Update Node.js to v24

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
node (source)	^23.0.0 -> ^24.0.0

---

Release Notes

nodejs/node (node)

v24.8.0: 2025-09-10, Version 24.8.0 (Current), @​targos

Compare Source

Notable Changes

HTTP/2 Network Inspection Support in Node.js

Node.js now supports inspection of HTTP/2 network calls in Chrome DevTools for Node.js.

Usage

Write a test.js script that makes HTTP/2 requests.

const http2 = require('node:http2');

const client = http2.connect('https://nghttp2.org');

const req = client.request([
  ':path', '/',
  ':method', 'GET',
]);

Run it with these options:

node --inspect-wait --experimental-network-inspection test.js

Open about:inspect on Google Chrome and click on Open dedicated DevTools for Node.
The Network tab will let you track your HTTP/2 calls.

Contributed by Darshan Sen in #​59611.

Other Notable Changes

• [7a8e2c251d] - (SEMVER-MINOR) crypto: support Ed448 and ML-DSA context parameter in node:crypto (Filip Skokan) #​59570
• [4b631be0b0] - (SEMVER-MINOR) crypto: support Ed448 and ML-DSA context parameter in Web Cryptography (Filip Skokan) #​59570
• [3e4b1e732c] - (SEMVER-MINOR) crypto: add KMAC Web Cryptography algorithms (Filip Skokan) #​59647
• [b1d28785b2] - (SEMVER-MINOR) crypto: add Argon2 Web Cryptography algorithms (Filip Skokan) #​59544
• [430691d1af] - (SEMVER-MINOR) crypto: support SLH-DSA KeyObject, sign, and verify (Filip Skokan) #​59537
• [d6d05ba397] - (SEMVER-MINOR) worker: add cpu profile APIs for worker (theanarkh) #​59428

Commits

• [d913872369] - assert: cap input size in myersDiff to avoid Int32Array overflow (Haram Jeong) #​59578
• [7bbbcf6666] - benchmark: sqlite prevent create both tables on prepare selects (Bruno Rodrigues) #​59709
• [44d7b92271] - benchmark: calibrate config array-vs-concat (Rafael Gonzaga) #​59587
• [7f347fc551] - build: fix getting OpenSSL version on Windows (Michaël Zasso) #​59609
• [4a317150d5] - build: fix 'implicit-function-declaration' on OpenHarmony platform (hqzing) #​59547
• [bda32af587] - build: use windows-2025 runner (Michaël Zasso) #​59673
• [a4a8ed8f6e] - build: compile bundled uvwasi conditionally (Carlo Cabrera) #​59622
• [d944a87761] - crypto: refactor subtle methods to use synchronous import (Filip Skokan) #​59771
• [7a8e2c251d] - (SEMVER-MINOR) crypto: support Ed448 and ML-DSA context parameter in node:crypto (Filip Skokan) #​59570
• [4b631be0b0] - (SEMVER-MINOR) crypto: support Ed448 and ML-DSA context parameter in Web Cryptography (Filip Skokan) #​59570
• [3e4b1e732c] - (SEMVER-MINOR) crypto: add KMAC Web Cryptography algorithms (Filip Skokan) #​59647
• [b1d28785b2] - (SEMVER-MINOR) crypto: add Argon2 Web Cryptography algorithms (Filip Skokan) #​59544
• [430691d1af] - (SEMVER-MINOR) crypto: support SLH-DSA KeyObject, sign, and verify (Filip Skokan) #​59537
• [0d1e53d935] - deps: update uvwasi to 0.0.23 (Node.js GitHub Bot) #​59791
• [68732cf426] - deps: update histogram to 0.11.9 (Node.js GitHub Bot) #​59689
• [f12c1ad961] - deps: update googletest to eb2d85e (Node.js GitHub Bot) #​59335
• [45af6966ae] - deps: upgrade npm to 11.6.0 (npm team) #​59750
• [57617244a4] - deps: V8: cherry-pick 6b1b9bc (Xiao-Tao) #​59283
• [2e6225a747] - deps: update amaro to 1.1.2 (Node.js GitHub Bot) #​59616
• [1f7f6dfae6] - diagnostics_channel: revoke DEP0163 (René) #​59758
• [8671a6cdb3] - doc: stabilize --disable-sigusr1 (Rafael Gonzaga) #​59707
• [583b1b255d] - doc: update OpenSSL default security level to 2 (Jeetu Suthar) #​59723
• [9b5eb6eb50] - doc: fix missing links in the errors page (Nam Yooseong) #​59427
• [e7bf712c57] - doc: update "Type stripping in dependencies" section (Josh Kelley) #​59652
• [96db47f91e] - doc: add Miles Guicent as triager (Miles Guicent) #​59562
• [87f829bd0c] - doc: mark path.matchesGlob as stable (Aviv Keller) #​59572
• [062b2f705e] - doc: improve documentation for raw headers in HTTP/2 APIs (Tim Perry) #​59633
• [6ab9306370] - doc: update install_tools.bat free disk space (Stefan Stojanovic) #​59579
• [c8d6b60da6] - doc: fix quic session instance typo (jakecastelli) #​59642
• [61d0a2d1ba] - doc: fix filehandle.read typo (Ruy Adorno) #​59635
• [3276bfa0d0] - doc: update migration recomendations for util.is**() deprecations (Augustin Mauroy) #​59269
• [11de6c7ebb] - doc: fix missing link to the Error documentation in the http page (Alexander Makarenko) #​59080
• [f5b6829bba] - doc,crypto: add description to the KEM and supports() methods (Filip Skokan) #​59644
• [5bfdc7ee74] - doc,crypto: cleanup unlinked and self method references webcrypto.md (Filip Skokan) #​59608
• [010458d061] - esm: populate separate cache for require(esm) in imported CJS (Joyee Cheung) #​59679
• [dbe6e63baf] - esm: fix missed renaming in ModuleJob.runSync (Joyee Cheung) #​59724
• [8eb0d9d834] - fs: fix wrong order of file names in cpSync error message (Nicholas Paun) #​59775
• [e69be5611f] - fs: fix dereference: false on cpSync (Nicholas Paun) #​59681
• [2865d2ac20] - http: unbreak keepAliveTimeoutBuffer (Robert Nagy) #​59784
• [ade1175475] - http: use cached '1.1' http version string (Robert Nagy) #​59717
• [74a09482de] - inspector: undici as shared-library should pass tests (Aras Abbasi) #​59837
• [772f8f415a] - inspector: add http2 tracking support (Darshan Sen) #​59611
• [3d225572d7] - Revert "lib: optimize writable stream buffer clearing" (Yoo) #​59743
• [4fd213ce73] - lib: fix isReadable and isWritable return type value (Gabriel Quaresma) #​59089
• [39befddb87] - lib: prefer TypedArrayPrototype primordials (Filip Skokan) #​59766
• [0748160d2e] - lib: fix DOMException subclass support (Chengzhong Wu) #​59680
• [1a93df808c] - lib: revert to using default derived class constructors (René) #​59650
• [bb0755df37] - meta: bump codecov/codecov-action (dependabot[bot]) #​59726
• [45d148d9be] - meta: bump actions/download-artifact from 4.3.0 to 5.0.0 (dependabot[bot]) #​59729
• [01b66b122e] - meta: bump github/codeql-action from 3.29.2 to 3.30.0 (dependabot[bot]) #​59728
• [34f7ab5502] - meta: bump actions/cache from 4.2.3 to 4.2.4 (dependabot[bot]) #​59727
• [5806ea02af] - meta: bump actions/checkout from 4.2.2 to 5.0.0 (dependabot[bot]) #​59725
• [f667215583] - path: refactor path joining logic for clarity and performance (Lee Jiho) #​59781
• [0340fe92a6] - repl: do not cause side effects in tab completion (Anna Henningsen) #​59774
• [a414c1eb51] - repl: fix REPL completion under unary expressions (Kingsword) #​59744
• [c206f8dd87] - repl: add isValidParentheses check before wrap input (Xuguang Mei) #​59607
• [0bf9775ee2] - sea: implement sea.getAssetKeys() (Joyee Cheung) #​59661
• [bf26b478d8] - sea: allow using inspector command line flags with SEA (Joyee Cheung) #​59568
• [92128a8fe2] - src: use DictionaryTemplate for node_url_pattern (James M Snell) #​59802
• [bcb29fb84f] - src: correctly report memory changes to V8 (Yaksh Bariya) #​59623
• [44c24657d3] - src: fixup node_messaging error handling (James M Snell) #​59792
• [2cd6a3b7ec] - src: track async resources via pointers to stack-allocated handles (Anna Henningsen) #​59704
• [34d752586f] - src: fix build on NetBSD (Thomas Klausner) #​59718
• [15fa779ac5] - src: fix race on process exit and off thread CA loading (Chengzhong Wu) #​59632
• [15cbd3966a] - src: separate module.hasAsyncGraph and module.hasTopLevelAwait (Joyee Cheung) #​59675
• [88d1ca8990] - src: use non-deprecated Get/SetPrototype methods (Michaël Zasso) #​59671
• [56ac9a2d46] - src: migrate WriteOneByte to WriteOneByteV2 (Chengzhong Wu) #​59634
• [3d88aa9f2f] - src: remove duplicate code (theanarkh) #​59649
• [0718a70b2a] - src: add name for more threads (theanarkh) #​59601
• [0379a8b254] - src: remove JSONParser (Joyee Cheung) #​59619
• [90d0a1b2e9] - src,sqlite: refactor value conversion (Edy Silva) #​59659
• [5e025c7ca7] - stream: replace manual function validation with validateFunction (방진혁) #​59529
• [155a999bed] - test: skip tests failing when run under root (Livia Medeiros) #​59779
• [6313706c69] - test: update WPT for urlpattern to cff1ac1 (Node.js GitHub Bot) #​59602
• [41245ad4c7] - test: skip more sea tests on Linux ppc64le (Richard Lau) #​59755
• [df63d37ec4] - test: fix internet/test-dns (Michaël Zasso) #​59660
• [1f6c335e82] - test: mark test-inspector-network-fetch as flaky again (Joyee Cheung) #​59640
• [1798683df1] - test: skip test-fs-cp* tests that are constantly failing on Windows (Joyee Cheung) #​59637
• [4c48ec09e5] - test: deflake test-http-keep-alive-empty-line (Luigi Pinca) #​59595
• [dcdb259e85] - test_runner: fix todo inheritance (Moshe Atlow) #​59721
• [24177973a2] - test_runner: set mock timer's interval undefined (hotpineapple) #​59479
• [83d11f8a7a] - tools: print appropriate output when test aborted (hotpineapple) #​59794
• [1eca2cc548] - tools: use sparse checkout in build-tarball.yml (Antoine du Hamel) #​59788
• [89fa1a929d] - tools: remove unused actions from build-tarball.yml (Antoine du Hamel) #​59787
• [794ca3511d] - tools: do not attempt to compress tgz archive (Antoine du Hamel) #​59785
• [377bdb9b7e] - tools: add v8windbg target (Chengzhong Wu) #​59767
• [6696d1d6c9] - tools: improve error handling in node_mksnapshot (James M Snell) #​59437
• [8dbd0f13e8] - tools: add sccache to test-internet workflow (Antoine du Hamel) #​59720
• [6523c2d7d9] - tools: update gyp-next to 0.20.4 (Node.js GitHub Bot) #​59690
• [19d633f40c] - tools: add script to make reviewing backport PRs easier (Antoine du Hamel) #​59161
• [15e547b3a4] - typings: add typing for 'uv' (방진혁) #​59606
• [ad5cfcc901] - typings: add missing properties in ConfigBinding (Lee Jiho) #​59585
• [70d2d6d479] - url: add err.input to ERR_INVALID_FILE_URL_PATH (Joyee Cheung) #​59730
• [e476e43c17] - util: fix numericSeparator with negative fractional numbers (sangwook) #​59379
• [b2e8f40d15] - util: remove unnecessary template strings (btea) #​59201
• [6f79450ea2] - util: remove outdated TODO comment (haramjeong) #​59760
• [32731432ef] - util: use getOptionValue('--no-deprecation') in deprecated() (haramjeong) #​59760
• [65e4e68c90] - util: hide duplicated stack frames when using util.inspect (Ruben Bridgewater) #​59447
• [2086f3365f] - vm: sync-ify SourceTextModule linkage (Chengzhong Wu) #​59000
• [c16163511d] - wasi: fix clean target in test/wasi/Makefile (Antoine du Hamel) #​59576
• [2e54411cb6] - worker: optimize cpu profile implement (theanarkh) #​59683
• [d6d05ba397] - (SEMVER-MINOR) worker: add cpu profile APIs for worker (theanarkh) #​59428

v24.7.0: 2025-08-27, Version 24.7.0 (Current), @​targos

Compare Source

Notable Changes

Post-Quantum Cryptography in node:crypto

OpenSSL 3.5 on 24.x kicked off post-quantum cryptography efforts in Node.js by
allowing use of NIST's post-quantum cryptography standards for future-proofing
applications against quantum computing threats. The following post-quantum
algorithms are now available in node:crypto:

• ML-KEM (FIPS 203, Module-Lattice-Based Key-Encapsulation Mechanism Standard) through new crypto.encapsulate() and crypto.decapsulate() methods.
• ML-DSA (FIPS 204, Module-Lattice-Based Digital Signature Standard) in the existing crypto.sign() and crypto.verify() methods.

Contributed by Filip Skokan in #​59259 and #​59491.

Modern Algorithms in Web Cryptography API

The second substantial extension to the Web Cryptography API
(globalThis.crypto.subtle) was recently accepted for incubation by WICG.
The following algorithms and methods from this extension are now available in
the Node.js Web Cryptography API implementation:

• AES-OCB
• ChaCha20-Poly1305
• ML-DSA
• ML-KEM
• SHA-3
• SHAKE
• subtle.getPublicKey()
• SubtleCrypto.supports()
• ... with more coming in future releases.

Contributed by Filip Skokan in #​59365, #​59569, #​59461, and #​59539.

Node.js execution argument support in single executable applications

The single executable application configuration now supports additional fields
to specify Node.js execution arguments and control how they can be extended when
the application is run.

• execArgv takes an array of strings for the execution arguments to be used.
• execArgvExtension takes one of the following values:
  • "none": No additional execution arguments are allowed.
  • "cli": Additional execution arguments can be provided via a special command-line flag --node-options="--flag1 --flag2=value" at run time.
  • "env" (default): Additional execution arguments can be provided via the NODE_OPTIONS environment variable at run time.

For example, with the following configuration:

{
  "main": "/path/to/bundled/script.js",
  "output": "/path/to/write/the/generated/blob.blob",
  "execArgv": ["--no-warnings"],
  "execArgvExtension": "cli",
}

If the generated single executable application is named sea, then running:

sea --node-options="--max-old-space-size=4096" user-arg1 user-arg2

Would be equivalent to running:

node --no-warnings --max-old-space-size=4096 /path/to/bundled/script.js user-arg1 user-arg2

Contributed by Joyee Cheung in #​59314 and #​59560.

Root certificates updated to NSS 3.114

Certificates added:

• TrustAsia TLS ECC Root CA
• TrustAsia TLS RSA Root CA
• SwissSign RSA TLS Root CA 2022 - 1

Certificates removed:

• GlobalSign Root CA
• Entrust.net Premium 2048 Secure Server CA
• Baltimore CyberTrust Root
• Comodo AAA Services root
• XRamp Global CA Root
• Go Daddy Class 2 CA
• Starfield Class 2 CA

Other Notable Changes

• [d3afc63c44] - (SEMVER-MINOR) crypto: add argon2() and argon2Sync() methods (Ranieri Althoff) #​50353
• [6ae202fcdf] - (SEMVER-MINOR) http: add Agent.agentKeepAliveTimeoutBuffer option (Haram Jeong) #​59315
• [dafee05358] - (SEMVER-MINOR) http2: add support for raw header arrays in h2Stream.respond() (Tim Perry) #​59455
• [8dc6f5b696] - (SEMVER-MINOR) stream: add brotli support to CompressionStream and DecompressionStream (Matthew Aitken) #​59464

Commits

• [0fa22cbf7c] - benchmark: calibrate config v8/serialize.js (Rafael Gonzaga) #​59586
• [f5ece45b45] - benchmark: reduce readfile-permission-enabled config (Rafael Gonzaga) #​59589
• [8ebd4f4434] - benchmark: calibrate length of util.diff (Rafael Gonzaga) #​59588
• [7dee3ffd14] - benchmark: reflect current OpenSSL in crypto key benchmarks (Filip Skokan) #​59459
• [027b861ca1] - benchmark, test: replace CRLF variable with string literal (Lee Jiho) #​59466
• [89dd770889] - build: do not set -mminimal-toc with clang (Richard Lau) #​59484
• [e13de4542f] - child_process: remove unsafe array iteration (hotpineapple) #​59347
• [89fe63551e] - crypto: load system CA certificates off thread (Joyee Cheung) #​59550
• [152c5ef518] - (SEMVER-MINOR) crypto: add AES-OCB Web Cryptography algorithm (Filip Skokan) #​59539
• [c6c418343d] - crypto: update root certificates to NSS 3.114 (Node.js GitHub Bot) #​59571
• [18a2ee5b6c] - (SEMVER-MINOR) crypto: support ML-KEM in Web Cryptography (Filip Skokan) #​59569
• [72937e5144] - crypto: require HMAC key length with SHA-3 hashes in Web Cryptography (Filip Skokan) #​59567
• [b7383186c7] - crypto: fix subtle.getPublicKey error for secret type key inputs (Filip Skokan) #​59558
• [2d05c046db] - crypto: return cached copies from CryptoKey algorithm and usages getters (Filip Skokan) #​59538
• [207ffbeb07] - crypto: use CryptoKey internal slots in Web Cryptography (Filip Skokan) #​59538
• [4276516781] - crypto: normalize RsaHashedKeyParams publicExponent (Filip Skokan) #​59538
• [14741539a7] - (SEMVER-MINOR) crypto: support ML-KEM, DHKEM, and RSASVE key encapsulation mechanisms (Filip Skokan) #​59491
• [d3afc63c44] - (SEMVER-MINOR) crypto: add argon2() and argon2Sync() methods (Ranieri Althoff) #​50353
• [4fe383e45a] - (SEMVER-MINOR) crypto: support ML-DSA spki/pkcs8 key formats in Web Cryptography (Filip Skokan) #​59365
• [a95386fbf9] - (SEMVER-MINOR) crypto: subject some algorithms in Web Cryptography on BoringSSL absence (Filip Skokan) #​59365
• [3f47a2fb63] - (SEMVER-MINOR) crypto: add ChaCha20-Poly1305 Web Cryptography algorithm (Filip Skokan) #​59365
• [6fcce9058a] - (SEMVER-MINOR) crypto: add subtle.getPublicKey() utility function in Web Cryptography (Filip Skokan) #​59365
• [76cde76429] - (SEMVER-MINOR) crypto: add SHA-3 Web Cryptography digest algorithms (Filip Skokan) #​59365
• [247d017501] - (SEMVER-MINOR) crypto: add SHAKE Web Cryptography digest algorithms (Filip Skokan) #​59365
• [f4fbcca5ce] - (SEMVER-MINOR) crypto: add SubtleCrypto.supports feature detection in Web Cryptography (Filip Skokan) #​59365
• [a55382214f] - (SEMVER-MINOR) crypto: support ML-DSA in Web Cryptography (Filip Skokan) #​59365
• [c38988c860] - crypto: fix EVPKeyCtxPointer::publicCheck() (Tobias Nießen) #​59471
• [61c3bcdc56] - (SEMVER-MINOR) crypto: support ML-KEM KeyObject (Filip Skokan) #​59461
• [0821b446fb] - deps: update undici to 7.14.0 (Node.js GitHub Bot) #​59507
• [b3af17c065] - deps: V8: cherry-pick 7b91e3e (Milad Fa) #​59485
• [9b69baf146] - deps: V8: cherry-pick 59d52e3 (Milad Fa) #​59485
• [b4f202c2f1] - doc: improve sqlite.backup() progress/fulfillment documentation (René) #​59598
• [40b217a2f9] - doc: clarify experimental platform vulnerability policy (Matteo Collina) #​59591
• [cf84fffea5] - doc: link to TypedArray.from() in signature (Aviv Keller) #​59226
• [4bf6ed0bf5] - doc: fix typos in environment_variables.md (PhistucK) #​59536
• [1784c35a49] - doc: add security incident reponse plan (Rafael Gonzaga) #​59470
• [b962560240] - doc: clarify maxRSS unit in process.resourceUsage() (Alex Yang) #​59511
• [e6a6cdb9df] - doc: add missing Zstd strategy constants (RANDRIAMANANTENA Narindra Tiana Annaick) #​59312
• [a6a31cb467] - (SEMVER-MINOR) doc: compress Web Cryptography Algorithm matrix (Filip Skokan) #​59365
• [8f8960cfcb] - doc: fix the version tls.DEFAULT_CIPHERS was added (Allon Murienik) #​59247
• [9e76089f1a] - doc: clarify glob's exclude option behavior (hotpineapple) #​59245
• [dd5f835af7] - doc: add RafaelGSS as performance strategic lead (Rafael Gonzaga) #​59445
• [2b7a7a525e] - doc,crypto: add supported asymmetric key types section (Filip Skokan) #​59492
• [2fafe4c3bb] - esm: link modules synchronously when no async loader hooks are used (Joyee Cheung) #​59519
• [5347c4997a] - esm: show race error message for inner module job race (Joyee Cheung) #​59519
• [b56d8af2fe] - esm: sync-ify module translation (Joyee Cheung) #​59453
• [b4a23d6a69] - http: trim off brackets from IPv6 addresses with string operations (Krishnadas PC) #​59420
• [6ae202fcdf] - (SEMVER-MINOR) http: add Agent.agentKeepAliveTimeoutBuffer option (Haram Jeong) #​59315
• [dafee05358] - (SEMVER-MINOR) http2: add support for raw header arrays in h2Stream.respond() (Tim Perry) #​59455
• [b7ea39d860] - http2: report sent headers object in client stream dcs (Darshan Sen) #​59419
• [ebe9272dae] - inspector: initial support websocket inspection (Shima Ryuhei) #​59404
• [b35041c7dc] - inspector: prevent propagation of promise hooks to noPromise hooks (Shima Ryuhei) #​58841
• [fe7176d7c6] - lib: do not modify prototype deprecated asyncResource (encore) (Szymon Łągiewka) #​59518
• [93fc80a1e2] - (SEMVER-MINOR) lib: refactor kSupportedAlgorithms (Filip Skokan) #​59365
• [9a12f71ad9] - lib: simplify IPv6 checks in isLoopback() (Krishnadas) #​59375
• [566fb04c82] - meta: update devcontainer to the latest schema (Aviv Keller) #​54347
• [389a24bbff] - module: allow overriding linked requests for a ModuleWrap (Chengzhong Wu) #​59527
• [7880978fe3] - module: correctly detect top-level await in ambiguous contexts (Shima Ryuhei) #​58646
• [99128d9244] - node-api: link to other programming language bindings (Chengzhong Wu) #​59516
• [65c870e6cb] - node-api: clarify enum value ABI stability (Chengzhong Wu) #​59085
• [352d63541a] - sea: implement execArgvExtension (Joyee Cheung) #​59560
• [c6e3d5d98d] - (SEMVER-MINOR) sea: support execArgv in sea config (Joyee Cheung) #​59314
• [e7084df4db] - sqlite: add sqlite-type symbol for DatabaseSync (Alex Yang) #​59405
• [e2b6bdc640] - sqlite: handle ?NNN parameters as positional (Edy Silva) #​59350
• [99e4a12731] - sqlite: avoid useless call to FromMaybe() (Tobias Nießen) #​59490
• [dfd4962e5f] - src: enforce assumptions in FIXED_ONE_BYTE_STRING (Tobias Nießen) #​58155
• [93a368df04] - src: use simdjson to parse --snapshot-config (Joyee Cheung) #​59473
• [716750fcf8] - src: fix order of CHECK_NOT_NULL/dereference (Tobias Nießen) #​59487
• [44a8ecf8d4] - src: assert memory calc for max-old-space-size-percentage (Asaf Federman) #​59460
• [3462b46fca] - src: use simdjson::pad (0hm☘️) #​59391
• [3e1551d845] - src: move shared_ptr objects in KeyObjectData (Tobias Nießen) #​59472
• [c022c1f85a] - src: add internal GetOptionsAsFlags (Pietro Marchini) #​59138
• [c0f08454a3] - src: iterate metadata version entries with std::array (Chengzhong Wu) #​57866
• [f87836f3ae] - src: internalize v8::ConvertableToTraceFormat in traces (Chengzhong Wu) #​57866
• [852b8e46d8] - src: remove duplicate assignment of O_EXCL in node_constants.cc (Daniel Osvaldo R) #​59049
• [64ffde608f] - src: add Intel CET properties to large_pages.S (tjuhaszrh) #​59363
• [823dce32ec] - src: update OpenSSL pqc checks (Filip Skokan) #​59436
• [8dc6f5b696] - (SEMVER-MINOR) stream: add brotli support to CompressionStream and DecompressionStream (Matthew Aitken) #​59464
• [b2b8383755] - test: use mustSucceed in test-repl-tab-complete-import (Sohyeon Kim) #​59368
• [e3ad5cc2c6] - test: skip sea tests on Linux ppc64le (Richard Lau) #​59563
• [f78f47ca5a] - test: support standalone env comment in tests (Pietro Marchini) #​59546
• [0e8bc2c7ac] - test: rename test-net-server-drop-connections-in-cluster.js to -http- (Meghan Denny) #​59532
• [ed339580af] - test: lazy-load internalTTy (Pietro Marchini) #​59517
• [fe86bc6da8] - test: fix test-setproctitle status when ps is not available (Antoine du Hamel) #​59523
• [e517792973] - test: add parseTestMetadata support (Pietro Marchini) #​59503
• [31092972d6] - test: update WPT for WebCryptoAPI to ff26d9b (Node.js GitHub Bot) #​59497
• [16afd103cc] - (SEMVER-MINOR) test: add Web Cryptography wrap/unwrap vectors (Filip Skokan) #​59365
• [5598baf34e] - (SEMVER-MINOR) test: cleanup test-webcrypto-supports (Filip Skokan) #​59365
• [e7809d6ddb] - test: make test-debug-process locale-independent (BCD1me) #​59254
• [ca7856e73c] - test: mark test-wasi-pthread as flaky (Joyee Cheung) #​59488
• [0ecd82197f] - test: split test-wasi.js (Joyee Cheung) #​59488
• [0930c218d6] - test: deflake connection refused proxy tests (Joyee Cheung) #​59476
• [7f457f886a] - test: use case-insensitive path checking on Windows in fs.cpSync tests (Joyee Cheung) #​59475
• [37809115f9] - test: add missing hasPostData in test-inspector-emit-protocol-event (Shima Ryuhei) #​59412
• [f4722b1672] - test: refactor error checks to use assert.ifError/mustSucceed (Sohyeon Kim) #​59424
• [9ff71a672d] - test: fix typos (Lee Jiho) #​59330
• [9a7700da62] - test: skip test-watch-mode inspect when no inspector (James M Snell) #​59440
• [e964c4334e] - test_runner: do not error when getting fullName of root context (René) #​59377
• [e076f7857c] - test_runner: add option to rerun only failed tests (Moshe Atlow) #​59443
• [eb8b1939a4] - test_runner: fix isSkipped check in junit (Sungwon) #​59414
• [4e02ea1c52] - tools: update gyp-next to 0.20.3 (Node.js GitHub Bot) #​59603
• [99da7fbe11] - tools: avoid parsing test files twice (Pietro Marchini) #​59526
• [9a6a8e319b] - tools: update coverage GitHub Actions to fixed version (Rich Trott) #​59512
• [8d28236aff] - tools: fix return value of try_check_compiler (theanarkh) #​59434
• [52ab64ec3a] - tools: bump @​eslint/plugin-kit from 0.3.3 to 0.3.4 in /tools/eslint (dependabot[bot]) #​59271
• [baa22893bb] - typings: add missing URLBinding methods (성우현 | Woohyun Sung) #​59468
• [b68e0d1eca] - util: fix error's namespaced node_modules highlighting using inspect (Ruben Bridgewater) #​59446
• [15ae21b88a] - util: add some additional error classes to wellKnownPrototypes (Mark S. Miller) #​59456
• [c38b7cfa35] - worker: fix worker name with \0 (theanarkh) #​59214
• [f54ace694a] - worker: add worker name to report (theanarkh) #​58935

v24.6.0: 2025-08-14, Version 24.6.0 (Current), @​RafaelGSS

Compare Source

Notable Changes

• [471fe712b3] - (SEMVER-MINOR) cli: add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) #​59276
• [38aedfbf73] - (SEMVER-MINOR) crypto: support ML-DSA KeyObject, sign, and verify (Filip Skokan) #​59259
• [201304537e] - (SEMVER-MINOR) zlib: add dictionary support to zstdCompress and zstdDecompress (lluisemper) #​59240
• [e79c93a5d0] - (SEMVER-MINOR) http: add server.keepAliveTimeoutBuffer option (Haram Jeong) #​59243
• [c144d69efc] - lib: docs deprecate _http_* (Sebastian Beltran) #​59293
• [aeb4de55a7] - (SEMVER-MINOR) fs: port SonicBoom module to fs module as Utf8Stream (James M Snell) #​58897

Commits

• [f7484575ff] - assert: change utils to use index instead of for...of (방진혁) #​59278
• [269cd16185] - benchmark: remove deprecated _extend from benchmark (Rafael Gonzaga) #​59228
• [848e49c20b] - benchmark: add fs warmup to writefile-promises (Bruno Rodrigues) #​59215
• [8c609be1b1] - benchmark: add calibrate-n script (Rafael Gonzaga) [#​59186](https://r

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[semanticdiff-com]

Review changes with  

Changed Files

File	Status
package-lock.json	1% smaller
package.json	0% smaller

[restack-app]

No applications have been configured for previews targeting branch: Master. To do so go to restack console and configure your applications for previews.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[pr-code-reviewer]

👋 Hi there!

Everything looks good!

_{^{Automatically generated with the help of gpt-3.5-turbo.
Feedback? Please don't hesitate to drop me an email at [email protected].}}