2025-09-03, Version 20.19.5 'Iron' (LTS) #59551
Conversation
PR-URL: #58770 Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com>
PR-URL: #58877 Reviewed-By: LiviaMedeiros <livia@cirno.name> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Richard Lau <richard.lau@ibm.com> Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com> Reviewed-By: Ruy Adorno <ruy@vlt.sh> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
llhttp@9.3.0 optimizes header value parsing on ARM Neon/WASM, and adds support for a protocol callback for use outside of the typical HTTP setting (RTSP/ICE). PR-URL: #58144 Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
As the actual location of built libnode.so may differ depending on which system was used to orchestrate the build (ninja or make), multiple places should be searched for it's location. PR-URL: #58213 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com>
PR-URL: #58291 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Dario Piotrowicz <dario.piotrowicz@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com> Reviewed-By: Tierney Cyren <hello@bnb.im>
|
Review requested:
|
nodejs-github-bot
added
doc
marco-ippolito
force-pushed
the
v20.19.5-proposal
branch
from
27eb942 to
fdd42e4
Compare
|
Ok so I guess we can drop them all |
marco-ippolito
added
release
marco-ippolito
force-pushed
the
v20.19.5-proposal
branch
from
fdd42e4 to
d52d6f7
Compare
|
nit: could you remove the |
marco-ippolito
force-pushed
the
v20.19.5-proposal
branch
from
d52d6f7 to
a876ce8
Compare
This comment was marked as outdated.
This comment was marked as outdated.
|
I'm gonna try to drop 7dbfeb5372 |
|
I opened #59660 to fix test-internet. |
The `nodejs.org` domain has now two TXT records. Do not verify the exact number of records returned (only their shape), and check that one of them is the SPF. PR-URL: #59660 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
PR-URL: #58270 Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
It seems to be still failing |
It's another test that fails. Looking at the test name and error output, this doesn't seem like a problem with the test itself. Might be caused by one of the DNS-related changes. |
|
Can you reproduce it locally?
The test passes with v20.19.4. |
I cannot reproduce it locally, I tried dropping dns commits, http commits but the problem seems unrelated to changes in this proposal |
|
I'm try to get a green CI on #59653 so we can include it in this release |
It looks like it was a fluke, retrying the job made it turn out green: https://github.com/nodejs/node/actions/runs/17370318657/job/49379960374#step:5:5275 |
marco-ippolito
force-pushed
the
v20.19.5-proposal
branch
from
da57b62 to
874dce5
Compare
marco-ippolito
changed the title
|
I’m not sure we want to include 42224ac before it lands on a Current release first |
You are right, although its targetting loong64 only so I'd not be too concern. We can land it in the next release |
When the source map data are invalid json strings, skip construct `SourceMap` on it. Additionally, suppress exceptions on source map lookups and fix test runners crash on invalid source maps. PR-URL: #56299 Backport-PR-URL: #59653 Refs: #56296 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Xuguang Mei <meixuguang@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Chemi Atlow <chemi@atlow.co.il> Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com>
Only invalidates source map lookup cache when a new source map is found. This improves when user codes interleave with builtin functions, like `array.map`. PR-URL: #56299 Backport-PR-URL: #59653 Refs: #56296 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Xuguang Mei <meixuguang@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Chemi Atlow <chemi@atlow.co.il> Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com>
marco-ippolito
force-pushed
the
v20.19.5-proposal
branch
from
874dce5 to
7ed2c85
Compare
|
This test seems to be failing consistently: It seems to timeout I cannot reproduce locally |
Looking at the daily CI, this has been failing for over a month, I couldn't find a single non-red run for macOS, I didn't check them all but it seems to always be I've started https://ci.nodejs.org/job/node-test-commit-osx/66605/ to establish whether that failure is related to a change here |
|
So it's an actual failure, should we try bisect it? |
|
It's also failing on cdab368 on CI (https://ci.nodejs.org/job/node-test-commit-osx/66605/), it sounds like it's unrelated to this release. I'm also unable to reproduce locally. I think the correct course of action would be to skip this test for that job to unblock the release. |
I opened #59745 to skip it |
2025-09-03, Version 20.19.5 'Iron' (LTS), @marco-ippolito
Notable Changes
f5b293ad48] - doc: add JonasBa to collaborators (Jonas Badalic) #583554e6ae787c6] - doc: add puskin to collaborators (Giovanni Bucci) #58308d06db658fc] - doc: add Filip Skokan to TSC (Rafael Gonzaga) #584993c6206cac9] - doc: add @geeksilva97 to collaborators (Edy Silva) #57241Commits
ea20403467] - build: fix uvwasi pkgname (Antoine du Hamel) #58270c647aa4b30] - build: fix pointer compression builds (Joyee Cheung) #58171d2c5e609ae] - build: disable v8_enable_pointer_compression_shared_cage on non-64bit (Shelley Vohr) #5886784d5c4d244] - build: search for libnode.so in multiple places (Jan Staněk) #58213068c439552] - crypto: fix SHAKE128/256 breaking change introduced with OpenSSL 3.4 (Filip Skokan) #58942edff105c34] - debugger: fix behavior of plain object exec in debugger repl (Dario Piotrowicz) #574980473e35b7f] - deps: update zlib to 1.3.1-470d3a2 (Node.js GitHub Bot) #586281218dbbea5] - deps: update zlib to 1.3.0.1-motley-780819f (Node.js GitHub Bot) #577680e3cd9ec00] - deps: update zlib to 1.3.0.1-motley-788cb3c (Node.js GitHub Bot) #56655a194dd9bd4] - deps: update archs files for openssl-3.0.16 (Node.js GitHub Bot) #57335cc9b79ca70] - deps: upgrade openssl sources to quictls/openssl-3.0.16 (Node.js GitHub Bot) #5733582c46d5358] - deps: update cjs-module-lexer to 2.1.0 (Node.js GitHub Bot) #5718043e3f9b26b] - deps: update cjs-module-lexer to 2.0.0 (Michael Dawson) #5685591282ff16b] - deps: update corepack to 0.33.0 (Node.js GitHub Bot) #58566b76bca6f38] - deps: update acorn to 8.15.0 (Node.js GitHub Bot) #58711ae11481011] - deps: update acorn to 8.14.1 (Node.js GitHub Bot) #57382142d701201] - deps: update minimatch to 10.0.3 (Node.js GitHub Bot) #58712fee082d684] - deps: update llhttp to 9.3.0 (Fedor Indutny) #58144c06f6f3f05] - dns: remove redundant code using common variable (Deokjin Kim) #57386cded8e7e77] - dns: fix parse memory leaky (theanarkh) #58973182ae67233] - dns: fix dns query cache implementation (Ethan Arrowood) #58404621b66a297] - doc: add review guidelines for collaborator nominations (Antoine du Hamel) #57449b1009b5b72] - doc: explicit mention arbitrary code execution as a vuln (Rafael Gonzaga) #57426f5b293ad48] - doc: add JonasBa to collaborators (Jonas Badalic) #583554e6ae787c6] - doc: add puskin to collaborators (Giovanni Bucci) #58308530473f479] - doc: add ovflowd back to core collaborators (Claudio W.) #5891138e8bbc131] - doc: add info on how project manages social media (Michael Dawson) #57318d06bb4dcc2] - doc: ping nodejs/tsc for each security pull request (Rafael Gonzaga) #57309d06db658fc] - doc: add Filip Skokan to TSC (Rafael Gonzaga) #584998c3bc156ed] - doc: clarifypath.isAbsoluteis not path traversal mitigation (Eric Fortis) #57073e688410bda] - doc: fix rendering of DEP0174 description (David Sanders) #56835e6a0c6a0fa] - doc: add missing assert return types (Colin Ihrig) #57219026b3cab6a] - doc: add 1ilsang to triage team (1ilsang) #571833c6206cac9] - doc: add @geeksilva97 to collaborators (Edy Silva) #57241ef3a4675c7] - doc: fix web.libera.chat link in pull-requests.md (Samuel Bronson) #570761db42b76f7] - doc: remove buffered flag from performance hooks examples (Pavel Romanov) #52607b73a1356ce] - doc: addmodule namespace objectlinks (Dario Piotrowicz) #5709309368db20f] - doc: disambiguate pseudo-code statement (Dario Piotrowicz) #570922c3dc569a1] - doc: fix wrong articles used to address modules (Dario Piotrowicz) #57090cd8259cb4e] - doc:modules.md: fixdistancedefinition (Alexander “weej” Jones) #570467b0ea9ab2d] - doc: fix wrong verb form (Dario Piotrowicz) #5709114fcfc242b] - doc: add a note aboutrequire('../common')in testing documentation (Aditi) #56953bc7d18b6ea] - doc: recommend writing tests in new files and including comments (Joyee Cheung) #57028acd4d7f269] - doc: improve documentation on argument validation (Aditi) #569544cd6b3ca73] - doc: buffer: fix typo onBuffer.copyBytesFrom(offsetoption (tpoisseau) #5701501220607f2] - doc: update cleanup to trust on vuln db automation (Rafael Gonzaga) #5700477a0505a32] - doc: update post sec release process (Rafael Gonzaga) #5690777dbcfce5f] - doc: add section about using npx with permission model (Rafael Gonzaga) #5653973e51407b7] - doc: remove RedYetiDev from triagers team (Aviv Keller) #559479a36cbb792] - doc: fix relative path mention in --allow-fs (Rafael Gonzaga) #5579104d9c5baeb] - doc: add scroll margin to links (Roman Reiss) #58982959a67f6ff] - doc: make Stability labels not sticky in Stability index (Livia Medeiros) #582918757a5532f] - doc: update release key for aduh95 (Antoine du Hamel) #588776fa0626327] - doc,src,test: fix typos (Noritaka Kobayashi) #584779991788e4a] - http: coerce content-length to number (Marco Ippolito) #57458ff5cf8a428] - http2: fix check forframe->hd.type(hanguanqiang) #576442f333b6c51] - lib: optimizeprepareStackTraceon builtin frames (Chengzhong Wu) #56299cdf985071f] - lib: suppress source map lookup exceptions (Chengzhong Wu) #56299faa08b14ed] - lib: fixup incorrect argument order in assertEncoding (James M Snell) #57177a683cd1232] - meta: add IlyasShabi to collaborators (Ilyas Shabi) #58916b145bb28aa] - meta: bump codecov/codecov-action from 5.4.2 to 5.4.3 (dependabot[bot]) #585512c59789001] - meta: bump ossf/scorecard-action from 2.4.1 to 2.4.2 (dependabot[bot]) #585504095337e96] - meta: bump rtCamp/action-slack-notify from 2.3.2 to 2.3.3 (dependabot[bot]) #58108631fed8e39] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #584567d2f7180b6] - meta: bump codecov/codecov-action from 5.4.0 to 5.4.2 (dependabot[bot]) #581101558551ea5] - meta: bump actions/download-artifact from 4.2.1 to 4.3.0 (dependabot[bot]) #58106e1f12fe737] - meta: ignore mailmap changes in linux ci (Jonas Badalic) #583561b78eb1313] - meta: bump actions/setup-node from 4.3.0 to 4.4.0 (dependabot[bot]) #581112b8449c39a] - meta: bump actions/setup-python from 5.5.0 to 5.6.0 (dependabot[bot]) #58107833b70bbc5] - meta: allow penetration testing on live system with prior authorization (Matteo Collina) #57966c6a88561f5] - meta: bump actions/setup-python from 5.4.0 to 5.5.0 (dependabot[bot]) #577189046ef4fb3] - meta: bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (dependabot[bot]) #5771746388a4e2a] - meta: bump actions/cache from 4.2.2 to 4.2.3 (dependabot[bot]) #57715d3970685bd] - meta: bump actions/setup-node from 4.2.0 to 4.3.0 (dependabot[bot]) #5771447004ef37f] - meta: bump actions/upload-artifact from 4.6.1 to 4.6.2 (dependabot[bot]) #577134abe83ec03] - meta: add some clarification to the nomination process (James M Snell) #5750345e9b88363] - meta: remove collaborator self-nomination (Rich Trott) #57537d10949b7d8] - meta: edit collaborator nomination process (Antoine du Hamel) #57483704562fb7a] - meta: move ovflowd to emeritus (Claudio W.) #574433f981b8537] - meta: bump codecov/codecov-action from 5.3.1 to 5.4.0 (dependabot[bot]) #572577e1ff7b332] - meta: bump ossf/scorecard-action from 2.4.0 to 2.4.1 (dependabot[bot]) #572538d4ec412b9] - meta: move RaisinTen back to collaborators, triagers and SEA champion (Darshan Sen) #57292cc2abb5d17] - meta: bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (dependabot[bot]) #572594fad2b8758] - meta: bump actions/cache from 4.2.0 to 4.2.2 (dependabot[bot]) #572565f5bb8b986] - meta: bump actions/upload-artifact from 4.6.0 to 4.6.1 (dependabot[bot]) #57255e949359a56] - meta: bumpactions/setup-pythonfrom 5.3.0 to 5.4.0 (dependabot[bot]) #56867d3c5ad7510] - meta: bumppeter-evans/create-pull-requestfrom 7.0.5 to 7.0.6 (dependabot[bot]) #5686656decfe2d1] - meta: bumpcodecov/codecov-actionfrom 5.0.7 to 5.3.1 (dependabot[bot]) #5686452e518444d] - meta: bumpactions/cachefrom 4.1.2 to 4.2.0 (dependabot[bot]) #568629cac93d9c3] - meta: bumpactions/stalefrom 9.0.0 to 9.1.0 (dependabot[bot]) #56860ecf4252f7c] - meta: update last name for jkrems (Jan Martin) #57006e8beaaaedf] - meta: bumpactions/upload-artifactfrom 4.4.3 to 4.6.0 (dependabot[bot]) #568615462c257f8] - meta: bumpactions/setup-nodefrom 4.1.0 to 4.2.0 (dependabot[bot]) #5686889c37891a0] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #568892a0175c291] - meta: add @nodejs/url as codeowner (Chengzhong Wu) #56783c12aae1e78] - meta: bump github/codeql-action from 3.28.18 to 3.29.2 (dependabot[bot]) #589224ef09990f1] - meta: bump github/codeql-action from 3.28.16 to 3.28.18 (dependabot[bot]) #58552889654eb2c] - meta: bump github/codeql-action from 3.28.11 to 3.28.16 (dependabot[bot]) #58112091e5c1bb9] - meta: bump github/codeql-action from 3.28.10 to 3.28.13 (dependabot[bot]) #5771601415153de] - meta: bump github/codeql-action from 3.28.8 to 3.28.10 (dependabot[bot]) #5725472ea8aac34] - meta: bumpgithub/codeql-actionfrom 3.27.5 to 3.28.8 (dependabot[bot]) #5685999a271e588] - meta: bump step-security/harden-runner from 2.12.0 to 2.12.2 (dependabot[bot]) #58923b4c4c02490] - meta: bump step-security/harden-runner from 2.11.0 to 2.12.0 (dependabot[bot]) #581095361bb9157] - meta: bump step-security/harden-runner from 2.10.4 to 2.11.0 (dependabot[bot]) #5725828e33acf30] - meta: bumpstep-security/harden-runnerfrom 2.10.2 to 2.10.4 (dependabot[bot]) #56863fad773cede] - module: throw error when re-runing errored module jobs (Joyee Cheung) #589572531185423] - module: allow cycles in require() in the CJS handling in ESM loader (Joyee Cheung) #58598ed43b69689] - module: clarify cjs global-like error on ModuleJobSync (Carlos Espa) #564916e02db1b12] - module: handle instantiated async module jobs in require(esm) (Joyee Cheung) #58067badba50d30] - module: fix incorrect formatting in require(esm) cycle error message (haykam821) #57453939ecf8906] - module: handle cached linked async jobs in require(esm) (Joyee Cheung) #57187ba7f8a0353] - module: improve error message from asynchronicity in require(esm) (Joyee Cheung) #57126c1e7fa2586] - module: handle .mjs in .js handler in CommonJS (Joyee Cheung) #5559041f3dfd21b] - module: fix require.resolve() crash on non-string paths (Aditi) #56942043dcdd628] - os: fix GetInterfaceAddresses memory lieaky (theanarkh) #589409b74e9bfd9] - permission: ignore internalModuleStat on module loading (Rafael Gonzaga) #55797611a147b45] - readline: fix unresolved promise on abortion (Daniel Venable) #54030f891ae3421] - repl: avoid deprecatedrequire.extensionsin tab completion (baki gul) #586537ba44290bf] - repl: fix tab completion not working with computer string properties (Dario Piotrowicz) #58709eb842048b2] - src: do not format single string argument for THROW_ERR_* (Joyee Cheung) #571264f004937ec] - src: fixup errorhandling more in various places (James M Snell) #578525daa7fe2e2] - src: fix module buffer allocation (X-BW) #57738586b1be11b] - src: fix build when using shared simdutf (Antoine du Hamel) #58407563e61f012] - src: fix possible dereference of null pointer (Eusgor) #58459cbec07ea0b] - src: fix FIPS init error handling (Tobias Nießen) #5837980fb80e71b] - src: fix -Wunreachable-code in src/node_api.cc (Shelley Vohr) #5890169c43bdfcc] - test: fix internet/test-dns (Michaël Zasso) #596606fd58e0338] - tools: update coverage GitHub Actions to fixed version (Rich Trott) #59512eb7bbce73e] - tools: disable failing coverage jobs (Antoine du Hamel) #5877065b1669936] - util: fix formatting of objects with built-in Symbol.toPrimitive (Shima Ryuhei) #578328a29f13bec] - util: fix parseEnv incorrectly splitting multiple ‘=‘ in value (HEESEUNG) #57421077d5020c4] - v8: fix missing callback in heap utils destroy (Ruben Bridgewater) #5884634ae9f8b18] - vm: import call should return a promise in the current context (Chengzhong Wu) #583090dd3a8d6d1] - win,build: fix MSVS v17.14 compilation issue (StefanStojanovic) #589021b83a2bd2d] - zlib: remove mentions of unexposed Z_TREES constant (Jimmy Leung) #583719dc9604502] - zlib: fix pointer alignment (jhofstee) #57727