chore(deps): update node.js to v20

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
node (source)	engines	major	16.x -> 20.x
@types/node (source)	devDependencies	major	17.0.45 -> 20.14.8
node	final	major	16-alpine -> 20-alpine
node	final	major	16-slim -> 20-slim

---

Release Notes

nodejs/node (node)

v20.15.0: 2024-06-20, Version 20.15.0 'Iron' (LTS), @​marco-ippolito

Compare Source

test_runner: support test plans

It is now possible to count the number of assertions and subtests that are expected to run within a test. If the number of assertions and subtests that run does not match the expected count, the test will fail.

test('top level test', (t) => {
  t.plan(2);
  t.assert.ok('some relevant assertion here');
  t.subtest('subtest', () => {});
});

Contributed by Colin Ihrig in #​52860

inspector: introduce the --inspect-wait flag

This release introduces the --inspect-wait flag, which allows debugger to wait for attachement. This flag is useful when you want to debug the code from the beginning. Unlike --inspect-brk, which breaks on the first line, this flag waits for debugger to be connected and then runs the code as soon as a session is established.

Contributed by Kohei Ueno in #​52734

zlib: expose zlib.crc32()

This release exposes the crc32() function from zlib to user-land.

It computes a 32-bit Cyclic Redundancy Check checksum of data. If
value is specified, it is used as the starting value of the checksum,
otherwise, 0 is used as the starting value.

The CRC algorithm is designed to compute checksums and to detect error
in data transmission. It's not suitable for cryptographic authentication.

const zlib = require('node:zlib');
const { Buffer } = require('node:buffer');

let crc = zlib.crc32('hello');  // 907060870
crc = zlib.crc32('world', crc);  // 4192936109

crc = zlib.crc32(Buffer.from('hello', 'utf16le'));  // 1427272415
crc = zlib.crc32(Buffer.from('world', 'utf16le'), crc);  // 4150509955

Contributed by Joyee Cheung in #​52692

cli: allow running wasm in limited vmem with --disable-wasm-trap-handler

By default, Node.js enables trap-handler-based WebAssembly bound
checks. As a result, V8 does not need to insert inline bound checks
int the code compiled from WebAssembly which may speedup WebAssembly
execution significantly, but this optimization requires allocating
a big virtual memory cage (currently 10GB). If the Node.js process
does not have access to a large enough virtual memory address space
due to system configurations or hardware limitations, users won't
be able to run any WebAssembly that involves allocation in this
virtual memory cage and will see an out-of-memory error.

$ ulimit -v 5000000
$ node -p "new WebAssembly.Memory({ initial: 10, maximum: 100 });"
[eval]:1
new WebAssembly.Memory({ initial: 10, maximum: 100 });
^

RangeError: WebAssembly.Memory(): could not allocate memory
    at [eval]:1:1
    at runScriptInThisContext (node:internal/vm:209:10)
    at node:internal/process/execution:118:14
    at [eval]-wrapper:6:24
    at runScript (node:internal/process/execution:101:62)
    at evalScript (node:internal/process/execution:136:3)
    at node:internal/main/eval_string:49:3

--disable-wasm-trap-handler disables this optimization so that
users can at least run WebAssembly (with a less optimial performance)
when the virtual memory address space available to their Node.js
process is lower than what the V8 WebAssembly memory cage needs.

Contributed by Joyee Cheung in #​52766

Other Notable Changes

• [12512c3d0e] - doc: add pimterry to collaborators (Tim Perry) #​52874
• [9d485b40bb] - (SEMVER-MINOR) tools: fix get_asan_state() in tools/test.py (Joyee Cheung) #​52766
• [e98c305f52] - (SEMVER-MINOR) tools: support max_virtual_memory test configuration (Joyee Cheung) #​52766
• [dce0300896] - (SEMVER-MINOR) tools: support != in test status files (Joyee Cheung) #​52766

Commits

• [227093bfec] - assert: add deep equal check for more Error type (Zhenwei Jin) #​51805
• [184cfe5a71] - benchmark: filter non-present deps from start-cli-version (Adam Majer) #​51746
• [8b3e83bb53] - buffer: even faster atob (Daniel Lemire) #​52443
• [8d628c3255] - buffer: use size_t instead of uint32_t to avoid segmentation fault (Xavier Stouder) #​48033
• [16ae2b2933] - buffer: remove lines setting indexes to integer value (Zhenwei Jin) #​52588
• [48c15d0dcd] - build: remove deprecated calls for argument groups (Mohammed Keyvanzadeh) #​52913
• [1be8232d17] - build: drop base64 dep in GN build (Cheng) #​52856
• [918962d6e7] - build: make simdjson a public dep in GN build (Cheng) #​52755
• [5215b6fd8e] - build, tools: copy release assets to staging R2 bucket once built (flakey5) #​51394
• [473fa73857] - (SEMVER-MINOR) cli: allow running wasm in limited vmem with --disable-wasm-trap-handler (Joyee Cheung) #​52766
• [954d2aded4] - cluster: replace forEach with for-of loop (Jérôme Benoit) #​50317
• [794e450ea7] - console: colorize console error and warn (Jithil P Ponnan) #​51629
• [0fb7c18f10] - crypto: fix duplicated switch-case return values (Mustafa Ateş UZUN) #​49030
• [cd1415c8b2] - Revert "crypto: make timingSafeEqual faster for Uint8Array" (Tobias Nießen) #​53390
• [b774544bb1] - deps: enable unbundling of simdjson, simdutf, ada (Daniel Lemire) #​52924
• [da4dbfc5fd] - doc: remove reference to AUTHORS file (Marco Ippolito) #​52960
• [2f3f2ff8af] - doc: update hljs with the latest styles (Aviv Keller) #​52911
• [3a1d17a9b1] - doc: mention quicker way to build docs (Alex Crawford) #​52937
• [be309bd19d] - doc: mention push.followTags config (Rafael Gonzaga) #​52906
• [e62c6e2684] - doc: document pipeline with end option (Alois Klink) #​48970
• [af27225cf6] - doc: add example for execFileSync method and ref to stdio (Evan Shortiss) #​39412
• [086626f9b1] - doc: add examples and notes to http server.close et al (mary marchini) #​49091
• [3aa3337a00] - doc: fix dns.lookup family 0 and all descriptions (Adam Jones) #​51653
• [585f2a2e7f] - doc: update fs.realpath documentation (sinkhaha) #​48170
• [4bf3d44e1d] - doc: update fs read documentation for clarity (Mert Can Altin) #​52453
• [ae5d47dde3] - doc: watermark string behavior (Benjamin Gruenbaum) #​52842
• [1e429d10d3] - doc: exclude commits with baking-for-lts (Marco Ippolito) #​52896
• [3df3e37cdb] - doc: add names next to release key bash commands (Aviv Keller) #​52878
• [12512c3d0e] - doc: add pimterry to collaborators (Tim Perry) #​52874
• [97e0fef019] - doc: add more definitions to GLOSSARY.md (Aviv Keller) #​52798
• [91fadac162] - doc: make docs more welcoming and descriptive for newcomers (Serkan Özel) #​38056
• [a3b20126fd] - doc: add OpenSSL errors to API docs (John Lamp) #​34213
• [9587ae9b5b] - doc: simplify copy-pasting of branch-diff commands (Antoine du Hamel) #​52757
• [6ea72a53c3] - doc: add test_runner to subsystem (Raz Luvaton) #​52774
• [972eafd983] - events: update MaxListenersExceededWarning message log (sinkhaha) #​51921
• [74753ed1fe] - events: add stop propagation flag to Event.stopImmediatePropagation (Mickael Meausoone) #​39463
• [75dd009649] - events: replace NodeCustomEvent with CustomEvent (Feng Yu) #​43876
• [7d38c2e012] - fs: keep fs.promises.readFile read until EOF is reached (Zhenwei Jin) #​52178
• [8cb13120d3] - (SEMVER-MINOR) inspector: introduce the --inspect-wait flag (Kohei Ueno) #​52734
• [d5ab1de1fd] - meta: move @anonrig to TSC regular member (Yagiz Nizipli) #​52932
• [f82d086e90] - path: fix toNamespacedPath on Windows (Hüseyin Açacak) #​52915
• [121ea13b50] - process: improve event-loop (Aras Abbasi) #​52108
• [eceac784aa] - repl: fix disruptive autocomplete without inspector (Nitzan Uziely) #​40661
• [89a910be82] - src: fix Worker termination in inspector.waitForDebugger (Daeyeon Jeong) #​52527
• [033f985e8a] - src: use S_ISDIR to check if the file is a directory (theanarkh) #​52164
• [95128399f8] - src: allow preventing debug signal handler start (Shelley Vohr) #​46681
• [b162aeae9e] - src: fix typo Unabled -> Unable (Simon Siefke) #​52820
• [2dcbf1894a] - src: avoid unused variable 'error' warning (Michaël Zasso) #​52886
• [978ee0a635] - src: only apply fix in main thread (Paolo Insogna) #​52702
• [8fc52b38c6] - src: fix test local edge case (Paolo Insogna) #​52702
• [d02907ecc4] - src: remove misplaced windows code under posix guard in node.cc (Ali Hassan) #​52545
• [af29120fa7] - stream: use ByteLengthQueuingStrategy when not in objectMode (Jason) #​48847
• [a5f3dd137c] - string_decoder: throw an error when writing a too long buffer (zhenweijin) #​52215
• [65fa95d57d] - test: add Debugger.setInstrumentationBreakpoint known issue (Konstantin Ulitin) #​31137
• [0513e07805] - test: use for-of instead of forEach (Gibby Free) #​49790
• [1d01325928] - test: verify request payload is uploaded consistently (Austin Wright) #​34066
• [7dda156872] - test: add fuzzer for native/js string conversion (Adam Korczynski) #​51120
• [5fb829b340] - test: add fuzzer for ClientHelloParser (AdamKorcz) #​51088
• [cc74bf789f] - test: fix broken env fuzzer by initializing process (AdamKorcz) #​51080
• [800b6f65cf] - test: replace forEach() in test-stream-pipe-unpipe-stream (Dario) #​50786
• [d08c9a6a31] - test: test pipeline end on transform streams (Alois Klink) #​48970
• [0be8123ede] - test: improve coverage of lib/readline.js (Rongjian Zhang) #​38646
• [410224415c] - test: updated for each to for of in test file (lyannel) #​50308
• [556e9a2127] - test: move test-http-server-request-timeouts-mixed to sequential (Madhuri) #​45722
• [0638274c07] - test: fix DNS cancel tests (Szymon Marczak) #​44432
• [311bdc62bd] - test: add http agent to executionAsyncResource (psj-tar-gz) #​34966
• [6001b164ab] - test: reduce memory usage of test-worker-stdio (Adam Majer) #​37769
• [986bfa26e9] - test: add common.expectRequiredModule() (Joyee Cheung) #​52868
• [2246d4fd1e] - test: crypto-rsa-dsa testing for dynamic openssl (Michael Dawson) #​52781
• [1dce5dea0b] - test: skip some console tests on dumb terminal (Adam Majer) #​37770
• [0addeb240c] - test: skip v8-updates/test-linux-perf-logger (Michaël Zasso) #​52821
• [56e19e38f3] - test: drop test-crypto-timing-safe-equal-benchmarks (Rafael Gonzaga) #​52751
• [0c5e58958c] - test, crypto: use correct object on assert (响马) #​51820
• [d54aa47ec1] - (SEMVER-MINOR) test_runner: support test plans (Colin Ihrig) #​52860
• [0289a023a5] - test_runner: fix watch mode race condition (Moshe Atlow) #​52954
• [cf817e192e] - test_runner: preserve hook promise when executed twice (Moshe Atlow) #​52791
• [de541235fe] - tools: fix v8-update workflow (Michaël Zasso) #​52957
• [f6290bc327] - tools: add --certify-safe to nci-ci (Matteo Collina) #​52940
• [0830b3115d] - tools: fix doc update action (Marco Ippolito) #​52890
• [9d485b40bb] - (SEMVER-MINOR) tools: fix get_asan_state() in tools/test.py (Joyee Cheung) #​52766
• [e98c305f52] - (SEMVER-MINOR) tools: support max_virtual_memory test configuration (Joyee Cheung) #​52766
• [dce0300896] - (SEMVER-MINOR) tools: support != in test status files (Joyee Cheung) #​52766
• [57006001ec] - tools: prepare custom rules for ESLint v9 (Michaël Zasso) #​52889
• [403a4a7557] - tools: update lint-md-dependencies to [email protected] (Node.js GitHub Bot) #​52836
• [01eff5860e] - tools: update gr2m/create-or-update-pull-request-action (Antoine du Hamel) #​52843
• [514f01ed59] - tools: use sccache GitHub action (Michaël Zasso) #​52839
• [8f8fb91927] - tools: specify a commit-message for V8 update workflow (Antoine du Hamel) #​52844
• [b83fbf8709] - tools: fix V8 update workflow (Antoine du Hamel) #​52822
• [be9d6f2176] - url,tools,benchmark: replace deprecated substr() (Jungku Lee) #​51546
• [7603a51d45] - util: fix %s format behavior with Symbol.toPrimitive (Chenyu Yang) #​50992
• [d7eba50cf3] - util: improve isInsideNodeModules (uzlopak) #​52147
• [4ae4f7e517] - watch: allow listening for grouped changes (Matthieu Sieben) #​52722
• [1ff8f318c0] - watch: enable passthrough ipc in watch mode (Zack) #​50890
• [739adf90b1] - watch: fix arguments parsing (Moshe Atlow) #​52760
• [5161d95c30] - (SEMVER-MINOR) zlib: expose zlib.crc32() (Joyee Cheung) #​52692

v20.14.0

Compare Source

v20.13.1: 2024-05-09, Version 20.13.1 'Iron' (LTS), @​marco-ippolito

Compare Source

2024-05-09, Version 20.13.1 'Iron' (LTS), @​marco-ippolito

Revert "tools: install npm PowerShell scripts on Windows"

Due to a regression in the npm installation on Windows, this commit reverts the change that installed npm PowerShell scripts on Windows.

Commits

• [b7d80802cc] - Revert "tools: install npm PowerShell scripts on Windows" (marco-ippolito) #​52897

v20.13.0

Compare Source

v20.12.2: 2024-04-10, Version 20.12.2 'Iron' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

• CVE-2024-27980 - Command injection via args parameter of child_process.spawn without shell option enabled on Windows

Commits

• [69ffc6d50d] - src: disallow direct .bat and .cmd file spawning (Ben Noordhuis) nodejs-private/node-private#563

v20.12.1

Compare Source

v20.12.0

Compare Source

v20.11.1

Compare Source

v20.11.0

Compare Source

v20.10.0

Compare Source

v20.9.0

Compare Source

v20.8.1: 2023-10-13, Version 20.8.1 (Current), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

• CVE-2023-44487: nghttp2 Security Release (High)
• CVE-2023-45143: undici Security Release (High)
• CVE-2023-39332: Path traversal through path stored in Uint8Array (High)
• CVE-2023-39331: Permission model improperly protects against path traversal (High)
• CVE-2023-38552: Integrity checks according to policies can be circumvented (Medium)
• CVE-2023-39333: Code injection via WebAssembly export names (Low)

More detailed information on each of the vulnerabilities can be found in October 2023 Security Releases blog post.

Commits

• [c86883e844] - deps: update nghttp2 to 1.57.0 (James M Snell) #​50121
• [2860631359] - deps: update undici to v5.26.3 (Matteo Collina) #​50153
• [cd37838bf8] - lib: let deps require node prefixed modules (Matthew Aitken) #​50047
• [f5c90b2951] - module: fix code injection through export names (Tobias Nießen) nodejs-private/node-private#461
• [fa5dae1944] - permission: fix Uint8Array path traversal (Tobias Nießen) nodejs-private/node-private#456
• [cd35275111] - permission: improve path traversal protection (Tobias Nießen) nodejs-private/node-private#456
• [a4cb7fc7c0] - policy: use tamper-proof integrity check function (Tobias Nießen) nodejs-private/node-private#462

v20.8.0: 2023-09-28, Version 20.8.0 (Current), @​ruyadorno

Compare Source

Notable Changes

Stream performance improvements

Performance improvements to writable and readable streams, improving the creation and destruction by ±15% and reducing the memory overhead each stream takes in Node.js

Contributed by Benjamin Gruenbaum in #​49745 and Raz Luvaton in #​49834.

Performance improvements for readable webstream, improving readable stream async iterator consumption by ±140% and improving readable stream pipeTo consumption by ±60%

Contributed by Raz Luvaton in #​49662 and #​49690.

Rework of memory management in vm APIs with the importModuleDynamically option

This rework addressed a series of long-standing memory leaks and use-after-free issues in the following APIs that support importModuleDynamically:

• vm.Script
• vm.compileFunction
• vm.SyntheticModule
• vm.SourceTextModule

This should enable affected users (in particular Jest users) to upgrade from older versions of Node.js.

Contributed by Joyee Cheung in #​48510.

Other notable changes

• [32d4d29d02] - deps: add v8::Object::SetInternalFieldForNodeCore() (Joyee Cheung) #​49874
• [0e686d096b] - doc: deprecate fs.F_OK, fs.R_OK, fs.W_OK, fs.X_OK (Livia Medeiros) #​49683
• [a5dd057540] - doc: deprecate util.toUSVString (Yagiz Nizipli) #​49725
• [7b6a73172f] - doc: deprecate calling promisify on a function that returns a promise (Antoine du Hamel) #​49647
• [1beefd5f16] - esm: set all hooks as release candidate (Geoffrey Booth) #​49597
• [b0ce78a75b] - module: fix the leak in SourceTextModule and ContextifySript (Joyee Cheung) #​48510
• [4e578f8ab1] - module: fix leak of vm.SyntheticModule (Joyee Cheung) #​48510
• [69e4218772] - module: use symbol in WeakMap to manage host defined options (Joyee Cheung) #​48510
• [14ece0aa76] - (SEMVER-MINOR) src: allow embedders to override NODE_MODULE_VERSION (Cheng Zhao) #​49279
• [9fd67fbff0] - stream: use bitmap in writable state (Raz Luvaton) #​49834
• [0ccd4638ac] - stream: use bitmap in readable state (Benjamin Gruenbaum) #​49745
• [7c5e322346] - stream: improve webstream readable async iterator performance (Raz Luvaton) #​49662
• [80b342cc38] - (SEMVER-MINOR) test_runner: accept testOnly in run (Moshe Atlow) #​49753
• [17a05b141d] - (SEMVER-MINOR) test_runner: add junit reporter (Moshe Atlow) #​49614

Commits

• [4879e3fbbe] - benchmark: add a benchmark for read() of ReadableStreams (Debadree Chatterjee) #​49622
• [78a6c73157] - benchmark: shorten pipe-to by reducing number of chunks (Raz Luvaton) #​49577
• [4126a6e4c9] - benchmark: fix webstream pipe-to (Raz Luvaton) #​49552
• [6010a91825] - bootstrap: do not expand argv1 for snapshots (Joyee Cheung) #​49506
• [8480280c4b] - bootstrap: only use the isolate snapshot when compiling code cache (Joyee Cheung) #​49288
• [b30754aa87] - build: run embedtest using node executable (Joyee Cheung) #​49506
• [31db0b8e2b] - build: add --write-snapshot-as-array-literals to configure.py (Joyee Cheung) #​49312
• [6fcb51d3ba] - debugger: use internal/url.URL instead of url.parse (LiviaMedeiros) #​49590
• [32d4d29d02] - deps: add v8::Object::SetInternalFieldForNodeCore() (Joyee Cheung) #​49874
• [ad37cadc3f] - deps: V8: backport de9a5de (Joyee Cheung) #​49703
• [cdd1c66222] - deps: V8: cherry-pick b33bf2d (Joyee Cheung) #​49703
• [61d18d6473] - deps: update undici to 5.24.0 (Node.js GitHub Bot) #​49559
• [b8a4fef393] - deps: remove pthread-fixes.c from uv.gyp (Ben Noordhuis) #​49744
• [6c86c0683c] - deps: update googletest to d1467f5 (Node.js GitHub Bot) #​49676
• [1424404742] - deps: update nghttp2 to 1.56.0 (Node.js GitHub Bot) #​49582
• [15b54ff95d] - deps: update googletest to 8a6feab (Node.js GitHub Bot) #​49463
• [2ceab877c2] - deps: update corepack to 0.20.0 (Node.js GitHub Bot) #​49464
• [4814872ddc] - doc: fix DEP0176 number (LiviaMedeiros) #​49858
• [0e686d096b] - doc: deprecate fs.F_OK, fs.R_OK, fs.W_OK, fs.X_OK (Livia Medeiros) #​49683
• [5877c403a2] - doc: add mertcanaltin as a triager (mert.altin) #​49826
• [864fe56432] - doc: add git node backport way to the backporting guide (Raz Luvaton) #​49760
• [e0f93492d5] - doc: improve documentation about ICU data fallback (Joyee Cheung) #​49666
• [a5dd057540] - doc: deprecate util.toUSVString (Yagiz Nizipli) #​49725
• [774c1cfd52] - doc: add missing function call to example for util.promisify (Jungku Lee) #​49719
• [fe78a34845] - doc: update output of example in mimeParams.set() (Deokjin Kim) #​49718
• [4175ea33bd] - doc: add missed inspect with numericSeparator to example (Deokjin Kim) #​49717
• [3a88571972] - doc: fix history comments (Antoine du Hamel) #​49701
• [db4ab1ccbb] - doc: add missing history info for import.meta.resolve (Antoine du Hamel) #​49700
• [a304d1ee19] - doc: link maintaining deps to pull-request.md (Marco Ippolito) #​49716
• [35294486ad] - doc: fix print results in events (Jungku Lee) #​49548
• [9f0b0e15c9] - doc: alphabetize cli.md sections (Geoffrey Booth) #​49668
• [7b6a73172f] - doc: deprecate calling promisify on a function that returns a promise (Antoine du Hamel) #​49647
• [d316b32fff] - doc: update corepack.md to account for 0.20.0 changes (Antoine du Hamel) #​49486
• [c2eac7dc7c] - doc: remove @anonrig from performance initiative (Yagiz Nizipli) #​49641
• [3d839fbf87] - doc: mark Node.js 16 as End-of-Life (Richard Lau) #​49651
• [53fb5aead8] - doc: save user preference for JS flavor (Vidar Eldøy) #​49526
• [e3594d5658] - doc: update documentation for node:process warning (Shubham Pandey) #​49517
• [8e033c3963] - doc: rename possibly confusing variable and CSS class (Antoine du Hamel) #​49536
• [d0e0eb4bb3] - doc: update outdated history info (Antoine du Hamel) #​49530
• [b4724e2e3a] - doc: close a parenthesis (Sébastien Règne) #​49525
• [0471c5798e] - doc: cast GetInternalField() return type to v8::Value in addons.md (Joyee Cheung) #​49439
• [9f8bea3dda] - doc: fix documentation for input option in child_process (Ariel Weiss) #​49481
• [f3fea92f8a] - doc: fix missing imports in test.run code examples (Oshri Asulin) #​49489
• [e426b77b67] - doc: fix documentation for fs.createWriteStream highWaterMark option (Mert Can Altın) #​49456
• [2b119108ff] - doc: updated releasers instructions for node.js website (Claudio W) #​49427
• [b9d4a80183] - doc: edit import.meta.resolve documentation (Antoine du Hamel) #​49247
• [f67433f666] - doc,tools: switch to @node-core/utils (Michaël Zasso) #​49851
• [142e256fc5] - errors: improve classRegExp in errors.js (Uzlopak) #​49643
• [6377f1bce2] - errors: use determineSpecificType in more error messages (Antoine du Hamel) #​49580
• [05f0fcb4c4] - esm: identify parent importing a url with invalid host (Jacob Smith) #​49736
• [8a6f5fb8f3] - esm: fix return type of import.meta.resolve (Antoine du Hamel) #​49698
• [a6140f1b8c] - esm: update loaders warning (Geoffrey Booth) #​49633
• [521a9327e0] - esm: fix support for URL instances in register (Antoine du Hamel) #​49655
• [3a9ea0925a] - esm: clarify ERR_REQUIRE_ESM errors (Daniel Compton) #​49521
• [1beefd5f16] - esm: set all hooks as release candidate (Geoffrey Booth) #​49597
• [be48267888] - esm: remove return value for Module.register (Antoine du Hamel) #​49529
• [e74a075124] - esm: refactor test-esm-loader-resolve-type (Geoffrey Booth) #​49493
• [17823b3533] - esm: refactor test-esm-named-exports (Geoffrey Booth) #​49493
• [f34bd15ac1] - esm: refactor mocking test (Geoffrey Booth) #​49465
• [ec323bbd99] - fs: replace SetMethodNoSideEffect in node_file (CanadaHonk) #​49857
• [6acf800123] - fs: improve error performance for unlinkSync (CanadaHonk) #​49856
• [31702c9403] - fs: improve readFileSync with file descriptors (Yagiz Nizipli) #​49691
• [835f9fe7b9] - fs: fix file descriptor validator (Yagiz Nizipli) #​49752
• [b618fe262f] - fs: improve error performance of opendirSync (Yagiz Nizipli) #​49705
• [938471ef55] - fs: improve error performance of sync methods (Yagiz Nizipli) #​49593
• [db3fc6d087] - fs: fix readdir and opendir recursive with unknown file types (William Marlow) #​49603
• [0f020ed22d] - gyp: put cctest filenames in variables (Cheng Zhao) #​49178
• [0ce1e94d12] - lib: update encoding sets in WHATWG API (Jungku Lee) #​49610
• [efd6815a7a] - lib: fix internalBinding typings (Yagiz Nizipli) #​49742
• [1287d5b74e] - lib: allow byob reader for 'blob.stream()' (Debadree Chatterjee) #​49713
• [bbc710522d] - lib: reset the cwd cache before execution (Maël Nison) #​49684
• [f62d649e4d] - lib: use internal fileURLToPath (Deokjin Kim) #​49558
• [e515046941] - lib: use internal pathToFileURL (Livia Medeiros) #​49553
• [00608e8070] - lib: check SharedArrayBuffer availability in freeze_intrinsics.js (Milan Burda) #​49482
• [8bfbe7079c] - meta: fix linter error (Antoine du Hamel) #​49755
• [58f7a9e096] - meta: add primordials strategic initiative (Benjamin Gruenbaum) #​49706
• [5366027756] - meta: bump github/codeql-action from 2.21.2 to 2.21.5 (dependabot[bot]) #​49438
• [fe26b74082] - meta: bump rtCamp/action-slack-notify from 2.2.0 to 2.2.1 (dependabot[bot]) #​49437
• [b0ce78a75b] - module: fix the leak in SourceTextModule and ContextifySript (Joyee Cheung) #​48510
• [4e578f8ab1] - module: fix leak of vm.SyntheticModule (Joyee Cheung) #​48510
• [69e4218772] - module: use symbol in WeakMap to manage host defined options (Joyee Cheung) #​48510
• [96874e8fbc] - node-api: enable uncaught exceptions policy by default (Chengzhong Wu) #​49313
• [b931aeadfd] - perf_hooks: reduce overhead of new performance_entries (Vinicius Lourenço) #​49803
• [ad043bac31] - process: add custom dir support for heapsnapshot-signal (Jithil P Ponnan) #​47854
• [8a7c10194c] - repl: don't accumulate excess indentation in .load (Daniel X Moore) #​49461
• [10a2adeed5] - src: improve error message when ICU data cannot be initialized (Joyee Cheung) #​49666
• [ce37688bac] - src: remove unnecessary todo (Rafael Gonzaga) #​49227
• [f611583b71] - src: use SNAPSHOT_SERDES to log snapshot ser/deserialization (Joyee Cheung) #​49637
• [a597cb8457] - src: port Pipe to uv_pipe_bind2, uv_pipe_connect2 (Geoff Goodman) #​49667
• [fb21062338] - src: set --rehash-snapshot explicitly (Joyee Cheung) #​49556
• [14ece0aa76] - (SEMVER-MINOR) src: allow embedders to override NODE_MODULE_VERSION (Cheng Zhao) #​49279
• [4b5e23c71b] - src: set ModuleWrap internal fields only once (Joyee Cheung) #​49391
• [2d3f5c7cab] - src: fix fs_type_to_name default value (Mustafa Ateş Uzun) #​49239
• [cfbcb1059c] - src: fix comment on StreamResource (rogertyang) #​49193
• [39fb83ad16] - src: do not rely on the internal field being default to undefined (Joyee Cheung) #​49413
• [9fd67fbff0] - stream: use bitmap in writable state (Raz Luvaton) #​49834
• [0ccd4638ac] - stream: use bitmap in readable state (Benjamin Gruenbaum) #​49745
• [b29d927010] - stream: improve readable webstream pipeTo (Raz Luvaton) #​49690
• [7c5e322346] - stream: improve webstream readable async iterator performance (Raz Luvaton) #​49662
• [be211ef818] - test: deflake test-vm-contextified-script-leak (Joyee Cheung) #​49710
• [355f10dab2] - test: use checkIfCollectable in vm leak tests (Joyee Cheung) #​49671
• [17cfc531aa] - test: add checkIfCollectable to test/common/gc.js (Joyee Cheung) #​49671
• [e49a573752] - test: add os setPriority, getPriority test coverage (Wael) #​38771
• [5f02711522] - test: deflake test-runner-output (Moshe Atlow) #​49878
• [cd9754d6a7] - test: mark test-runner-output as flaky (Joyee Cheung) #​49854
• [5ad00424dd] - test: use mustSucceed instead of mustCall (SiddharthDevulapalli) #​49788
• [3db9b40081] - test: refactor test-readline-async-iterators into a benchmark (Shubham Pand

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication

[sonarqubecloud]

Quality Gate failed

Failed conditions
2 Security Hotspots

See analysis details on SonarCloud