Update Node.js to v23 #332
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "renovate/node-23.x"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This PR contains the following updates:
20.18.1-bullseye->23.3.0-bullseyeRelease Notes
nodejs/node (node)
v23.3.0: 2024-11-20, Version 23.3.0 (Current), @RafaelGSSCompare Source
Notable Changes
Commits
v23.2.0: 2024-11-11, Version 23.2.0 (Current), @aduh95Compare Source
Notable Changes
Update root certificates to NSS 3.104
This is the version of NSS that shipped in Firefox 131.0 on 2024-10-01.
Certificates added:
Other notable changes
Commits
v23.1.0: 2024-10-24, Version 23.1.0 (Current), @aduh95Compare Source
Notable Changes
Buffernow work with resizableArrayBufferWhen a
Bufferis created using a resizableArrayBuffer, theBufferlengthwill now correctly change as the underlying
ArrayBuffersize is changed.Contributed by James M Snell in #55377.
MockTimerstest runner API is now stableMockTimers, introduced in April 2023, has just reached stable status. ThisAPI provides comprehensive support for mocking
Dateand all major timers inNode.js, including
setTimeout,setInterval, andsetImmediate, both fromthe
node:timers,node:timers/promisesmodules and global objects. Aftermonths of refinement, developers can now fully rely on
MockTimersfor testingtime-based operations with confidence, ensuring better control over asynchronous
behavior in their Node.js applications.
Example usage with initial
Dateobject as time set:Contributed by Erick Wendel in #55398.
JSON modules and import attributes are now stable
The two proposals reached stage 4 of the TC39 process, at the October 2024
meeting. The Node.js implementation already matches exactly the semantics
required by the proposals.
Contributed by Nicolò Ribaudo by #55333.
Other Notable Changes
Commits
v23.0.0: 2024-10-16, Version 23.0.0 (Current), @RafaelGSSCompare Source
We’re excited to announce the release of Node.js 23! Key highlights include:
require(esm)by default for Node.js applicationsnode --runcommandNode.js 23 will replace Node.js 22 as the ‘Current’ release line when Node.js 22 enters long-term support (LTS) later this month.
According to the release schedule, Node.js 23 will remain the ‘Current’ release for the next six months, until April 2025.
Other Notable Changes
Semver-Major Commits
Semver-Minor Commits
Semver-Patch Commits
v22.11.0: 2024-10-29, Version 22.11.0 'Jod' (LTS), @richardlauCompare Source
Notable Changes
This release marks the transition of Node.js 22.x into Long Term Support (LTS)
with the codename 'Jod'. The 22.x release line now moves into "Active LTS"
and will remain so until October 2025. After that time, it will move into
"Maintenance" until end of life in April 2027.
Other than updating metadata, such as the
process.releaseobject, to reflectthat the release is LTS, no further changes from Node.js 22.10.0 are included.
OpenSSL 3.x
Official binaries for Node.js 22.x currently include OpenSSL 3.0.x (more
specifically, the quictls OpenSSL fork).
OpenSSL 3.0.x is the currently designated long term support version that is
scheduled to be supported until 7th September 2026, which is within the expected
lifetime of Node.js 22.x. We are expecting upstream OpenSSL to announce a
successor long term support version prior to that date and since OpenSSL now
follows a semantic versioning-like versioning scheme we expect to be able to
update to the next long term supported version of OpenSSL during the lifetime of
Node.js 22.x.
v22.10.0: 2024-10-16, Version 22.10.0 (Current), @aduh95Compare Source
Notable Changes
New
"module-sync"exports conditionThis release introduces a
"module-sync"exports condition that's enabled whenrequire(esm)is enabled, so packages can supply a synchronous ES module to theNode.js module loader, no matter if it's being required or imported. This is
similar to the
"module"condition that bundlers have been using to supportrequire(esm)in Node.js, and allows dual-package authors to opt into ESM-firstonly on newer versions of Node.js that supports
require(esm)to avoid thedual-package hazard.
Or if the package is only meant to be run on Node.js and wants to fallback to
CJS on older versions that don't have
require(esm):For package authors: this only serves as a feature-detection mechanism for
packages that wish to support both CJS and ESM users during the period when some
active Node.js LTS versions support
require(esm)while some older ones don't.When all active Node.js LTS lines support
require(esm), packages can simplifytheir distributions by bumping the major version, dropping their CJS exports,
and removing the
module-syncexports condition (with onlymainordefaulttargetting the ESM exports). If the package needs to support both bundlers and
being run unbundled on Node.js during the transition period, use both
module-syncandmoduleand point them to the same ESM file. If the packagealready doesn't want to support older versions of Node.js that doesn't support
require(esm), don't use this export condition.For bundlers/tools: they should avoid implementing this stop-gap condition.
Most existing bundlers implement the de-facto bundler standard
moduleexports condition, and that should be enough to support users who want to bundle
ESM from CJS consumers. Users who want both bundlers and Node.js to recognize
the ESM exports can use both
module/module-syncconditions during thetransition period, and can drop
module-sync+modulewhen they no longer needto support older versions of Node.js. If tools do want to support this
condition, it's recommended to make the resolution rules in the graph pointed by
this condition match the Node.js native ESM rules to avoid divergence.
We ended up implementing a condition with a different name instead of reusing
"module", because existing code in the ecosystem using the"module"condition sometimes also expect the module resolution for these ESM files to
work in CJS style, which is supported by bundlers, but the native Node.js loader
has intentionally made ESM resolution different from CJS resolution (e.g.
forbidding
import './noext'orimport './directory'), so it would bebreaking to implement a
"module"condition without implementing the forbiddenESM resolution rules. For now, this just implements a new condition as
semver-minor so it can be backported to older LTS.
Contributed by Joyee Cheung in #54648.
node --runis now stableThis CLI flag runs a specified command from a
package.json's"scripts"object.For the following
package.json:You can run
node --run testand that would start the test suite.Contributed by Yagiz Nizipli in #53763.
Other notable changes
Commits
v22.9.0: 2024-09-17, Version 22.9.0 (Current), @RafaelGSSCompare Source
New API to retrieve execution Stack Trace
A new API
getCallSitehas been introduced to theutilmodule. This API allows usersto retrieve the stacktrace of the current execution. Example:
Thanks to Rafael Gonzaga for making this work on #54380.
Disable V8 Maglev
We have seen several crashes/unexpected JS behaviors with maglev on v22
(which ships V8 v12.4). The bugs lie in the codegen so it would be difficult for
users to work around them or even figure out where the bugs are coming from.
Some bugs are fixed in the upstream while some others probably remain.
As v22 will get stuck with V8 v12.4 as LTS, it will be increasingly difficult to
backport patches for them even if the bugs are fixed. So disable it by default
on v22 to reduce the churn and troubles for users.
Thanks to Joyee Cheung for making this work on #54384
Exposes X509_V_FLAG_PARTIAL_CHAIN to tls.createSecureContext
This releases introduces a new option to the API
tls.createSecureContext. Fornow on users can use
tls.createSecureContext({ allowPartialTrustChain: true })to treat intermediate (non-self-signed) certificates in the trust CA certificate
list as trusted.
Thanks to Anna Henningsen for making this work on #54790
Other Notable Changes
Deprecations
Commits
v22.8.0: 2024-09-03, Version 22.8.0 (Current), @RafaelGSSCompare Source
New JS API for compile cache
This release adds a new API
module.enableCompileCache()that can be used to enable on-disk code caching of all modules loaded after this API is called.Previously this could only be enabled by the
NODE_COMPILE_CACHEenvironment variable, so it could only set by end-users.This API allows tooling and library authors to enable caching of their own code.
This is a built-in alternative to the v8-compile-cache/v8-compile-cache-lib packages,
but have better performance and supports ESM.
Thanks to Joyee Cheung for working on this.
New option for vm.createContext() to create a context with a freezable globalThis
Node.js implements a flavor of
vm.createContext()and friends that creates a context without contextifying its globalobject when vm.constants.DONT_CONTEXTIFY is used. This is suitable when users want to freeze the context
(impossible when the global is contextified i.e. has interceptors installed) or speed up the global access if they
don't need the interceptor behavior.
Thanks to Joyee Cheung for working on this.
Support for coverage thresholds
Node.js now supports requiring code coverage to meet a specific threshold before the process exits successfully.
To use this feature, you need to enable the
--experimental-test-coverageflag.You can set thresholds for the following types of coverage:
--test-coverage-branches=<threshold>--test-coverage-functions=<threshold>--test-coverage-lines=<threshold><threshold>should be an integer between 0 and 100. If an invalid value is provided, aTypeErrorwill be thrown.If the code coverage fails to meet the specified thresholds for any category, the process will exit with code
1.For instance, to enforce a minimum of 80% line coverage and 60% branch coverage, you can run:
Thanks Aviv Keller for working on this.
Other Notable Changes
Commits
v22.7.0: 2024-08-22, Version 22.7.0 (Current), @RafaelGSSCompare Source
Experimental transform types support
With the new flag
--experimental-transform-typesit is possible to enable thetransformation of TypeScript-only syntax into JavaScript code.
This feature allows Node.js to support TypeScript syntax such as
Enumandnamespace.Thanks to Marco Ippolito for making this work on #54283.
Module syntax detection is now enabled by default.
Module syntax detection (the
--experimental-detect-moduleflag) is nowenabled by default. Use
--no-experimental-detect-moduleto disable it ifneeded.
Syntax detection attempts to run ambiguous files as CommonJS, and if the module
fails to parse as CommonJS due to ES module syntax, Node.js tries again and runs
the file as an ES module.
Ambiguous files are those with a
.jsor no extension, where the nearest parentpackage.jsonhas no"type"field (either"type": "module"or"type": "commonjs").Syntax detection should have no performance impact on CommonJS modules, but it
incurs a slight performance penalty for ES modules; add
"type": "module"tothe nearest parent
package.jsonfile to eliminate the performance cost.A use case unlocked by this feature is the ability to use ES module syntax in
extensionless scripts with no nearby
package.json.Thanks to Geoffrey Booth for making this work on #53619.
Performance Improvements to Buffer
Performance of Node.js Buffers have been optimized through multiple PR's with significant
improvements to the
Buffer.copyandBuffer.writemethods. These are used throughoutthe codebase and should give a nice boost across the board.
Thanks to Robert Nagy for making this work on #54311,
#54324, and #54087.
Other Notable Changes
Commits
v22.6.0: 2024-08-06, Version 22.6.0 (Current), @RafaelGSSCompare Source
Experimental TypeScript support via strip types
Node.js introduces the
--experimental-strip-typesflag for initial TypeScript support.This feature strips type annotations from .ts files, allowing them to run
without transforming TypeScript-specific syntax. Current limitations include:
enumsornamespaces.Thanks Marco Ippolito for working on this.
Experimental Network Inspection Support in Node.js
This update introduces the initial support for network inspection in Node.js.
Currently, this is an experimental feature, so you need to enable it using the
--experimental-network-inspectionflag.With this feature enabled, you can inspect network activities occurring within a JavaScript application.
To use network inspection, start your Node.js application with the following command:
Please note that the network inspection capabilities are in active development.
We are actively working on enhancing this feature and will continue to expand its functionality in future updates.
httpandhttpsmodules only.feature request on the Chrome DevTools side is addressed.
Thanks Kohei Ueno for working on this.
Other Notable Changes
Commits
v22.5.1: 2024-07-19, Version 22.5.1 (Current), @richardlauCompare Source
Notable Changes
This release fixes a regression introduced in Node.js 22.5.0. The problem is known to display the following symptoms:
FATAL ERROR: v8::Object::GetCreationContextChecked No creation context available#53902npm error Exit handler never called!npm/cli#7657Usage Error: Couldn't find the node_modules state file - running an install might help (findPackageLocation)yarnpkg/berry#6398Commits
v22.5.0: 2024-07-17, Version 22.5.0 (Current), @RafaelGSS prepared by @aduh95Compare Source
Notable Changes
Commits
v22.4.1: 2024-07-08, Version 22.4.1 (Current), @RafaelGSSCompare Source
This is a security release.
Notable Changes
Commits
v22.4.0: 2024-07-02, Version 22.4.0 (Current), @targosCompare Source
Notable Changes
Experimental Web Storage API
API stability updates
Other Notable Changes
Commits
v22.3.0: 2024-06-11, Version 22.3.0 (Current), @RafaelGSSCompare Source
Notable Changes
Commits
v22.2.0: 2024-05-15, Version 22.2.0 (Current), @targosCompare Source
Notable Changes
Commits
v22.1.0: 2024-05-02, Version 22.1.0 (Current), @targos prepared by @aduh95Compare Source
module: implement
NODE_COMPILE_CACHEfor automatic on-disk code cachingThis patch implements automatic on-disk code caching that can be enabled
via an environment variable
NODE_COMPILE_CACHE=/path/to/cache/dir.When set, whenever Node.js compiles a CommonJS or a ECMAScript Module,
it will use on-disk V8 code cache
persisted in the specified directory
to speed up the compilation. This may slow down the first load of a
module graph, but subsequent loads of the same module graph may get
a significant speedup if the contents of the modules do not change.
Locally, this speeds up loading of
test/fixtures/snapshot/typescript.jsfrom ~130ms to ~80ms.
To clean up the generated code cache, simply remove the directory.
It will be recreated the next time the same directory is used for
NODE_COMPILE_CACHE.Compilation cache generated by one version of Node.js may not be used
by a different version of Node.js. Cache generated by different versions
of Node.js will be stored separately if the same directory is used
to persist the cache, so they can co-exist.
Caveat: currently when using this with V8 JavaScript code coverage, the
coverage being collected by V8 may be less precise in functions that are
deserialized from the code cache. It's recommended to turn this off when
running tests to generate precise coverage.
Contributed by Joyee Cheung in #52535.
Other Notable Changes
Commits
v22.0.0: 2024-04-24, Version 22.0.0 (Current), @RafaelGSS and @marco-ippolitoCompare Source
We're excited to announce the release of Node.js 22!
Highlights include require()ing ESM graphs, WebSocket client, updates of the V8 JavaScript engine, and more!
As a reminder, Node.js 22 will enter long-term support (LTS) in October, but until then, it will be the "Current" release for the next six months.
We encourage you to explore the new features and benefits offered by this latest release and evaluate their potential impact on your applications.
Other Notable Changes
Semver-Major Commits
Semver-Minor Commits
Semver-Patch Commits
v21.7.3: 2024-04-10, Version 21.7.3 (Current), @RafaelGSSCompare Source
This is a security release.
Notable Changes
child_process.spawnwithout shell option enabled on WindowsCommits
v21.7.2: 2024-04-03, Version 21.7.2 (Current), @RafaelGSS prepared by @marco-ippolitoCompare Source
This is a security release.
Notable changes
Commits
v21.7.1: 2024-03-08, Version 21.7.1 (Current), @targosCompare Source
Notable Changes
This release reverts #51389, which
landed in Node.js 21.7.0. It is a documented feature that
t.after()hooks arerun even if a test has no subtests. The hook can be used to clean up the test
itself.
Commits
v21.7.0: 2024-03-06, Version 21.7.0 (Current), @RafaelGSS prepared by @marco-ippolitoCompare Source
Text Styling
util.styleText(format, text): This function returns a formatted text considering theformatpassed.A new API has been created to format text based on
util.inspect.colors, enabling you to style text in different colors (such as red, blue, ...) and emphasis (italic, bold, ...).Contributed by Rafael Gonzaga and Hemanth HM in #51850.
Loading and parsing environment variables
process.loadEnvFile(path):.envfile. If no path is specified, it automatically loads the .env file in the current directory. Example:process.loadEnvFile().process.loadEnvFile('./development.env').util.parseEnv(content):require('node:util').parseEnv('HELLO=world').Contributed by Yagiz Nizipli in #51476
Support for multi-line values for
.envfileNode.js 21.7.0 will now support multi-line values in the .env file:
Contributed by Ilyas Shabi #51289
sea: support embedding assets
Users can now include assets by adding a key-path dictionary
to the configuration as the
assetsfield. At build time, Node.jswould read the assets from the specified paths and bundle them into
the preparation blob. In the generated executable, users can retrieve
the assets using the
sea.getAsset()andsea.getAssetAsBlob()API.The single-executable application can access the assets as follows:
Contributed by Joyee Cheung in #50960
vm: support using the default loader to handle dynamic import()
This patch adds support for using
vm.constants.USE_MAIN_CONTEXT_DEFAULT_LOADERas theimportModuleDynamicallyoption in all vm APIs that take this option exceptvm.SourceTextModule. This allows users to have a shortcut to support dynamicimport()in the compiled code without missing the compilation cache if they don't need customization of the loading process. We emit an experimental warning when theimport()is actually handled by the default loader through this option instead of requiring--experimental-vm-modules.Contributed by Joyee Cheung in #51244
crypto: implement crypto.hash()
This patch introduces a helper crypto.hash() that computes
a digest from the input at one shot. This can be 1.2-2x faster
than the object-based createHash() for smaller inputs (<= 5MB)
that are readily available (not streamed) and incur less memory
overhead since no intermediate objects will be created.
Contributed by Joyee Cheung in #51044
Other Notable Changes
Commits
v21.6.2: 2024-02-14, Version 21.6.2 (Current), @RafaelGSSCompare Source
Notable changes
This is a security release.
Notable changes
Commits
v21.6.1: 2024-01-22, Version 21.6.1 (Current), @RafaelGSSCompare Source
Notable Changes
This release fixes a bug in
undiciusing WebStreamsCommits
v21.6.0: 2024-01-15, Version 21.6.0 (Current), @RafaelGSSCompare Source
New connection attempt events
Three new events were added in the
net.createConnectionflow:connectionAttempt: Emitted when a new connection attempt is established. In case of Happy Eyeballs, this might emitted multiple times.connectionAttemptFailed: Emitted when a connection attempt failed. In case of Happy Eyeballs, this might emitted multiple times.connectionAttemptTimeout: Emitted when a connection attempt timed out. In case of Happy Eyeballs, this will not be emitted for the last attempt. This is not emitted at all if Happy Eyeballs is not used.Additionally, a previous bug has been fixed where a new connection attempt could have been started after a previous one failed and after the connection was destroyed by the user.
This led to a failed assertion.
Contributed by Paolo Insogna in #51045.
Changes to the Permission Model
Node.js 21.6.0 comes with several fixes for the experimental permission model and two new semver-minor commits.
We're adding a new flag
--allow-addonsto enable addon usage when using the Permission Model.Contributed by Rafael Gonzaga in #51183
And relative paths are now supported through the
--allow-fs-*flags.Therefore, with this release one can use:
To give only read access to the entrypoint of the application.
Contributed by Rafael Gonzaga and Carlos Espa in #50758
Support configurable snapshot through
--build-snapshot-configflagWe are adding a new flag
--build-snapshot-configto configure snapshots through a custom JSON configuration file.When using this flag, additional script files provided on the command line will
not be executed and instead be interpreted as regular command line arguments.
These changes were contributed by Joyee Cheung and Anna Henningsen in #50453
Other Notable Changes
Commits
v21.5.0: 2023-12-19, Version 21.5.0 (Current), @RafaelGSSCompare Source
Notable Changes
Deprecations
Commits
v21.4.0: 2023-12-05, Version 21.4.0 (Current), @targosCompare Source
Notable Changes
This release fixes a regression introduced in v21.3.0 that caused the
fs.writeFileSyncmethod to throw when called with
'utf8'encoding, no flag option, and if the target file didn't exist yet.Commits
v21.3.0: 2023-11-30, Version 21.3.0 (Current), @RafaelGSSCompare Source
Notable Changes
New
--disable-warningflagThis version adds a new
--disable-warningoption that allows users to disable specific warnings either by code(i.e. DEP0025) or type (i.e. DeprecationWarning, ExperimentalWarning).
This option works alongside existing
--warningsand--no-warnings.For example, the following script will not emit DEP0025
require('node:sys')when executed withnode --disable-warning=DEP0025:Contributed by Ethan-Arrowood in #50661
Update Root Certificates to NSS 3.95
This is the certdata.txt from NSS 3.95, released on 2023-11-16.
This is the version of NSS that will ship in Firefox 121 on
2023-12-19.
Certificates added:
Certificates removed:
A626340Fast fs.writeFileSync with UTF-8 Strings
Enhanced writeFileSync functionality by implementing a highly efficient fast path primarily in C++ for UTF8-encoded string data.
Additionally, optimized the
appendFileSyncmethod by leveraging the improvedwriteFileSyncfunctionality.For simplicity and performance considerations, the current implementation supports only string data,
as benchmark results raise concerns about the efficacy of using Buffer for this purpose.
Future optimizations and expansions may be explored, but for now, the focus is on maximizing efficiency for string data operations.
Contributed by CanadaHonk in #49884.
Other Notable Changes
Commits
v21.2.0: 2023-11-14, Version 21.2.0 (Current), @targosCompare Source
Notable Changes
Commits
v21.1.0: 2023-10-24, Version 21.1.0 (Current), @targosCompare Source
Notable Changes
Automatically detect and run ESM syntax
The new flag
--experimental-detect-modulecan be used to automatically runES modules when their syntax can be detected. For “ambiguous” files, which are
.jsor extensionless files with nopackage.jsonwith atypefield, Node.jswill parse the file to detect ES module syntax; if found, it will run the file
as an ES module, otherwise it will run the file as a CommonJS module.
The same applies to string input via
--evalorSTDIN.We hope to make detection enabled by default in a future version of Node.js.
Detection increases startup time, so we encourage everyone — especially package
authors — to add a
typefield topackage.json, even for the default"type": "commonjs". The presence of atypefield, or explicit extensionssuch as
.mjsor.cjs, will opt out of detection.Contributed by Geoffrey Booth in #50096.
Other Notable Changes
Commits
v21.0.0: 2023-10-17, Version 21.0.0 (Current), @RafaelGSS and @targosCompare Source
We're excited to announce the release of Node.js 21! Highlights include updates of the V8 JavaScript engine to 11.8,
stable
fetchandWebStreams, a new experimental flag to change the interpretation of ambiguous codefrom CommonJS to ES modules (
--experimental-default-type), many updates to our test runner, and more!Node.js 21 will replace Node.js 20 as our ‘Current’ release line when Node.js 20 enters long-term support (LTS) later this month.
As per the release schedule, Node.js 21 will be ‘Current' release for the next 6 months, until April 2024.
Other Notable Changes
Semver-Major Commits
Semver-Minor Commits
Semver-Patch Commits
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.
eaab587b59tod133a33dc9d133a33dc9toaeb109ca68aeb109ca68to531b531cf1531b531cf1to6cb3f246f06cb3f246f0tob3e55a458eb3e55a458etofe6710d550fe6710d550to586a72eccd586a72eccdto8a3a64511a8a3a64511ato7a7b38329e7a7b38329eto8fe3cd21ca8fe3cd21catoa59bb3b6a5a59bb3b6a5to109d227fa0109d227fa0tof44a92fcd1f44a92fcd1to3e859d155f3e859d155ftoe2649974dfe2649974dfto2fc19857a32fc19857a3to690f0ac443Checkout
From your project repository, check out a new branch and test the changes.