Skip to content

chore(deps): update node.js to v22.23.1#470

Open
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/node-22.x
Open

chore(deps): update node.js to v22.23.1#470
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/node-22.x

Conversation

@renovate

@renovate renovate Bot commented Mar 27, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change
node stage minor 22.22.022.23.1
node minor 22.22.0-alpine22.23.1-alpine

Release Notes

nodejs/node (node)

v22.23.1: 2026-06-23, Version 22.23.1 'Jod' (LTS), @​RafaelGSS

Compare Source

This release includes a fix for an unexpected behavior introduced
by the recent security release (22.23.0).

Commits

v22.23.0: 2026-06-18, Version 22.23.0 'Jod' (LTS), @​aduh95

Compare Source

This is a security release.

Notable Changes
  • (CVE-2026-48618) tls: normalize hostname for server identity checks (Matteo Collina) – High
  • (CVE-2026-48933) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
  • (CVE-2026-48937) deps: fix integration issues with the latest nghttp2 – Medium
  • (CVE-2026-48930) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
  • (CVE-2026-48619) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
  • (CVE-2026-48615) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
  • (CVE-2026-48934) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
  • (CVE-2026-48928) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
  • (CVE-2026-48617) permission: handle process.chdir on writereport (RafaelGSS) – Low
  • (CVE-2026-48931) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
  • (CVE-2026-48935) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
Commits

v22.22.3: 2026-05-13, Version 22.22.3 'Jod' (LTS), @​marco-ippolito

Compare Source

Commits

v22.22.2: 2026-03-24, Version 22.22.2 'Jod' (LTS), @​RafaelGSS prepared by @​aduh95

Compare Source

This is a security release.

Notable Changes
  • (CVE-2026-21637) wrap SNICallback invocation in try/catch (Matteo Collina) - High
  • (CVE-2026-21710) use null prototype for headersDistinct/trailersDistinct (Matteo Collina) - High
  • (CVE-2026-21713) use timing-safe comparison in Web Cryptography HMAC (Filip Skokan) - Medium
  • (CVE-2026-21714) handle NGHTTP2_ERR_FLOW_CONTROL error code (RafaelGSS) - Medium
  • (CVE-2026-21717) test array index hash collision (Joyee Cheung) - Medium
  • (CVE-2026-21715) add permission check to realpath.native (RafaelGSS) - Low
  • (CVE-2026-21716) include permission check on lib/fs/promises (RafaelGSS) - Low
Commits

v22.22.1: 2026-03-05, Version 22.22.1 'Jod' (LTS)

Compare Source

Notable Changes
Commits

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@coveralls

coveralls commented Mar 27, 2026

Copy link
Copy Markdown

Coverage Report for CI Build 28059895182

Coverage remained the same at 21.174%

Details

  • Coverage remained the same as the base build.
  • Patch coverage: No coverable lines changed in this PR.
  • No coverage regressions found.

Uncovered Changes

No uncovered changes found.

Coverage Regressions

No coverage regressions found.


Coverage Stats

Coverage Status
Relevant Lines: 3679
Covered Lines: 779
Line Coverage: 21.17%
Coverage Strength: 0.23 hits per line

💛 - Coveralls

@renovate renovate Bot force-pushed the renovate/node-22.x branch from 54e110a to bbb61af Compare May 14, 2026 21:23
@renovate renovate Bot changed the title chore(deps): update node.js to v22.22.2 chore(deps): update node.js to v22.22.3 May 14, 2026
@renovate renovate Bot force-pushed the renovate/node-22.x branch from bbb61af to b4c326e Compare June 18, 2026 19:56
@renovate renovate Bot changed the title chore(deps): update node.js to v22.22.3 chore(deps): update node.js to v22.23.0 Jun 18, 2026
@renovate renovate Bot force-pushed the renovate/node-22.x branch from b4c326e to 30dfc21 Compare June 23, 2026 21:58
@renovate renovate Bot changed the title chore(deps): update node.js to v22.23.0 chore(deps): update node.js to v22.23.1 Jun 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant