Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build: fix C string encoding for PRODUCT_DIR_ABS #56111

Closed
wants to merge 2 commits into from
Closed

build: fix C string encoding for PRODUCT_DIR_ABS #56111

wants to merge 2 commits into from
+12 −11

Conversation

addaleax
Copy link
Member

@addaleax addaleax commented Dec 2, 2024

Since the PRODUCT_DIR_ABS gyp variable is meant to be used in a C string in the OpenSSL config, provide a version of it that actually provides it in a way that is always usable as a C string. Otherwise, unescaped characters in the path can mess with the string definitions; for example, building in paths on Windows whose directories start with valid or invalid escape sequences (e.g.: C:\...\x61foobar\... or C:\...\456789\...) can result in failing builds or incorrect paths provided to OpenSSL.

Needs: nodejs/gyp-next#271

@addaleax addaleax marked this pull request as draft December 2, 2024 13:52
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/gyp
  • @nodejs/security-wg

@nodejs-github-bot nodejs-github-bot added build Issues and PRs related to build files or the CI. dependencies Pull requests that update a dependency file. gyp Issues and PRs related to the GYP tool and .gyp build files needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency. tools Issues and PRs related to the tools directory. labels Dec 2, 2024
This was referenced Dec 2, 2024
Merged
Merged
@codecov Codecov
Copy link

codecov bot commented Dec 2, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 88.54%. Comparing base (f184a0a) to head (486ff15).
Report is 26 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #56111   +/-   ##
=======================================
  Coverage   88.53%   88.54%           
=======================================
  Files         657      657           
  Lines      189858   189858           
  Branches    36450    36447    -3     
=======================================
+ Hits       168089   168103   +14     
+ Misses      14973    14972    -1     
+ Partials     6796     6783   -13

see 32 files with indirect coverage changes

@addaleax addaleax force-pushed the gyp-handle-cstring-productdir branch from e0c8ce0 to c2bec3f Compare December 4, 2024 11:41
@addaleax addaleax marked this pull request as ready for review December 4, 2024 11:41
@addaleax addaleax added request-ci Add this label to start a Jenkins CI on a PR. commit-queue-rebase Add this label to allow the Commit Queue to land a PR in several commits. labels Dec 4, 2024
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Dec 4, 2024
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/63868/

@gengjiawen
Copy link
Member

@addaleax The build is broken, can you take a look ? also long time no see :)

@addaleax
Copy link
Member Author

addaleax commented Dec 9, 2024

@gengjiawen 👋

Yeah, thanks for pointing this out – nodejs/gyp-next#274 should fix this again (sorry, I applied the suggestion provided there without checking that it works when integrated into Node.js again)

@addaleax
tools: update gyp-next to 0.19.1
99fcf84
@addaleax
build: fix C string encoding for PRODUCT_DIR_ABS
486ff15 
Since the `PRODUCT_DIR_ABS` gyp variable is meant to be used
in a C string in the OpenSSL config, provide a version of it
that actually provides it in a way that is always usable as a
C string. Otherwise, unescaped characters in the path can mess
with the string definitions; for example, building in paths
on Windows whose directories start with valid or invalid escape
sequences (e.g.: `C:\...\x61foobar\...` or `C:\...\456789\...`)
can result in failing builds or incorrect paths provided to
OpenSSL.
@addaleax addaleax force-pushed the gyp-handle-cstring-productdir branch from c2bec3f to 486ff15 Compare December 10, 2024 19:06
@addaleax addaleax added the request-ci Add this label to start a Jenkins CI on a PR. label Dec 10, 2024
@addaleax
Copy link
Member Author

@gengjiawen Updated! 🙂

@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Dec 10, 2024
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/63981/

@addaleax addaleax added commit-queue Add this label to land a pull request using GitHub Actions. author ready PRs that have at least one approval, no pending requests for changes, and a CI started. labels Dec 12, 2024
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Dec 12, 2024
@nodejs-github-bot
Copy link
Collaborator

Landed in e5524ea...203398d

nodejs-github-bot pushed a commit that referenced this pull request Dec 12, 2024
@addaleax @nodejs-github-bot
tools: update gyp-next to 0.19.1
a963b5e 
PR-URL: #56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
nodejs-github-bot pushed a commit that referenced this pull request Dec 12, 2024
@addaleax @nodejs-github-bot
build: fix C string encoding for PRODUCT_DIR_ABS
203398d 
Since the `PRODUCT_DIR_ABS` gyp variable is meant to be used
in a C string in the OpenSSL config, provide a version of it
that actually provides it in a way that is always usable as a
C string. Otherwise, unescaped characters in the path can mess
with the string definitions; for example, building in paths
on Windows whose directories start with valid or invalid escape
sequences (e.g.: `C:\...\x61foobar\...` or `C:\...\456789\...`)
can result in failing builds or incorrect paths provided to
OpenSSL.

PR-URL: #56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
targos pushed a commit that referenced this pull request Dec 13, 2024
@addaleax @targos
tools: update gyp-next to 0.19.1
28cada6 
PR-URL: #56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
targos pushed a commit that referenced this pull request Dec 13, 2024
@addaleax @targos
build: fix C string encoding for PRODUCT_DIR_ABS
273712f 
Since the `PRODUCT_DIR_ABS` gyp variable is meant to be used
in a C string in the OpenSSL config, provide a version of it
that actually provides it in a way that is always usable as a
C string. Otherwise, unescaped characters in the path can mess
with the string definitions; for example, building in paths
on Windows whose directories start with valid or invalid escape
sequences (e.g.: `C:\...\x61foobar\...` or `C:\...\456789\...`)
can result in failing builds or incorrect paths provided to
OpenSSL.

PR-URL: #56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@github-actions github-actions bot mentioned this pull request Dec 18, 2024
Merged
aduh95 pushed a commit that referenced this pull request Dec 18, 2024
@addaleax @aduh95
tools: update gyp-next to 0.19.1
b395e0c 
PR-URL: #56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
aduh95 pushed a commit that referenced this pull request Dec 18, 2024
@addaleax @aduh95
build: fix C string encoding for PRODUCT_DIR_ABS
f4faedf 
Since the `PRODUCT_DIR_ABS` gyp variable is meant to be used
in a C string in the OpenSSL config, provide a version of it
that actually provides it in a way that is always usable as a
C string. Otherwise, unescaped characters in the path can mess
with the string definitions; for example, building in paths
on Windows whose directories start with valid or invalid escape
sequences (e.g.: `C:\...\x61foobar\...` or `C:\...\456789\...`)
can result in failing builds or incorrect paths provided to
OpenSSL.

PR-URL: #56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
ruyadorno pushed a commit that referenced this pull request Dec 20, 2024
@addaleax @ruyadorno
tools: update gyp-next to 0.19.1
ccbe16a 
PR-URL: #56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
ruyadorno pushed a commit that referenced this pull request Dec 20, 2024
@addaleax @ruyadorno
build: fix C string encoding for PRODUCT_DIR_ABS
a8de9af 
Since the `PRODUCT_DIR_ABS` gyp variable is meant to be used
in a C string in the OpenSSL config, provide a version of it
that actually provides it in a way that is always usable as a
C string. Otherwise, unescaped characters in the path can mess
with the string definitions; for example, building in paths
on Windows whose directories start with valid or invalid escape
sequences (e.g.: `C:\...\x61foobar\...` or `C:\...\456789\...`)
can result in failing builds or incorrect paths provided to
OpenSSL.

PR-URL: #56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@ruyadorno ruyadorno mentioned this pull request Dec 20, 2024
Open
ruyadorno pushed a commit that referenced this pull request Dec 21, 2024
@addaleax @ruyadorno
tools: update gyp-next to 0.19.1
a5fa657 
PR-URL: #56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
ruyadorno pushed a commit that referenced this pull request Dec 21, 2024
@addaleax @ruyadorno
build: fix C string encoding for PRODUCT_DIR_ABS
626959a 
Since the `PRODUCT_DIR_ABS` gyp variable is meant to be used
in a C string in the OpenSSL config, provide a version of it
that actually provides it in a way that is always usable as a
C string. Otherwise, unescaped characters in the path can mess
with the string definitions; for example, building in paths
on Windows whose directories start with valid or invalid escape
sequences (e.g.: `C:\...\x61foobar\...` or `C:\...\456789\...`)
can result in failing builds or incorrect paths provided to
OpenSSL.

PR-URL: #56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
tmeijn pushed a commit to tmeijn/dotfiles that referenced this pull request Dec 21, 2024
@tmeijn
build(deps): update node to v23.5.0
da58bf9 
This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [node](https://nodejs.org) ([source](https://github.com/nodejs/node)) | minor | `23.4.0` -> `23.5.0` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>nodejs/node (node)</summary>

### [`v23.5.0`](https://github.com/nodejs/node/releases/tag/v23.5.0): 2024-12-19, Version 23.5.0 (Current), @&#8203;aduh95

[Compare Source](nodejs/node@v23.4.0...v23.5.0)

##### Notable Changes

##### WebCryptoAPI [`Ed25519`](nodejs/node@Ed25519) and X25519 algorithms are now stable

Following the merge of Curve25519 into the
[Web Cryptography API Editor's Draft](https://w3c.github.io/webcrypto/) the
`Ed25519` and `X25519` algorithm identifiers are now stable and will no longer
emit an ExperimentalWarning upon use.

Contributed by Filip Skokan in [#&#8203;56142](nodejs/node#56142).

##### On-thread hooks are back

This release introduces `module.registerHooks()` for registering module loader
customization hooks that are run for all modules loaded by `require()`, `import`
and functions returned by `createRequire()` in the same thread, which makes them
easier for CJS monkey-patchers to migrate to.

```mjs
import assert from 'node:assert';
import { registerHooks, createRequire } from 'node:module';
import { writeFileSync } from 'node:fs';

writeFileSync('./bar.js', 'export const id = 123;', 'utf8');

registerHooks({
  resolve(specifier, context, nextResolve) {
    const replaced = specifier.replace('foo', 'bar');
    return nextResolve(replaced, context);
  },
  load(url, context, nextLoad) {
    const result = nextLoad(url, context);
    return {
      ...result,
      source: result.source.toString().replace('123', '456'),
    };
  },
});

// Checks that it works with require.
const require = createRequire(import.meta.url);
const required = require('./foo.js');  // Redirected by resolve hook to bar.js
assert.strictEqual(required.id, 456);  // Replaced by load hook to 456

// Checks that it works with import.
const imported = await import('./foo.js');  // Redirected by resolve hook to bar.js
assert.strictEqual(imported.id, 456);  // Replaced by load hook to 456
```

This complements the `module.register()` hooks - the new hooks fit better
internally and cover all corners in the module graph; whereas
`module.register()` previously could not cover `require()` while it was
on-thread, and still cannot cover `createRequire()` after being moved
off-thread.

They are also run in the same thread as the modules being loaded and where the
hooks are registered, which means they are easier to debug (no more
`console.log()` getting lost) and do not have the many deadlock issues haunting
the `module.register()` hooks. The new API also takes functions directly so that
it's easier for intermediate loader packages to take user options from files
that the hooks can't be aware of, like many existing CJS monkey-patchers do.

Contributed by Joyee Cheung in [#&#8203;55698](nodejs/node#55698).

##### Other notable changes

-   \[[`59cae91465`](nodejs/node@59cae91465)] - **(SEMVER-MINOR)** **dgram**: support blocklist in udp (theanarkh) [#&#8203;56087](nodejs/node#56087)
-   \[[`72f79b44ed`](nodejs/node@72f79b44ed)] - **doc**: stabilize util.styleText (Rafael Gonzaga) [#&#8203;56265](nodejs/node#56265)
-   \[[`b5a2c0777d`](nodejs/node@b5a2c0777d)] - **(SEMVER-MINOR)** **module**: add prefix-only modules to `module.builtinModules` (Jordan Harband) [#&#8203;56185](nodejs/node#56185)
-   \[[`9863d27566`](nodejs/node@9863d27566)] - **(SEMVER-MINOR)** **module**: only emit require(esm) warning under --trace-require-module (Joyee Cheung) [#&#8203;56194](nodejs/node#56194)
-   \[[`8e780bc5ae`](nodejs/node@8e780bc5ae)] - **(SEMVER-MINOR)** **module**: use synchronous hooks for preparsing in import(cjs) (Joyee Cheung) [#&#8203;55698](nodejs/node#55698)
-   \[[`65bc8e847f`](nodejs/node@65bc8e847f)] - **(SEMVER-MINOR)** **report**: fix typos in report keys and bump the version (Yuan-Ming Hsu) [#&#8203;56068](nodejs/node#56068)
-   \[[`0ab36e1937`](nodejs/node@0ab36e1937)] - **(SEMVER-MINOR)** **sqlite**: aggregate constants in a single property (Edigleysson Silva (Edy)) [#&#8203;56213](nodejs/node#56213)
-   \[[`efcc5d90c5`](nodejs/node@efcc5d90c5)] - **(SEMVER-MINOR)** **src,lib**: stabilize permission model (Rafael Gonzaga) [#&#8203;56201](nodejs/node#56201)

##### Commits

-   \[[`2314e4916e`](nodejs/node@2314e4916e)] - **assert**: make Maps be partially compared in partialDeepStrictEqual (Giovanni Bucci) [#&#8203;56195](nodejs/node#56195)
-   \[[`cfbdff7b45`](nodejs/node@cfbdff7b45)] - **assert**: make partialDeepStrictEqual work with ArrayBuffers (Giovanni Bucci) [#&#8203;56098](nodejs/node#56098)
-   \[[`f264dd6d20`](nodejs/node@f264dd6d20)] - **buffer**: document concat zero-fill (Duncan) [#&#8203;55562](nodejs/node#55562)
-   \[[`4831b87d83`](nodejs/node@4831b87d83)] - **build**: set DESTCPU correctly for 'make binary' on loongarch64 (吴小白) [#&#8203;56271](nodejs/node#56271)
-   \[[`1497bb405e`](nodejs/node@1497bb405e)] - **build**: fix missing fp16 dependency in d8 builds (Joyee Cheung) [#&#8203;56266](nodejs/node#56266)
-   \[[`445c8c7489`](nodejs/node@445c8c7489)] - **build**: add major release action (Rafael Gonzaga) [#&#8203;56199](nodejs/node#56199)
-   \[[`f4faedfa69`](nodejs/node@f4faedfa69)] - **build**: fix C string encoding for `PRODUCT_DIR_ABS` (Anna Henningsen) [#&#8203;56111](nodejs/node#56111)
-   \[[`6f49c8006c`](nodejs/node@6f49c8006c)] - **build**: use variable for simdutf path (Shelley Vohr) [#&#8203;56196](nodejs/node#56196)
-   \[[`fcaa2c82a6`](nodejs/node@fcaa2c82a6)] - **build**: fix GN build on macOS (Joyee Cheung) [#&#8203;56141](nodejs/node#56141)
-   \[[`08e5309f4f`](nodejs/node@08e5309f4f)] - ***Revert*** "**build**: avoid compiling with VS v17.12" (Gerhard Stöbich) [#&#8203;56151](nodejs/node#56151)
-   \[[`c2fb38cfdf`](nodejs/node@c2fb38cfdf)] - **crypto**: graduate WebCryptoAPI [`Ed25519`](nodejs/node@Ed25519) and X25519 algorithms as stable (Filip Skokan) [#&#8203;56142](nodejs/node#56142)
-   \[[`8658833884`](nodejs/node@8658833884)] - **deps**: update nghttp3 to 1.6.0 (Node.js GitHub Bot) [#&#8203;56258](nodejs/node#56258)
-   \[[`7c941d4610`](nodejs/node@7c941d4610)] - **deps**: update simdutf to 5.6.4 (Node.js GitHub Bot) [#&#8203;56255](nodejs/node#56255)
-   \[[`4e9113eada`](nodejs/node@4e9113eada)] - **deps**: update libuv to 1.49.2 (Luigi Pinca) [#&#8203;56224](nodejs/node#56224)
-   \[[`db6aba12e4`](nodejs/node@db6aba12e4)] - **deps**: update c-ares to v1.34.4 (Node.js GitHub Bot) [#&#8203;56256](nodejs/node#56256)
-   \[[`25bb462bc2`](nodejs/node@25bb462bc2)] - **deps**: define V8\_PRESERVE_MOST as no-op on Windows (Stefan Stojanovic) [#&#8203;56238](nodejs/node#56238)
-   \[[`54308c51bb`](nodejs/node@54308c51bb)] - **deps**: update sqlite to 3.47.2 (Node.js GitHub Bot) [#&#8203;56178](nodejs/node#56178)
-   \[[`59cae91465`](nodejs/node@59cae91465)] - **(SEMVER-MINOR)** **dgram**: support blocklist in udp (theanarkh) [#&#8203;56087](nodejs/node#56087)
-   \[[`52c18e605e`](nodejs/node@52c18e605e)] - **doc**: fix color contrast issue in light mode (Rich Trott) [#&#8203;56272](nodejs/node#56272)
-   \[[`72f79b44ed`](nodejs/node@72f79b44ed)] - **doc**: stabilize util.styleText (Rafael Gonzaga) [#&#8203;56265](nodejs/node#56265)
-   \[[`0d08756d0c`](nodejs/node@0d08756d0c)] - **doc**: clarify util.aborted resource usage (Kunal Kumar) [#&#8203;55780](nodejs/node#55780)
-   \[[`f94f21080b`](nodejs/node@f94f21080b)] - **doc**: add esm examples to node:repl (Alfredo González) [#&#8203;55432](nodejs/node#55432)
-   \[[`7a10ef88d9`](nodejs/node@7a10ef88d9)] - **doc**: add esm examples to node:readline (Alfredo González) [#&#8203;55335](nodejs/node#55335)
-   \[[`cc7a7c391b`](nodejs/node@cc7a7c391b)] - **doc**: fix 'which' to 'that' and add commas (Selveter Senitro) [#&#8203;56216](nodejs/node#56216)
-   \[[`c5b086250e`](nodejs/node@c5b086250e)] - **doc**: fix winget config path (Alex Yang) [#&#8203;56233](nodejs/node#56233)
-   \[[`71c38a24d4`](nodejs/node@71c38a24d4)] - **doc**: add esm examples to node:tls (Alfredo González) [#&#8203;56229](nodejs/node#56229)
-   \[[`394fffbbde`](nodejs/node@394fffbbde)] - **doc**: add esm examples to node:perf_hooks (Alfredo González) [#&#8203;55257](nodejs/node#55257)
-   \[[`7b2a6ee61e`](nodejs/node@7b2a6ee61e)] - **doc**: `sea.getRawAsset(key)` always returns an ArrayBuffer (沈鸿飞) [#&#8203;56206](nodejs/node#56206)
-   \[[`8092dcf27e`](nodejs/node@8092dcf27e)] - **doc**: update announce documentation for releases (Rafael Gonzaga) [#&#8203;56200](nodejs/node#56200)
-   \[[`2974667815`](nodejs/node@2974667815)] - **doc**: update blog link to /vulnerability (Rafael Gonzaga) [#&#8203;56198](nodejs/node#56198)
-   \[[`f3b3ff85e0`](nodejs/node@f3b3ff85e0)] - **doc**: call out import.meta is only supported in ES modules (Anton Kastritskii) [#&#8203;56186](nodejs/node#56186)
-   \[[`a9e67280e7`](nodejs/node@a9e67280e7)] - **doc**: add ambassador message - benefits of Node.js (Michael Dawson) [#&#8203;56085](nodejs/node#56085)
-   \[[`e4922ab15f`](nodejs/node@e4922ab15f)] - **doc**: fix incorrect link to style guide (Yuan-Ming Hsu) [#&#8203;56181](nodejs/node#56181)
-   \[[`114a3e5a05`](nodejs/node@114a3e5a05)] - **doc**: fix c++ addon hello world sample (Edigleysson Silva (Edy)) [#&#8203;56172](nodejs/node#56172)
-   \[[`f1c2d2f65e`](nodejs/node@f1c2d2f65e)] - **doc**: update blog release-post link (Ruy Adorno) [#&#8203;56123](nodejs/node#56123)
-   \[[`d48b5224c0`](nodejs/node@d48b5224c0)] - **doc**: fix module.md headings (Chengzhong Wu) [#&#8203;56131](nodejs/node#56131)
-   \[[`4cc0493a0b`](nodejs/node@4cc0493a0b)] - **fs**: make mutating `options` in Callback `readdir()` not affect results (LiviaMedeiros) [#&#8203;56057](nodejs/node#56057)
-   \[[`8d485f1c09`](nodejs/node@8d485f1c09)] - **fs**: make mutating `options` in Promises `readdir()` not affect results (LiviaMedeiros) [#&#8203;56057](nodejs/node#56057)
-   \[[`595851b5ed`](nodejs/node@595851b5ed)] - **fs,win**: fix readdir for named pipe (Hüseyin Açacak) [#&#8203;56110](nodejs/node#56110)
-   \[[`075b36b7b4`](nodejs/node@075b36b7b4)] - **http**: add setDefaultHeaders option to http.request (Tim Perry) [#&#8203;56112](nodejs/node#56112)
-   \[[`febd969c46`](nodejs/node@febd969c46)] - **http2**: remove duplicate codeblock (Vitaly Aminev) [#&#8203;55915](nodejs/node#55915)
-   \[[`b0ebd23e52`](nodejs/node@b0ebd23e52)] - **http2**: support ALPNCallback option (ZYSzys) [#&#8203;56187](nodejs/node#56187)
-   \[[`f10239fde7`](nodejs/node@f10239fde7)] - **lib**: remove redundant global regexps (Gürgün Dayıoğlu) [#&#8203;56182](nodejs/node#56182)
-   \[[`fd55d3cbdd`](nodejs/node@fd55d3cbdd)] - **lib**: clean up persisted signals when they are settled (Edigleysson Silva (Edy)) [#&#8203;56001](nodejs/node#56001)
-   \[[`889094fdbc`](nodejs/node@889094fdbc)] - **lib**: handle Float16Array in node:v8 serdes (Bartek Iwańczuk) [#&#8203;55996](nodejs/node#55996)
-   \[[`5aec513207`](nodejs/node@5aec513207)] - **lib**: disable default memory leak warning for AbortSignal (Lenz Weber-Tronic) [#&#8203;55816](nodejs/node#55816)
-   \[[`b5a2c0777d`](nodejs/node@b5a2c0777d)] - **(SEMVER-MINOR)** **module**: add prefix-only modules to `module.builtinModules` (Jordan Harband) [#&#8203;56185](nodejs/node#56185)
-   \[[`9863d27566`](nodejs/node@9863d27566)] - **(SEMVER-MINOR)** **module**: only emit require(esm) warning under --trace-require-module (Joyee Cheung) [#&#8203;56194](nodejs/node#56194)
-   \[[`5665e86da6`](nodejs/node@5665e86da6)] - **module**: prevent main thread exiting before esm worker ends (Shima Ryuhei) [#&#8203;56183](nodejs/node#56183)
-   \[[`8e780bc5ae`](nodejs/node@8e780bc5ae)] - **(SEMVER-MINOR)** **module**: use synchronous hooks for preparsing in import(cjs) (Joyee Cheung) [#&#8203;55698](nodejs/node#55698)
-   \[[`e5bb6c2303`](nodejs/node@e5bb6c2303)] - **(SEMVER-MINOR)** **module**: implement module.registerHooks() (Joyee Cheung) [#&#8203;55698](nodejs/node#55698)
-   \[[`f883bedceb`](nodejs/node@f883bedceb)] - **node-api**: allow napi_delete_reference in finalizers (Chengzhong Wu) [#&#8203;55620](nodejs/node#55620)
-   \[[`65bc8e847f`](nodejs/node@65bc8e847f)] - **(SEMVER-MINOR)** **report**: fix typos in report keys and bump the version (Yuan-Ming Hsu) [#&#8203;56068](nodejs/node#56068)
-   \[[`a6f0cfa468`](nodejs/node@a6f0cfa468)] - **sea**: only assert snapshot main function for main threads (Joyee Cheung) [#&#8203;56120](nodejs/node#56120)
-   \[[`0ab36e1937`](nodejs/node@0ab36e1937)] - **(SEMVER-MINOR)** **sqlite**: aggregate constants in a single property (Edigleysson Silva (Edy)) [#&#8203;56213](nodejs/node#56213)
-   \[[`4745798225`](nodejs/node@4745798225)] - **sqlite**: add support for custom functions (Colin Ihrig) [#&#8203;55985](nodejs/node#55985)
-   \[[`53cc0cc744`](nodejs/node@53cc0cc744)] - **sqlite**: support `db.loadExtension` (Alex Yang) [#&#8203;53900](nodejs/node#53900)
-   \[[`3968599702`](nodejs/node@3968599702)] - **src**: fix outdated js2c.cc references (Chengzhong Wu) [#&#8203;56133](nodejs/node#56133)
-   \[[`efcc5d90c5`](nodejs/node@efcc5d90c5)] - **(SEMVER-MINOR)** **src,lib**: stabilize permission model (Rafael Gonzaga) [#&#8203;56201](nodejs/node#56201)
-   \[[`a4a83613cb`](nodejs/node@a4a83613cb)] - **stream**: commit pull-into descriptors after filling from queue (Mattias Buelens) [#&#8203;56072](nodejs/node#56072)
-   \[[`3298ef4891`](nodejs/node@3298ef4891)] - **test**: remove test-sqlite-statement-sync flaky designation (Luigi Pinca) [#&#8203;56051](nodejs/node#56051)
-   \[[`1d8cc6179d`](nodejs/node@1d8cc6179d)] - **test**: use --permission over --experimental-permission (Rafael Gonzaga) [#&#8203;56239](nodejs/node#56239)
-   \[[`5d252b7a67`](nodejs/node@5d252b7a67)] - **test**: remove exludes for sea tests on PPC (Michael Dawson) [#&#8203;56217](nodejs/node#56217)
-   \[[`8288f57724`](nodejs/node@8288f57724)] - **test**: fix test-abortsignal-drop-settled-signals flakiness (Edigleysson Silva (Edy)) [#&#8203;56197](nodejs/node#56197)
-   \[[`683cc15796`](nodejs/node@683cc15796)] - **test**: move localizationd data from `test-icu-env` to external file (Livia Medeiros) [#&#8203;55618](nodejs/node#55618)
-   \[[`a0c4a5f122`](nodejs/node@a0c4a5f122)] - **test**: update WPT for url to [`6fa3fe8`](nodejs/node@6fa3fe8a92) (Node.js GitHub Bot) [#&#8203;56136](nodejs/node#56136)
-   \[[`a0e3926285`](nodejs/node@a0e3926285)] - **test**: remove `hasOpenSSL3x` utils (Antoine du Hamel) [#&#8203;56164](nodejs/node#56164)
-   \[[`041a49094e`](nodejs/node@041a49094e)] - **test**: update streams wpt (Mattias Buelens) [#&#8203;56072](nodejs/node#56072)
-   \[[`ea9a675f56`](nodejs/node@ea9a675f56)] - **test_runner**: exclude test files from coverage by default (Pietro Marchini) [#&#8203;56060](nodejs/node#56060)
-   \[[`118cd9998f`](nodejs/node@118cd9998f)] - **tools**: fix `node:` enforcement for docs (Antoine du Hamel) [#&#8203;56284](nodejs/node#56284)
-   \[[`c4c56daae8`](nodejs/node@c4c56daae8)] - **tools**: update github_reporter to 1.7.2 (Node.js GitHub Bot) [#&#8203;56205](nodejs/node#56205)
-   \[[`78743b1533`](nodejs/node@78743b1533)] - **tools**: add REPLACEME check to workflow (Mert Can Altin) [#&#8203;56251](nodejs/node#56251)
-   \[[`002ee71d9b`](nodejs/node@002ee71d9b)] - **tools**: use `github.actor` instead of bot username for release proposals (Antoine du Hamel) [#&#8203;56232](nodejs/node#56232)
-   \[[`d25d16efeb`](nodejs/node@d25d16efeb)] - ***Revert*** "**tools**: disable automated libuv updates" (Luigi Pinca) [#&#8203;56223](nodejs/node#56223)
-   \[[`b395e0c8c9`](nodejs/node@b395e0c8c9)] - **tools**: update gyp-next to 0.19.1 (Anna Henningsen) [#&#8203;56111](nodejs/node#56111)
-   \[[`a5aaf31c50`](nodejs/node@a5aaf31c50)] - **tools**: fix release proposal linter to support more than 1 folk preparing (Antoine du Hamel) [#&#8203;56203](nodejs/node#56203)
-   \[[`fa667d609e`](nodejs/node@fa667d609e)] - **tools**: remove has_absl_stringify from gyp file (Michaël Zasso) [#&#8203;56157](nodejs/node#56157)
-   \[[`65b541e70e`](nodejs/node@65b541e70e)] - **tools**: enable linter for `tools/icu/**` (Livia Medeiros) [#&#8203;56176](nodejs/node#56176)
-   \[[`28a4b6ff58`](nodejs/node@28a4b6ff58)] - **tools**: use commit title as MR title when creating release proposal (Antoine du Hamel) [#&#8203;56165](nodejs/node#56165)
-   \[[`e20eef659f`](nodejs/node@e20eef659f)] - **tools**: update gyp-next to 0.19.0 (Node.js GitHub Bot) [#&#8203;56158](nodejs/node#56158)
-   \[[`efcc829085`](nodejs/node@efcc829085)] - **tools**: bump the eslint group in /tools/eslint with 4 updates (dependabot\[bot]) [#&#8203;56099](nodejs/node#56099)
-   \[[`5620b2be8a`](nodejs/node@5620b2be8a)] - **tools**: improve release proposal MR opening (Antoine du Hamel) [#&#8203;56161](nodejs/node#56161)
-   \[[`3e17a8e78e`](nodejs/node@3e17a8e78e)] - **util**: harden more built-in classes against prototype pollution (Antoine du Hamel) [#&#8203;56225](nodejs/node#56225)
-   \[[`13815417c7`](nodejs/node@13815417c7)] - **util**: fix Latin1 decoding to return string output (Mert Can Altin) [#&#8203;56222](nodejs/node#56222)
-   \[[`77397c5013`](nodejs/node@77397c5013)] - **util**: do not rely on mutable `Object` and `Function`' `constructor` prop (Antoine du Hamel) [#&#8203;56188](nodejs/node#56188)
-   \[[`84f98e0a74`](nodejs/node@84f98e0a74)] - **v8,tools**: expose experimental wasm revectorize feature (Yolanda-Chen) [#&#8203;54896](nodejs/node#54896)
-   \[[`8325fa5c04`](nodejs/node@8325fa5c04)] - **worker**: fix crash when a worker joins after exit (Stephen Belanger) [#&#8203;56191](nodejs/node#56191)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS43Ny4wIiwidXBkYXRlZEluVmVyIjoiMzkuNzcuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiUmVub3ZhdGUgQm90Il19-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anonrig anonrig anonrig approved these changes

@jasnell jasnell jasnell approved these changes

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. build Issues and PRs related to build files or the CI. commit-queue-rebase Add this label to allow the Commit Queue to land a PR in several commits. dependencies Pull requests that update a dependency file. gyp Issues and PRs related to the GYP tool and .gyp build files needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency. tools Issues and PRs related to the tools directory.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@addaleax @nodejs-github-bot @gengjiawen @jasnell @anonrig