fix(deps): update all dependencies (major)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
node (source)		major	20 -> 22
query-string-cjs	dependencies	major	^7.0.0 -> ^9.0.0

---

Release Notes

nodejs/node (node)

v22.13.0: 2025-01-07, Version 22.13.0 'Jod' (LTS), @​ruyadorno

Compare Source

Notable Changes

Stabilize Permission Model

Upgrades the Permission Model status from Active Development to Stable.

Contributed by Rafael Gonzaga #​56201

Graduate WebCryptoAPI Ed25519 and X25519 algorithms as stable

Following the merge of Curve25519 into the Web Cryptography API Editor's Draft the Ed25519 and X25519 algorithm identifiers are now stable and will no longer emit an ExperimentalWarning upon use.

Contributed by (Filip Skokan) #​56142

Other Notable Changes

• [05d6227a88] - (SEMVER-MINOR) assert: add partialDeepStrictEqual (Giovanni Bucci) #​54630
• [a933103499] - (SEMVER-MINOR) cli: implement --trace-env and --trace-env-[js|native]-stack (Joyee Cheung) #​55604
• [ba9d5397de] - (SEMVER-MINOR) dgram: support blocklist in udp (theanarkh) #​56087
• [f6d0c01303] - doc: stabilize util.styleText (Rafael Gonzaga) #​56265
• [34c68827af] - doc: move typescript support to active development (Marco Ippolito) #​55536
• [dd14b80350] - doc: add LJHarb to collaborators (Jordan Harband) #​56132
• [5263086169] - (SEMVER-MINOR) doc: add report version and history section (Chengzhong Wu) #​56130
• [8cb3c2018d] - (SEMVER-MINOR) doc: sort --report-exclude alphabetically (Rafael Gonzaga) #​55788
• [55239a48b6] - (SEMVER-MINOR) doc,lib,src,test: unflag sqlite module (Colin Ihrig) #​55890
• [7cbe3de1d8] - (SEMVER-MINOR) module: only emit require(esm) warning under --trace-require-module (Joyee Cheung) #​56194
• [6575b76042] - (SEMVER-MINOR) module: add module.stripTypeScriptTypes (Marco Ippolito) #​55282
• [bacfe6d5c9] - (SEMVER-MINOR) net: support blocklist in net.connect (theanarkh) #​56075
• [b47888d390] - (SEMVER-MINOR) net: support blocklist for net.Server (theanarkh) #​56079
• [566f0a1d25] - (SEMVER-MINOR) net: add SocketAddress.parse (James M Snell) #​56076
• [ed7eab1421] - (SEMVER-MINOR) net: add net.BlockList.isBlockList(value) (James M Snell) #​56078
• [ea4891856d] - (SEMVER-MINOR) process: deprecate features.{ipv6,uv} and features.tls_* (René) #​55545
• [01eb308f26] - (SEMVER-MINOR) report: fix typos in report keys and bump the version (Yuan-Ming Hsu) #​56068
• [97c38352d0] - (SEMVER-MINOR) sqlite: aggregate constants in a single property (Edigleysson Silva (Edy)) #​56213
• [b4041e554a] - (SEMVER-MINOR) sqlite: add StatementSync.prototype.iterate method (tpoisseau) #​54213
• [2e3ca1bbdd] - (SEMVER-MINOR) src: add cli option to preserve env vars on diagnostic reports (Rafael Gonzaga) #​55697
• [bcfe9c80fc] - (SEMVER-MINOR) util: add sourcemap support to getCallSites (Marco Ippolito) #​55589

Commits

• [e9024779c0] - assert: make Maps be partially compared in partialDeepStrictEqual (Giovanni Bucci) #​56195
• [4c13d8e587] - assert: make partialDeepStrictEqual work with ArrayBuffers (Giovanni Bucci) #​56098
• [a4fa31a86e] - assert: optimize partial comparison of two Sets (Antoine du Hamel) #​55970
• [05d6227a88] - (SEMVER-MINOR) assert: add partialDeepStrictEqual (Giovanni Bucci) #​54630
• [5e1321abd7] - buffer: document concat zero-fill (Duncan) #​55562
• [be5ba7c648] - build: set DESTCPU correctly for 'make binary' on loongarch64 (吴小白) #​56271
• [38cf37ee2d] - build: fix missing fp16 dependency in d8 builds (Joyee Cheung) #​56266
• [dbb7557455] - build: add major release action (Rafael Gonzaga) #​56199
• [27cc90f3be] - build: fix C string encoding for PRODUCT_DIR_ABS (Anna Henningsen) #​56111
• [376561c2b4] - build: use variable for simdutf path (Shelley Vohr) #​56196
• [126ae15000] - build: allow overriding clang usage (Shelley Vohr) #​56016
• [97bb8f7c76] - build: remove defaults for create-release-proposal (Rafael Gonzaga) #​56042
• [a8fb1a06f3] - build: set node_arch to target_cpu in GN (Shelley Vohr) #​55967
• [9f48ca27f1] - build: use variable for crypto dep path (Shelley Vohr) #​55928
• [e47ccd2287] - build: fix GN build for sqlite (Cheng) #​55912
• [8d70b99a5a] - build: compile bundled simdutf conditionally (Jakub Jirutka) #​55886
• [826fd35242] - build: compile bundled simdjson conditionally (Jakub Jirutka) #​55886
• [1015b22085] - build: compile bundled ada conditionally (Jakub Jirutka) #​55886
• [77e2869ca6] - build: use glob for dependencies of out/Makefile (Richard Lau) #​55789
• [a933103499] - (SEMVER-MINOR) cli: implement --trace-env and --trace-env-[js|native]-stack (Joyee Cheung) #​55604
• [72e8e0684e] - crypto: graduate WebCryptoAPI Ed25519 and X25519 algorithms as stable (Filip Skokan) #​56142
• [fe2b344ddb] - crypto: ensure CryptoKey usages and algorithm are cached objects (Filip Skokan) #​56108
• [9ee9f524a7] - crypto: allow non-multiple of 8 in SubtleCrypto.deriveBits (Filip Skokan) #​55296
• [76f242d993] - deps: update nghttp3 to 1.6.0 (Node.js GitHub Bot) #​56258
• [c7ff2ea6b5] - deps: update simdutf to 5.6.4 (Node.js GitHub Bot) #​56255
• [04230be1ef] - deps: update libuv to 1.49.2 (Luigi Pinca) #​56224
• [88589b85b7] - deps: update c-ares to v1.34.4 (Node.js GitHub Bot) #​56256
• [5c2e0618f3] - deps: define V8_PRESERVE_MOST as no-op on Windows (Stefan Stojanovic) #​56238
• [9f8f3c9658] - deps: update sqlite to 3.47.2 (Node.js GitHub Bot) #​56178
• [17b6931d3b] - deps: update ngtcp2 to 1.9.1 (Node.js GitHub Bot) #​56095
• [22b453b619] - deps: upgrade npm to 10.9.2 (npm team) #​56135
• [d7eb41b382] - deps: update sqlite to 3.47.1 (Node.js GitHub Bot) #​56094
• [669c722aa9] - deps: update zlib to 1.3.0.1-motley-82a5fec (Node.js GitHub Bot) #​55980
• [f61a0454d2] - deps: update corepack to 0.30.0 (Node.js GitHub Bot) #​55977
• [d98bf0b891] - deps: update ngtcp2 to 1.9.0 (Node.js GitHub Bot) #​55975
• [fc362624bf] - deps: update simdutf to 5.6.3 (Node.js GitHub Bot) #​55973
• [f61dcc4df4] - deps: upgrade npm to 10.9.1 (npm team) #​55951
• [bfe7982491] - deps: update zlib to 1.3.0.1-motley-7e2e4d7 (Node.js GitHub Bot) #​54432
• [d714367ef8] - deps: update simdjson to 3.10.1 (Node.js GitHub Bot) #​54678
• [ccc9b105ec] - deps: update simdutf to 5.6.2 (Node.js GitHub Bot) #​55889
• [ba9d5397de] - (SEMVER-MINOR) dgram: support blocklist in udp (theanarkh) #​56087
• [7ddbf94849] - dgram: check udp buffer size to avoid fd leak (theanarkh) #​56084
• [360d68de0f] - doc: fix color contrast issue in light mode (Rich Trott) #​56272
• [f6d0c01303] - doc: stabilize util.styleText (Rafael Gonzaga) #​56265
• [9436c3c949] - doc: clarify util.aborted resource usage (Kunal Kumar) #​55780
• [b1cec2cef9] - doc: add esm examples to node:repl (Alfredo González) #​55432
• [d6a84cf781] - doc: add esm examples to node:readline (Alfredo González) #​55335
• [a11ac1c0f2] - doc: fix 'which' to 'that' and add commas (Selveter Senitro) #​56216
• [5331df7911] - doc: fix winget config path (Alex Yang) #​56233
• [7a8071b43c] - doc: add esm examples to node:tls (Alfredo González) #​56229
• [7d8c1e72d5] - doc: add esm examples to node:perf_hooks (Alfredo González) #​55257
• [ea53c4b1ae] - doc: sea.getRawAsset(key) always returns an ArrayBuffer (沈鸿飞) #​56206
• [7a94100a3e] - doc: update announce documentation for releases (Rafael Gonzaga) #​56200
• [44c4e57e32] - doc: update blog link to /vulnerability (Rafael Gonzaga) #​56198
• [5e5b4b0cbd] - doc: call out import.meta is only supported in ES modules (Anton Kastritskii) #​56186
• [a83de32d35] - doc: add ambassador message - benefits of Node.js (Michael Dawson) #​56085
• [bb880dd21a] - doc: fix incorrect link to style guide (Yuan-Ming Hsu) #​56181
• [39ce902e58] - doc: fix c++ addon hello world sample (Edigleysson Silva (Edy)) #​56172
• [19c72c4acc] - doc: update blog release-post link (Ruy Adorno) #​56123
• [b667cc4669] - doc: fix module.md headings (Chengzhong Wu) #​56131
• [34c68827af] - doc: move typescript support to active development (Marco Ippolito) #​55536
• [c4a97d810b] - doc: mention -a flag for the release script (Ruy Adorno) #​56124
• [dd14b80350] - doc: add LJHarb to collaborators (Jordan Harband) #​56132
• [2feb0781ed] - doc: add create-release-action to process (Rafael Gonzaga) #​55993
• [71f6263942] - doc: rename file to advocacy-ambassador-program.md (Tobias Nießen) #​56046
• [8efa240500] - doc: remove unused import from sample code (Blended Bram) #​55570
• [e64cef8bf4] - doc: add FAQ to releases section (Rafael Gonzaga) #​55992
• [4bb0f30f92] - doc: move history entry to class description (Luigi Pinca) #​55991
• [6d02bd6873] - doc: add history entry for textEncoder.encodeInto() (Luigi Pinca) #​55990
• [e239382ed8] - doc: improve GN build documentation a bit (Shelley Vohr) #​55968
• [78b6aef6bc] - doc: fix deprecation codes (Filip Skokan) #​56018
• [474bf80a44] - doc: remove confusing and outdated sentence (Luigi Pinca) #​55988
• [57381076c5] - doc: deprecate passing invalid types in fs.existsSync (Carlos Espa) #​55892
• [e529cf6b26] - doc: add doc for PerformanceObserver.takeRecords() (skyclouds2001) #​55786
• [a6ef0f6f6e] - doc: add vetted courses to the ambassador benefits (Matteo Collina) #​55934
• [63526049f2] - doc: order node:crypto APIs alphabetically (Julian Gassner) #​55831
• [36080b7b61] - doc: doc how to add message for promotion (Michael Dawson) #​55843
• [12b2ad4287] - doc: add esm example for zlib (Leonardo Peixoto) #​55946
• [352daac296] - doc: fix typo (Alex Yang) #​56125
• [6e7e9a126d] - doc: document approach for building wasm in deps (Michael Dawson) #​55940
• [0b3ac05422] - doc: remove RedYetiDev from triagers team (Aviv Keller) #​55947
• [20be5e2f80] - doc: add esm examples to node:timers (Alfredo González) #​55857
• [3ba9b57436] - doc: fix relative path mention in --allow-fs (Rafael Gonzaga) #​55791
• [3e6b3a9a8b] - doc: include git node release --promote to steps (Rafael Gonzaga) #​55835
• [5bdfde8dc6] - doc: add history entry for import assertion removal (Antoine du Hamel) #​55883
• [c842146c05] - doc: add a note on console stream behavior (Gireesh Punathil) #​55616
• [5263086169] - (SEMVER-MINOR) doc: add report version and history section (Chengzhong Wu) #​56130
• [8cb3c2018d] - (SEMVER-MINOR) doc: sort --report-exclude alphabetically (Rafael Gonzaga) #​55788
• [55239a48b6] - (SEMVER-MINOR) doc,lib,src,test: unflag sqlite module (Colin Ihrig) #​55890
• [04d7c7a349] - fs: make mutating options in Callback readdir() not affect results (LiviaMedeiros) #​56057
• [92bcd528e7] - fs: make mutating options in Promises readdir() not affect results (LiviaMedeiros) #​56057
• [3a55bd9448] - fs: lazily load ReadFileContext (Gürgün Dayıoğlu) #​55998
• [0331b3fdd3] - fs,win: fix readdir for named pipe (Hüseyin Açacak) #​56110
• [79152b54e9] - http: add setDefaultHeaders option to http.request (Tim Perry) #​56112
• [19782855a8] - http: don't emit error after destroy (Robert Nagy) #​55457
• [8494512c17] - http2: remove duplicate codeblock (Vitaly Aminev) #​55915
• [d2f82223d1] - http2: support ALPNCallback option (ZYSzys) #​56187
• [2616f1247a] - http2: fix memory leak caused by premature listener removing (ywave620) #​55966
• [598fe048f2] - lib: remove redundant global regexps (Gürgün Dayıoğlu) #​56182
• [a3c8739530] - lib: clean up persisted signals when they are settled (Edigleysson Silva (Edy)) #​56001
• [11144ab158] - lib: handle Float16Array in node:v8 serdes (Bartek Iwańczuk) #​55996
• [81c94a32e4] - lib: disable default memory leak warning for AbortSignal (Lenz Weber-Tronic) #​55816
• [68dda61420] - lib: add validation for options in compileFunction (Taejin Kim) #​56023
• [d2007aec28] - lib: fix fs.readdir recursive async (Rafael Gonzaga) #​56041
• [0571d5556f] - lib: avoid excluding symlinks in recursive fs.readdir with filetypes (Juan José) #​55714
• [843943d0ce] - meta: bump github/codeql-action from 3.27.0 to 3.27.5 (dependabot[bot]) #​56103
• [1529027f03] - meta: bump actions/checkout from 4.1.7 to 4.2.2 (dependabot[bot]) #​56102
• [8e265de9f5] - meta: bump step-security/harden-runner from 2.10.1 to 2.10.2 (dependabot[bot]) #​56101
• [0fba3a3b9b] - meta: bump actions/setup-node from 4.0.3 to 4.1.0 (dependabot[bot]) #​56100
• [2e3fdfdb19] - meta: add releasers as CODEOWNERS to proposal action (Rafael Gonzaga) #​56043
• [7cbe3de1d8] - (SEMVER-MINOR) module: only emit require(esm) warning under --trace-require-module (Joyee Cheung) #​56194
• [8a5429c9b3] - module: prevent main thread exiting before esm worker ends (Shima Ryuhei) #​56183
• [6575b76042] - (SEMVER-MINOR) module: add module.stripTypeScriptTypes (Marco Ippolito) #​55282
• [0794861bc3] - module: simplify ts under node_modules check (Marco Ippolito) #​55440
• [28a11adf14] - module: mark evaluation rejection in require(esm) as handled (Joyee Cheung) #​56122
• [bacfe6d5c9] - (SEMVER-MINOR) net: support blocklist in net.connect (theanarkh) #​56075
• [566f0a1d25] - (SEMVER-MINOR) net: add SocketAddress.parse (James M Snell) #​56076
• [ed7eab1421] - (SEMVER-MINOR) net: add net.BlockList.isBlockList(value) (James M Snell) #​56078
• [b47888d390] - (SEMVER-MINOR) net: support blocklist for net.Server (theanarkh) #​56079
• [481770a38f] - node-api: allow napi_delete_reference in finalizers (Chengzhong Wu) #​55620
• [2beb4f1f8c] - permission: ignore internalModuleStat on module loading (Rafael Gonzaga) #​55797
• [ea4891856d] - (SEMVER-MINOR) process: deprecate features.{ipv6,uv} and features.tls_* (René) #​55545
• [c907b2f358] - quic: update more QUIC implementation (James M Snell) #​55986
• [43c25e2e0d] - quic: multiple updates to quic impl (James M Snell) #​55971
• [01eb308f26] - (SEMVER-MINOR) report: fix typos in report keys and bump the version (Yuan-Ming Hsu) #​56068
• [1cfa31fb82] - sea: only assert snapshot main function for main threads (Joyee Cheung) #​56120
• [97c38352d0] - (SEMVER-MINOR) sqlite: aggregate constants in a single property (Edigleysson Silva (Edy)) #​56213
• [2268c1ea8b] - sqlite: add support for custom functions (Colin Ihrig) #​55985
• [f5c6955722] - sqlite: support db.loadExtension (Alex Yang) #​53900
• [9a60bea6b7] - sqlite: deps include sqlite3ext.h (Alex Yang) #​56010
• [b4041e554a] - (SEMVER-MINOR) sqlite: add StatementSync.prototype.iterate method (tpoisseau) #​54213
• [2889e8da04] - src: fix outdated js2c.cc references (Chengzhong Wu) #​56133
• [5ce020b0c9] - src: use spaceship operator in SocketAddress (James M Snell) #​56059
• [a32fa30847] - src: add missing qualifiers to env.cc (Yagiz Nizipli) #​56062
• [974b7b61ef] - src: use std::string_view for process emit fns (Yagiz Nizipli) #​56086
• [4559fac862] - src: remove dead code in async_wrap (Gerhard Stöbich) #​56065
• [e42e4b20be] - src: avoid copy on getV8FastApiCallCount (Yagiz Nizipli) #​56081
• [c188660e8b] - src: fix check fd (theanarkh) #​56000
• [d894cb76ff] - src: safely remove the last line from dotenv (Shima Ryuhei) #​55982
• [2ca9f4b65a] - src: fix kill signal on Windows (Hüseyin Açacak) #​55514
• [2e3ca1bbdd] - (SEMVER-MINOR) src: add cli option to preserve env vars on dr (Rafael Gonzaga) #​55697
• [359fff1c4e] - src,build: add no user defined deduction guides of CTAD check (Chengzhong Wu) #​56071
• [57bb983215] - (SEMVER-MINOR) src,lib: stabilize permission model (Rafael Gonzaga) #​56201
• [d352b0465a] - stream: commit pull-into descriptors after filling from queue (Mattias Buelens) #​56072
• [eef9bd1bf6] - test: remove test-sqlite-statement-sync flaky designation (Luigi Pinca) #​56051
• [8718135a5d] - test: use --permission over --experimental-permission (Rafael Gonzaga) #​56239
• [9c68d4f180] - test: remove exludes for sea tests on PPC (Michael Dawson) #​56217
• [c5d0472968] - test: fix test-abortsignal-drop-settled-signals flakiness (Edigleysson Silva (Edy)) #​56197
• [4adf518689] - test: move localizationd data from test-icu-env to external file (Livia Medeiros) #​55618
• [02383b4267] - test: update WPT for url to 6fa3fe8 (Node.js GitHub Bot) #​56136
• [0e24eebf24] - test: remove hasOpenSSL3x utils (Antoine du Hamel) #​56164
• [381e705385] - test: update streams wpt (Mattias Buelens) #​56072
• [ad107ca0d9] - test: remove test-fs-utimes flaky designation (Luigi Pinca) #​56052
• [e15c5dab79] - test: ensure cli.md is in alphabetical order (Antoine du Hamel) #​56025
• [d0302e7d2d] - test: update WPT for WebCryptoAPI to 3e3374e (Node.js GitHub Bot) #​56093
• [a0b1e8f400] - test: update WPT for WebCryptoAPI to 76dfa54 (Node.js GitHub Bot) #​56093
• [211f058a12] - test: move test-worker-arraybuffer-zerofill to parallel (Luigi Pinca) #​56053
• [c52bc5d71c] - test: update WPT for url to 67880a4 (Node.js GitHub Bot) #​55999
• [1a78bde8d4] - test: make HTTP/1.0 connection test more robust (Arne Keller) #​55959
• [ff7b1445a0] - test: convert readdir test to use test runner (Thomas Chetwin) #​55750
• [b296b5a4e4] - test: make x509 crypto tests work with BoringSSL (Shelley Vohr) #​55927
• [97458ad74b] - test: fix determining lower priority (Livia Medeiros) #​55908
• [bb4aa7a296] - test,crypto: update WebCryptoAPI WPT (Filip Skokan) #​55997
• [fb98fa4967] - test_runner: refactor Promise chain in run() (Colin Ihrig) #​55958
• [18c94961f8] - test_runner: refactor build Promise in Suite() (Colin Ihrig) #​55958
• [bf3967fd3a] - test_runner: simplify hook running logic (Colin Ihrig) #​55963
• [8c065dc61e] - test_runner: mark context.plan() as stable (Colin Ihrig) #​55895
• [8ff082cf48] - test_runner: mark snapshot testing as stable (Colin Ihrig) #​55897
• [7ae125cef4] - tools: fix node: enforcement for docs (Antoine du Hamel) #​56284
• [0b489116a3] - tools: update github_reporter to 1.7.2 (Node.js GitHub Bot) #​56205
• [5306819fac] - tools: add REPLACEME check to workflow (Mert Can Altin) #​56251
• [4e3cab44cb] - tools: use github.actor instead of bot username for release proposals (Antoine du Hamel) #​56232
• [3e8938463a] - Revert "tools: disable automated libuv updates" (Luigi Pinca) #​56223
• [98ea499e36] - tools: update gyp-next to 0.19.1 (Anna Henningsen) #​56111
• [2e76cd2a8b] - tools: fix release proposal linter to support more than 1 folk preparing (Antoine du Hamel) #​56203
• [9fa0e41665] - tools: enable linter for tools/icu/** (Livia Medeiros) #​56176
• [d6e1efcc59] - tools: use commit title as PR title when creating release proposal (Antoine du Hamel) #​56165
• [a88e4ce55e] - tools: update gyp-next to 0.19.0 (Node.js GitHub Bot) #​56158
• [bd0760efbc] - tools: bump the eslint group in /tools/eslint with 4 updates (dependabot[bot]) #​56099
• [c5b1cf4b12] - tools: improve release proposal PR opening (Antoine du Hamel) #​56161
• [12baefb13d] - tools: update create-release-proposal workflow (Antoine du Hamel) #​56054
• [e6e1495f1a] - tools: fix update-undici script (Michaël Zasso) #​56069
• [ed635c90da] - tools: allow dispatch of tools.yml from forks (Antoine du Hamel) #​56008
• [1e628d1f37] - tools: fix nghttp3 updater script (Antoine du Hamel) #​56007
• [1af3599b7e] - tools: filter release keys to reduce interactivity (Antoine du Hamel) #​55950
• [1893be4a9c] - tools: update WPT updater (Antoine du Hamel) #​56003
• [f89bd2ba8a] - tools: add WPT updater for specific subsystems (Mert Can Altin) #​54460
• [61901372d5] - tools: use tokenless Codecov uploads (Michaël Zasso) #​55943
• [312bb4dff8] - tools: lint js in doc/**/*.md (Livia Medeiros) #​55904
• [7b476f637c] - tools: add linter for release commit proposals (Antoine du Hamel) #​55923
• [22d7017191] - tools: fix riscv64 build failed (Lu Yahan) #​52888
• [f4f777f4d2] - tools: bump cross-spawn from 7.0.3 to 7.0.5 in /tools/eslint (dependabot[bot]) #​55894
• [a648e4c44a] - util: harden more built-in classes against prototype pollution (Antoine du Hamel) #​56225
• [4a1b51b5a9] - util: fix Latin1 decoding to return string output (Mert Can Altin) #​56222
• [9e98e86604] - util: do not rely on mutable Object and Function' constructor prop (Antoine du Hamel) #​56188
• [374eb415fd] - util: add fast path for Latin1 decoding (Mert Can Altin) #​55275
• [bcfe9c80fc] - (SEMVER-MINOR) util: add sourcemap support to getCallSites (Marco Ippolito) #​55589
• [2aa77c8a8f] - v8,tools: expose experimental wasm revectorize feature (Yolanda-Chen) #​54896
• [bfd11d7661] - worker: fix crash when a worker joins after exit (Stephen Belanger) #​56191

v22.12.0: 2024-12-03, Version 22.12.0 'Jod' (LTS), @​ruyadorno

Compare Source

Notable Changes

require(esm) is now enabled by default

Support for loading native ES modules using require() had been available on v20.x and v22.x under the command line flag --experimental-require-module, and available by default on v23.x. In this release, it is now no longer behind a flag on v22.x.

This feature is still experimental, and we are looking for user feedback to make more final tweaks before fully stabilizing it. For this reason, on v22.x, when the Node.js instance encounters a native ES module in require() for the first time, it will emit an experimental warning unless require() comes from a path that contains node_modules. If there happens to be any regressions caused by this feature, users can report it to the Node.js issue tracker. Meanwhile this feature can also be disabled using --no-experimental-require-module as a workaround.

With this feature enabled, Node.js will no longer throw ERR_REQUIRE_ESM if require() is used to load a ES module. It can, however, throw ERR_REQUIRE_ASYNC_MODULE if the ES module being loaded or its dependencies contain top-level await. When the ES module is loaded successfully by require(), the returned object will either be a ES module namespace object similar to what's returned by import(), or what gets exported as "module.exports" in the ES module.

Users can check process.features.require_module to see whether require(esm) is enabled in the current Node.js instance. For packages, the "module-sync" exports condition can be used as a way to detect require(esm) support in the current Node.js instance and allow both require() and import to load the same native ES module. See the documentation for more details about this feature.

Contributed by Joyee Cheung in #​55085

Added resizable ArrayBuffer support in Buffer

When a Buffer is created using a resizable ArrayBuffer, the Buffer length will now correctly change as the underlying ArrayBuffer size is changed.

const ab = new ArrayBuffer(10, { maxByteLength: 20 });
const buffer = Buffer.from(ab);
console.log(buffer.byteLength); 10
ab.resize(15);
console.log(buffer.byteLength); 15
ab.resize(5);
console.log(buffer.byteLength); 5

Contributed by James Snell in #​55377

Update root certificates to NSS 3.104

This is the version of NSS that shipped in Firefox 131.0 on 2024-10-01.

Certificates added:

• FIRMAPROFESIONAL CA ROOT-A WEB
• TWCA CYBER Root CA
• SecureSign Root CA12
• SecureSign Root CA14
• SecureSign Root CA15

Contributed by Richard Lau in #​55681

Other Notable Changes

• [4920869935] - (SEMVER-MINOR) assert: make assertion_error use Myers diff algorithm (Giovanni Bucci) #​54862
• [ccffd3b819] - doc: enforce strict policy to semver-major releases (Rafael Gonzaga) #​55732
• [acc6806900] - doc: add jazelly to collaborators (Jason Zhang) #​55531
• [88d91e8bc2] - esm: mark import attributes and JSON module as stable (Nicolò Ribaudo) #​55333
• [98bfc7dce5] - (SEMVER-MINOR) http: add diagnostic channel http.client.request.created (Marco Ippolito) #​55586
• [337f61fb25] - (SEMVER-MINOR) lib: add UV_UDP_REUSEPORT for udp (theanarkh) #​55403
• [1628c48ad6] - (SEMVER-MINOR) net: add UV_TCP_REUSEPORT for tcp (theanarkh) #​55408
• [457e73f4c9] - (SEMVER-MINOR) sqlite: add support for SQLite Session Extension (Bart Louwers) #​54181

Commits

• [f6885e1c68] - assert: fix the string length check for printing the simple diff (Giovanni Bucci) #​55474
• [907484f04d] - assert: fix deepEqual always return true on URL (Xuguang Mei) #​50853
• [301844e249] - assert: differentiate cases where cause is undefined or missing (Antoine du Hamel) #​55738
• [89ccd3e3f4] - assert: fix deepStrictEqual on errors when cause is not undefined (Edigleysson Silva (Edy)) #​55406
• [4920869935] - (SEMVER-MINOR) assert: make assertion_error use Myers diff algorithm (Giovanni Bucci) #​54862
• [c67aec368e] - benchmark: add test-reporters (Aviv Keller) #​55757
• [49774cc2c0] - benchmark: add test_runner/mock-fn (Aviv Keller) #​55771
• [4caaeb47b2] - benchmark: add nodeTiming.uvmetricsinfo bench (RafaelGSS) #​55614
• [cac58564a1] - benchmark: add --runs support to run.js (Rafael Gonzaga) #​55158
• [5c3ee886fc] - benchmark: adjust byte size for buffer-copy (Rafael Gonzaga) #​55295
• [6023e1bdb2] - (SEMVER-MINOR) buffer: make Buffer work with resizable ArrayBuffer (James M Snell) #​55377
• [a6c00c2204] - build: add create release proposal action (Rafael Gonzaga) #​55690
• [b4e413933b] - build: implement node_use_amaro flag

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" in timezone America/Toronto, Automerge - "after 9:00am and before 12:00pm on tuesday, wednesday, thursday" in timezone America/Toronto.

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[gdostie]

This one cannot be updated

Suggested change

	"query-string-cjs": "npm:query-string@^9.0.0",
	"query-string-cjs": "npm:query-string@^7.0.0",