cli: add NODE_USE_SYSTEM_CA=1 #59276
Merged
+113
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Review requested:
|
nodejs-github-bot
added
c++
8 tasks
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #59276 +/- ##
=======================================
Coverage 89.91% 89.91%
=======================================
Files 655 655
Lines 192866 192871 +5
Branches 37806 37803 -3
=======================================
+ Hits 173412 173420 +8
+ Misses 12015 12002 -13
- Partials 7439 7449 +10
🚀 New features to boost your workflow:
|
joyeecheung
force-pushed
the
use-system-ca-env
branch
from
c36531e to
8b0af5b
Compare
jasnell
reviewed
Jul 29, 2025
| const { child: { stdout: expectedLength } } = spawnSyncAndExitWithoutError(process.execPath, [ | ||
| '--use-system-ca', | ||
| '-p', | ||
| `tls.getCACertificates('default').length`, |
There was a problem hiding this comment.
super nit... just have a preference to avoid template literals when unnecessary. but feel free to ignore.
Suggested change
| `tls.getCACertificates('default').length`, | |
| 'tls.getCACertificates("default").length', |
There was a problem hiding this comment.
I have am impression that double quotes in an argument don't work very well on Windows. I could give it a try and see if it works though if the CI comes back happy I would prefer to use single quotes (AFAIK Windows does not do anything special with single quotes).
jasnell
approved these changes
Jul 29, 2025
|
Why not NODE_OPTIONS? That env var was specifically introduced to counter new environment variables getting introduced for every single little feature. |
Ethan-Arrowood
approved these changes
Jul 29, 2025
NODE_OPTIONS may not work so well when working with workers: #41103 - if workers controlled by another party need to override a feature to be inherited by other workers, then overriding the setting requires argument parsing on the env var, and they need to be careful to filter out arguments not supported per-worker. It would also be more consistent with the offering of NODE_USE_ENV_PROXY/--use-env-proxy which tend to be where NODE_USE_SYSTEM_CA/--use-system-ca would also be needed. |
github-actions
bot
removed
the
request-ci
joyeecheung
commented
Jul 30, 2025
| @@ -0,0 +1,56 @@ | |||
| // Env: NODE_USE_SYSTEM_CA=1 | |||
There was a problem hiding this comment.
FYI @pmarchini when using this feature (thanks for implementing it by the way) I noticed that it does not yet have integration in test/common/index.js like the one for Flags so that when you run the test directly with node /path/to/test.js without the specified environment variable, the process would automatically pause the evaluation and spawn a child process to run itself with the environment variable instead.
Lines 90 to 96 in 0fd1ecd
RaisinTen
approved these changes
Jul 30, 2025
This comment was marked as outdated.
This comment was marked as outdated.
joyeecheung
added
the
semver-minor
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
jasnell
reviewed
Aug 1, 2025
|
Added macros to fix the withoutssl builds. @jasnell @Ethan-Arrowood @RaisinTen can you take a look again? Thanks |
Ethan-Arrowood
approved these changes
Aug 5, 2025
jasnell
approved these changes
Aug 5, 2025
RaisinTen
approved these changes
Aug 6, 2025
|
Not quite sure why there is a new |
joyeecheung
force-pushed
the
use-system-ca-env
branch
from
181a476 to
f4e5a43
Compare
joyeecheung
force-pushed
the
use-system-ca-env
branch
from
eb8d8d9 to
d23c5e8
Compare
|
Not sure how but after the rebase the SEA tests started to fail on macOS x64. Trying to rebase again... |
|
CI is (finally) happy. This needs a re-approval after the rebase. @jasnell @legendecas @Ethan-Arrowood @RaisinTen Can you take a look again? Thanks! |
legendecas
approved these changes
Aug 10, 2025
joyeecheung
added
commit-queue
nodejs-github-bot
removed
the
commit-queue
|
Landed in ca76b39 |
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 11, 2025
Similar to how NODE_USE_ENV_PROXY complements --use-env-proxy, this complements --use-system-ca. This will allow the setting to be applied to workers individually in the future. PR-URL: #59276 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ethan Arrowood <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]>
nodejs-github-bot
added a commit
that referenced
this pull request
Aug 11, 2025
Notable changes: cli: * (SEMVER-MINOR) add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) #59276 crypto: * (SEMVER-MINOR) support ML-DSA KeyObject, sign, and verify (Filip Skokan) #59259 fs: * (SEMVER-MINOR) port SonicBoom module to fs module as Utf8Stream (James M Snell) #58897 http: * (SEMVER-MINOR) add server.keepAliveTimeoutBuffer option (Haram Jeong) #59243 lib: * docs deprecate _http_* (Sebastian Beltran) #59293 zlib: * (SEMVER-MINOR) add dictionary support to zstdCompress and zstdDecompress (lluisemper) #59240 PR-URL: #59449
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 12, 2025
Similar to how NODE_USE_ENV_PROXY complements --use-env-proxy, this complements --use-system-ca. This will allow the setting to be applied to workers individually in the future. PR-URL: #59276 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ethan Arrowood <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]>
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 12, 2025
Notable changes: cli: * (SEMVER-MINOR) add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) #59276 * (SEMVER-MINOR) add --use-env-proxy (Joyee Cheung) #59151 * (SEMVER-MINOR) support `${pid}` placeholder in --cpu-prof-name (Haram Jeong) #59072 crypto: * (SEMVER-MINOR) support ML-DSA KeyObject, sign, and verify (Filip Skokan) #59259 * (SEMVER-MINOR) add tls.setDefaultCACertificates() (Joyee Cheung) #58822 deps: * update archs files for openssl-3.5.1 (Node.js GitHub Bot) #59234 * upgrade openssl sources to openssl-3.5.1 (Node.js GitHub Bot) #59234 dns: * (SEMVER-MINOR) support max timeout (theanarkh) #58440 doc: * update the instruction on how to verify releases (Antoine du Hamel) #59113 esm: * (SEMVER-MINOR) unflag --experimental-wasm-modules (Guy Bedford) #57038 fs: * (SEMVER-MINOR) port SonicBoom module to fs module as Utf8Stream (James M Snell) #58897 http: * (SEMVER-MINOR) add server.keepAliveTimeoutBuffer option (Haram Jeong) #59243 http,https: * (SEMVER-MINOR) add built-in proxy support in http/https.request and Agent (Joyee Cheung) #58980 lib: * docs deprecate _http_* (Sebastian Beltran) #59293 net: * (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087 test: * (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980 worker: * (SEMVER-MINOR) add web locks api (ishabi) #58666 zlib: * (SEMVER-MINOR) add dictionary support to zstdCompress and zstdDecompress (lluisemper) #59240 PR-URL: #59449 Signed-off-by: RafaelGSS <[email protected]>
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 12, 2025
Notable changes: cli: * (SEMVER-MINOR) add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) #59276 * (SEMVER-MINOR) add --use-env-proxy (Joyee Cheung) #59151 * (SEMVER-MINOR) support `${pid}` placeholder in --cpu-prof-name (Haram Jeong) #59072 crypto: * (SEMVER-MINOR) support ML-DSA KeyObject, sign, and verify (Filip Skokan) #59259 * (SEMVER-MINOR) add tls.setDefaultCACertificates() (Joyee Cheung) #58822 deps: * update archs files for openssl-3.5.1 (Node.js GitHub Bot) #59234 * upgrade openssl sources to openssl-3.5.1 (Node.js GitHub Bot) #59234 dns: * (SEMVER-MINOR) support max timeout (theanarkh) #58440 doc: * update the instruction on how to verify releases (Antoine du Hamel) #59113 esm: * (SEMVER-MINOR) unflag --experimental-wasm-modules (Guy Bedford) #57038 fs: * (SEMVER-MINOR) port SonicBoom module to fs module as Utf8Stream (James M Snell) #58897 http: * (SEMVER-MINOR) add server.keepAliveTimeoutBuffer option (Haram Jeong) #59243 http,https: * (SEMVER-MINOR) add built-in proxy support in http/https.request and Agent (Joyee Cheung) #58980 lib: * docs deprecate _http_* (Sebastian Beltran) #59293 net: * (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087 test: * (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980 worker: * (SEMVER-MINOR) add web locks api (ishabi) #58666 zlib: * (SEMVER-MINOR) add dictionary support to zstdCompress and zstdDecompress (lluisemper) #59240 PR-URL: #59449 Signed-off-by: RafaelGSS <[email protected]>
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 12, 2025
Notable changes: cli: * (SEMVER-MINOR) add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) #59276 crypto: * (SEMVER-MINOR) support ML-DSA KeyObject, sign, and verify (Filip Skokan) #59259 fs: * (SEMVER-MINOR) port SonicBoom module to fs module as Utf8Stream (James M Snell) #58897 http: * (SEMVER-MINOR) add server.keepAliveTimeoutBuffer option (Haram Jeong) #59243 lib: * docs deprecate _http_* (Sebastian Beltran) #59293 zlib: * (SEMVER-MINOR) add dictionary support to zstdCompress and zstdDecompress (lluisemper) #59240 PR-URL: #59449 Signed-off-by: RafaelGSS <[email protected]>
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 14, 2025
Notable changes: cli: * (SEMVER-MINOR) add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) #59276 crypto: * (SEMVER-MINOR) support ML-DSA KeyObject, sign, and verify (Filip Skokan) #59259 fs: * (SEMVER-MINOR) port SonicBoom module to fs module as Utf8Stream (James M Snell) #58897 http: * (SEMVER-MINOR) add server.keepAliveTimeoutBuffer option (Haram Jeong) #59243 lib: * docs deprecate _http_* (Sebastian Beltran) #59293 zlib: * (SEMVER-MINOR) add dictionary support to zstdCompress and zstdDecompress (lluisemper) #59240 PR-URL: #59449 Signed-off-by: RafaelGSS <[email protected]>
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 14, 2025
Notable changes: cli: * (SEMVER-MINOR) add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) #59276 crypto: * (SEMVER-MINOR) support ML-DSA KeyObject, sign, and verify (Filip Skokan) #59259 fs: * (SEMVER-MINOR) port SonicBoom module to fs module as Utf8Stream (James M Snell) #58897 http: * (SEMVER-MINOR) add server.keepAliveTimeoutBuffer option (Haram Jeong) #59243 lib: * docs deprecate _http_* (Sebastian Beltran) #59293 zlib: * (SEMVER-MINOR) add dictionary support to zstdCompress and zstdDecompress (lluisemper) #59240 PR-URL: #59449 Signed-off-by: RafaelGSS <[email protected]>
meteorqz6
pushed a commit
to meteorqz6/node
that referenced
this pull request
Aug 15, 2025
Similar to how NODE_USE_ENV_PROXY complements --use-env-proxy, this complements --use-system-ca. This will allow the setting to be applied to workers individually in the future. PR-URL: nodejs#59276 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ethan Arrowood <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]>
meteorqz6
pushed a commit
to meteorqz6/node
that referenced
this pull request
Aug 15, 2025
Notable changes: cli: * (SEMVER-MINOR) add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) nodejs#59276 crypto: * (SEMVER-MINOR) support ML-DSA KeyObject, sign, and verify (Filip Skokan) nodejs#59259 fs: * (SEMVER-MINOR) port SonicBoom module to fs module as Utf8Stream (James M Snell) nodejs#58897 http: * (SEMVER-MINOR) add server.keepAliveTimeoutBuffer option (Haram Jeong) nodejs#59243 lib: * docs deprecate _http_* (Sebastian Beltran) nodejs#59293 zlib: * (SEMVER-MINOR) add dictionary support to zstdCompress and zstdDecompress (lluisemper) nodejs#59240 PR-URL: nodejs#59449 Signed-off-by: RafaelGSS <[email protected]>
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
Aug 16, 2025
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [node](https://nodejs.org) ([source](https://github.com/nodejs/node)) | minor | `24.5.0` -> `24.6.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v24.6.0`](https://github.com/nodejs/node/releases/tag/v24.6.0): 2025-08-14, Version 24.6.0 (Current), @​RafaelGSS [Compare Source](nodejs/node@v24.5.0...v24.6.0) ##### Notable Changes - \[[`471fe712b3`](nodejs/node@471fe712b3)] - **(SEMVER-MINOR)** **cli**: add NODE\_USE\_SYSTEM\_CA=1 (Joyee Cheung) [#​59276](nodejs/node#59276) - \[[`38aedfbf73`](nodejs/node@38aedfbf73)] - **(SEMVER-MINOR)** **crypto**: support ML-DSA KeyObject, sign, and verify (Filip Skokan) [#​59259](nodejs/node#59259) - \[[`201304537e`](nodejs/node@201304537e)] - **(SEMVER-MINOR)** **zlib**: add dictionary support to zstdCompress and zstdDecompress (lluisemper) [#​59240](nodejs/node#59240) - \[[`e79c93a5d0`](nodejs/node@e79c93a5d0)] - **(SEMVER-MINOR)** **http**: add server.keepAliveTimeoutBuffer option (Haram Jeong) [#​59243](nodejs/node#59243) - \[[`c144d69efc`](nodejs/node@c144d69efc)] - **lib**: docs deprecate \_http\_\* (Sebastian Beltran) [#​59293](nodejs/node#59293) - \[[`aeb4de55a7`](nodejs/node@aeb4de55a7)] - **(SEMVER-MINOR)** **fs**: port SonicBoom module to fs module as Utf8Stream (James M Snell) [#​58897](nodejs/node#58897) ##### Commits - \[[`f7484575ff`](nodejs/node@f7484575ff)] - **assert**: change utils to use index instead of for...of (방진혁) [#​59278](nodejs/node#59278) - \[[`269cd16185`](nodejs/node@269cd16185)] - **benchmark**: remove deprecated \_extend from benchmark (Rafael Gonzaga) [#​59228](nodejs/node#59228) - \[[`848e49c20b`](nodejs/node@848e49c20b)] - **benchmark**: add fs warmup to writefile-promises (Bruno Rodrigues) [#​59215](nodejs/node#59215) - \[[`8c609be1b1`](nodejs/node@8c609be1b1)] - **benchmark**: add calibrate-n script (Rafael Gonzaga) [#​59186](nodejs/node#59186) - \[[`6a3bf772d8`](nodejs/node@6a3bf772d8)] - **build**: fix node\_use\_sqlite for GN builds (Shelley Vohr) [#​59017](nodejs/node#59017) - \[[`471fe712b3`](nodejs/node@471fe712b3)] - **(SEMVER-MINOR)** **cli**: add NODE\_USE\_SYSTEM\_CA=1 (Joyee Cheung) [#​59276](nodejs/node#59276) - \[[`38aedfbf73`](nodejs/node@38aedfbf73)] - **(SEMVER-MINOR)** **crypto**: support ML-DSA KeyObject, sign, and verify (Filip Skokan) [#​59259](nodejs/node#59259) - \[[`a312e706cf`](nodejs/node@a312e706cf)] - **crypto**: prepare webcrypto key import/export for modern algorithms (Filip Skokan) [#​59284](nodejs/node#59284) - \[[`3a7c2c3a47`](nodejs/node@3a7c2c3a47)] - **deps**: update ada to 3.2.7 (Node.js GitHub Bot) [#​59336](nodejs/node#59336) - \[[`8d9ceeaf6a`](nodejs/node@8d9ceeaf6a)] - **deps**: update archs files for openssl-3.5.2 (Node.js GitHub Bot) [#​59371](nodejs/node#59371) - \[[`33b06df354`](nodejs/node@33b06df354)] - **deps**: upgrade openssl sources to openssl-3.5.2 (Node.js GitHub Bot) [#​59371](nodejs/node#59371) - \[[`fa70f1af77`](nodejs/node@fa70f1af77)] - **deps**: support madvise(3C) across ALL illumos revisions (Dan McDonald) [#​58237](nodejs/node#58237) - \[[`f834a6be59`](nodejs/node@f834a6be59)] - **deps**: update undici to 7.13.0 (Node.js GitHub Bot) [#​59338](nodejs/node#59338) - \[[`db2417487e`](nodejs/node@db2417487e)] - **deps**: update sqlite to 3.50.4 (Node.js GitHub Bot) [#​59337](nodejs/node#59337) - \[[`41978adb08`](nodejs/node@41978adb08)] - **deps**: V8: backport [`493cb53`](nodejs/node@493cb53691be) (Chengzhong Wu) [#​59238](nodejs/node#59238) - \[[`05667991ca`](nodejs/node@05667991ca)] - **deps**: V8: backport [`1c3e018`](nodejs/node@1c3e018e7d48) (Renegade334) [#​58818](nodejs/node#58818) - \[[`fd61588bb4`](nodejs/node@fd61588bb4)] - **doc**: rename x509.extKeyUsage to x509.keyUsage (Filip Skokan) [#​59332](nodejs/node#59332) - \[[`a271ae4360`](nodejs/node@a271ae4360)] - **doc**: fix Pbkdf2Params hash attribute heading (Filip Skokan) [#​59395](nodejs/node#59395) - \[[`72cfff165b`](nodejs/node@72cfff165b)] - **doc**: fix missing reference links for server.keepAliveTimeoutBuffer (Lee Jiho) [#​59356](nodejs/node#59356) - \[[`8341916772`](nodejs/node@8341916772)] - **doc**: fix grammar in global dispatcher usage (Eng Zer Jun) [#​59344](nodejs/node#59344) - \[[`e3e489706b`](nodejs/node@e3e489706b)] - **doc**: run license-builder (github-actions\[bot]) [#​59343](nodejs/node#59343) - \[[`46527e8cea`](nodejs/node@46527e8cea)] - **doc**: correct orthography `eg.` → `e.g.` (Jacob Smith) [#​59329](nodejs/node#59329) - \[[`d140c3713e`](nodejs/node@d140c3713e)] - **doc**: clarify the need of compiler compatible with c++20 (Rafael Gonzaga) [#​59297](nodejs/node#59297) - \[[`95e9cabf9d`](nodejs/node@95e9cabf9d)] - **doc**: clarify release candidate stability index (Filip Skokan) [#​59295](nodejs/node#59295) - \[[`a056dd36d2`](nodejs/node@a056dd36d2)] - **doc**: add WDYT to glossary (btea) [#​59280](nodejs/node#59280) - \[[`1e2c52f5c4`](nodejs/node@1e2c52f5c4)] - **doc**: add manpage entry for --use-system-ca (Joyee Cheung) [#​59273](nodejs/node#59273) - \[[`31a46fdeb4`](nodejs/node@31a46fdeb4)] - **doc**: add path.join and path.normalize clarification (Rafael Gonzaga) [#​59262](nodejs/node#59262) - \[[`cff3725ff9`](nodejs/node@cff3725ff9)] - **doc**: fix typo in `test/common/README.md` (Yoo) [#​59180](nodejs/node#59180) - \[[`31a9283591`](nodejs/node@31a9283591)] - **doc**: add note on process memoryUsage (fengmk2) [#​59026](nodejs/node#59026) - \[[`5a98bff6b8`](nodejs/node@5a98bff6b8)] - **doc**: format safely for `doc-kit` (Aviv Keller) [#​59229](nodejs/node#59229) - \[[`95b8b7ea5c`](nodejs/node@95b8b7ea5c)] - **domain**: remove deprecated API call (Alex Yang) [#​59339](nodejs/node#59339) - \[[`2990f178bd`](nodejs/node@2990f178bd)] - **fs**: fix glob TypeError on restricted dirs (Sylphy-0xd3ac) [#​58674](nodejs/node#58674) - \[[`e2fb4caf9c`](nodejs/node@e2fb4caf9c)] - **fs**: correct error message when FileHandle is transferred (Alex Yang) [#​59156](nodejs/node#59156) - \[[`aeb4de55a7`](nodejs/node@aeb4de55a7)] - **(SEMVER-MINOR)** **fs**: port SonicBoom module to fs module as Utf8Stream (James M Snell) [#​58897](nodejs/node#58897) - \[[`e79c93a5d0`](nodejs/node@e79c93a5d0)] - **(SEMVER-MINOR)** **http**: add server.keepAliveTimeoutBuffer option (Haram Jeong) [#​59243](nodejs/node#59243) - \[[`0fb005a53f`](nodejs/node@0fb005a53f)] - **http2**: set Http2Stream#sentHeaders for raw headers (Darshan Sen) [#​59244](nodejs/node#59244) - \[[`e055539604`](nodejs/node@e055539604)] - **lib**: add trace-sigint APIs (theanarkh) [#​59040](nodejs/node#59040) - \[[`d2183d860a`](nodejs/node@d2183d860a)] - **lib**: optimize writable stream buffer clearing (Yoo) [#​59406](nodejs/node#59406) - \[[`47543a7e17`](nodejs/node@47543a7e17)] - **lib**: handle windows reserved device names on UNC (Rafael Gonzaga) [#​59286](nodejs/node#59286) - \[[`c6911f0717`](nodejs/node@c6911f0717)] - **lib**: do not modify prototype deprecated asyncResource (RafaelGSS) [#​59195](nodejs/node#59195) - \[[`3c88b769bb`](nodejs/node@3c88b769bb)] - **lib**: restructure assert to become a class (Miguel Marcondes Filho) [#​58253](nodejs/node#58253) - \[[`e91b54df59`](nodejs/node@e91b54df59)] - **lib**: handle superscript variants on windows device (Rafael Gonzaga) [#​59261](nodejs/node#59261) - \[[`4ee467905d`](nodejs/node@4ee467905d)] - **lib**: use validateString (hotpineapple) [#​59296](nodejs/node#59296) - \[[`c144d69efc`](nodejs/node@c144d69efc)] - **lib**: docs deprecate \_http\_\* (Sebastian Beltran) [#​59293](nodejs/node#59293) - \[[`c89b67e681`](nodejs/node@c89b67e681)] - **lib**: add type names in source mapped stack traces (Chengzhong Wu) [#​58976](nodejs/node#58976) - \[[`5b2363be8d`](nodejs/node@5b2363be8d)] - **lib**: prefer AsyncIteratorPrototype primordial (René) [#​59097](nodejs/node#59097) - \[[`41b4f4d694`](nodejs/node@41b4f4d694)] - **meta**: clarify pr objection process further (James M Snell) [#​59096](nodejs/node#59096) - \[[`0eb5962f1e`](nodejs/node@0eb5962f1e)] - **meta**: add mailmap entry for aditi-1400 (Aditi) [#​59316](nodejs/node#59316) - \[[`a2b72c2304`](nodejs/node@a2b72c2304)] - **meta**: add tsc and build team as codeowners building.md (Rafael Gonzaga) [#​59298](nodejs/node#59298) - \[[`d69f3ee1e0`](nodejs/node@d69f3ee1e0)] - **meta**: add nodejs/path to path files (Rafael Gonzaga) [#​59289](nodejs/node#59289) - \[[`1e37eab865`](nodejs/node@1e37eab865)] - **node-api**: reword "implementation in an alternative VM" as implementable (Chengzhong Wu) [#​59036](nodejs/node#59036) - \[[`64add6302a`](nodejs/node@64add6302a)] - **src**: use simdjson to parse SEA configuration (Joyee Cheung) [#​59323](nodejs/node#59323) - \[[`e9c6636585`](nodejs/node@e9c6636585)] - **src**: mark realm leaf classes final (Anna Henningsen) [#​59355](nodejs/node#59355) - \[[`42ef8147d1`](nodejs/node@42ef8147d1)] - **src**: warn about FastOneByteString invalidation (James M Snell) [#​59275](nodejs/node#59275) - \[[`8686b8037a`](nodejs/node@8686b8037a)] - **src**: remove unused DSAKeyExportJob (Filip Skokan) [#​59291](nodejs/node#59291) - \[[`1e5f632666`](nodejs/node@1e5f632666)] - **src**: use C++20 `contains()` method (iknoom) [#​59304](nodejs/node#59304) - \[[`22d4683cfe`](nodejs/node@22d4683cfe)] - **src**: added CHECK\_NOT\_NULL check for multiple eq\_wrap\_async (F3lixTheCat) [#​59267](nodejs/node#59267) - \[[`6a47ff4943`](nodejs/node@6a47ff4943)] - **src**: clear all linked module caches once instantiated (Chengzhong Wu) [#​59117](nodejs/node#59117) - \[[`33728cb4ca`](nodejs/node@33728cb4ca)] - **src**: add nullptr checks in `StreamPipe::New` (Burkov Egor) [#​57613](nodejs/node#57613) - \[[`4a907bdad1`](nodejs/node@4a907bdad1)] - **src**: add percentage support to --max-old-space-size (Asaf Federman) [#​59082](nodejs/node#59082) - \[[`7c189d4f55`](nodejs/node@7c189d4f55)] - **test**: deflake sequential/test-tls-session-timeout (Joyee Cheung) [#​59423](nodejs/node#59423) - \[[`fb0a6fb57f`](nodejs/node@fb0a6fb57f)] - **test**: exclude mock from coverage (Shima Ryuhei) [#​59348](nodejs/node#59348) - \[[`7e10f95f13`](nodejs/node@7e10f95f13)] - **test**: split test-fs-cp.js (Joyee Cheung) [#​59408](nodejs/node#59408) - \[[`41bcf5f659`](nodejs/node@41bcf5f659)] - **test**: update WPT resources,WebCryptoAPI,webstorage (Filip Skokan) [#​59311](nodejs/node#59311) - \[[`f9f3dc94cb`](nodejs/node@f9f3dc94cb)] - **test**: add known issue test for fs.cpSync dereference bug (James M Snell) [#​58941](nodejs/node#58941) - \[[`244d0c38a8`](nodejs/node@244d0c38a8)] - **test**: deflake stream-readable-to-web test (Ethan Arrowood) [#​58948](nodejs/node#58948) - \[[`564e604a1a`](nodejs/node@564e604a1a)] - **test**: make test-inspector-network-resource sequential (Shima Ryuhei) [#​59104](nodejs/node#59104) - \[[`7ab13b7477`](nodejs/node@7ab13b7477)] - **test**: don't use expose internals in test-http-outgoing-buffer.js (Meghan Denny) [#​59219](nodejs/node#59219) - \[[`319df3859a`](nodejs/node@319df3859a)] - **test,crypto**: skip unsupported ciphers (Shelley Vohr) [#​59388](nodejs/node#59388) - \[[`713c70c32a`](nodejs/node@713c70c32a)] - **test\_runner**: remove unused callee convertion (Alex Yang) [#​59221](nodejs/node#59221) - \[[`e4ca30e115`](nodejs/node@e4ca30e115)] - **tools**: disable nullability-completeness warnings (Michaël Zasso) [#​59392](nodejs/node#59392) - \[[`dab7f6b542`](nodejs/node@dab7f6b542)] - **tools**: check for std::vector\<v8::Local> in lint (Aditi) [#​58497](nodejs/node#58497) - \[[`7b94982eb0`](nodejs/node@7b94982eb0)] - **tools**: allow selecting test subsystems with numbers in their names (Darshan Sen) [#​59242](nodejs/node#59242) - \[[`16bbcd8881`](nodejs/node@16bbcd8881)] - **typings**: improve internal binding types (Nam Yooseong) [#​59351](nodejs/node#59351) - \[[`76bc4d659b`](nodejs/node@76bc4d659b)] - **typings**: improve internal binding types (Michaël Zasso) [#​59176](nodejs/node#59176) - \[[`eecd3272a6`](nodejs/node@eecd3272a6)] - **worker**: add name for worker (theanarkh) [#​59213](nodejs/node#59213) - \[[`84c3513ce2`](nodejs/node@84c3513ce2)] - **worker**: implements nits in Web Locks code (Antoine du Hamel) [#​59270](nodejs/node#59270) - \[[`bd68fbd753`](nodejs/node@bd68fbd753)] - **worker**: add cpuUsage for worker (theanarkh) [#​59177](nodejs/node#59177) - \[[`201304537e`](nodejs/node@201304537e)] - **(SEMVER-MINOR)** **zlib**: add dictionary support to zstdCompress and zstdDecompress (lluisemper) [#​59240](nodejs/node#59240) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS43MS4wIiwidXBkYXRlZEluVmVyIjoiNDEuNzEuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiUmVub3ZhdGUgQm90Il19-->
panva
pushed a commit
to panva/node
that referenced
this pull request
Aug 18, 2025
Notable changes: cli: * (SEMVER-MINOR) add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) nodejs#59276 crypto: * (SEMVER-MINOR) support ML-DSA KeyObject, sign, and verify (Filip Skokan) nodejs#59259 fs: * (SEMVER-MINOR) port SonicBoom module to fs module as Utf8Stream (James M Snell) nodejs#58897 http: * (SEMVER-MINOR) add server.keepAliveTimeoutBuffer option (Haram Jeong) nodejs#59243 lib: * docs deprecate _http_* (Sebastian Beltran) nodejs#59293 zlib: * (SEMVER-MINOR) add dictionary support to zstdCompress and zstdDecompress (lluisemper) nodejs#59240 PR-URL: nodejs#59449 Signed-off-by: RafaelGSS <[email protected]>
aduh95
pushed a commit
that referenced
this pull request
Aug 21, 2025
Similar to how NODE_USE_ENV_PROXY complements --use-env-proxy, this complements --use-system-ca. This will allow the setting to be applied to workers individually in the future. PR-URL: #59276 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ethan Arrowood <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]>
aduh95
pushed a commit
that referenced
this pull request
Aug 21, 2025
Similar to how NODE_USE_ENV_PROXY complements --use-env-proxy, this complements --use-system-ca. This will allow the setting to be applied to workers individually in the future. PR-URL: #59276 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ethan Arrowood <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Similar to how NODE_USE_ENV_PROXY complements --use-env-proxy, this
complements --use-system-ca. This will allow the setting to be
applied to workers individually in the future.