quic: start re-enabling and working on quic with openssl 3.5 by jasnell · Pull Request #59249 · nodejs/node

jasnell · 2025-07-27T19:51:23Z

Start working on re-enabling QUIC support with the availability of OpenSSL 3.5. This will be a multi-step process.

There are some functional changes here but this is mostly set up to start enabling building the quic mechanisms by default if openssl 3.5.1 or higher is present. Otherwise, all the QUIC stuff will be disabled.

Note that this PR does not fully switch over. The move to the new guard will be incremental, after which the original compile guard will be removed.

Updates the ngtcp2 and nghttp3 dependencies also.

~~This cannot land until #59234 lands~~

nodejs-github-bot · 2025-07-27T19:51:28Z

Review requested:

@nodejs/gyp
@nodejs/security-wg

jasnell · 2025-07-27T21:40:49Z

@nodejs/quic @nodejs/build

@codebytere ... just a heads up since this will impact electron builds using boring... there's some work that'll need to be done to support boring here but it's possible. Specifically, see the edits to ngtcp2.gyp ... and more specifically, there's a comment in there about enabling the boringssl adapter that is provided by ngtcp2.

@richardlau ... it's worth taking a look at the configure.py changes here. If at all possible, I could use some help with supporting openssl shared library builds on this.

nodejs-github-bot · 2025-07-27T21:53:08Z

CI: https://ci.nodejs.org/job/node-test-pull-request/68252/

richardlau · 2025-07-27T23:31:12Z

@richardlau ... it's worth taking a look at the configure.py changes here. If at all possible, I could use some help with supporting openssl shared library builds on this.

@jasnell (I'm out of office this week, so this is just quick thoughts after glancing at the changes.)

For a shared library build, I'm not sure VERSION.dat will be available, but instead the OpenSSL version should be in opensslv.h. When building a shared library, configure.py works out the include path for the library either through

specifying as an argument to configure, e.g. --shared-openssl-includes for openssl

node/configure.py

Lines 382 to 385 in 405ad4e

    
           shared_optgroup.add_argument('--shared-openssl-includes', 
        
               action='store', 
        
               dest='shared_openssl_includes', 
        
               help='directory containing OpenSSL header files')

or relying on pkg_config

node/configure.py

Lines 1670 to 1681 in 405ad4e

    
           def configure_library(lib, output, pkgname=None): 
        
             shared_lib = 'shared_' + lib 
        
             output['variables']['node_' + shared_lib] = b(getattr(options, shared_lib)) 
        
             if getattr(options, shared_lib): 
        
               (pkg_libs, pkg_cflags, pkg_libpath, _) = pkg_config(pkgname or lib) 
        
               if options.__dict__[shared_lib + '_includes']: 
        
                 output['include_dirs'] += [options.__dict__[shared_lib + '_includes']] 
        
               elif pkg_cflags: 
        
                 stripped_flags = [flag.strip() for flag in pkg_cflags.split('-I')] 
        
                 output['include_dirs'] += [flag for flag in stripped_flags if flag]

For openssl this happens here:

node/configure.py

Line 1831 in 405ad4e

configure_library('openssl', o)

We can see, for example, https://ci.nodejs.org/job/node-test-commit-linux-containered/51946/nodes=ubuntu2204_sharedlibs_openssl35_x64/consoleFull, that configure knows about the include dirs:

23:24:24 { 'target_defaults': { 'cflags': [],
23:24:24                        'configurations': { 'Debug': { 'v8_enable_v8_checks': 0,
23:24:24                                                       'variables': {}},
23:24:24                                            'Release': { 'v8_enable_v8_checks': 1,
23:24:24                                                         'variables': {}}},
23:24:24                        'default_configuration': 'Release',
23:24:24                        'defines': [ 'NODE_OPENSSL_CONF_NAME=nodejs_conf',
23:24:24                                     'ICU_NO_USER_DATA_OVERRIDE'],
23:24:24                        'include_dirs': ['/opt/openssl-3.5.0/include'],
23:24:24                        'libraries': [ '-L/opt/openssl-3.5.0/lib64',
23:24:24                                       '-lcrypto',
23:24:24                                       '-lssl']},

If ngtcp2 is only needed for quic, maybe we don't need to version check at all for shared library openssl and assume whoever is building is responsible for linking to an appropriate OpenSSL version if quic support is enabled? If they are using a pre-3.5 version of OpenSSL then it's their responsibility to either not configure --with-quic (or configure --without-quic if the default changes).

jasnell · 2025-07-28T01:21:45Z

it's their responsibility to either not configure --with-quic (or configure --without-quic if the default changes).

I was hoping to be able to do away with these compile guards and based it entirely on whether the version of openssl or boringssl that is used as the appropriate APIs available.. simply because it gives one less knob we have to turn when building. If we cannot reliably detect this, however, then yeah, falling back on these and just requiring whomever is building to provide the right thing would work.

Start working on re-enabling QUIC support with the availability of OpenSSL 3.5. This will be a multi-step process. Signed-off-by: James M Snell <jasnell@gmail.com>

Signed-off-by: James M Snell <jasnell@gmail.com>

Since we need to be able to use the openssl adapter provided by the ngtcp2 library, and because that adapter does not include any compile guards to ensure that OpenSSL 3.5 is being used and that the APIs are actually available, we need to add a compile time check for the openssl version in order to conditionally include the adapter to avoid build errors when using a shared openssl library that is not OpenSSL 3.5. Signed-off-by: James M Snell <jasnell@gmail.com>

jasnell · 2025-08-02T19:21:52Z

  warn(f'Could not recognize `gas`: {gas_ret}')
  return '0.0'

+def get_openssl_version():


Just as a heads up to reviewers... while I'm generally not very bullish on AI generated code, I did use copilot/claude to generate this particular function for me. I went through it and the impl appeared reasonable but it's absolutely worth reviewing in detail to make sure it is correct.

Looking at the CI run, it does look like the check here is still failing for the shared-openssl cases but the build still proceeds since the value is set to 0. This has the side effect of disabling quic in those builds so it's not fatal. Still, would be ideal to figure out a version of this that works. Going to keep iterating but if anyone in @nodejs/build has any suggestions I'd appreciate it :-) .. the key issue is that it's not able to see the include path to find the opensslv.h header in the CI builds here. It looks like our builders aren't using the --shared-openssl-includes option to set that.

@jasnell The CI builds use pkg-config to get the include paths. I've opened #59353 to fix the OpenSSL version detection for that case.

Brilliant! Thank you @richardlau !

jasnell · 2025-08-04T13:11:39Z

Not quite yet. I need to get the implementation updated to use the alternative APIs provided by openssl 3.5, get the build working again, and then finish working on the javascript side of the implementation. Given my current availability it's still likely to be at least a few weeks but my goal is to have it ready to go in time for the 25.0.0 release in October.

splitice · 2025-08-05T04:15:21Z

Is this going to include a streams implementation or webtransport only?

Start working on re-enabling QUIC support with the availability of OpenSSL 3.5. This will be a multi-step process. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Since we need to be able to use the openssl adapter provided by the ngtcp2 library, and because that adapter does not include any compile guards to ensure that OpenSSL 3.5 is being used and that the APIs are actually available, we need to add a compile time check for the openssl version in order to conditionally include the adapter to avoid build errors when using a shared openssl library that is not OpenSSL 3.5. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Start working on re-enabling QUIC support with the availability of OpenSSL 3.5. This will be a multi-step process. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Since we need to be able to use the openssl adapter provided by the ngtcp2 library, and because that adapter does not include any compile guards to ensure that OpenSSL 3.5 is being used and that the APIs are actually available, we need to add a compile time check for the openssl version in order to conditionally include the adapter to avoid build errors when using a shared openssl library that is not OpenSSL 3.5. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Start working on re-enabling QUIC support with the availability of OpenSSL 3.5. This will be a multi-step process. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Since we need to be able to use the openssl adapter provided by the ngtcp2 library, and because that adapter does not include any compile guards to ensure that OpenSSL 3.5 is being used and that the APIs are actually available, we need to add a compile time check for the openssl version in order to conditionally include the adapter to avoid build errors when using a shared openssl library that is not OpenSSL 3.5. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

m50S79sM6SRNp8Jn · 2025-12-02T09:51:13Z

Is this going to include a streams implementation or webtransport only?

Was there ever any update on your question? Obviously it's not posted here, maybe elsewhere that you know of?

Start working on re-enabling QUIC support with the availability of OpenSSL 3.5. This will be a multi-step process. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Since we need to be able to use the openssl adapter provided by the ngtcp2 library, and because that adapter does not include any compile guards to ensure that OpenSSL 3.5 is being used and that the APIs are actually available, we need to add a compile time check for the openssl version in order to conditionally include the adapter to avoid build errors when using a shared openssl library that is not OpenSSL 3.5. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

This PR contains the following updates: | Package | Type | Update | Change | Pending | |---|---|---|---|---| | [node](https://github.com/nodejs/node) | stage | minor | `24.15.0-trixie` → `24.16.0-trixie` | `24.17.0-trixie` | --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v24.16.0`](https://github.com/nodejs/node/releases/tag/v24.16.0): 2026-05-21, Version 24.16.0 'Krypton' (LTS), @aduh95 [Compare Source](nodejs/node@v24.15.0...v24.16.0) ##### Notable Changes - \[[`b267f6bca3`](nodejs/node@b267f6bca3)] - **(SEMVER-MINOR)** **crypto**: implement `randomUUIDv7()` (nabeel378) [#62553](nodejs/node#62553) - \[[`ec2451b9cd`](nodejs/node@ec2451b9cd)] - **(SEMVER-MINOR)** **debugger**: add edit-free runtime expression probes to `node inspect` (Joyee Cheung) [#62713](nodejs/node#62713) - \[[`9705f628d9`](nodejs/node@9705f628d9)] - **(SEMVER-MINOR)** **fs**: add signal option to `fs.stat()` (Mert Can Altin) [#57775](nodejs/node#57775) - \[[`40ccfdecf9`](nodejs/node@40ccfdecf9)] - **(SEMVER-MINOR)** **fs**: expose `frsize` field in `statfs` (Jinho Jang) [#62277](nodejs/node#62277) - \[[`d7188af5c9`](nodejs/node@d7188af5c9)] - **(SEMVER-MINOR)** **http**: harden `ClientRequest` options merge (Matteo Collina) [#63082](nodejs/node#63082) - \[[`aa1d8a9afc`](nodejs/node@aa1d8a9afc)] - **(SEMVER-MINOR)** **http**: add `req.signal` to `IncomingMessage` (Akshat) [#62541](nodejs/node#62541) - \[[`6f37f7e240`](nodejs/node@6f37f7e240)] - **(SEMVER-MINOR)** **stream**: propagate destruction in `duplexPair` (Ahmed Elhor) [#61098](nodejs/node#61098) - \[[`d14029be7f`](nodejs/node@d14029be7f)] - **(SEMVER-MINOR)** **test\_runner**: support test order randomization (Pietro Marchini) [#61747](nodejs/node#61747) - \[[`d142c584cd`](nodejs/node@d142c584cd)] - **(SEMVER-MINOR)** **test\_runner**: align mock timeout api (sangwook) [#62820](nodejs/node#62820) - \[[`01a9552585`](nodejs/node@01a9552585)] - **(SEMVER-MINOR)** **test\_runner**: add mock-timers support for `AbortSignal.timeout` (DeveloperViraj) [#60751](nodejs/node#60751) - \[[`00705a459a`](nodejs/node@00705a459a)] - **(SEMVER-MINOR)** **util**: colorize text with hex colors (Guilherme Araújo) [#61556](nodejs/node#61556) ##### Commits - \[[`dd72df060d`](nodejs/node@dd72df060d)] - **assert,util**: fix stale nested cycle memo entries (Ruben Bridgewater) [#62509](nodejs/node#62509) - \[[`add94f4bc3`](nodejs/node@add94f4bc3)] - **build**: track PDL files as inputs in inspector GN build (Robo) [#62888](nodejs/node#62888) - \[[`1b1eb9e334`](nodejs/node@1b1eb9e334)] - **build**: remove redundant -fuse-linker-plugin from GCC LTO flags (Daniel Lando) [#62667](nodejs/node#62667) - \[[`8752b604ec`](nodejs/node@8752b604ec)] - **crypto**: deduplicate and canonicalize CryptoKey usages (Filip Skokan) [#62902](nodejs/node#62902) - \[[`341947e7fd`](nodejs/node@341947e7fd)] - **crypto**: reject unintended raw key format string input (Filip Skokan) [#62974](nodejs/node#62974) - \[[`28a78747fc`](nodejs/node@28a78747fc)] - **crypto**: remove Argon2 KDF derivation from its job setup (Filip Skokan) [#62863](nodejs/node#62863) - \[[`16e8c2b54d`](nodejs/node@16e8c2b54d)] - **crypto**: fix unsigned conversion of 4-byte RSA publicExponent (DeepView Autofix) [#62839](nodejs/node#62839) - \[[`eeae754a87`](nodejs/node@eeae754a87)] - **crypto**: reject inherited key type names (Jonathan Lopes) [#62875](nodejs/node#62875) - \[[`9dd5540325`](nodejs/node@9dd5540325)] - **crypto**: add memory tracking for secureContext openssl objects (Mert Can Altin) [#59051](nodejs/node#59051) - \[[`b267f6bca3`](nodejs/node@b267f6bca3)] - **(SEMVER-MINOR)** **crypto**: implement randomUUIDv7() (nabeel378) [#62553](nodejs/node#62553) - \[[`7597d204c1`](nodejs/node@7597d204c1)] - **crypto**: add support for [`Ed25519`](nodejs/node@Ed25519) context parameter (Filip Skokan) [#62474](nodejs/node#62474) - \[[`4bf85845da`](nodejs/node@4bf85845da)] - **debugger**: move ProbeInspectorSession and helpers to separate files (Joyee Cheung) [#63013](nodejs/node#63013) - \[[`ec2451b9cd`](nodejs/node@ec2451b9cd)] - **(SEMVER-MINOR)** **debugger**: add edit-free runtime expression probes to `node inspect` (Joyee Cheung) [#62713](nodejs/node#62713) - \[[`83e98f77b7`](nodejs/node@83e98f77b7)] - **deps**: update corepack to 0.35.0 (Node.js GitHub Bot) [#63375](nodejs/node#63375) - \[[`ec8c6b939a`](nodejs/node@ec8c6b939a)] - **deps**: V8: cherry-pick [`657d8de`](nodejs/node@657d8de27427) (Guy Bedford) [#62784](nodejs/node#62784) - \[[`722c0c3274`](nodejs/node@722c0c3274)] - **deps**: update nghttp3 to 1.14.0 (Node.js GitHub Bot) [#61187](nodejs/node#61187) - \[[`5304db93d3`](nodejs/node@5304db93d3)] - **deps**: update nghttp3 to 1.13.1 (Node.js GitHub Bot) [#60046](nodejs/node#60046) - \[[`e073b3811d`](nodejs/node@e073b3811d)] - **deps**: update nghttp3 to 1.11.0 (James M Snell) [#59249](nodejs/node#59249) - \[[`1d00313fb2`](nodejs/node@1d00313fb2)] - **deps**: update ngtcp2 to 1.14.0 (James M Snell) [#59249](nodejs/node#59249) - \[[`8b3a4fc18f`](nodejs/node@8b3a4fc18f)] - **deps**: update amaro to 1.1.9 (Node.js GitHub Bot) [#63090](nodejs/node#63090) - \[[`62fe0cfcd1`](nodejs/node@62fe0cfcd1)] - **deps**: update llhttp to 9.4.1 (Node.js GitHub Bot) [#63045](nodejs/node#63045) - \[[`137e09c8e9`](nodejs/node@137e09c8e9)] - **deps**: update corepack to 0.34.7 (Node.js GitHub Bot) [#62810](nodejs/node#62810) - \[[`14a4cb8fbc`](nodejs/node@14a4cb8fbc)] - **deps**: update timezone to 2026b (Node.js GitHub Bot) [#62962](nodejs/node#62962) - \[[`3e1036583a`](nodejs/node@3e1036583a)] - **deps**: upgrade npm to 11.13.0 (npm team) [#62898](nodejs/node#62898) - \[[`01dfe5961c`](nodejs/node@01dfe5961c)] - **deps**: cherry-pick [libuv/libuv@`439a54b`](libuv/libuv@439a54b) (skooch) [#62881](nodejs/node#62881) - \[[`6cd368b10c`](nodejs/node@6cd368b10c)] - **deps**: update sqlite to 3.53.0 (Node.js GitHub Bot) [#62699](nodejs/node#62699) - \[[`f218a4f553`](nodejs/node@f218a4f553)] - **deps**: update nbytes to 0.1.4 (Node.js GitHub Bot) [#62698](nodejs/node#62698) - \[[`b47688524a`](nodejs/node@b47688524a)] - **deps**: update archs files for openssl-3.5.6 (Node.js GitHub Bot) [#62629](nodejs/node#62629) - \[[`d202e2d343`](nodejs/node@d202e2d343)] - **deps**: upgrade openssl sources to openssl-3.5.6 (Node.js GitHub Bot) [#62629](nodejs/node#62629) - \[[`2faba66341`](nodejs/node@2faba66341)] - **deps**: update minimatch to 10.2.5 (Node.js GitHub Bot) [#62594](nodejs/node#62594) - \[[`fa46c90c5d`](nodejs/node@fa46c90c5d)] - **deps**: update googletest to [`d72f9c8`](nodejs/node@d72f9c8) (Node.js GitHub Bot) [#62593](nodejs/node#62593) - \[[`099ded5713`](nodejs/node@099ded5713)] - **deps**: update simdjson to 4.6.1 (Node.js GitHub Bot) [#62592](nodejs/node#62592) - \[[`7ce95afe96`](nodejs/node@7ce95afe96)] - **deps**: libuv: cherry-pick [`aabb765`](nodejs/node@aabb7651de) (Santiago Gimeno) [#62561](nodejs/node#62561) - \[[`57ef845623`](nodejs/node@57ef845623)] - **deps**: update icu to 78.3 (Node.js GitHub Bot) [#62324](nodejs/node#62324) - \[[`493ac40e12`](nodejs/node@493ac40e12)] - **deps**: update libuv to 1.52.1 (Node.js GitHub Bot) [#61829](nodejs/node#61829) - \[[`b39508b368`](nodejs/node@b39508b368)] - **deps**: update undici to 7.25.0 (Node.js GitHub Bot) [#63011](nodejs/node#63011) - \[[`cb67a925e9`](nodejs/node@cb67a925e9)] - **deps**: use npm undici\@seven tag in `update-undici.sh` (Matteo Collina) [#62739](nodejs/node#62739) - \[[`aa1e0bc28b`](nodejs/node@aa1e0bc28b)] - **doc**: fix typos and inconsistencies in crypto.md and webcrypto.md (Filip Skokan) [#62828](nodejs/node#62828) - \[[`f2a1735ed9`](nodejs/node@f2a1735ed9)] - **doc**: fix duplicate word "to to" in util.styleText (Daijiro Wachi) [#62917](nodejs/node#62917) - \[[`b6378e215c`](nodejs/node@b6378e215c)] - **doc**: fix node-config-schema (Сковорода Никита Андреевич) [#61596](nodejs/node#61596) - \[[`233894a9ce`](nodejs/node@233894a9ce)] - **doc**: fix the TypeScript Execute (tsx) project link (David Thornton) [#63093](nodejs/node#63093) - \[[`5d97919f8f`](nodejs/node@5d97919f8f)] - **doc**: correct diagnostics\_channel built-in channel names (Bryan English) [#62995](nodejs/node#62995) - \[[`2a9ccc927e`](nodejs/node@2a9ccc927e)] - **doc**: use mjs/cjs blocks for callbackify null reason example (Daijiro Wachi) [#62884](nodejs/node#62884) - \[[`ef413b5358`](nodejs/node@ef413b5358)] - **doc**: fix typo in test.md (Rich Trott) [#62960](nodejs/node#62960) - \[[`76f21c5070`](nodejs/node@76f21c5070)] - **doc**: correct typo in PR contribution instructions (Mike McCready) [#62738](nodejs/node#62738) - \[[`ca02af1f7d`](nodejs/node@ca02af1f7d)] - **doc**: fix duplicate word "of of" in postMessageToThread (Daijiro Wachi) [#62917](nodejs/node#62917) - \[[`46c99ed526`](nodejs/node@46c99ed526)] - **doc**: fix duplicate word "for for" in compile cache (Daijiro Wachi) [#62917](nodejs/node#62917) - \[[`1a60851734`](nodejs/node@1a60851734)] - **doc**: fix typo in dns.lookup options description (Daijiro Wachi) [#62882](nodejs/node#62882) - \[[`169b5ea2ed`](nodejs/node@169b5ea2ed)] - **doc**: fix Argon2 parameter bounds (Tobias Nießen) [#62868](nodejs/node#62868) - \[[`9a3a190f4e`](nodejs/node@9a3a190f4e)] - **doc**: clarify diffieHellman.generateKeys recomputes same key (Kit Dallege) [#62205](nodejs/node#62205) - \[[`0fba9e87d6`](nodejs/node@0fba9e87d6)] - **doc**: remove Ayase-252 and meixg from triagger team (Antoine du Hamel) [#62841](nodejs/node#62841) - \[[`9c700f3446`](nodejs/node@9c700f3446)] - **doc**: clarify dns.lookup() callback signature when all is true (eungi) [#62800](nodejs/node#62800) - \[[`6b7280bc17`](nodejs/node@6b7280bc17)] - **doc**: add experimental modules lifetime policy (Paolo Insogna) [#62753](nodejs/node#62753) - \[[`ce47ea31c9`](nodejs/node@ce47ea31c9)] - **doc**: clarify process.\_debugProcess() in Permission Model (Fahad Khan) [#62537](nodejs/node#62537) - \[[`ba01633757`](nodejs/node@ba01633757)] - **doc**: fix typo in devcontainer guide (Rohan Santhosh Kumar) [#62687](nodejs/node#62687) - \[[`70b4d5839b`](nodejs/node@70b4d5839b)] - **doc**: clarify Backport-PR-URL metadata added automatically (Mike McCready) [#62668](nodejs/node#62668) - \[[`8126d1c3eb`](nodejs/node@8126d1c3eb)] - **doc**: update WPT test runner README.md (Filip Skokan) [#62680](nodejs/node#62680) - \[[`978afea4b5`](nodejs/node@978afea4b5)] - **doc**: fix spelling in release announcement guidance (Rohan Santhosh Kumar) [#62663](nodejs/node#62663) - \[[`1684ab8ff8`](nodejs/node@1684ab8ff8)] - **doc**: note non-monotonic clock in crypto.randomUUIDv7 (nabeel378) [#62600](nodejs/node#62600) - \[[`86d4f07930`](nodejs/node@86d4f07930)] - **doc**: update bug bounty program (Rafael Gonzaga) [#62590](nodejs/node#62590) - \[[`736ed8a08f`](nodejs/node@736ed8a08f)] - **doc**: document TransformStream transformer.cancel option (Tom Pereira) [#62566](nodejs/node#62566) - \[[`938af9be01`](nodejs/node@938af9be01)] - **doc**: mention test runner retry attemp is zero based (Moshe Atlow) [#62504](nodejs/node#62504) - \[[`94433e450f`](nodejs/node@94433e450f)] - **doc,src,test**: fix dead inspector help URL (semimikoh) [#62745](nodejs/node#62745) - \[[`ddf1f01659`](nodejs/node@ddf1f01659)] - **esm**: add `ERR_REQUIRE_ESM_RACE_CONDITION` (Antoine du Hamel) [#62462](nodejs/node#62462) - \[[`4a506acd16`](nodejs/node@4a506acd16)] - **fs**: add followSymlinks option to glob (Matteo Collina) [#62695](nodejs/node#62695) - \[[`f4ea495f9b`](nodejs/node@f4ea495f9b)] - **fs**: restore fs patchability in ESM loader (Joyee Cheung) [#62835](nodejs/node#62835) - \[[`63c111cd60`](nodejs/node@63c111cd60)] - **fs**: validate position argument before length === 0 early return (Edy Silva) [#62674](nodejs/node#62674) - \[[`9705f628d9`](nodejs/node@9705f628d9)] - **(SEMVER-MINOR)** **fs**: add signal option to fs.stat() (Mert Can Altin) [#57775](nodejs/node#57775) - \[[`40ccfdecf9`](nodejs/node@40ccfdecf9)] - **(SEMVER-MINOR)** **fs**: expose frsize field in statfs (Jinho Jang) [#62277](nodejs/node#62277) - \[[`717476a24e`](nodejs/node@717476a24e)] - **http**: emit 'drain' on OutgoingMessage only after buffers drain (Robert Nagy) [#62936](nodejs/node#62936) - \[[`d7188af5c9`](nodejs/node@d7188af5c9)] - **(SEMVER-MINOR)** **http**: harden ClientRequest options merge (Matteo Collina) [#63082](nodejs/node#63082) - \[[`64f15c274a`](nodejs/node@64f15c274a)] - **http**: fix leaked error listener on sync HTTP req create + destroy (Tim Perry) [#62872](nodejs/node#62872) - \[[`5c4798d799`](nodejs/node@5c4798d799)] - **http**: fix no\_proxy leading-dot suffix matching (Daijiro Wachi) [#62333](nodejs/node#62333) - \[[`9f3bc70ae5`](nodejs/node@9f3bc70ae5)] - **http**: cleanup pipeline queue (Robert Nagy) [#62534](nodejs/node#62534) - \[[`aa1d8a9afc`](nodejs/node@aa1d8a9afc)] - **(SEMVER-MINOR)** **http**: add req.signal to IncomingMessage (Akshat) [#62541](nodejs/node#62541) - \[[`900dc758ff`](nodejs/node@900dc758ff)] - **http2**: expose writable stream state on compat response (T) [#63003](nodejs/node#63003) - \[[`b3bfe35912`](nodejs/node@b3bfe35912)] - **inspector**: coerce key and value to string in webstorage events (Ali Hassan) [#62616](nodejs/node#62616) - \[[`3dc3fb6ad8`](nodejs/node@3dc3fb6ad8)] - **inspector**: return errors when CDP protocol event emission fails (Ryuhei Shima) [#62162](nodejs/node#62162) - \[[`4f3f21bd7c`](nodejs/node@4f3f21bd7c)] - **inspector**: auto collect webstorage data (Ryuhei Shima) [#62145](nodejs/node#62145) - \[[`36cc04189d`](nodejs/node@36cc04189d)] - **inspector**: initial support storage inspection (Ryuhei Shima) [#61139](nodejs/node#61139) - \[[`1718bc3b9b`](nodejs/node@1718bc3b9b)] - **inspector**: fix absolute URLs in network http (bugyaluwang) [#62955](nodejs/node#62955) - \[[`97e32c7a74`](nodejs/node@97e32c7a74)] - **lib**: avoid quadratic shift() in startup snapshot callback (Daijiro Wachi) [#62914](nodejs/node#62914) - \[[`25d2e999de`](nodejs/node@25d2e999de)] - **lib**: harden kKeyOps lookup with null prototype (Filip Skokan) [#62877](nodejs/node#62877) - \[[`37d3913c8f`](nodejs/node@37d3913c8f)] - **lib**: short-circuit WebIDL BufferSource SAB check (Filip Skokan) [#62833](nodejs/node#62833) - \[[`430c69d25f`](nodejs/node@430c69d25f)] - **lib**: use js-only implementation of `isDataView()` (René) [#62780](nodejs/node#62780) - \[[`3ba0add6a0`](nodejs/node@3ba0add6a0)] - **lib**: fix lint in internal/webstreams/util.js (Filip Skokan) [#62806](nodejs/node#62806) - \[[`9b95c41398`](nodejs/node@9b95c41398)] - **lib**: fix sequence argument handling in Blob constructor (Ms2ger) [#62179](nodejs/node#62179) - \[[`314dacdbee`](nodejs/node@314dacdbee)] - **lib**: improve Web Cryptography key validation ordering (Filip Skokan) [#62749](nodejs/node#62749) - \[[`3d18162430`](nodejs/node@3d18162430)] - **lib**: reject SharedArrayBuffer in web APIs per spec (Ali Hassan) [#62632](nodejs/node#62632) - \[[`ada3ce879d`](nodejs/node@ada3ce879d)] - **lib**: defer AbortSignal.any() following (sangwook) [#62367](nodejs/node#62367) - \[[`b2981ec7eb`](nodejs/node@b2981ec7eb)] - **meta**: bump actions/download-artifact from 8.0.0 to 8.0.1 (dependabot\[bot]) [#62549](nodejs/node#62549) - \[[`7cd20667b5`](nodejs/node@7cd20667b5)] - **meta**: bump github/codeql-action from 4.35.1 to 4.35.3 (dependabot\[bot]) [#63074](nodejs/node#63074) - \[[`91a07cfe9f`](nodejs/node@91a07cfe9f)] - **meta**: bump Mozilla-Actions/sccache-action from 0.0.9 to 0.0.10 (dependabot\[bot]) [#63073](nodejs/node#63073) - \[[`09e17fe47c`](nodejs/node@09e17fe47c)] - **meta**: add automation policy (Chengzhong Wu) [#62871](nodejs/node#62871) - \[[`59e7fb7986`](nodejs/node@59e7fb7986)] - **meta**: move VoltrexKeyva to emeritus (Matteo Collina) [#62895](nodejs/node#62895) - \[[`1e2915cfa6`](nodejs/node@1e2915cfa6)] - **meta**: bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (dependabot\[bot]) [#62845](nodejs/node#62845) - \[[`0253c6e2be`](nodejs/node@0253c6e2be)] - **meta**: bump step-security/harden-runner from 2.16.1 to 2.19.0 (dependabot\[bot]) [#62844](nodejs/node#62844) - \[[`f503675b86`](nodejs/node@f503675b86)] - **meta**: bump actions/setup-node from 6.3.0 to 6.4.0 (dependabot\[bot]) [#62842](nodejs/node#62842) - \[[`5e14e4d26e`](nodejs/node@5e14e4d26e)] - **meta**: broaden stale bot (Aviv Keller) [#62658](nodejs/node#62658) - \[[`795db76f87`](nodejs/node@795db76f87)] - **meta**: pass release version to release worker (flakey5) [#62777](nodejs/node#62777) - \[[`ef384fe39f`](nodejs/node@ef384fe39f)] - **meta**: add QUIC to CODEOWNERS (Tim Perry) [#62652](nodejs/node#62652) - \[[`67e0ac568d`](nodejs/node@67e0ac568d)] - **meta**: move Michael to emeritus (Michael Dawson) [#62536](nodejs/node#62536) - \[[`5dad616393`](nodejs/node@5dad616393)] - **meta**: populate apt list for slim runner in update-openssl workflow (René) [#62628](nodejs/node#62628) - \[[`a869d25d8a`](nodejs/node@a869d25d8a)] - **meta**: bump step-security/harden-runner from 2.15.0 to 2.16.1 (dependabot\[bot]) [#62550](nodejs/node#62550) - \[[`769efc0403`](nodejs/node@769efc0403)] - **meta**: bump actions/setup-node from 6.2.0 to 6.3.0 (dependabot\[bot]) [#62548](nodejs/node#62548) - \[[`73fcc2b055`](nodejs/node@73fcc2b055)] - **meta**: bump github/codeql-action from 4.32.4 to 4.35.1 (dependabot\[bot]) [#62547](nodejs/node#62547) - \[[`6c001246fe`](nodejs/node@6c001246fe)] - **meta**: bump codecov/codecov-action from 5.5.2 to 6.0.0 (dependabot\[bot]) [#62545](nodejs/node#62545) - \[[`5ee40d6a03`](nodejs/node@5ee40d6a03)] - **meta**: bump actions/cache from 5.0.3 to 5.0.4 (dependabot\[bot]) [#62543](nodejs/node#62543) - \[[`ca16ad8a05`](nodejs/node@ca16ad8a05)] - **meta**: require DCO signoff in commit message guidelines (James M Snell) [#62510](nodejs/node#62510) - \[[`db9497fc41`](nodejs/node@db9497fc41)] - **meta**: expand memory leak DoS criteria to all DoS (Joyee Cheung) [#62505](nodejs/node#62505) - \[[`13b7d08b8d`](nodejs/node@13b7d08b8d)] - **module**: remove duplicated checks from `_resolveFilename` (Antoine du Hamel) [#62729](nodejs/node#62729) - \[[`6b53efb53a`](nodejs/node@6b53efb53a)] - **module,win**: fix long subpath import (Stefan Stojanovic) [#62101](nodejs/node#62101) - \[[`841dfbf6fc`](nodejs/node@841dfbf6fc)] - **node-api**: update libuv ABI stability note (Chengzhong Wu) [#62789](nodejs/node#62789) - \[[`01090f2aa1`](nodejs/node@01090f2aa1)] - **node-api**: add napi\_create\_external\_sharedarraybuffer (Ben Noordhuis) [#62623](nodejs/node#62623) - \[[`87443b4355`](nodejs/node@87443b4355)] - **node-api**: execute tsfn finalizer after queue drains when aborted (Kevin Eady) [#61956](nodejs/node#61956) - \[[`e95570c054`](nodejs/node@e95570c054)] - **process**: handle rejections only when needed (Gürgün Dayıoğlu) [#62919](nodejs/node#62919) - \[[`37d49f3219`](nodejs/node@37d49f3219)] - **process**: optimize asyncHandledRejections by using FixedQueue (Gürgün Dayıoğlu) [#60854](nodejs/node#60854) - \[[`f697c55e38`](nodejs/node@f697c55e38)] - **quic**: add QuicEndpoint.listening & QuicStream.destroy() and tests (Tim Perry) [#62648](nodejs/node#62648) - \[[`c128942b69`](nodejs/node@c128942b69)] - **quic**: fixup token verification to handle zero expiration (James M Snell) [#62620](nodejs/node#62620) - \[[`abb881ec92`](nodejs/node@abb881ec92)] - **quic**: support multiple ALPN negotiation (James M Snell) [#62620](nodejs/node#62620) - \[[`476926c2ad`](nodejs/node@476926c2ad)] - **quic**: apply multiple TLS context improvements and SNI support (James M Snell) [#62620](nodejs/node#62620) - \[[`76d9c24b95`](nodejs/node@76d9c24b95)] - **quic**: implement rapidhash for hashing improvements (James M Snell) [#62620](nodejs/node#62620) - \[[`08726cd43d`](nodejs/node@08726cd43d)] - **quic**: move quic behind compile time flag (Matteo Collina) [#61444](nodejs/node#61444) - \[[`ea4f19aaa7`](nodejs/node@ea4f19aaa7)] - **quic**: use arena allocation for packets (James M Snell) [#62589](nodejs/node#62589) - \[[`21e9239e2a`](nodejs/node@21e9239e2a)] - **quic**: fixup linting/formatting issues (James M Snell) [#62387](nodejs/node#62387) - \[[`edeed4303b`](nodejs/node@edeed4303b)] - **quic**: update http3 impl details (James M Snell) [#62387](nodejs/node#62387) - \[[`7f3a85e6aa`](nodejs/node@7f3a85e6aa)] - **quic**: fix a handful of bugs and missing functionality (James M Snell) [#62387](nodejs/node#62387) - \[[`45c1ebddf8`](nodejs/node@45c1ebddf8)] - **quic**: copy options.certs buffer instead of detaching (Chengzhong Wu) [#61403](nodejs/node#61403) - \[[`a31a8ee680`](nodejs/node@a31a8ee680)] - **quic**: reduce boilerplate and other minor cleanups (James M Snell) [#59342](nodejs/node#59342) - \[[`3be70ff43a`](nodejs/node@3be70ff43a)] - **quic**: multiple fixups and updates (James M Snell) [#59342](nodejs/node#59342) - \[[`b91a93444c`](nodejs/node@b91a93444c)] - **quic**: update more of the quic to the new compile guard (James M Snell) [#59342](nodejs/node#59342) - \[[`ca0080c164`](nodejs/node@ca0080c164)] - **quic**: few additional small comment edits in cid.h (James M Snell) [#59342](nodejs/node#59342) - \[[`6553202d83`](nodejs/node@6553202d83)] - **quic**: fixup NO\_ERROR macro conflict on windows (James M Snell) [#59381](nodejs/node#59381) - \[[`6df1508ac2`](nodejs/node@6df1508ac2)] - **quic**: fixup windows coverage compile error (James M Snell) [#59381](nodejs/node#59381) - \[[`b2b0bf8b04`](nodejs/node@b2b0bf8b04)] - **quic**: update the guard to check openssl version (James M Snell) [#59249](nodejs/node#59249) - \[[`5556b154bd`](nodejs/node@5556b154bd)] - **quic**: start re-enabling quic with openssl 3.5 (James M Snell) [#59249](nodejs/node#59249) - \[[`2ca42c8263`](nodejs/node@2ca42c8263)] - **repl**: keep reference count for `process.on('newListener')` (Anna Henningsen) [#61895](nodejs/node#61895) - \[[`2f37f9177f`](nodejs/node@2f37f9177f)] - **sqlite**: use OneByte for ASCII text and internalize col names (Ali Hassan) [#61954](nodejs/node#61954) - \[[`3c96ae1b2f`](nodejs/node@3c96ae1b2f)] - **sqlite**: add serialize() and deserialize() (Ali Hassan) [#62579](nodejs/node#62579) - \[[`be4d2f3a4c`](nodejs/node@be4d2f3a4c)] - **sqlite**: enable Percentile extension (Jurj Andrei George) [#61295](nodejs/node#61295) - \[[`dafed453b2`](nodejs/node@dafed453b2)] - **src**: clean up experimental flag variables (Antoine du Hamel) [#62759](nodejs/node#62759) - \[[`dca1e6aeea`](nodejs/node@dca1e6aeea)] - **src**: expose help texts into node-config-schema.json (Pietro Marchini) [#58680](nodejs/node#58680) - \[[`28c4f44eb1`](nodejs/node@28c4f44eb1)] - **src**: add permission support to config file (Marco Ippolito) [#60746](nodejs/node#60746) - \[[`f49175b220`](nodejs/node@f49175b220)] - **src**: fix small compile warning in quic/streams.cc (James M Snell) [#60118](nodejs/node#60118) - \[[`c9d4a446d8`](nodejs/node@c9d4a446d8)] - **src**: cleanup quic TransportParams class (James M Snell) [#59884](nodejs/node#59884) - \[[`99bb02fd9e`](nodejs/node@99bb02fd9e)] - **src**: swap dotenv and config file parsing order (Marco Ippolito) [#63035](nodejs/node#63035) - \[[`ecb4d49b7b`](nodejs/node@ecb4d49b7b)] - **src**: add missing \<cstdlib> for abort() declaration (Charles Kerr) [#63001](nodejs/node#63001) - \[[`b6219b6362`](nodejs/node@b6219b6362)] - **src**: fix crash in GetErrorSource() for invalid using syntax (semimikoh) [#62770](nodejs/node#62770) - \[[`b5ca5ad4c5`](nodejs/node@b5ca5ad4c5)] - **src**: simplify `TCPWrap::Connect` signature (Anna Henningsen) [#62929](nodejs/node#62929) - \[[`ef7ffce7cf`](nodejs/node@ef7ffce7cf)] - **src**: use DCHECK in AsyncWrap::MakeCallback instead emiting a warning (Gerhard Stöbich) [#62795](nodejs/node#62795) - \[[`cd9890a5ab`](nodejs/node@cd9890a5ab)] - **src**: fix MaybeStackBuffer char\_traits deprecation warning (om-ghante) [#62507](nodejs/node#62507) - \[[`c70ff44aee`](nodejs/node@c70ff44aee)] - **src**: use context-free V8 message column getters (René) [#62778](nodejs/node#62778) - \[[`06c405f1d7`](nodejs/node@06c405f1d7)] - **src**: coerce `spawnSync` args to string once (Antoine du Hamel) [#62633](nodejs/node#62633) - \[[`6151999ad6`](nodejs/node@6151999ad6)] - **src**: use stack allocation for small string encoding (Ali Hassan) [#62431](nodejs/node#62431) - \[[`a71a4ac7a3`](nodejs/node@a71a4ac7a3)] - **src**: add contextify interceptor debug logs (Chengzhong Wu) [#62460](nodejs/node#62460) - \[[`ad9a2909c2`](nodejs/node@ad9a2909c2)] - **src**: workaround AIX libc++ std::filesystem bug (Richard Lau) [#62788](nodejs/node#62788) - \[[`7792f1ae47`](nodejs/node@7792f1ae47)] - **stream**: copyedit `webstreams/adapter.js` (Antoine du Hamel) [#63034](nodejs/node#63034) - \[[`1397d8ce5c`](nodejs/node@1397d8ce5c)] - **stream**: remove duplicated utility (Antoine du Hamel) [#63031](nodejs/node#63031) - \[[`ff86b1d64f`](nodejs/node@ff86b1d64f)] - **stream**: simplify `setPromiseHandled` utility (Antoine du Hamel) [#63032](nodejs/node#63032) - \[[`24a078149a`](nodejs/node@24a078149a)] - **stream**: validate ReadableStream.from iterator objects (Daeyeon Jeong) [#62911](nodejs/node#62911) - \[[`cfb1fa9680`](nodejs/node@cfb1fa9680)] - **stream**: reject duplicate nested transferables (Daeyeon Jeong) [#62831](nodejs/node#62831) - \[[`d0c913758a`](nodejs/node@d0c913758a)] - **stream**: ensuring cross-destruction in \_duplexify to prevent leaks (Daijiro Wachi) [#62824](nodejs/node#62824) - \[[`978f5c15d7`](nodejs/node@978f5c15d7)] - **stream**: simplify `readableStreamFromIterable` (Antoine du Hamel) [#62651](nodejs/node#62651) - \[[`3527646ba5`](nodejs/node@3527646ba5)] - **stream**: fix nested compose error propagation (Matteo Collina) [#62556](nodejs/node#62556) - \[[`dfb9edef4f`](nodejs/node@dfb9edef4f)] - **stream**: allow shared array buffer sources in writable webstream adapter (René) [#62163](nodejs/node#62163) - \[[`f00cdab627`](nodejs/node@f00cdab627)] - **stream**: simplify `createPromiseCallback` (Antoine du Hamel) [#62650](nodejs/node#62650) - \[[`3ed783535f`](nodejs/node@3ed783535f)] - **stream**: fix writev unhandled rejection in fromWeb (sangwook) [#62297](nodejs/node#62297) - \[[`29b196694c`](nodejs/node@29b196694c)] - **stream**: noop pause/resume on destroyed streams (Robert Nagy) [#62557](nodejs/node#62557) - \[[`d73dbb9fc8`](nodejs/node@d73dbb9fc8)] - **stream**: refactor duplexify to be less suceptible to prototype pollution (Antoine du Hamel) [#62559](nodejs/node#62559) - \[[`6f37f7e240`](nodejs/node@6f37f7e240)] - **(SEMVER-MINOR)** **stream**: propagate destruction in duplexPair (Ahmed Elhor) [#61098](nodejs/node#61098) - \[[`b8816580e9`](nodejs/node@b8816580e9)] - **test**: generate `localstorage.db` in a temp dir (Chengzhong Wu) [#62660](nodejs/node#62660) - \[[`31a863fd29`](nodejs/node@31a863fd29)] - **test**: update WPT for url to [`258f285`](nodejs/node@258f285de0) (Node.js GitHub Bot) [#63087](nodejs/node#63087) - \[[`d0d19bd8e3`](nodejs/node@d0d19bd8e3)] - **test**: update WPT for streams to [`f8f26a3`](nodejs/node@f8f26a372f) (Node.js GitHub Bot) [#62864](nodejs/node#62864) - \[[`f50ac5bc78`](nodejs/node@f50ac5bc78)] - **test**: improve config-file permission test coverage (Rafael Gonzaga) [#60929](nodejs/node#60929) - \[[`a0f90000f4`](nodejs/node@a0f90000f4)] - **test**: export isRiscv64 from common module (Jamie Magee) [#62609](nodejs/node#62609) - \[[`da4dd8646f`](nodejs/node@da4dd8646f)] - **test**: normalize known inspector crash as completion (Joyee Cheung) [#62851](nodejs/node#62851) - \[[`b7fdd94a4c`](nodejs/node@b7fdd94a4c)] - **test**: account for RFC 7919 FFDHE negotiation in OpenSSL 4.0 (Filip Skokan) [#62805](nodejs/node#62805) - \[[`375a993aaf`](nodejs/node@375a993aaf)] - **test**: skip tls-deprecated secp256k1 on OpenSSL 4.0 (Filip Skokan) [#62805](nodejs/node#62805) - \[[`698d8287d1`](nodejs/node@698d8287d1)] - **test**: use an always invalid cipher and cover OpenSSL 4.0 behaviours (Filip Skokan) [#62805](nodejs/node#62805) - \[[`036bc6f300`](nodejs/node@036bc6f300)] - **test**: use valid DER OCSP responses (Filip Skokan) [#62805](nodejs/node#62805) - \[[`3aa9938da8`](nodejs/node@3aa9938da8)] - **test**: skip test-tls-error-stack when engines are unsupported (Filip Skokan) [#62805](nodejs/node#62805) - \[[`947f1ae246`](nodejs/node@947f1ae246)] - **test**: accept renamed OpenSSL 4.0 error code and reason (Filip Skokan) [#62805](nodejs/node#62805) - \[[`afdd355622`](nodejs/node@afdd355622)] - **test**: update test/addons/openssl-binding for OpenSSL 4.0 (Filip Skokan) [#62805](nodejs/node#62805) - \[[`8637524a99`](nodejs/node@8637524a99)] - **test**: mark test-snapshot-reproducible flaky (Filip Skokan) [#62808](nodejs/node#62808) - \[[`c22d34134b`](nodejs/node@c22d34134b)] - **test**: check contextify contextual store behavior in strict mode (René) [#62571](nodejs/node#62571) - \[[`0b4e0d3c94`](nodejs/node@0b4e0d3c94)] - **test**: update tls junk data error expectations (Filip Skokan) [#62629](nodejs/node#62629) - \[[`85d83c2cdb`](nodejs/node@85d83c2cdb)] - **test**: ensure WPT report is in out/wpt (Filip Skokan) [#62637](nodejs/node#62637) - \[[`9e21711c60`](nodejs/node@9e21711c60)] - **test**: improve WPT runner summary (Filip Skokan) [#62636](nodejs/node#62636) - \[[`e04e2c9ac1`](nodejs/node@e04e2c9ac1)] - **test**: skip url WPT subtests instead of modifying test script (Filip Skokan) [#62635](nodejs/node#62635) - \[[`7b1211f88c`](nodejs/node@7b1211f88c)] - **test**: capture negative utimes mtime at call time (Yuya Inoue) [#62490](nodejs/node#62490) - \[[`f1a6e9fcc7`](nodejs/node@f1a6e9fcc7)] - **test**: allow skipping individual WPT subtests (Filip Skokan) [#62517](nodejs/node#62517) - \[[`23f927542e`](nodejs/node@23f927542e)] - **test**: use on-disk fixture for test-npm-install (Joyee Cheung) [#62584](nodejs/node#62584) - \[[`4739c45879`](nodejs/node@4739c45879)] - **test**: update WPT for url to [`7a3645b`](nodejs/node@7a3645b79a) (Node.js GitHub Bot) [#62591](nodejs/node#62591) - \[[`f68189b839`](nodejs/node@f68189b839)] - **test\_runner**: add `testId` to test events (Moshe Atlow) [#62772](nodejs/node#62772) - \[[`5c2770446e`](nodejs/node@5c2770446e)] - **test\_runner**: publish to TracingChannel for OTel instrumentation (Moshe Atlow) [#62502](nodejs/node#62502) - \[[`d14029be7f`](nodejs/node@d14029be7f)] - **(SEMVER-MINOR)** **test\_runner**: support test order randomization (Pietro Marchini) [#61747](nodejs/node#61747) - \[[`3f74a58979`](nodejs/node@3f74a58979)] - **test\_runner**: update node-config-schema (Pietro Marchini) [#58680](nodejs/node#58680) - \[[`60c83f6199`](nodejs/node@60c83f6199)] - **test\_runner**: fix failing suite hooks when marked with `todo` (Moshe Atlow) [#63097](nodejs/node#63097) - \[[`d142c584cd`](nodejs/node@d142c584cd)] - **(SEMVER-MINOR)** **test\_runner**: align mock timeout api (sangwook) [#62820](nodejs/node#62820) - \[[`3e72065ed6`](nodejs/node@3e72065ed6)] - **test\_runner**: fix suite rerun edge case (Moshe Atlow) [#62860](nodejs/node#62860) - \[[`01a9552585`](nodejs/node@01a9552585)] - **(SEMVER-MINOR)** **test\_runner**: add mock-timers support for AbortSignal.timeout (DeveloperViraj) [#60751](nodejs/node#60751) - \[[`dd43efffa6`](nodejs/node@dd43efffa6)] - **test\_runner**: add passed, attempt, and diagnostic to SuiteContext (Moshe Atlow) [#62504](nodejs/node#62504) - \[[`a12dc445cc`](nodejs/node@a12dc445cc)] - **tools**: add a check for clean git tree after tests (Antoine du Hamel) [#62661](nodejs/node#62661) - \[[`5b49178375`](nodejs/node@5b49178375)] - **tools**: use LTS Node.js in notify-on-push workflow (Nenad Spasenic) [#63084](nodejs/node#63084) - \[[`5a93bde5bb`](nodejs/node@5a93bde5bb)] - **tools**: update gr2m/create-or-update-pull-request-action to v1.10.1 (Mike McCready) [#63065](nodejs/node#63065) - \[[`b133019d19`](nodejs/node@b133019d19)] - **tools**: simplify `update-undici.sh` (Antoine du Hamel) [#63044](nodejs/node#63044) - \[[`04d3538074`](nodejs/node@04d3538074)] - **tools**: do not run `test-linux` on unrelated tools changes (Antoine du Hamel) [#63037](nodejs/node#63037) - \[[`4d396ac4a5`](nodejs/node@4d396ac4a5)] - **tools**: bump the eslint group in /tools/eslint with 4 updates (dependabot\[bot]) [#62848](nodejs/node#62848) - \[[`9354bf40e7`](nodejs/node@9354bf40e7)] - **tools**: update gyp-next to 0.22.1 (Node.js GitHub Bot) [#62961](nodejs/node#62961) - \[[`c23db1ca85`](nodejs/node@c23db1ca85)] - **tools**: fix commit linter for semver-major release proposals (Antoine du Hamel) [#62993](nodejs/node#62993) - \[[`6e097ee3f1`](nodejs/node@6e097ee3f1)] - **tools**: consolidate and simplify .editorconfig deps section (Daijiro Wachi) [#62887](nodejs/node#62887) - \[[`a47ea6d6ea`](nodejs/node@a47ea6d6ea)] - **tools**: set bot as author of tools-deps-update PRs (Antoine du Hamel) [#62856](nodejs/node#62856) - \[[`00e86f0471`](nodejs/node@00e86f0471)] - **tools**: bump brace-expansion from 5.0.4 to 5.0.5 in /tools/eslint (dependabot\[bot]) [#62458](nodejs/node#62458) - \[[`cd7e262e75`](nodejs/node@cd7e262e75)] - **tools**: bump brace-expansion in /tools/clang-format (dependabot\[bot]) [#62467](nodejs/node#62467) - \[[`bfc1319bc8`](nodejs/node@bfc1319bc8)] - **tools**: exclude [@node-core/doc-kit](https://github.com/node-core/doc-kit) from dependabot cooldown (Levi Zim) [#62775](nodejs/node#62775) - \[[`a932fbd10b`](nodejs/node@a932fbd10b)] - **tools**: re-enable undici WPTs in daily wpt.fyi job (Filip Skokan) [#62677](nodejs/node#62677) - \[[`f7bd9e3055`](nodejs/node@f7bd9e3055)] - **tools**: update gyp-next to 0.22.0 (Node.js GitHub Bot) [#62697](nodejs/node#62697) - \[[`c400d46d87`](nodejs/node@c400d46d87)] - **tools**: improve backport review script (Antoine du Hamel) [#62573](nodejs/node#62573) - \[[`be23b75814`](nodejs/node@be23b75814)] - **tools**: improve output for unexpected passes in WTP tests (Antoine du Hamel) [#62587](nodejs/node#62587) - \[[`609c013ece`](nodejs/node@609c013ece)] - **tools**: revert OpenSSL update workflow to ubuntu-latest (Richard Lau) [#62627](nodejs/node#62627) - \[[`81bac1ebfd`](nodejs/node@81bac1ebfd)] - **tools**: bump the eslint group in /tools/eslint with 2 updates (dependabot\[bot]) [#62552](nodejs/node#62552) - \[[`1fee26522d`](nodejs/node@1fee26522d)] - **tools**: allow triagers to queue a PR for CI until it's reviewed (Antoine du Hamel) [#62524](nodejs/node#62524) - \[[`332088f929`](nodejs/node@332088f929)] - **tools**: do not run `commit-lint` on release proposals (Antoine du Hamel) [#62523](nodejs/node#62523) - \[[`9a25fc8a4d`](nodejs/node@9a25fc8a4d)] - **url**: process crash via malformed UNC hostname in pathToFileURL() (Nicola Del Gobbo) [#62574](nodejs/node#62574) - \[[`7bd08ff60a`](nodejs/node@7bd08ff60a)] - **url**: optimize URLSearchParams set/delete duplicate handling (Gürgün Dayıoğlu) [#62266](nodejs/node#62266) - \[[`2d636388fa`](nodejs/node@2d636388fa)] - **url**: align default argument handling for URLPattern with webidl (Filip Skokan) [#62719](nodejs/node#62719) - \[[`00705a459a`](nodejs/node@00705a459a)] - **(SEMVER-MINOR)** **util**: colorize text with hex colors (Guilherme Araújo) [#61556](nodejs/node#61556) - \[[`0e2adb3e45`](nodejs/node@0e2adb3e45)] - **watch**: track worker entry files in watch mode (SudhansuBandha) [#62368](nodejs/node#62368) - \[[`c58fe38211`](nodejs/node@c58fe38211)] - **watch**: fix --env-file-if-exists crashing on linux if the file is missing (Efe) [#61870](nodejs/node#61870) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).  Reviewed-on: https://git.walbeck.it/mwalbeck/docker-cyberchef/pulls/480

nodejs-github-bot added lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels Jul 27, 2025

jasnell changed the title ~~deps: upgrade openssl sources to openssl-3.5.1~~ quic: start re-enabling and working on quic with openssl 3.5 Jul 27, 2025

jasnell added build Issues and PRs related to build files or the CI. quic Issues and PRs related to the QUIC implementation / HTTP/3. dependencies Pull requests that update a dependency file. labels Jul 27, 2025

jasnell force-pushed the jasnell/yay-quic branch from eab4848 to 907adb7 Compare July 27, 2025 21:42

This comment was marked as outdated.

Sign in to view

jasnell added dont-land-on-v20.x dont-land-on-v22.x PRs that should not land on the v22.x-staging branch and should not be released in v22.x. dont-land-on-v24.x PRs that should not land on the v24.x-staging branch and should not be released in v24.x. labels Jul 27, 2025

jasnell force-pushed the jasnell/yay-quic branch from 907adb7 to 3ae9b2a Compare July 27, 2025 21:52

trivikr mentioned this pull request Jul 28, 2025

Update on QUIC #57281

Closed

jasnell added 4 commits August 2, 2025 12:13

quic: start re-enabling quic with openssl 3.5

3f1b2ff

Start working on re-enabling QUIC support with the availability of OpenSSL 3.5. This will be a multi-step process. Signed-off-by: James M Snell <jasnell@gmail.com>

deps: update ngtcp2 to 1.14.0

256838e

Signed-off-by: James M Snell <jasnell@gmail.com>

deps: update nghttp3 to 1.11.0

1ffd8d8

Signed-off-by: James M Snell <jasnell@gmail.com>

jasnell force-pushed the jasnell/yay-quic branch from 3ae9b2a to ce92086 Compare August 2, 2025 19:16

jasnell changed the base branch from actions/tools-update-openssl to main August 2, 2025 19:18

This comment was marked as outdated.

Sign in to view

jasnell commented Aug 2, 2025

View reviewed changes

jasnell requested review from Qard, mcollina and richardlau August 2, 2025 19:23

This comment was marked as outdated.

Sign in to view

richardlau mentioned this pull request Aug 4, 2025

build: fix OpenSSL version detection #59353

Merged

panva pushed a commit to panva/node that referenced this pull request Aug 7, 2025

deps: update ngtcp2 to 1.14.0

b1bf6f2

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

panva pushed a commit to panva/node that referenced this pull request Aug 7, 2025

deps: update nghttp3 to 1.11.0

ad05187

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

mete0rfish pushed a commit to mete0rfish/node-contribute that referenced this pull request Aug 9, 2025

deps: update ngtcp2 to 1.14.0

42c6e3f

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

mete0rfish pushed a commit to mete0rfish/node-contribute that referenced this pull request Aug 9, 2025

deps: update nghttp3 to 1.11.0

6d91a56

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

panva pushed a commit to panva/node that referenced this pull request Aug 9, 2025

deps: update ngtcp2 to 1.14.0

d0a6adb

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

panva pushed a commit to panva/node that referenced this pull request Aug 9, 2025

deps: update nghttp3 to 1.11.0

897c929

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: nodejs#59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

stafyniaksacha mentioned this pull request Aug 14, 2025

QUIC/HTTP3 upstream support tracker (Node, Bun, Deno) h3js/srvx#52

Open

3 tasks

NullVoxPopuli mentioned this pull request Aug 15, 2025

HTTP3 + QUIC support? http-party/node-http-proxy#1710

Open

achingbrain mentioned this pull request Aug 25, 2025

Add QUIC support in js-libp2p — Libp2p/2025 ipshipyard/roadmaps#34

Closed

targos mentioned this pull request Sep 9, 2025

quic: continuing work on impl using openssl 3.5 #59342

Closed

BeBoRE mentioned this pull request Oct 3, 2025

feat: support WebTransport trpc/trpc#6971

Open

1 task

RafaelGSS mentioned this pull request Oct 9, 2025

2025-10-15, Version 25.0.0 (Current) #59896

Merged

9 tasks

derhuerst mentioned this pull request Mar 4, 2026

QUIC support #23064

Closed

aduh95 removed the dont-land-on-v24.x PRs that should not land on the v24.x-staging branch and should not be released in v24.x. label May 7, 2026

aduh95 pushed a commit that referenced this pull request May 7, 2026

deps: update ngtcp2 to 1.14.0

1d00313

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

aduh95 pushed a commit that referenced this pull request May 7, 2026

deps: update nghttp3 to 1.11.0

e073b38

Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #59249 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

github-actions Bot mentioned this pull request May 12, 2026

2026-05-21, Version 24.16.0 'Krypton' (LTS) #63263

Merged

Uh oh!

Conversation

jasnell commented Jul 27, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

nodejs-github-bot commented Jul 27, 2025

Uh oh!

jasnell commented Jul 27, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

This comment was marked as outdated.

nodejs-github-bot commented Jul 27, 2025

Uh oh!

richardlau commented Jul 27, 2025

Uh oh!

jasnell commented Jul 28, 2025

Uh oh!

This comment was marked as outdated.

jasnell Aug 2, 2025

Choose a reason for hiding this comment

Uh oh!

jasnell Aug 2, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

richardlau Aug 4, 2025

Choose a reason for hiding this comment

Uh oh!

jasnell Aug 4, 2025

Choose a reason for hiding this comment

Uh oh!

This comment was marked as outdated.

jasnell commented Aug 4, 2025

Uh oh!

splitice commented Aug 5, 2025

Uh oh!

m50S79sM6SRNp8Jn commented Dec 2, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

8 participants

jasnell commented Jul 27, 2025 •

edited

Loading

jasnell commented Jul 27, 2025 •

edited

Loading

jasnell Aug 2, 2025 •

edited

Loading