Skip to content

chore(deps): update node.js to v22.23.1#846

Open
ZxBot wants to merge 1 commit into
develfrom
renovate/node-22.x
Open

chore(deps): update node.js to v22.23.1#846
ZxBot wants to merge 1 commit into
develfrom
renovate/node-22.x

Conversation

@ZxBot

@ZxBot ZxBot commented Jun 15, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change Age Confidence
node (source) engines minor v2222.23.1 age confidence
@types/node (source) devDependencies minor 22.19.1922.20.0 age confidence

Release Notes

nodejs/node (node)

v22.23.1: 2026-06-23, Version 22.23.1 'Jod' (LTS), @​RafaelGSS

Compare Source

This release includes a fix for an unexpected behavior introduced
by the recent security release (22.23.0).

Commits

v22.23.0: 2026-06-18, Version 22.23.0 'Jod' (LTS), @​aduh95

Compare Source

This is a security release.

Notable Changes
  • (CVE-2026-48618) tls: normalize hostname for server identity checks (Matteo Collina) – High
  • (CVE-2026-48933) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
  • (CVE-2026-48937) deps: fix integration issues with the latest nghttp2 – Medium
  • (CVE-2026-48930) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
  • (CVE-2026-48619) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
  • (CVE-2026-48615) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
  • (CVE-2026-48934) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
  • (CVE-2026-48928) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
  • (CVE-2026-48617) permission: handle process.chdir on writereport (RafaelGSS) – Low
  • (CVE-2026-48931) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
  • (CVE-2026-48935) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
Commits

v22.22.3: 2026-05-13, Version 22.22.3 'Jod' (LTS), @​marco-ippolito

Compare Source

Commits

v22.22.2: 2026-03-24, Version 22.22.2 'Jod' (LTS), @​RafaelGSS prepared by @​aduh95

Compare Source

This is a security release.

Notable Changes
  • (CVE-2026-21637) wrap SNICallback invocation in try/catch (Matteo Collina) - High
  • (CVE-2026-21710) use null prototype for headersDistinct/trailersDistinct (Matteo Collina) - High
  • (CVE-2026-21713) use timing-safe comparison in Web Cryptography HMAC (Filip Skokan) - Medium
  • (CVE-2026-21714) handle NGHTTP2_ERR_FLOW_CONTROL error code (RafaelGSS) - Medium
  • (CVE-2026-21717) test array index hash collision (Joyee Cheung) - Medium
  • (CVE-2026-21715) add permission check to realpath.native (RafaelGSS) - Low
  • (CVE-2026-21716) include permission check on lib/fs/promises (RafaelGSS) - Low
Commits

v22.22.1: 2026-03-05, Version 22.22.1 'Jod' (LTS)

Compare Source

Notable Changes
Commits

Note

PR body was truncated to here.


Configuration

📅 Schedule: (in timezone Europe/Rome)

  • Branch creation
    • "after 9am and before 6pm every weekday except after 12pm and before 2pm"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

@ZxBot ZxBot added dependencies Pull requests that update a dependency file renovate labels Jun 15, 2026
@ZxBot ZxBot force-pushed the renovate/node-22.x branch 7 times, most recently from 2136b18 to 4ab52a1 Compare June 18, 2026 14:26
@ZxBot ZxBot changed the title chore(deps): update node.js to v22.22.3 chore(deps): update node.js to v22.23.0 Jun 18, 2026
@ZxBot ZxBot force-pushed the renovate/node-22.x branch 4 times, most recently from 1206ff9 to 988359e Compare June 24, 2026 01:04
@ZxBot ZxBot changed the title chore(deps): update node.js to v22.23.0 chore(deps): update node.js to v22.23.1 Jun 24, 2026
@ZxBot ZxBot force-pushed the renovate/node-22.x branch from 988359e to d22c59e Compare June 25, 2026 03:31
@ZxBot ZxBot force-pushed the renovate/node-22.x branch from d22c59e to 1d7c78a Compare June 26, 2026 01:02
@sonarqube-zextras

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file renovate

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant