Skip to content

Releases: nodejs/node

2026-01-13, Version 24.13.0 'Krypton' (LTS), @marco-ippolito

Choose a tag to compare

@marco-ippolito marco-ippolito released this 13 Jan 13:57
v24.13.0
def0bdf

This is a security release.

Notable Changes

lib:

Commits

2026-01-13, Version 22.22.0 'Jod' (LTS), @marco-ippolito

Choose a tag to compare

@marco-ippolito marco-ippolito released this 13 Jan 13:56
v22.22.0
6add85e

This is a security release.

Notable Changes

lib:

  • (CVE-2025-59465) add TLSSocket default error handler
  • (CVE-2025-55132) disable futimes when permission model is enabled
    lib,permission:
  • (CVE-2025-55130) require full read and write to symlink APIs
    src:
  • (CVE-2025-59466) rethrow stack overflow exceptions in async_hooks
    src,lib:
  • (CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle
    tls:
  • (CVE-2026-21637) route callback exceptions through error handlers

Commits

2026-01-13, Version 20.20.0 'Iron' (LTS), @marco-ippolito

Choose a tag to compare

@marco-ippolito marco-ippolito released this 13 Jan 13:55
v20.20.0
1f7186e

This is a security release.

Notable Changes

lib:

Commits

2025-12-10, Version 24.12.0 'Krypton' (LTS), @targos

Choose a tag to compare

@targos targos released this 10 Dec 16:50
v24.12.0
70f6b58

Notable Changes

  • [1a00b5f68a] - (SEMVER-MINOR) http: add optimizeEmptyRequests server option (Rafael Gonzaga) #59778
  • [ff5754077d] - (SEMVER-MINOR) lib: add options to util.deprecate (Rafael Gonzaga) #59982
  • [8987159234] - (SEMVER-MINOR) module: mark type stripping as stable (Marco Ippolito) #60600
  • [92c484ebf4] - (SEMVER-MINOR) node-api: add napi_create_object_with_properties (Miguel Marcondes Filho) #59953
  • [b11bc5984e] - (SEMVER-MINOR) sqlite: allow setting defensive flag (Bart Louwers) #60217
  • [e7da5b4b7d] - (SEMVER-MINOR) src: add watch config namespace (Marco Ippolito) #60178
  • [a7f7d10c06] - (SEMVER-MINOR) src: add an option to make compile cache portable (Aditi) #58797
  • [92ea669240] - (SEMVER-MINOR) src,permission: add --allow-inspector ability (Rafael Gonzaga) #59711
  • [05d7509bd2] - (SEMVER-MINOR) v8: add cpu profile (theanarkh) #59807

Commits

  • [e4a23a35ac] - benchmark: focus on import.meta intialization in import-meta benchmark (Joyee Cheung) #60603
  • [b6114ae5c9] - benchmark: add per-suite setup option (Joyee Cheung) #60574
  • [ac8e90af7c] - buffer: speed up concat via TypedArray#set (GΓΌrgΓΌn DayΔ±oğlu) #60399
  • [acbc8ca13e] - build: upgrade Python linter ruff, add rules ASYNC,PERF (Christian Clauss) #59984
  • [f97a609a07] - console: optimize single-string logging (GΓΌrgΓΌn DayΔ±oğlu) #60422
  • [6cd9bdc580] - crypto: ensure documented RSA-PSS saltLength default is used (Filip Skokan) #60662
  • [0fafe24d9b] - crypto: fix argument validation in crypto.timingSafeEqual fast path (Joyee Cheung) #60538
  • [54421e0419] - debugger: fix event listener leak in the run command (Joyee Cheung) #60464
  • [c361a628b4] - deps: V8: cherry-pick 72b0e27bd936 (pthier) #60732
  • [c70f4588dd] - deps: V8: cherry-pick 6bb32bd2c194 (Erik Corry) #60732
  • [881fe784c5] - deps: V8: cherry-pick 0dd2318b5237 (Erik Corry) #60732
  • [457c33efcc] - deps: V8: cherry-pick df20105ccf36 (Erik Corry) #60732
  • [0bf45a829c] - deps: V8: backport e5dbbbadcbff (Darshan Sen) #60524
  • [4993bdc476] - deps: V8: cherry-pick 5ba9200cd046 (Juan JosΓ© Arboleda) #60620
  • [1e9abe0078] - deps: update corepack to 0.34.5 (Node.js GitHub Bot) #60842
  • [3f704ed08f] - deps: update corepack to 0.34.4 (Node.js GitHub Bot) #60643
  • [04e360fdb1] - deps: V8: cherry-pick 06bf293610ef, 146962dda8d2 and e0fb10b5148c (MichaΓ«l Zasso) #60713
  • [fcbd8dbbde] - deps: patch V8 to 13.6.233.17 (MichaΓ«l Zasso) #60712
  • [28e9433f39] - deps: V8: cherry-pick 87356585659b (Joyee Cheung) #60069
  • [3cac85b243] - deps: V8: backport 2e4c5cf9b112 (MichaΓ«l Zasso) #60654
  • [1daece1970] - deps: call OPENSSL_free after ANS1_STRING_to_UTF8 (Rafael Gonzaga) #60609
  • [5f55a9c9ea] - deps: nghttp2: revert 7784fa979d0b (Antoine du Hamel) #59790
  • [1d9e7c1f4d] - deps: update nghttp2 to 1.67.1 (nodejs-github-bot) #59790
  • [3140415068] - deps: update simdjson to 4.1.0 (Node.js GitHub Bot) #60542
  • [d911f9f1b8] - deps: update amaro to 1.1.5 (Node.js GitHub Bot) #60541
  • [daaaf04a32] - deps: V8: cherry-pick 2abc61361dd4 (Richard Lau) #60177
  • [b4f63ee5f8] - doc: update Collaborators list to reflect hybrist handle change (Antoine du Hamel) #60650
  • [effcf7a8ab] - doc: fix link in --env-file=file section (N. Bighetti) #60563
  • [7011736703] - doc: fix linter issues (Antoine du Hamel) #60636
  • [5cc79d8945] - doc: add missing history entry for sqlite.md (Antoine du Hamel) #60607
  • [bbc649057c] - doc: correct values/references for buffer.kMaxLength (RenΓ©) #60305
  • [ea7ecb517b] - doc: recommend events.once to manage 'close' event (Dan Fabulich) #60017
  • [58bff04cc2] - doc: highlight module loading difference between import and require (Ajay A) #59815
  • [bbcbff9b4d] - doc: add CJS code snippets in sqlite.md (Allon Murienik) #60395
  • [f8af33d5a7] - doc: fix typo in process.unref documentation (우혁) #59698
  • [df105dc351] - doc: add some entries to glossary.md (Mohataseem Khan) #59277
  • [4955cb2b5b] - doc: improve agent.createConnection docs for http and https agents (JaeHo Jang) #58205
  • [6283bb5cc9] - doc: fix pseudo code in modules.md (chirsz) #57677
  • [d5059ea537] - doc: add missing variable in code snippet (Koushil Mankali) #55478
  • [900de373ae] - doc: add missing word in single-executable-applications.md (Konstantin Tsabolov) #53864
  • [5735044c8b] - doc: fix typo in http.md (Michael Solomon) #59354
  • [2dee6df831] - doc: update devcontainer.json and add documentation (Joyee Cheung) #60472
  • [8f2d98d7d2] - doc: add haramj as triager (Haram Jeong) #60348
  • [[bbd7fdfff4](https://gith...
Read more

2025-11-25, Version 20.19.6 'Iron' (LTS), @marco-ippolito

Choose a tag to compare

@marco-ippolito marco-ippolito released this 25 Nov 12:31
v20.19.6
6a530fe

Notable Changes

  • [6277910a15] - crypto: update root certificates to NSS 3.114 (Node.js GitHub Bot) #59571
  • [082e50d4a2] - doc: update the instruction on how to verify releases (Antoine du Hamel) #59113
  • [db68cec4cb] - doc: deprecate HTTP/2 priority signaling (Matteo Collina) #58313

Commits

  • [0f644df42e] - build: fix 'implicit-function-declaration' on OpenHarmony platform (hqzing) #59547
  • [fba0025b9c] - build: use windows-2025 runner (MichaΓ«l Zasso) #59673
  • [3456ec946d] - crypto: update root certificates to NSS 3.116 (Node.js GitHub Bot) #59956
  • [6277910a15] - crypto: update root certificates to NSS 3.114 (Node.js GitHub Bot) #59571
  • [1788fb5f3d] - deps: update undici to 6.22.0 (Matteo Collina) #60112
  • [5d61b55f24] - deps: update uvwasi to 0.0.23 (Node.js GitHub Bot) #59791
  • [9f1e5e4637] - deps: update histogram to 0.11.9 (Node.js GitHub Bot) #59689
  • [d0edb01d25] - deps: update googletest to eb2d85e (Node.js GitHub Bot) #59335
  • [576242ff39] - deps: V8: cherry-pick a0d0d4fc4f19 (Ho Cheung) #60716
  • [a07a277020] - deps: update corepack to 0.34.1 (Node.js GitHub Bot) #60314
  • [fa5c5af8ce] - deps: update archs files for openssl-3.0.17 (Node.js GitHub Bot) #59134
  • [556113e2fc] - deps: upgrade openssl sources to openssl-3.0.17 (Node.js GitHub Bot) #59134
  • [cd1536ca90] - deps: update corepack to 0.34.0 (Node.js GitHub Bot) #59133
  • [acec79989e] - deps: V8: cherry-pick 6b1b9bca2a8 (zhoumingtao) #59283
  • [e65b930aa7] - deps: V8: backport 2e4c5cf9b112 (MichaΓ«l Zasso) #60654
  • [1b75a601f7] - doc: fix typo on child_process.md (Angelo Gazzola) #60114
  • [a2bcb217c6] - doc: fix typo in section on microtask order (Tobias Nießen) #59932
  • [2426d3f3ff] - doc: add security escalation policy (Ulises GascΓ³n) #59806
  • [e7f6f04758] - doc: add Miles Guicent as triager (Miles Guicent) #59562
  • [e51ef3f48b] - doc: update install_tools.bat free disk space (Stefan Stojanovic) #59579
  • [8a504d900a] - doc: fix missing link to the Error documentation in the http page (Alexander Makarenko) #59080
  • [8c5c8aa71d] - doc: clarify experimental platform vulnerability policy (Matteo Collina) #59591
  • [109c4bff77] - doc: add security incident reponse plan (Rafael Gonzaga) #59470
  • [4f004efdf3] - doc: add RafaelGSS as performance strategic lead (Rafael Gonzaga) #59445
  • [caa2db4bac] - doc: fix links in test.md (Vas Sudanagunta) #58876
  • [082e50d4a2] - doc: update the instruction on how to verify releases (Antoine du Hamel) #59113
  • [19a66365d9] - doc: clarify DEP0194 scope (Antoine du Hamel) #58504
  • [db68cec4cb] - doc: deprecate HTTP/2 priority signaling (Matteo Collina) #58313
  • [3b2368774f] - doc: make Stability labels not sticky in Stability index (Livia Medeiros) #58291
  • [960d05ad7d] - doc: add history entries to --input-type section (Antoine du Hamel) #58175
  • [20616f1750] - http2: do not crash on mismatched ping buffer length (RenΓ©) #60135
  • [9eb94232c8] - lib: handle superscript variants on windows device (Rafael Gonzaga) #59261
  • [dc58b4e35f] - meta: move Michael to emeritus (Michael Dawson) #60070
  • [d943cfb260] - meta: bump actions/setup-node from 4.4.0 to 5.0.0 (dependabot[bot]) #60093
  • [de9a3aaf0f] - meta: bump step-security/harden-runner from 2.12.2 to 2.13.1 (dependabot[bot]) #60094
  • [b4b5d4a4d7] - meta: bump ossf/scorecard-action from 2.4.2 to 2.4.3 (dependabot[bot]) #60096
  • [e5b4eee901] - meta: bump actions/setup-python from 5.6.0 to 6.0.0 (dependabot[bot]) #60090
  • [7cb032c2c1] - meta: update devcontainer to the latest schema (Aviv Keller) #54347
  • [bb108191aa] - meta: call create-release-post.yml post release (Aviv Keller) #60366
  • [2a11d50526] - module: correctly detect top-level await in ambiguous contexts (Shima Ryuhei) #58646
  • [144233b71a] - process: fix wrong asyncContext under unhandled-rejections=strict (Shima Ryuhei) #60103
  • [409cb773a4] - repl: fix cpu overhead pasting big strings to the REPL (Ruben Bridgewater) #59857
  • [d1c9d80cac] - repl: add isValidParentheses check before wrap input (Xuguang Mei) #59607
  • [b8d145db2c] - src: fix order of CHECK_NOT_NULL/dereference (Tobias Nießen) #59487
  • [2c8a73f95f] - src: remove duplicate assignment of O_EXCL in node_constants.cc (Daniel Osvaldo R) #59049
  • [b1da374503] - test: fix typo of test-benchmark-readline.js (Deokjin Kim) #59993
  • [4b4e38f497] - test: mark sea tests flaky on macOS x64 (Richard Lau) #60068
  • [cbf4fc34c3] - test: skip more sea tests on Linux ppc64le (Richard Lau) #59755
  • [9543facad7] - test: mark test-inspector-network-fetch as flaky again (Joyee Cheung) [#59640](https://github.com/nodejs/node...
Read more

2025-11-17, Version 25.2.1 (Current), @aduh95

Choose a tag to compare

@aduh95 aduh95 released this 17 Nov 09:42
v25.2.1
4cac2b9

This release reverts the spec-compliant behavior of sometimes throwing on localStorage
access. We received feedback that this change on an experimental API was too breaking
for a semver-minor release, so we decided to push it back for Node.js 26.0.0.

Commits

  • [ff89b7b6c7] - crypto: ensure documented RSA-PSS saltLength default is used (Filip Skokan) #60662
  • [5316b580eb] - deps: V8: backport 2e4c5cf9b112 (MichaΓ«l Zasso) #60654
  • [ca878bc90e] - doc,src,lib: clarify experimental status of Web Storage support (Antoine du Hamel) #60708
  • [a4dee613fd] - Revert "lib: throw from localStorage getter on missing storage path" (Antoine du Hamel) #60750

2025-11-11, Version 25.2.0 (Current), @aduh95

Choose a tag to compare

@aduh95 aduh95 released this 11 Nov 22:33
v25.2.0
cc33907

Notable Changes

  • [a37c01e6a1] - (SEMVER-MINOR) lib: add options to util.deprecate (Rafael Gonzaga) #59982
  • [4fbb1ab101] - lib: throw from localStorage getter on missing storage path (RenΓ©) #60351
  • [727560a96d] - (SEMVER-MINOR) module: mark type stripping as stable (Marco Ippolito) #60600
  • [506b79e888] - (SEMVER-MINOR) net: increase network family autoselection timeout to 500ms (Rod Vagg) #60334
  • [166c72ec02] - (SEMVER-MINOR) node-api: add napi_create_object_with_properties (Miguel Marcondes Filho) #59953
  • [399b340022] - (SEMVER-MINOR) v8: adding total_allocated_bytes to HeapStatistics (Caio Lima) #60573

Commits

  • [d5158a0a2d] - benchmark: focus on import.meta intialization in import-meta benchmark (Joyee Cheung) #60603
  • [26a5305fa9] - benchmark: add per-suite setup option (Joyee Cheung) #60574
  • [4810e4b82d] - buffer: speed up concat via TypedArray#set (GΓΌrgΓΌn DayΔ±oğlu) #60399
  • [94a94a6b3a] - console: optimize single-string logging (GΓΌrgΓΌn DayΔ±oğlu) #60422
  • [ad376c31db] - crypto: fix argument validation in crypto.timingSafeEqual fast path (Joyee Cheung) #60538
  • [dc38a45a55] - debugger: fix event listener leak in the run command (Joyee Cheung) #60464
  • [a61e5d8e05] - deps: call OPENSSL_free after ANS1_STRING_to_UTF8 (Rafael Gonzaga) #60609
  • [51e5030afa] - deps: nghttp2: revert 7784fa979d0b (Antoine du Hamel) #59790
  • [eef838f499] - deps: update nghttp2 to 1.67.1 (nodejs-github-bot) #59790
  • [13120a43d4] - deps: update simdjson to 4.1.0 (Node.js GitHub Bot) #60542
  • [6e1b23dab8] - deps: update corepack to 0.34.2 (Node.js GitHub Bot) #60550
  • [a02e05c486] - deps: update amaro to 1.1.5 (Node.js GitHub Bot) #60541
  • [b9ba3a7947] - deps: V8: backport fe81545e6d14 (Caio Lima) #60429
  • [07bcd28494] - deps: V8: cherry-pick 7ef6a001762 (Xiao-Tao) #60259
  • [3e11658243] - doc: update Collaborators list to reflect hybrist handle change (Antoine du Hamel) #60650
  • [b8e40e4d38] - doc: fix link in --env-file=file section (N. Bighetti) #60563
  • [9558c1c0df] - doc: fix linter issues (Antoine du Hamel) #60636
  • [cdf70de563] - doc: add missing history entry for sqlite.md (Antoine du Hamel) #60607
  • [e3c5dcf1ea] - doc: correct values/references for buffer.kMaxLength (RenΓ©) #60305
  • [a25d76c924] - doc: recommend events.once to manage 'close' event (Dan Fabulich) #60017
  • [795f32bf91] - doc: highlight module loading difference between import and require (Ajay A) #59815
  • [212775410b] - doc: add CJS code snippets in sqlite.md (Allon Murienik) #60395
  • [263c06096d] - doc: fix typo in process.unref documentation (우혁) #59698
  • [356bdae408] - doc: add some entries to glossary.md (Mohataseem Khan) #59277
  • [9632c398de] - doc: improve agent.createConnection docs for http and https agents (JaeHo Jang) #58205
  • [f72880dbe3] - doc: fix pseudo code in modules.md (chirsz) #57677
  • [a9c70cefe8] - doc: add missing variable in code snippet (Koushil Mankali) #55478
  • [2892d151d4] - doc: add missing word in single-executable-applications.md (Konstantin Tsabolov) #53864
  • [9c99ab6571] - doc: fix typo in http.md (Michael Solomon) #59354
  • [3446cf375f] - doc: update devcontainer.json and add documentation (Joyee Cheung) #60472
  • [519c537875] - doc: add haramj as triager (Haram Jeong) #60348
  • [62889d7e99] - doc: clarify require(esm) description (dynst) #60520
  • [0b9ef68705] - doc: instantiate resolver object (Donghoon Nam) #60476
  • [cd5c1ad29f] - doc: correct module loading descriptions (Joyee Cheung) #60346
  • [74719dad7a] - doc: clarify Linux runtime requirements for >=25 (Joyee Cheung) #60484
  • [ca39540785] - doc: clarify --use-system-ca support status (Joyee Cheung) #60340
  • [dbf204c714] - doc,crypto: link keygen to supported types (Filip Skokan) #60585
  • [3bcf86d56d] - esm: use sync loading/resolving on non-loader-hook thread (Joyee Cheung) #60380
  • [69b3d2c845] - http: replace startsWith with strict equality (btea) #59394
  • [a38e2f5975] - http2: add diagnostics channels for client stream request body (Darshan Sen) #60480
  • [c047e73a00] - inspector: inspect HTTP response body (Chengzhong Wu) #60572
  • [d2087bae92] - inspector: support inspecting HTTP/2 request and response bodies (Darshan Sen) #60483
  • [003121c475] - inspector: fix crash when receiving non json message (Shima Ryuhei) #60388
  • [a37c01e6a1] - (SEMVER-MINOR) lib: add options to util.deprecate (Rafael Gonzaga) #59982
  • [219d2e978d] - lib: replace global SharedArrayBuffer constructor with bound method (Renegade334) #60497
  • [4fbb1ab101] - lib: throw from localStorage getter on missing storage path (RenΓ©) #60351
    ...
Read more

2025-11-11, Version 24.11.1 'Krypton' (LTS), @aduh95

Choose a tag to compare

@aduh95 aduh95 released this 11 Nov 22:32
v24.11.1
18aefb2

Notable Changes

The known issue relating to Buffer.allocUnsafe incorrectly zero-filling buffers
has now been addressed and now returns uninitialized memory as documented in the
Buffer.allocUnsafe
documentation.

Commits

  • [0a15ccf3f4] - benchmark: improve cpu.sh for safety and usability (Nam Yooseong) #60162
  • [a1c7d1dac9] - benchmark: add benchmark for leaf source text modules (Joyee Cheung) #60205
  • [99e2acf46b] - benchmark: add vm.SourceTextModule benchmark (Joyee Cheung) #59396
  • [c01c72b407] - benchmark: use non-deprecated WriteUtf8V2 method (MichaΓ«l Zasso) #60173
  • [a42dbd138e] - build: ibmi follow aix visibility (SRAVANI GUNDEPALLI) #60360
  • [5673a54a5d] - build: use call command when calling python configure (Jacob Nichols) #60098
  • [c67cb727cb] - build: build v8 with -fvisibility=hidden -fvisibility-inlines-hidden (Joyee Cheung) #56290
  • [b03f7b93b1] - build: remove V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE defs (Joyee Cheung) #60296
  • [2505568531] - build, src: fix include paths for vtune files (Rahul) #59999
  • [95330b036f] - crypto: update root certificates to NSS 3.116 (Node.js GitHub Bot) #59956
  • [c221d892ef] - deps: update corepack to 0.34.2 (Node.js GitHub Bot) #60550
  • [bc00aa4c77] - deps: update simdjson to 4.0.7 (Node.js GitHub Bot) #59883
  • [d03b89ec53] - deps: update corepack to 0.34.1 (Node.js GitHub Bot) #60314
  • [b7882090de] - deps: update inspector_protocol to af7f5a8173fdbc29f0835ec94395932e328b (Node.js GitHub Bot) #60312
  • [7007f9dd65] - deps: update googletest to 279f847 (Node.js GitHub Bot) #60219
  • [a56aa9ffa8] - deps: upgrade npm to 11.6.2 (npm team) #60168
  • [0bf8952721] - doc: mention more codemods in deprecations.md (Augustin Mauroy) #60243
  • [2473ca77f6] - doc: add missing CAA type to dns.resolveAny() & dnsPromises.resolveAny() (Jimmy Leung) #58899
  • [39ddd8522e] - doc: use any for worker_threads.Worker 'error' event argument err (Jonas Geiler) #60300
  • [eaa825fd97] - doc: update decorator documentation to reflect actual policy (Muhammad Salman Aziz) #60288
  • [a744e42282] - doc: document wildcard supported by tools/test.py (Joyee Cheung) #60265
  • [ec0d5beb09] - doc: add --heap-snapshot-on-oom to useful v8 flag (jakecastelli) #60260
  • [13da0df12a] - doc: fix blob.bytes() heading level (XTY) #60252
  • [8e771632b7] - doc: fix not working code example in vm docs (Artur Gawlik) #60224
  • [70c2080bff] - doc: improve code snippet alternative of url.parse() using WHATWG URL (Steven) #60209
  • [beadcf176e] - doc: createSQLTagStore -> createTagStore (Aviv Keller) #60182
  • [b0da3b9c6a] - doc: use markdown when branch-diff major release (Rafael Gonzaga) #60179
  • [688115aa6b] - doc: update teams in collaborator-guide.md and add links (Bart Louwers) #60065
  • [923082a064] - doc: disambiguate top-level worker_threads module exports (RenΓ©) #59890
  • [7be4330870] - doc: add known issue to v24.11.0 release notes (Richard Lau) #60467
  • [4d8f62aeaf] - doc, module: change async customization hooks to experimental (Gerhard StΓΆbich) #60302
  • [d86a118bbd] - http: lazy allocate cookies array (Robert Nagy) #59734
  • [8c256d4139] - http: fix http client leaky with double response (theanarkh) #60062
  • [265e9d59fa] - http2: rename variable to additionalPseudoHeaders (Tobias Nießen) #60208
  • [65bec037e2] - http2: do not crash on mismatched ping buffer length (RenΓ©) #60135
  • [9b83ef53b7] - inspector: add network payload buffer size limits (Chengzhong Wu) #60236
  • [03ac05c458] - inspector: support handshake response for websocket inspection (Shima Ryuhei) #60225
  • [aa04f06190] - lib: fix typo in createBlobReaderStream (SeokHun) #60132
  • [5aea1a429e] - lib: fix constructor in _errnoException stack tree (SeokHun) #60156
  • [4f7745acc7] - lib: fix typo in QuicSessionStats (SeokHun) #60155
  • [f8725861ea] - lib: remove redundant destroyHook checks (GΓΌrgΓΌn DayΔ±oğlu) #60120
  • [696c20bf3f] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #60325
  • [90434ff99a] - meta: loop userland-migrations in deprecations (Chengzhong Wu) #60299
  • [ffbc0ae60a] - module: refactor and clarify async loader hook customizations (Joyee Cheung) #60278
  • [6ed6062f7d] - module: handle null source from async loader hooks in sync hooks (Joyee Cheung) #59929
  • [a2871baed2] - msi: fix WiX warnings (Stefan Stojanovic) #60251
  • [6199541d67] - src: fix timing of snapshot serialize callback (Joyee Cheung) #60434
  • [13b687959a] - src: add COUNT_GENERIC_USAGE utility for tests (Joyee Cheung) #60434
  • [a587623b4f] - src: conditionally disable source phase imports by default (Shelley Vohr) #60364
  • [e483267995] - src: use cached primordials_string (Sohyeon Kim) #60255
  • [[4c9a64fbaf](https://github.com...
Read more

2025-10-28, Version 25.1.0 (Current), @aduh95

Choose a tag to compare

@aduh95 aduh95 released this 28 Oct 19:20
v25.1.0
1da054d

Notable Changes

  • [4395fe14b9] - (SEMVER-MINOR) http: add optimizeEmptyRequests server option (Rafael Gonzaga) #59778
  • [2e55c6ad04] - (SEMVER-MINOR) sqlite: allow setting defensive flag (Bart Louwers) #60217
  • [f437204491] - (SEMVER-MINOR) src: add watch config namespace (Marco Ippolito) #60178

Commits

  • [bb27766bd5] - benchmark: improve cpu.sh for safety and usability (Nam Yooseong) #60162
  • [e600711c20] - benchmark: add benchmark for leaf source text modules (Joyee Cheung) #60205
  • [1bbcdf9039] - benchmark: add vm.SourceTextModule benchmark (Joyee Cheung) #59396
  • [22fa6bd28b] - build: ibmi follow aix visibility (SRAVANI GUNDEPALLI) #60360
  • [931028400e] - build: use call command when calling python configure (Jacob Nichols) #60098
  • [17fde3f3d1] - build: build v8 with -fvisibility=hidden -fvisibility-inlines-hidden (Joyee Cheung) #56290
  • [04cc7aae5e] - build: remove V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE defs (Joyee Cheung) #60296
  • [8a2053060d] - crypto: update root certificates to NSS 3.116 (Node.js GitHub Bot) #59956
  • [fe91c0f755] - deps: update simdjson to 4.0.7 (Node.js GitHub Bot) #59883
  • [aacfc0d212] - deps: update corepack to 0.34.1 (Node.js GitHub Bot) #60314
  • [8596891a71] - deps: update inspector_protocol to af7f5a8173fdbc29f0835ec94395932e328b (Node.js GitHub Bot) #60312
  • [21bcd0eb2f] - deps: V8: cherry-pick 3d0f462a17ff (Joyee Cheung) #59396
  • [673558501c] - deps: update googletest to 279f847 (Node.js GitHub Bot) #60219
  • [425a1879b1] - doc: mention more codemods in deprecations.md (Augustin Mauroy) #60243
  • [563e1317f3] - doc: remove unnecessary statement of web storage (Deokjin Kim) #60363
  • [064c8c5cfd] - doc: add missing CAA type to dns.resolveAny() & dnsPromises.resolveAny() (Jimmy Leung) #58899
  • [99e357af35] - doc: use any for worker_threads.Worker 'error' event argument err (Jonas Geiler) #60300
  • [8ccff0d934] - doc: update decorator documentation to reflect actual policy (Muhammad Salman Aziz) #60288
  • [bac70c6ef3] - doc: document wildcard supported by tools/test.py (Joyee Cheung) #60265
  • [8492bc6a88] - doc: add --heap-snapshot-on-oom to useful v8 flag (jakecastelli) #60260
  • [0f0d3c0e47] - doc: fix blob.bytes() heading level (XTY) #60252
  • [8c8525cf93] - doc: fix not working code example in vm docs (Artur Gawlik) #60224
  • [8a6de3866c] - doc, assert: correct order of changes entries (Gerhard StΓΆbich) #60304
  • [6bacb6555a] - doc, module: change async customization hooks to experimental (Gerhard StΓΆbich) #60302
  • [6f3b16df16] - esm: use index-based resolution callbacks (Joyee Cheung) #59396
  • [95644a432c] - http: lazy allocate cookies array (Robert Nagy) #59734
  • [4395fe14b9] - (SEMVER-MINOR) http: add optimizeEmptyRequests server option (Rafael Gonzaga) #59778
  • [f1aa1eaaf5] - inspector: add network payload buffer size limits (Chengzhong Wu) #60236
  • [64fc625bf9] - inspector: support handshake response for websocket inspection (Shima Ryuhei) #60225
  • [0ecbb806a8] - lib: fix typo in createBlobReaderStream (SeokHun) #60132
  • [ffec5927fd] - meta: fix typo in test-shared workflow name (Ronit Sabhaya) #60321
  • [a02897e157] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #60325
  • [59223a7831] - meta: loop userland-migrations in deprecations (Chengzhong Wu) #60299
  • [2d48d17696] - module: refactor and clarify async loader hook customizations (Joyee Cheung) #60278
  • [be1b84fd93] - module: handle null source from async loader hooks in sync hooks (Joyee Cheung) #59929
  • [063fbd87d3] - msi: fix WiX warnings (Stefan Stojanovic) #60251
  • [2e55c6ad04] - (SEMVER-MINOR) sqlite: allow setting defensive flag (Bart Louwers) #60217
  • [dc93d6988a] - src: fix timing of snapshot serialize callback (Joyee Cheung) #60434
  • [267e1b3817] - src: add COUNT_GENERIC_USAGE utility for tests (Joyee Cheung) #60434
  • [4a5d7a4c2a] - src: conditionally disable source phase imports by default (Shelley Vohr) #60364
  • [f437204491] - (SEMVER-MINOR) src: add watch config namespace (Marco Ippolito) #60178
  • [36837fa0f9] - src: use cached primordials_string (Sohyeon Kim) #60255
  • [df8396ad37] - src: replace Environment::GetCurrent with args.GetIsolate (Sohyeon Kim) #60256
  • [5dd670b2b9] - src: initial enablement of IsolateGroups (James M Snell) #60254
  • [afdb362933] - src: use Utf8Value and TwoByteValue instead of V8 helpers (Anna Henningsen) #60244
  • [a40e533e72] - src: add a default branch for module phase (Chengzhong Wu) #60261
  • [42729f07ee] - src: stop using deprecated v8::Context::GetIsolate (MichaΓ«l Zasso) #60223
  • [7a6542c205] - test: skip failing test on macOS 15.7+ (Antoine du Hamel) #60419
  • [[29a5855a4f](https://github.com/...
Read more

2025-10-28, Version 24.11.0 'Krypton' (LTS), @richardlau

Choose a tag to compare

@richardlau richardlau released this 28 Oct 17:45
v24.11.0
3a6b2fa

Notable Changes

This release marks the transition of Node.js 24.x into Long Term Support (LTS)
with the codename 'Krypton'. It will continue to receive updates through to
the end of April 2028.

Other than updating metadata, such as the process.release object, to reflect
that the release is LTS, no further changes from Node.js 24.10.0 are included.

Known issue

An issue has been identified in the Node.js 24.x line with Buffer.allocUnsafe
unintentionally returning zero-filled buffers. This API is
documented to return uninitialized memory.
The documented behavior will be restored in the next Node.js 24.x LTS release to bring
it back in line with previous releases. For more information, see
#60423.