Skip to content

chore(deps): update node.js to v24.14.0#23

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/node-24.x
Open

chore(deps): update node.js to v24.14.0#23
renovate[bot] wants to merge 1 commit intomainfrom
renovate/node-24.x

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Feb 14, 2026
edited
Loading

This PR contains the following updates:

Package Update Change Pending
node (source) minor 24.13.024.14.0 v24.14.1

Release Notes

nodejs/node (node)

v24.14.0

Compare Source

v24.13.1

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@github-actions
Copy link

github-actions bot commented Feb 14, 2026
edited
Loading

Renovate PR Review Results

⚖️ Safety Assessment: ✅ Safe

🔍 Release Content Analysis

Node.js v24.13.1 (February 10, 2026):

  • Security Fixes: Two CVEs addressed
    • CVE-2025-59465: Added default error handler for TLSSocket to prevent unhandled exceptions
    • CVE-2026-21637: TLS callback exceptions now routed through proper error handlers
  • Stability Improvements: Multiple features marked as stable (--heapsnapshot-near-heap-limit, v8.queryObjects(), --build-snapshot flags)
  • Dependency Updates: Root certificates updated to NSS 3.119, ada to v3.4.2 with Unicode 17 support
  • Build Support: Added Python 3.14 testing support

Node.js v24.14.0 (February 24, 2026):

  • Async Hooks: createHook() now supports trackPromises option for enhanced promise tracking
  • Filesystem: fs.watch() gained an ignore option for excluding specific files/patterns
  • HTTP/Networking: New http.setGlobalProxyFromEnv() function for automatic proxy configuration
  • Module System: Subpath imports can now start with #/ syntax
  • SQLite Integration: Defensive mode enabled by default, new prepare options arguments
  • Streams: stream/consumers module added bytes() method
  • Test Runner: Environment variable support in run() function, ability to mark test cases as expected failures
  • Utilities: New convertProcessSignalToExitCode utility
  • 180+ commits: Performance optimizations, bug fixes, dependency upgrades (npm, undici, amaro)

Breaking Changes: None identified. All changes are SEMVER-MINOR additions with full backward compatibility.

🎯 Impact Scope Investigation

Configuration Changes:

  • Only file modified: mise.toml (Node.js version updated from 24.13.0 to 24.14.0)
  • The mise-action in CI/CD workflow automatically uses the version specified in mise.toml

Codebase Analysis:

  • Runtime Usage: The project is a TypeScript SDK that uses Bun as the primary runtime for development and testing
  • Node.js APIs Used: The codebase uses only standard Web APIs (fetch, globalThis, Request, Response) - no Node.js-specific built-in modules
  • Engine Compatibility: package.json specifies "engines": { "node": ">=18" } - v24.14.0 is well within this range
  • TypeScript Target: ES2022 with NodeNext module resolution - fully compatible with Node.js 24.x

Dependency Impact:

  • No changes to npm dependencies
  • No impact on other packages (@types/node, TypeScript, Biome, Vitest remain unchanged)
  • Build, test, and lint workflows use Bun runtime, not Node.js directly

CI/CD Status:

  • All CI checks passed successfully:
    • Build: SUCCESS
    • Typecheck: SUCCESS
    • Lint: SUCCESS
    • Test: SUCCESS

Security Assessment:

  • The update includes two important security fixes for TLS error handling (CVE-2025-59465, CVE-2026-21637)
  • Root certificates updated to NSS 3.119 for improved security

💡 Recommended Actions

Immediate Actions:

  1. Safe to merge immediately - No code changes required
  2. The update is a patch-level increment within the same LTS branch (v24 'Krypton')
  3. All CI checks have passed, confirming compatibility

Post-Merge:

  • No migration work needed
  • No configuration changes required
  • The SDK code does not use any Node.js-specific APIs that would be affected by version changes
  • Development teams using mise will automatically get v24.14.0 on next mise install

Future Considerations:

  • A newer version v24.14.1 is available (mentioned in PR description as "Pending")
  • Consider updating to v24.14.1 when Renovate creates that PR

🔗 Reference Links

Generated by koki-develop/claude-renovate-review

@renovate renovate bot force-pushed the renovate/node-24.x branch from b9629c8 to 52296eb Compare February 16, 2026 13:02
@renovate renovate bot force-pushed the renovate/node-24.x branch from 52296eb to 523996a Compare February 27, 2026 02:37
@renovate renovate bot changed the title chore(deps): update node.js to v24.13.1 chore(deps): update node.js to v24.14.0 Feb 27, 2026
@renovate renovate bot force-pushed the renovate/node-24.x branch from 523996a to 2ae3f91 Compare March 13, 2026 17:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants