Update docker minor+patch+digest updates #76
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Thilawyn/website#76
Reference in New Issue
Block a user
Delete Branch "renovate/docker-minor-patch-digest"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This PR contains the following updates:
793c871→fab4d86cfe9b6a→bce213322.21.1-trixie-slim→22.22.1-trixie-slim22.21.1→22.22.11.3.4→1.3.101.3.4→1.3.10v3.8.0→v3.10.0Release Notes
nodejs/node (node)
v22.22.1: 2026-03-05, Version 22.22.1 'Jod' (LTS)Compare Source
Notable Changes
7b93a65f27] - build: test on Python 3.14 (Christian Clauss) #599836063d888fe] - cli: mark--heapsnapshot-near-heap-limitas stable (Joyee Cheung) #60956d950b151a2] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #614194f42f8c428] - crypto: update root certificates to NSS 3.117 (Node.js GitHub Bot) #60741b6ebf2cd53] - doc: add avivkeller to collaborators (Aviv Keller) #6111535854f424d] - doc: add gurgunday to collaborators (Gürgün Dayıoğlu) #610945c6a076e5d] - meta: add Renegade334 to collaborators (Renegade334) #60714Commits
5f773488c2] - assert: use a set instead of an array for faster lookup (Ruben Bridgewater) #61076feecbb0eab] - assert,util: fix deep comparison for sets and maps with mixed types (Ruben Bridgewater) #61388096095b127] - benchmark: add SQLite benchmarks (Guilherme Araújo) #61401b5fe481415] - benchmark: use boolean options in benchmark tests (SeokhunEom) #60129fa9faacacb] - benchmark: allow boolean option values (SeokhunEom) #60129ba8714ac21] - benchmark: fix incorrect base64 input in byteLength benchmark (semimikoh) #6084153596de876] - benchmark: use typescript for import cjs benchmark (Joyee Cheung) #60663e8930e9d7c] - benchmark: focus on import.meta intialization in import-meta benchmark (Joyee Cheung) #606031155e412b1] - benchmark: add per-suite setup option (Joyee Cheung) #60574e01903d304] - benchmark: improve cpu.sh for safety and usability (Nam Yooseong) #60162623a405747] - benchmark: add benchmark for leaf source text modules (Joyee Cheung) #602057f5e7b9f7f] - benchmark: add microbench on isInsideNodeModules (Chengzhong Wu) #60991db132b85a8] - bootstrap: initialize http proxy after user module loader setup (Joyee Cheung) #5893866aab9f987] - buffer: let Buffer.of use heap (Сковорода Никита Андреевич) #60503c3cf00c671] - buffer: speed up concat via TypedArray#set (Gürgün Dayıoğlu) #60399f6fad231e9] - build: skip sscache action on non-main branches (Joyee Cheung) #617902145f91f6b] - build: update android-patches/trap-handler.h.patch (Mo Luo) #603695b49759dd8] - build: update devcontainer.json to use paired nix env (Joyee Cheung) #6141424724cde40] - build: fix misplaced comma in ldflags (hqzing) #61294c57a19934e] - build: fix crate vendor file checksums on windows (Chengzhong Wu) #613298659d7cd07] - build: fix inconsistent quoting inMakefile(Antoine du Hamel) #6051144f339b315] - build: remove temporal updater (Chengzhong Wu) #61151d60a6cebd5] - build: update test-wpt-report to use NODE instead of OUT_NODE (Filip Skokan) #6102434ccf187f5] - build: skip build-ci on actions with a separate test step (Chengzhong Wu) #610737b19e101a2] - build: run embedtest with node_g when BUILDTYPE=Debug (Chengzhong Wu) #608509408c4459f] - build: upgrade Python linter ruff, add rules ASYNC,PERF (Christian Clauss) #599842166ec7f0f] - build: use call command when calling python configure (Jacob Nichols) #6009873ef70145d] - build: remove V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE defs (Joyee Cheung) #602967b93a65f27] - build: test on Python 3.14 (Christian Clauss) #59983508ce6ec6c] - build, src: fix include paths for vtune files (Rahul) #59999c89d3cd570] - build,tools: fix addon build deadlock on errors (Vladimir Morozov) #6132140904a0591] - build,win: update WinGet configurations to Python 3.14 (Mike McCready) #614316d6742e7db] - child_process: treat ipc length header as unsigned uint32 (Ryuhei Shima) #613446063d888fe] - cli: mark --heapsnapshot-near-heap-limit as stable (Joyee Cheung) #609563d324a0f88] - cluster: fix port reuse between cluster (Ryuhei Shima) #6014140a58709b4] - console: optimize single-string logging (Gürgün Dayıoğlu) #60422d950b151a2] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #614194f42f8c428] - crypto: update root certificates to NSS 3.117 (Node.js GitHub Bot) #60741a87499ae25] - crypto: ensure documented RSA-PSS saltLength default is used (Filip Skokan) #606628c65cc11e2] - crypto: update root certificates to NSS 3.116 (Node.js GitHub Bot) #5995691dc00a2c1] - debugger: fix event listener leak in the run command (Joyee Cheung) #604640781bd3764] - deps: V8: backport6a0a25a(Vivian Wang) #616880cf1f9c3e9] - deps: update googletest to8508785(Node.js GitHub Bot) #61417521b4b1f07] - deps: update sqlite to 3.51.2 (Node.js GitHub Bot) #6133958b9d219a3] - deps: update icu to 78.2 (Node.js GitHub Bot) #60523cbc1e4306d] - deps: update zlib to 1.3.1-e00f703 (Node.js GitHub Bot) #61135db59c35ed8] - deps: update cjs-module-lexer to 2.2.0 (Node.js GitHub Bot) #61271c18518ee3c] - deps: update nbytes to 0.1.2 (Node.js GitHub Bot) #61270376df62d63] - deps: update timezone to 2025c (Node.js GitHub Bot) #61138993e905302] - deps: update simdjson to 4.2.4 (Node.js GitHub Bot) #61056b72fd2a5d3] - deps: update googletest to065127f(Node.js GitHub Bot) #61055d765147405] - deps: update sqlite to 3.51.1 (Node.js GitHub Bot) #6089937abe2a7d2] - deps: update zlib to 1.3.1-63d7e16 (Node.js GitHub Bot) #6089897241fcb86] - deps: update sqlite to 3.51.0 (Node.js GitHub Bot) #606143669c7b4f4] - deps: update simdjson to 4.2.2 (Node.js GitHub Bot) #607409a056ec89c] - deps: update googletest to1b96fa1(Node.js GitHub Bot) #60739b5803b3ea0] - deps: update minimatch to 10.1.1 (Node.js GitHub Bot) #605435bf99f3d46] - deps: update cjs-module-lexer to 2.1.1 (Node.js GitHub Bot) #60646801f187357] - deps: update simdjson to 4.2.1 (Node.js GitHub Bot) #6064403c16e5a4c] - deps: update simdjson to 4.1.0 (Node.js GitHub Bot) #605422ebfc2ca56] - deps: update amaro to 1.1.5 (Node.js GitHub Bot) #60541d24ba4fed6] - deps: update simdjson to 4.0.7 (Node.js GitHub Bot) #598839480a139bf] - deps: update googletest to279f847(Node.js GitHub Bot) #60219635e67379e] - deps: update archs files for openssl-3.5.5 (Node.js GitHub Bot) #61547c7b774047d] - deps: upgrade openssl sources to openssl-3.5.5 (Node.js GitHub Bot) #615475b324d7d7f] - deps: update corepack to 0.34.6 (Node.js GitHub Bot) #61510eef8ba0667] - deps: update corepack to 0.34.5 (Node.js GitHub Bot) #60842490f7c7fb1] - deps: update corepack to 0.34.4 (Node.js GitHub Bot) #6064366903ea3b3] - deps: update corepack to 0.34.2 (Node.js GitHub Bot) #60550a2f0b69282] - deps: update corepack to 0.34.1 (Node.js GitHub Bot) #60314c8044a48a6] - deps: V8: backport2e4c5cf(Michaël Zasso) #60654642f518198] - doc: supported toolchain with Visual Studio 2022 only (Mike McCready) #61451625f674487] - doc: move Security-Team from TSC to SECURITY (Rafael Gonzaga) #61495029e32f8ba] - doc: addedrequestOCSPoption totls.connect(ikeyan) #6106468e33dfa89] - doc: restore @ChALkeR to collaborators (Сковорода Никита Андреевич) #61553e016770d62] - doc: update IBM/Red Hat volunteers with dedicated project time (Beth Griggs) #61588ec63954657] - doc: mention constructor comparison in assert.deepStrictEqual (Hamza Kargin) #60253c8e1563a98] - doc: add CVE delay mention (Rafael Gonzaga) #614654b00cf2b54] - doc: include OpenJSF handle for security stewards (Rafael Gonzaga) #614544b73bf5bc8] - doc: clarify process.argv[1] behavior for -e/--eval (Jeevankumar S) #61366d3151df4b3] - doc: remove Windows Dev Home instructions from BUILDING (Mike McCready) #614342323462e35] - doc: clarify TypedArray properties on Buffer (Roman Reiss) #613556c5478c8b2] - doc: note resume build should not be done on node-test-commit (Stewart X Addison) #61373ba4a043103] - doc: refine WebAssembly error documentation (sangwook) #61382cd315ea589] - doc: add deprecation history for url.parse (Eng Zer Jun) #6138942db0c392d] - doc: add marco and rafael in last sec release (Marco Ippolito) #613834c3b680fc7] - doc: packages: example of private import switch to internal (coderaiser) #61343684d15e421] - doc: add esm and cjs examples to node:v8 (Alfredo González) #61328c3f9c7a7d9] - doc: added 'secure' event to tls.TLSSocket (ikeyan) #61066aa9acad5ca] - doc: restore @watilde to collaborators (Daijiro Wachi) #613509cafec084e] - doc: run license-builder (github-actions[bot]) #61348cdb12ccbc6] - doc: document ALPNCallback option for TLSSocket constructor (ikeyan) #61331461c5e65c5] - doc: update MDN links (Livia Medeiros) #61062dde45baeab] - doc: add documentation for process.traceProcessWarnings (Alireza Ebrahimkhani) #5364159a7aeec92] - doc: fix filename typo (Hardanish Singh) #612979a0a40d1ed] - doc: fix typos and grammar inBUILDING.md&onboarding.md(Hardanish Singh) #61267dca7005f9d] - doc: mention --newVersion release script (Rafael Gonzaga) #61255c0dc8ddf85] - doc: correct typo in api contributing doc (Mike McCready) #61260066af38fe1] - doc: add PR-URL requirement for security backports (Rafael Gonzaga) #6125671dd46bd0c] - doc: add reusePort error behavior to net module (mag123c) #61250f6abe3ba33] - doc: note corepack package removal in distribution doc (Mike McCready) #612079059d49d8c] - doc: fix tls.connect() timeout documentation (Azad Gupta) #61079e7b34b76b0] - doc: missingpassed,errorandpassedproperties onTestContext(Xavier Stouder) #611859ae2dcfbb6] - doc: clarify threat model for application-level API exposure (Rafael Gonzaga) #611849902331a7c] - doc: correct options for net.Socket class and socket.connect (Xavier Stouder) #61179a80122d2fe] - doc: document error event on readline InterfaceConstructor (Xavier Stouder) #6117038d73c9cfa] - doc: add a smooth scrolling effect to the sidebar (btea) #5900795c51fa984] - doc: correct invalid collaborator profile (JJ) #61091f5a044763c] - doc: exclude compile-time flag features from security policy (Matteo Collina) #61109b6ebf2cd53] - doc: add @avivkeller to collaborators (Aviv Keller) #6111535854f424d] - doc: add gurgunday to collaborators (Gürgün Dayıoğlu) #610944932322c29] - doc: add File modes cross-references in fs methods (Mohit Raj Saxena) #60286c84904e047] - doc: add missingzstdto mjs example of zlib (Deokjin Kim) #60915e615b9e2f2] - doc: clarify fileURLToPath security considerations (Rafael Gonzaga) #6088799e384e6d4] - doc: replace column with columnNumber in example ofutil.getCallSites(Deokjin Kim) #608819351bb4d02] - doc: correct spelling in BUILDING.md (Rich Trott) #60875e1f6e7fc4d] - doc: update debuglog examples to use 'foo-bar' instead of 'foo' (xiaoyao) #60867ccbb2d7300] - doc: fix typos in changelogs (Rich Trott) #608551cb2fe8b35] - doc: mark module.register as active development (Chengzhong Wu) #60849ceeb4968a6] - doc: add fullName property to SuiteContext (PaulyBearCoding) #6076256155909dd] - doc: keep sidebar module visible when navigating docs (Botato) #604106b637763d5] - doc: correct concurrency wording in test() documentation (Azad Gupta) #607737183e8ffa1] - doc: clarify that CQ only picks up PRs targetingmain(René) #60731d5d94303be] - doc: clarify license section and add contributor note (KaleruMadhu) #60590e0210c8f53] - doc: correct tls ALPNProtocols types (René) #60143eff87b498a] - doc: remove mention of SMS 2FA (Antoine du Hamel) #60707e77ef94a51] - doc:domain.add()does not accept timer objects (René) #606754fe19c95ea] - doc: update Collaborators list to reflect hybrist handle change (Antoine du Hamel) #60650eece59b6ce] - doc: fix linter issues (Antoine du Hamel) #606366e17e596e4] - doc: correct values/references for buffer.kMaxLength (René) #60305ac327ae9a7] - doc: recommend events.once to manage 'close' event (Dan Fabulich) #60017d9b149ea42] - doc: highlight module loading difference between import and require (Ajay A) #59815f6d62cb22c] - doc: fix typo inprocess.unrefdocumentation (우혁) #596986d5078b196] - doc: add some entries toglossary.md(Mohataseem Khan) #59277b0a5820dea] - doc: improve agent.createConnection docs for http and https agents (JaeHo Jang) #58205b5db02fe67] - doc: fix pseudo code in modules.md (chirsz) #57677e9b912d481] - doc: add missing variable in code snippet (Koushil Mankali) #5547844c06c7812] - doc: add missing word insingle-executable-applications.md(Konstantin Tsabolov) #53864482b43f160] - doc: fix typo in http.md (Michael Solomon) #59354cd323bc718] - doc: update devcontainer.json and add documentation (Joyee Cheung) #60472c7c70f3a16] - doc: add haramj as triager (Haram Jeong) #6034804b8c4d14e] - doc: clarify require(esm) description (dynst) #60520de382dc832] - doc: instantiate resolver object (Donghoon Nam) #60476b6845ce460] - doc: clarify --use-system-ca support status (Joyee Cheung) #603400894dae9bc] - doc: add missing CAA type to dns.resolveAny() & dnsPromises.resolveAny() (Jimmy Leung) #58899c86a69f692] - doc: useanyforworker_threads.Worker'error' event argumenterr(Jonas Geiler) #603000c5031e233] - doc: update decorator documentation to reflect actual policy (Muhammad Salman Aziz) #60288b01f710175] - doc: document wildcard supported by tools/test.py (Joyee Cheung) #60265b4524dabcc] - doc: fixblob.bytes()heading level (XTY) #602525df02776e3] - doc: fix not working code example in vm docs (Artur Gawlik) #602246a4359a0b5] - doc: improve code snippet alternative of url.parse() using WHATWG URL (Steven) #60209ad06bee70d] - doc: use markdown when branch-diff major release (Rafael Gonzaga) #60179c0d4b11ed4] - doc: update teams in collaborator-guide.md and add links (Bart Louwers) #6006520b5ffcac3] - doc: update previous version links in BUILDING (Mike McCready) #61457de345ea3a3] - doc: correct description oferror.stackaccessor behavior (René) #61090d8418d9de7] - doc: fix link in--env-file=filesection (N. Bighetti) #605631107bda21e] - doc: fix v22 changelog after security release (Marco Ippolito) #6137142aab9469a] - doc: add missing history entry forsqlite.md(Antoine du Hamel) #60607deb6d5deff] - doc, module: change async customization hooks to experimental (Gerhard Stöbich) #60302c659add7d1] - doc,src,lib: clarify experimental status of Web Storage support (Antoine du Hamel) #60708dda95e91b9] - esm: avoid throw when module specifier is not url (Craig Macomber (Microsoft)) #61000912945be89] - events: remove redundant todo (Gürgün Dayıoğlu) #6059522e156eb10] - events: remove eventtarget custom inspect branding (Efe) #61128df6fd9b03f] - fs: remove duplicate getValidatedPath calls (Mert Can Altin) #613596ea3e4d850] - fs: fix errorOnExist behavior for directory copy in fs.cp (Nicholas Paun) #60946dd918b9980] - fs: fix ENOTDIR in globSync when file is treated as dir (sangwook) #612594908e67ba0] - fs: remove duplicate fd validation in sync functions (Mert Can Altin) #613614a27bce3d9] - fs: detect dot files when using globstar (Robin van Wijngaarden) #61012b0186ff65c] - fs: validate statfs path (Efe) #612306689775023] - gyp: aix: change gcc version detection so CXX="ccache g++" works (Stewart X Addison) #614645c4f4db663] - http: fix rawHeaders exceeding maxHeadersCount limit (Max Harari) #612857599e2eccd] - http: replace startsWith with strict equality (btea) #5939499a85213bf] - http: lazy allocate cookies array (Robert Nagy) #597347669e6a5ad] - http: fix http client leaky with double response (theanarkh) #60062f074c126a8] - http,https: fix double ERR_PROXY_TUNNEL emission (Shima Ryuhei) #60699d8ac368363] - http2: add diagnostics channels for client stream request body (Darshan Sen) #60480e26a7e464d] - http2: rename variable to additionalPseudoHeaders (Tobias Nießen) #602085df634f46e] - http2: validate initialWindowSize per HTTP/2 spec (Matteo Collina) #614022ccc9a6205] - http2: do not crash on mismatched ping buffer length (René) #601353e68a5f78a] - inspector: inspect HTTP response body (Chengzhong Wu) #60572a86ffa9a5d] - inspector: add network payload buffer size limits (Chengzhong Wu) #60236ea60ef5d74] - lib: fix typo inutil.jscomment (Taejin Kim) #613659d8d9322a4] - lib: fix TypeScript support check in jitless mode (sangwook) #61382fc26f5c78f] - lib: gbk decoder is gb18030 decoder per spec (Сковорода Никита Андреевич) #610993b87030012] - lib: enforce use ofURLParse(Antoine du Hamel) #610162a7479d4fc] - lib: useFastBufferfor empty buffer allocation (Gürgün Dayıoğlu) #605587cf4c43582] - lib: fix constructor in _errnoException stack tree (SeokHun) #60156f9d87fbfaa] - lib: fix typo in QuicSessionStats (SeokHun) #601558d26ccc652] - lib: remove redundant destroyHook checks (Gürgün Dayıoğlu) #60120705832a1be] - lib,src: isInsideNodeModules should test on the first non-internal frame (Chengzhong Wu) #609916f39ad190b] - meta: do not fast-track npm updates (Antoine du Hamel) #61475a6a0ff9486] - meta: fix typos in issue template config (Daijiro Wachi) #61399ec88c9b378] - meta: label v8 module PRs (René) #6132583143835de] - meta: bump step-security/harden-runner from 2.13.2 to 2.14.0 (dependabot[bot]) #612450802dc663a] - meta: bump actions/setup-node from 6.0.0 to 6.1.0 (dependabot[bot]) #61244587db55796] - meta: bump actions/cache from 4.3.0 to 5.0.1 (dependabot[bot]) #61243262c9d37a6] - meta: bump github/codeql-action from 4.31.6 to 4.31.9 (dependabot[bot]) #61241d9763b5afd] - meta: bump codecov/codecov-action from 5.5.1 to 5.5.2 (dependabot[bot]) #612400af73d1811] - meta: bump peter-evans/create-pull-request from 7.0.9 to 8.0.0 (dependabot[bot]) #612378be6afd239] - meta: move lukekarrys to emeritus (Node.js GitHub Bot) #60985c497de5c74] - meta: bump actions/setup-python from 6.0.0 to 6.1.0 (dependabot[bot]) #60927774920f169] - meta: bump github/codeql-action from 4.31.3 to 4.31.6 (dependabot[bot]) #60926ef3b1e5991] - meta: bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 (dependabot[bot]) #609243ed667379f] - meta: bump github/codeql-action from 4.31.2 to 4.31.3 (dependabot[bot]) #607707c0cefb126] - meta: bump step-security/harden-runner from 2.13.1 to 2.13.2 (dependabot[bot]) #607695c6a076e5d] - meta: add Renegade334 to collaborators (Renegade334) #607144f4dda2a18] - meta: bump actions/download-artifact from 5.0.0 to 6.0.0 (dependabot[bot]) #60532c436f8d57c] - meta: bump actions/upload-artifact from 4.6.2 to 5.0.0 (dependabot[bot]) #60531402d9f87a6] - meta: bump github/codeql-action from 3.30.5 to 4.31.2 (dependabot[bot]) #6053361be78e326] - meta: bump actions/setup-node from 5.0.0 to 6.0.0 (dependabot[bot]) #605297e4164a623] - meta: bump actions/stale from 10.0.0 to 10.1.0 (dependabot[bot]) #605281bf6e1d010] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #60325c66fc0e9cf] - meta: loop userland-migrations in deprecations (Chengzhong Wu) #60299e4be0791e7] - meta: callcreate-release-post.ymlpost release (Aviv Keller) #603668674f6527f] - module: preserve URL in the parent created by createRequire() (Joyee Cheung) #6097441db87a975] - msi: fix WiX warnings (Stefan Stojanovic) #60251884f313f40] - node-api: use Node-API in comments (Vladimir Morozov) #61320375164190b] - node-api: use local files for instanceof test (Vladimir Morozov) #60190972a1107c0] - os: freeze signals constant (Xavier Stouder) #61038e992057ab7] - perf_hooks: fix stack overflow error (Antoine du Hamel) #600840bb1814fdf] - repl: fix pasting after moving the cursor to the left (Ruben Bridgewater) #6047035a12fb996] - src: replaceranges::sortfor libc++13 compatibility on armhf (Rebroad) #61789dbf00d4664] - src: add missing override specifier to Clean() (Tobias Nießen) #61429140eba35d3] - src: cache context lookup in vectored io loops (Mert Can Altin) #6138793e7e1708b] - src: use C++ nullptr in webstorage (Tobias Nießen) #61407ef868447bc] - src: fix pointer alignment (jhofstee) #61336a96256524c] - src: dump snapshot source with node:generate_default_snapshot_source (Joyee Cheung) #61101ec051b9efd] - src: add HandleScope to edge loop in heap_utils (Mert Can Altin) #6088541749eb5d6] - src: remove redundant CHECK (Tobias Nießen) #6113057c81e5af3] - src: fix off-thread cert loading in bundled cert mode (Joyee Cheung) #607644b0616e024] - src: handle DER decoding errors from system certificates (Joyee Cheung) #6078793393371f9] - src: use static_cast instead of C-style cast (Michaël Zasso) #60868900445b655] - src: move Node-API version detection to where it is used (Anna Henningsen) #605128353a6da2a] - src: avoid C strings in more C++ exception throws (Anna Henningsen) #6059227c860c51f] - src: movenapi_addon_register_functonode_api_types.h(Anna Henningsen) #60512e0517752e7] - src: remove unconditional NAPI_EXPERIMENTAL in node.h (Chengzhong Wu) #6034521e2a52f8e] - src: clean up generic counter implementation (Anna Henningsen) #60447aed23cb8ca] - src: add enum handle for ToStringHelper + formatting (Burkov Egor) #568292e93650ebc] - src: fix timing of snapshot serialize callback (Joyee Cheung) #60434ece4acc18f] - src: add COUNT_GENERIC_USAGE utility for tests (Joyee Cheung) #6043431c8e9d9ff] - src: use cached primordials_string (Sohyeon Kim) #602557f0ffddc14] - src: implement Windows-1252 encoding support and update related tests (Mert Can Altin) #60893c2ba56d6b2] - src,permission: fix permission.has on empty param (Rafael Gonzaga) #60674e55a2b895a] - src,permission: add debug log on is_tree_granted (Rafael Gonzaga) #60668902a78b43c] - stream: fix isErrored/isWritable for WritableStreams (René) #60905221b77cf41] - stream: don't try to read more if reading (Robert Nagy) #6045446d12d826f] - test: skip strace test with shared openssl (Richard Lau) #6198752e6b01a44] - test: marktest-strace-openat-opensslas flaky (Antoine du Hamel) #619214d7468d0e0] - test: skip --build-sea tests on platforms where SEA is flaky (Joyee Cheung) #61504f604b7ae67] - test: fix flaky debugger test (Ryuhei Shima) #58324fc2dc4024b] - test: ensure removeListener event fires for once() listeners (sangwook) #601375fba382816] - test: delay writing the files only on macOS (Luigi Pinca) #6153285cc9e20e4] - test: asserts that import.meta.resolve invokes sync loader hooks (Chengzhong Wu) #6115813831685ca] - test: check util.parseArgs argv parsing with actual process execution (René) #61089ec4b722cb8] - test: remove unneccessary repl magic_mode tests (Dario Piotrowicz) #610535c811106bc] - test: skip sea tests on riscv64 (Stewart X Addison) #611114e4a631c07] - test: mark stringbytes-external-max flaky on AIX (Stewart X Addison) #609959af0787043] - test: update test426 fixtures (Rich Trott) #60982277f16d247] - test: skip SEA inspect test if inspector is not available (Livia Medeiros) #608727dfa8c96bf] - test: useassert.matchfor non-literal regexp tests (René) #6087941e6cd8ce5] - test: fix embedtest in debug windows (Vladimir Morozov) #60806f65147b226] - test: fix debug test crashes caused by sea tests (Vladimir Morozov) #60807a93dff9e92] - test: replace deprecated regex test assertions in http trailers test (Aditya Chopra) #60831f90d5b954f] - test: prefer major GC in cppgc-object teardown (sangwook) #60672e1645cc78d] - test: skip test that cause timeout on IBM i (SRAVANI GUNDEPALLI) #607004f23eba22f] - test: limit the concurrency of WPTRunner for RISC-V (Levi Zim) #60591c2bef6522b] - test: fix test-strace-openat-openssl for RISC-V (Levi Zim) #605884c03a7f864] - test: fix status when compiled without inspector (Antoine du Hamel) #602892ef146a074] - test: apply a delay towatch-mode-kill-signaltests (Joyee Cheung) #60610dc3000c504] - test: async iife in repl (Tony Gorez) #448785e06e84db1] - test: parallelize sea tests when there's enough disk space (Joyee Cheung) #60604940d2752bc] - test: only show overridden env in child process failures (Joyee Cheung) #60556558a5743c6] - test: add more logs to test-esm-loader-hooks-inspect-wait (Joyee Cheung) #6046610fac8de45] - test: mark stringbytes-external-exceed-max tests as flaky on AIX (Joyee Cheung) #605658bc84046be] - test: correct conditional secure heap flags test (Shelley Vohr) #60385ccc805f184] - test: fix flaky test-watch-mode-kill-signal-* (Joyee Cheung) #604431b8274453d] - test: capture stack trace in debugger timeout errors (Joyee Cheung) #604579fcf889279] - test: ensure assertions are reachable intest/async-hooks(Antoine du Hamel) #601507f5230333e] - test: increase debugger waitFor timeout on macOS (Chengzhong Wu) #603670e5ea3b795] - test: fix small compile warning in test_network_requests_buffer.cc (xiaocainiao633) #60281012780c7e8] - test: split test-runner-watch-mode-kill-signal (Joyee Cheung) #60298b53d35a8f8] - test: fix incorrect calculation in test-perf-hooks.js (Joyee Cheung) #60271b8ef464c08] - test: skip sea tests on x64 macOS (Joyee Cheung) #60250a3c4d905da] - test: move sea tests into test/sea (Joyee Cheung) #6025080bec9fd07] - test: skip tests that cause timeouts on IBM i (SRAVANI GUNDEPALLI) #601481d05b44c7c] - test: deflake test-fs-promises-watch-iterator (Luigi Pinca) #600608958096840] - test: deflaketest-repl-paste-big-data(Livia Medeiros) #60975e261a59ca4] - test: add newstartNewREPLSevertesting utility (Dario Piotrowicz) #59964d4a2d8aa8a] - test: skip failing tests when compiled without amaro (Yuki Okita) #608150e407a88bb] - test: skip failing test on macOS 15.7+ (Antoine du Hamel) #60419a253b7b6dc] - tools: switch to ARM runners on GHA jobs (Antoine du Hamel) #619038862c41494] - tools: avoid building twice in coverage jobs (Antoine du Hamel) #618997d11a22802] - tools: use ubuntu-slim runner in GHA (Antoine du Hamel) #61759d0e7d6cb89] - tools: use ubuntu-slim runner in GHA (Antoine du Hamel) #61734cf5ddd1811] - tools: use ubuntu-latest runner innotify-on-pushworkflow (Antoine du Hamel) #6174218bcf8e260] - tools: use ubuntu-slim runner in meta GitHub Actions (Tierney Cyren) #61663db76733b55] - tools: update gyp-next to 0.21.1 (Node.js GitHub Bot) #615281dd9d8a3b2] - tools: fix vcbuild lint-js-build (Vladimir Morozov) #61318ec67f8f9b5] - tools: only report commit validation failure on Slack (Antoine du Hamel) #611248e385c8c66] - tools: use sparse-checkout in linter jobs (Antoine du Hamel) #61123aed2e9c8eb] - tools: simplifynotify-on-push(Antoine du Hamel) #6105032680feefb] - tools: fix update-nghttp2 signature verification (Richard Lau) #61035c5f68f41e6] - tools: improve log output ofcreate-release-proposal(Antoine du Hamel) #6102832e0ae0ec7] - tools: fixvcbuild testwhen path contain spaces (stduhpf) #564819e0858e4a2] - tools: do not runtest-linuxworkflow for changes onvcbuild.bat(Antoine du Hamel) #60979fd656a79fc] - tools: disable some new cpplint rules before update (Michaël Zasso) #60901df4df52e67] - tools: don't fetch V8 deps in the source tree (Richard Lau) #60883e5c2fe8d6d] - tools: add temporal updater (Chengzhong Wu) #608287f031e097e] - tools: dump config.gypi as json (Chengzhong Wu) #607945e69488a5a] - tools: bump js-yaml from 4.1.0 to 4.1.1 in /tools/lint-md (dependabot[bot]) #607815119c50931] - tools: bump js-yaml from 4.1.0 to 4.1.1 in /tools/doc in the doc group (dependabot[bot]) #60766a4b073123d] - tools: remove unsupportedcooldownfrom Dependabot config (Antoine du Hamel) #60747a3df6b87bb] - tools: update sccache to v0.12.0 (Michaël Zasso) #607232efbd54a4a] - tools: update gyp-next to 0.21.0 (Node.js GitHub Bot) #60645bb7876e4f9] - tools: replace invalid expression in dependabot config (Riddhi) #60649e444e44d6a] - tools: skip unaffected GHA jobs for changes intest/internet(Antoine du Hamel) #60517a6a0ec107c] - tools: do not use short hashes for deps versioning to avoid collision (Antoine du Hamel) #60407c6e2eed65f] - tools: fix update-icu script (Michaël Zasso) #6052176fb3d123b] - tools: fix linter for semver-major release proposals (Antoine du Hamel) #60481f02889e24e] - tools: fix failing release-proposal linter for LTS transitions (Antoine du Hamel) #604658203df4432] - tools: remove undici from daily wpt.fyi job (Filip Skokan) #60444a58242b666] - tools: add lint rule to ensure assertions are reached (Antoine du Hamel) #6012558e3ef398f] - tools: update gyp-next to 0.20.5 (Node.js GitHub Bot) #60313996494482a] - tools: optimize wildcard execution in tools/test.py (Joyee Cheung) #60266cf84756d0d] - tools: use cooldown property correctly (Rafael Gonzaga) #601345469cb2651] - tools: validate release commit diff as part oflint-release-proposal(Antoine du Hamel) #614401b9eab4a1c] - tools,doc: fix format-md files list (Stefan Stojanovic) #61147b20d9c2ce7] - tools,doc: update JavaScript primitive types to match MDN Web Docs (JustApple) #6058131760b1beb] - typings: add typing for string_decoder (Taejin Kim) #61368d6b908917c] - typings: add missing properties and method in Worker (Woohyun Sung) #602571e8b6d5686] - typings: add missing properties in HTTPParser (Woohyun Sung) #6025727ae9b4a26] - typings: delete undefined property in ConfigBinding (Woohyun Sung) #60257f43c6434e2] - typings: add buffer internalBinding typing (방진혁) #60163e7f954f63a] - url: add fast path to getPathFromURL decoder (Gürgün Dayıoğlu) #60749c149b64473] - url: remove array.reduce usage (Gürgün Dayıoğlu) #607480bd291bff1] - util: optimize toASCIILower function using V8s native toLowerCase (Mert Can Altin) #61107bbc54b3c96] - util: limitinspectto only show own properties (Ruben Bridgewater) #6103278e5fa23c4] - util: fix parseArgs skipping positional arg with --eval and --print (azadgupta1) #60814f75ec19105] - util: assert getCallSites does not invoke Error.prepareStackTrace (Chengzhong Wu) #60922d77da9306c] - util: fix stylize of special properties in inspect (Ge Gao) #604793a4edc8f6d] - util: use more defensive code when inspecting error objects (Antoine du Hamel) #6013925c33af752] - util: mark special properties when inspecting them (Ruben Bridgewater) #601313f98b46716] - vm: make vm.Module.evaluate() conditionally synchronous (Joyee Cheung) #60205f64a691493] - win: upgrade Visual Studio workload from 2019 to 2022 (Jiawen Geng) #603188e04327954] - worker: update code examples fornode:worker_threadsmodule (fisker Cheung) #58264c4440dcc60] - worker: remove not implemented declarations (Artur Gawlik) #60655df4cc62954] - zlib: validate write_result array length (Ryuhei Shima) #61342v22.22.0: 2026-01-13, Version 22.22.0 'Jod' (LTS), @marco-ippolitoCompare Source
This is a security release.
Notable Changes
lib:
lib,permission:
src:
src,lib:
tls:
Commits
6badf4e6f4] - deps: update c-ares to v1.34.6 (Node.js GitHub Bot) #6099737509c3ff0] - deps: update undici to 6.23.0 (Matteo Collina) nodejs-private/node-private#791eb8e41f8db] - (CVE-2025-59465) lib: add TLSSocket default error handler (RafaelGSS) nodejs-private/node-private#797ebbf942a83] - (CVE-2025-55132) lib: disable futimes when permission model is enabled (RafaelGSS) nodejs-private/node-private#7486b4849583a] - (CVE-2025-55130) lib,permission: require full read and write to symlink APIs (RafaelGSS) nodejs-private/node-private#760ddadc31f09] - (CVE-2025-59466) src: rethrow stack overflow exceptions in async_hooks (Matteo Collina) nodejs-private/node-private#773d4d9f3915f] - (CVE-2025-55131) src,lib: refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) nodejs-private/node-private#75925d6799df6] - (CVE-2026-21637) tls: route callback exceptions through error handlers (Matteo Collina) nodejs-private/node-private#796prometheus/prometheus (prom/prometheus)
v3.10.0: 3.10.0 / 2026-02-24Compare Source
Prometheus now offers a distroless Docker image variant alongside the default
busybox image. The distroless variant provides enhanced security with a minimal
base image, uses UID/GID 65532 (nonroot) instead of nobody, and removes the
VOLUME declaration. Both variants are available with
-busyboxand-distrolesstag suffixes (e.g.,
prom/prometheus:latest-busybox,prom/prometheus:latest-distroless).The busybox image remains the default with no suffix for backwards compatibility
(e.g.,
prom/prometheus:latestpoints to the busybox variant).For users migrating existing named volumes from the busybox image to the distroless variant, the ownership can be adjusted with:
Then, the container can be started with the old volume with:
User migrating from bind mounts might need to ajust permissions too, depending on their setup.
alertmanagerdimension to following metrics:prometheus_notifications_dropped_total,prometheus_notifications_queue_capacity,prometheus_notifications_queue_length. #16355/alertspage. #17611fill()/fill_left()/fill_right()binop modifiers for specifying default values for missing series. #17644/api/v1/openapi.yaml. #17825<URL>/debug/pprof/fgprof. #18027stale_series_compaction_thresholdin the config file. #16929remove_all_sdand individual service discoveries can be re-added with the build tagsenable_<sd name>_sd. Users can build a custom Prometheus with only the necessary SDs for a smaller binary size. #17736promql-duration-exprandpromql-extended-range-selectors. #17926.*-.*-.*. #17707/api/v1/targets/relabel_stepsin a single pass instead of re-running relabeling for each prefix. #17969X-Prometheus-Stoppingheader for/-/readyendpoint inNotReadystate. #17795info()function returning empty results when filtering by a label that exists on both the input metric andtarget_info. #17817__name__from OTLP attributes to prevent duplicate labels. #17917@modifier on empty ranges. #18020avg_over_timefor a single native histogram. #18058v3.9.1: 3.9.1 / 2026-01-07Compare Source
v3.9.0: 3.9.0 / 2026-01-06Compare Source
Note for users of Native Histograms
In version 3.9, Native Histograms is no longer experimental, and the feature flag
native-histogramhas no effect. You must now turn onthe config setting
scrape_native_histogramsto collect Native Histogram samples from exporters.Changelog
native-histogramfeature flag a no-op. Usescrape_native_histogramsconfig option instead. #17528start_timestampfield for unit tests. #17636--format seriesjsonoption totsdb dumpto output just series labels in JSON format. #13409--storage.tsdb.delay-compact-file.pathflag for better interoperability with Thanos. #17435--storage.tsdb.block-reload-intervalto configure TSDB Block Reload Interval. #16728prometheus_notifications_latency_histogram_secondsto complement the existing summary. #16637configlabel with job name for mostprometheus_sd_refreshmetrics. #17138prometheus_tsdb_sample_ooo_delta, the distribution of out-of-order samples in seconds. Collected for all samples, accepted or not. #17477_total. #17682ignoring()and non-empty grouping. #17643rate/increase/deltaof histograms results in a gauge histogram. #17608v3.8.1: 3.8.1 / 2025-12-16Compare Source
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Renovate Bot.
Update grafana/tempo:latest Docker digest to d82487fto Update docker minor+patch+digest updates28664c3fdctob8af331102b8af331102tof9c2cf108ff9c2cf108fto9b311950ec9b311950ectoae4e87c21cae4e87c21ctoc822a3f56cc822a3f56cto5fb5b374885fb5b37488to8a27ee3cf98a27ee3cf9toc91ef05049c91ef05049tod26a863b3cd26a863b3ctoc5264f3fd3c5264f3fd3to2b1e4f13582b1e4f1358tob9027f82e1b9027f82e1toddb27aabc8ddb27aabc8to4678fae72a4678fae72atob648b8c1e6b648b8c1e6to66ce8a34da66ce8a34datocf2f18707acf2f18707ato08d8fed44908d8fed449to0275767f680275767f68to35c3c54a6f35c3c54a6fto218627993a218627993ato7bdd9a3f247bdd9a3f24to4af39e7f274af39e7f27toa810b16d6aa810b16d6atob895eaf9d0b895eaf9d0to1f0f1d8b021f0f1d8b02toa7c6b8ae8ea7c6b8ae8eto5be916a0bd5be916a0bdto9d2271e8dc9d2271e8dctoe5d4fbacc6e5d4fbacc6to364c7a8d45364c7a8d45todce4e53c93dce4e53c93to2449af9c082449af9c08to7a778088157a77808815to8627455dd08627455dd0tod583a6e06dd583a6e06dto22500635ab22500635abto2b452c35e42b452c35e4to557825d725557825d725toc05af2997cc05af2997cto464d053515464d053515toc55647c58dc55647c58dto2c318092c62c318092c6to67c2c4242867c2c42428toc086ee1175c086ee1175tof3903794d4f3903794d4to3fd48bac363fd48bac36toac32572aedac32572aedto1c4fd9ef861c4fd9ef86to082fc8f296082fc8f296to8ca25153a48ca25153a4to3ad9dc1a0e3ad9dc1a0eto6093edbc936093edbc93to444fd6cc4fView command line instructions
Checkout
From your project repository, check out a new branch and test the changes.