-private/node-private#558 - [
0fb816dbcc] - src: ensure to close stream when destroying session (Anna Henningsen) nodejs-private/node-private#561
v18.20.0: 2024-03-26, Version 18.20.0 'Hydrogen' (LTS), @richardlau
Notable Changes
Added support for import attributes
Support has been added for import attributes, to replace the old import assertions syntax. This will aid migration by making the new syntax available across all currently supported Node.js release lines.
This adds the with keyword which should be used in place of the previous
assert keyword, which will be removed in a future semver-major Node.js
release.
For example,
import "foo" assert { ... }
should be replaced with
import "foo" with { ... }
For more details, see
Contributed by Nicolò Ribaudo in #51136 and Antoine du Hamel in #50140.
Doc deprecation for dirent.path
Please use newly added dirent.parentPath instead.
Contributed by Antoine du Hamel in #50976 and #51020.
Experimental node-api feature flags
Introduces an experimental feature to segregate finalizers that affect GC state.
A new type called node_api_nogc_env has been introduced as the const version
of napi_env and node_api_nogc_finalize as a variant of napi_finalize that
accepts a node_api_nogc_env as its first argument.
This feature can be turned off by defining
NODE_API_EXPERIMENTAL_NOGC_ENV_OPT_OUT.
Contributed by Gabriel Schulhof in #50060.
Root certificates updated to NSS 3.98
Certificates added:
- Telekom Security TLS ECC Root 2020
- Telekom Security TLS RSA Root 2023
Certificates removed:
- Security Communication Root CA
Updated dependencies
- ada updated to 2.7.6.
- base64 updated to 0.5.2.
- c-ares updated to 1.27.0.
- corepack updated to 0.25.2.
- ICU updated to 74.2. Includes CLDR 44.1 and Unicode 15.1.
- npm updated to 10.5.0. Fixes a regression in signals not being passed onto child processes.
- simdutf8 updated to 4.0.8.
- Timezone updated to 2024a.
- zlib updated to 1.3.0.1-motley-40e35a7.
vm: fix V8 compilation cache support for vm.Script
Previously repeated compilation of the same source code using vm.Script
stopped hitting the V8 compilation cache after v16.x when support for
importModuleDynamically was added to vm.Script, resulting in a performance
regression that blocked users (in particular Jest users) from upgrading from
v16.x.
The recent fixes allow the compilation cache to be hit again
for vm.Script when --experimental-vm-modules is not used even in the
presence of the importModuleDynamically option, so that users affected by the
performance regression can now upgrade. Ongoing work is also being done to
enable compilation cache support for vm.CompileFunction.
Contributed by Joyee Cheung in #49950 and #50137.
Commits
- [
c70383b8d4] - build: support Python 3.12 (Shi Pujin) #50209 - [
4b960c3a4a] - build: fix incorrect g++ warning message (Richard Lau) #51695 - [
8fdea67694] - crypto: update root certificates to NSS 3.98 (Node.js GitHub Bot) #51794 - [
812b126dd9] - deps: V8: cherry-pickd90d453(Michaël Zasso) #50077 - [
9ab8c3db87] - deps: update c-ares to 1.27.0 (Node.js GitHub Bot) #51846 - [
c688680387] - deps: update c-ares to 1.26.0 (Node.js GitHub Bot) #51582 - [
9498ac8a47] - deps: compile c-ares with C11 support (Michaël Zasso) #51410 - [
8fb743642f] - deps: update c-ares to 1.25.0 (Node.js GitHub Bot) #51385 - [
7bea2d7c12] - deps: update zlib to 1.3.0.1-motley-40e35a7 (Node.js GitHub Bot) #51274 - [
57a38c8f75] - deps: update zlib to 1.3.0.1-motley-dd5fc13 (Node.js GitHub Bot) #51105 - [
b0ca084a6b] - deps: update zlib to 1.3-22124f5 (Node.js GitHub Bot) #50910 - [
4b43823f37] - deps: update zlib to 1.2.13.1-motley-5daffc7 (Node.js GitHub Bot) #50803 - [
f0da591812] - deps: update zlib to 1.2.13.1-motley-dfc48fc (Node.js GitHub Bot) #50456 - [
16d28a883a] - deps: update base64 to 0.5.2 (Node.js GitHub Bot) #51455 - [
13a9e81cb6] - deps: update base64 to 0.5.1 (Node.js GitHub Bot) #50629 - [
b4502d3ac5] - deps: update simdutf to 4.0.8 (Node.js GitHub Bot) #51000 - [
183cf8a74a] - deps: update simdutf to 4.0.4 (Node.js GitHub Bot) #50772 - [
11ba8593ea] - deps: update ada to 2.7.6 (Node.js GitHub Bot) #51542 - [
73a946d55c] - deps: update ada to 2.7.5 (Node.js GitHub Bot) #51542 - [
cc434c1a39] - deps: update ada to 2.7.4 (Node.js GitHub Bot) #50815 - [
3a3808a6ae] - deps: upgrade npm to 10.5.0 (npm team) #51913 - [
c8876d765c] - deps: upgrade npm to 10.3.0 (npm team) #51431 - [
5aec3af460] - deps: update corepack to 0.25.2 (Node.js GitHub Bot) #51810 - [
a593985326] - deps: update corepack to 0.24.1 (Node.js GitHub Bot) #51459 - [
d1a9237bf5] - deps: update corepack to 0.24.0 (Node.js GitHub Bot) #51318 - [
adac0c7a63] - deps: update corepack to 0.23.0 (Node.js GitHub Bot) #50563 - [
4a6f83e32a] - deps: escape Python strings correctly (Michaël Zasso) #50695 - [
c13969e52a] - deps: V8: cherry-pickea996ad(Nicolò Ribaudo) #51136 - [
6fbf0ba5c3] - deps: V8: cherry-picka0fd320(Nicolò Ribaudo) #51136 - [
68fd7516e1] - deps: update timezone to 2024a (Michaël Zasso) #51723 - [
f9b229ebe1] - deps: update icu to 74.2 (Michaël Zasso) #51723 - [
90c73d2eb4] - deps: update timezone to 2023d (Node.js GitHub Bot) #51461 - [
2a2bf57028] - deps: update icu to 74.1 (Node.js GitHub Bot) #50515 - [[`425e011e52
Configuration
📅 Schedule: Branch creation - At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday ( * 0-4,22-23 * * 1-5 ), Only on Sunday and Saturday ( * * * * 0,6 ) in timezone UTC, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}
The latest updates on your projects. Learn more about Vercel for GitHub.
| Project | Deployment | Preview | Updated (UTC) |
|---|---|---|---|
| template-blog-webapp-nextjs |  Error |
Nov 19, 2025 6:41am |
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}
Renovate Ignore Notification
Because you closed this PR without merging, Renovate will ignore this update (18.20.8). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.
If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.