Thanks to visit codestin.com
Credit goes to github.com

Skip to content

meta: bump github/codeql-action from 3.30.5 to 4.31.2 #60533

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 3, 2025
Merged

meta: bump github/codeql-action from 3.30.5 to 4.31.2 #60533

merged 1 commit into from
Nov 3, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 1, 2025

Bumps github/codeql-action from 3.30.5 to 4.31.2.

Release notes

Sourced from github/codeql-action's releases.

v4.31.2

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.2 - 30 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v4.31.1

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.1 - 30 Oct 2025

  • The add-snippets input has been removed from the analyze action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.

See the full CHANGELOG.md for more information.

v4.31.0

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.0 - 24 Oct 2025

  • Bump minimum CodeQL bundle version to 2.17.6. #3223
  • When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

See the full CHANGELOG.md for more information.

v4.30.9

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.9 - 17 Oct 2025

  • Update default CodeQL bundle version to 2.23.3. #3205
  • Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

See the full CHANGELOG.md for more information.

v4.30.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.31.2 - 30 Oct 2025

No user facing changes.

4.31.1 - 30 Oct 2025

  • The add-snippets input has been removed from the analyze action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.

4.31.0 - 24 Oct 2025

  • Bump minimum CodeQL bundle version to 2.17.6. #3223
  • When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

4.30.9 - 17 Oct 2025

  • Update default CodeQL bundle version to 2.23.3. #3205
  • Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

4.30.8 - 10 Oct 2025

No user facing changes.

4.30.7 - 06 Oct 2025

  • [v4+ only] The CodeQL Action now runs on Node.js v24. #3169

3.30.6 - 02 Oct 2025

  • Update default CodeQL bundle version to 2.23.2. #3168

3.30.5 - 26 Sep 2025

  • We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

3.30.4 - 25 Sep 2025

  • We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100
  • We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107
  • You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130
  • Update default CodeQL bundle version to 2.23.1. #3118

3.30.3 - 10 Sep 2025

... (truncated)

Commits
  • 0499de3 Merge pull request #3261 from github/henrymercer/setup-python
  • 3b96745 Set up Python in mergeback workflow
  • 8a06050 Merge pull request #3259 from github/update-v4.31.2-9576b5cbe
  • 752a642 Update changelog for v4.31.2
  • 9576b5c Merge pull request #3258 from github/mbg/enablement-errors/case-insensitive
  • cc88437 Merge pull request #3257 from github/henrymercer/ubuntu-slim
  • f0e9bf0 Make isEnablementError case-insensitive
  • 2a3599c Run lightweight workflows on ubuntu-slim
  • 514ff4d Merge pull request #3256 from github/henrymercer/resolve-bad-merge
  • aab1c2f Merge pull request #3253 from github/mergeback/v4.31.1-to-main-5fe9434c
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
meta: bump github/codeql-action from 3.30.5 to 4.31.2
b46b3de 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.5 to 4.31.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@3599b3b...0499de3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file. github_actions Pull requests that update GitHub Actions code labels Nov 1, 2025
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Nov 1, 2025

Review requested:

  • @nodejs/actions

@nodejs-github-bot nodejs-github-bot added the meta Issues and PRs related to the general management of the project. label Nov 1, 2025
targos
targos approved these changes Nov 2, 2025
View reviewed changes
Copy link
Member

@targos targos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interesting use of semver

@targos targos added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Nov 2, 2025
@targos targos added the commit-queue Add this label to land a pull request using GitHub Actions. label Nov 2, 2025
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Nov 3, 2025
@nodejs-github-bot nodejs-github-bot merged commit 39b6424 into main Nov 3, 2025
42 checks passed
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Nov 3, 2025

Landed in 39b6424

@nodejs-github-bot nodejs-github-bot deleted the dependabot/github_actions/github/codeql-action-4.31.2 branch November 3, 2025 18:15
aduh95 pushed a commit that referenced this pull request Nov 5, 2025
@dependabot @aduh95
meta: bump github/codeql-action from 3.30.5 to 4.31.2
1664902 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.5 to 4.31.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@3599b3b...0499de3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
PR-URL: #60533
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Ulises Gascón <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
@github-actions github-actions bot mentioned this pull request Nov 11, 2025
Merged
aduh95 pushed a commit that referenced this pull request Nov 11, 2025
@dependabot @aduh95
meta: bump github/codeql-action from 3.30.5 to 4.31.2
d00d901 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.5 to 4.31.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@3599b3b...0499de3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
PR-URL: #60533
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Ulises Gascón <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this pull request Nov 13, 2025
@dependabot @aduh95
meta: bump github/codeql-action from 3.30.5 to 4.31.2
af6d4a6 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.5 to 4.31.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@3599b3b...0499de3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
PR-URL: #60533
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Ulises Gascón <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
tmeijn pushed a commit to tmeijn/dotfiles that referenced this pull request Nov 14, 2025
@tmeijn
build(deps): update node to v25.2.0
b8f3b30 
This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [node](https://nodejs.org) ([source](https://github.com/nodejs/node)) | minor | `25.1.0` -> `25.2.0` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>nodejs/node (node)</summary>

### [`v25.2.0`](https://github.com/nodejs/node/releases/tag/v25.2.0): 2025-11-11, Version 25.2.0 (Current), @&#8203;aduh95

[Compare Source](nodejs/node@v25.1.0...v25.2.0)

##### Notable Changes

- \[[`a37c01e6a1`](nodejs/node@a37c01e6a1)] - **(SEMVER-MINOR)** **lib**: add options to util.deprecate (Rafael Gonzaga) [#&#8203;59982](nodejs/node#59982)
- \[[`4fbb1ab101`](nodejs/node@4fbb1ab101)] - **lib**: throw from localStorage getter on missing storage path (René) [#&#8203;60351](nodejs/node#60351)
- \[[`727560a96d`](nodejs/node@727560a96d)] - **(SEMVER-MINOR)** **module**: mark type stripping as stable (Marco Ippolito) [#&#8203;60600](nodejs/node#60600)
- \[[`506b79e888`](nodejs/node@506b79e888)] - **(SEMVER-MINOR)** **net**: increase network family autoselection timeout to 500ms (Rod Vagg) [#&#8203;60334](nodejs/node#60334)
- \[[`166c72ec02`](nodejs/node@166c72ec02)] - **(SEMVER-MINOR)** **node-api**: add napi\_create\_object\_with\_properties (Miguel Marcondes Filho) [#&#8203;59953](nodejs/node#59953)
- \[[`399b340022`](nodejs/node@399b340022)] - **(SEMVER-MINOR)** **v8**: adding total\_allocated\_bytes to HeapStatistics (Caio Lima) [#&#8203;60573](nodejs/node#60573)

##### Commits

- \[[`d5158a0a2d`](nodejs/node@d5158a0a2d)] - **benchmark**: focus on import.meta intialization in import-meta benchmark (Joyee Cheung) [#&#8203;60603](nodejs/node#60603)
- \[[`26a5305fa9`](nodejs/node@26a5305fa9)] - **benchmark**: add per-suite setup option (Joyee Cheung) [#&#8203;60574](nodejs/node#60574)
- \[[`4810e4b82d`](nodejs/node@4810e4b82d)] - **buffer**: speed up concat via TypedArray#set (Gürgün Dayıoğlu) [#&#8203;60399](nodejs/node#60399)
- \[[`94a94a6b3a`](nodejs/node@94a94a6b3a)] - **console**: optimize single-string logging (Gürgün Dayıoğlu) [#&#8203;60422](nodejs/node#60422)
- \[[`ad376c31db`](nodejs/node@ad376c31db)] - **crypto**: fix argument validation in crypto.timingSafeEqual fast path (Joyee Cheung) [#&#8203;60538](nodejs/node#60538)
- \[[`dc38a45a55`](nodejs/node@dc38a45a55)] - **debugger**: fix event listener leak in the run command (Joyee Cheung) [#&#8203;60464](nodejs/node#60464)
- \[[`a61e5d8e05`](nodejs/node@a61e5d8e05)] - **deps**: call OPENSSL\_free after ANS1\_STRING\_to\_UTF8 (Rafael Gonzaga) [#&#8203;60609](nodejs/node#60609)
- \[[`51e5030afa`](nodejs/node@51e5030afa)] - **deps**: nghttp2: revert [`7784fa9`](nodejs/node@7784fa979d0b) (Antoine du Hamel) [#&#8203;59790](nodejs/node#59790)
- \[[`eef838f499`](nodejs/node@eef838f499)] - **deps**: update nghttp2 to 1.67.1 (nodejs-github-bot) [#&#8203;59790](nodejs/node#59790)
- \[[`13120a43d4`](nodejs/node@13120a43d4)] - **deps**: update simdjson to 4.1.0 (Node.js GitHub Bot) [#&#8203;60542](nodejs/node#60542)
- \[[`6e1b23dab8`](nodejs/node@6e1b23dab8)] - **deps**: update corepack to 0.34.2 (Node.js GitHub Bot) [#&#8203;60550](nodejs/node#60550)
- \[[`a02e05c486`](nodejs/node@a02e05c486)] - **deps**: update amaro to 1.1.5 (Node.js GitHub Bot) [#&#8203;60541](nodejs/node#60541)
- \[[`b9ba3a7947`](nodejs/node@b9ba3a7947)] - **deps**: V8: backport [`fe81545`](nodejs/node@fe81545e6d14) (Caio Lima) [#&#8203;60429](nodejs/node#60429)
- \[[`07bcd28494`](nodejs/node@07bcd28494)] - **deps**: V8: cherry-pick [`7ef6a00`](nodejs/node@7ef6a001762) (Xiao-Tao) [#&#8203;60259](nodejs/node#60259)
- \[[`3e11658243`](nodejs/node@3e11658243)] - **doc**: update Collaborators list to reflect hybrist handle change (Antoine du Hamel) [#&#8203;60650](nodejs/node#60650)
- \[[`b8e40e4d38`](nodejs/node@b8e40e4d38)] - **doc**: fix link in `--env-file=file` section (N. Bighetti) [#&#8203;60563](nodejs/node#60563)
- \[[`9558c1c0df`](nodejs/node@9558c1c0df)] - **doc**: fix linter issues (Antoine du Hamel) [#&#8203;60636](nodejs/node#60636)
- \[[`cdf70de563`](nodejs/node@cdf70de563)] - **doc**: add missing history entry for `sqlite.md` (Antoine du Hamel) [#&#8203;60607](nodejs/node#60607)
- \[[`e3c5dcf1ea`](nodejs/node@e3c5dcf1ea)] - **doc**: correct values/references for buffer.kMaxLength (René) [#&#8203;60305](nodejs/node#60305)
- \[[`a25d76c924`](nodejs/node@a25d76c924)] - **doc**: recommend events.once to manage 'close' event (Dan Fabulich) [#&#8203;60017](nodejs/node#60017)
- \[[`795f32bf91`](nodejs/node@795f32bf91)] - **doc**: highlight module loading difference between import and require (Ajay A) [#&#8203;59815](nodejs/node#59815)
- \[[`212775410b`](nodejs/node@212775410b)] - **doc**: add CJS code snippets in `sqlite.md` (Allon Murienik) [#&#8203;60395](nodejs/node#60395)
- \[[`263c06096d`](nodejs/node@263c06096d)] - **doc**: fix typo in `process.unref` documentation (우혁) [#&#8203;59698](nodejs/node#59698)
- \[[`356bdae408`](nodejs/node@356bdae408)] - **doc**: add some entries to `glossary.md` (Mohataseem Khan) [#&#8203;59277](nodejs/node#59277)
- \[[`9632c398de`](nodejs/node@9632c398de)] - **doc**: improve agent.createConnection docs for http and https agents (JaeHo Jang) [#&#8203;58205](nodejs/node#58205)
- \[[`f72880dbe3`](nodejs/node@f72880dbe3)] - **doc**: fix pseudo code in modules.md (chirsz) [#&#8203;57677](nodejs/node#57677)
- \[[`a9c70cefe8`](nodejs/node@a9c70cefe8)] - **doc**: add missing variable in code snippet (Koushil Mankali) [#&#8203;55478](nodejs/node#55478)
- \[[`2892d151d4`](nodejs/node@2892d151d4)] - **doc**: add missing word in `single-executable-applications.md` (Konstantin Tsabolov) [#&#8203;53864](nodejs/node#53864)
- \[[`9c99ab6571`](nodejs/node@9c99ab6571)] - **doc**: fix typo in http.md (Michael Solomon) [#&#8203;59354](nodejs/node#59354)
- \[[`3446cf375f`](nodejs/node@3446cf375f)] - **doc**: update devcontainer.json and add documentation (Joyee Cheung) [#&#8203;60472](nodejs/node#60472)
- \[[`519c537875`](nodejs/node@519c537875)] - **doc**: add haramj as triager (Haram Jeong) [#&#8203;60348](nodejs/node#60348)
- \[[`62889d7e99`](nodejs/node@62889d7e99)] - **doc**: clarify require(esm) description (dynst) [#&#8203;60520](nodejs/node#60520)
- \[[`0b9ef68705`](nodejs/node@0b9ef68705)] - **doc**: instantiate resolver object (Donghoon Nam) [#&#8203;60476](nodejs/node#60476)
- \[[`cd5c1ad29f`](nodejs/node@cd5c1ad29f)] - **doc**: correct module loading descriptions (Joyee Cheung) [#&#8203;60346](nodejs/node#60346)
- \[[`74719dad7a`](nodejs/node@74719dad7a)] - **doc**: clarify Linux runtime requirements for >=25 (Joyee Cheung) [#&#8203;60484](nodejs/node#60484)
- \[[`ca39540785`](nodejs/node@ca39540785)] - **doc**: clarify --use-system-ca support status (Joyee Cheung) [#&#8203;60340](nodejs/node#60340)
- \[[`dbf204c714`](nodejs/node@dbf204c714)] - **doc,crypto**: link keygen to supported types (Filip Skokan) [#&#8203;60585](nodejs/node#60585)
- \[[`3bcf86d56d`](nodejs/node@3bcf86d56d)] - **esm**: use sync loading/resolving on non-loader-hook thread (Joyee Cheung) [#&#8203;60380](nodejs/node#60380)
- \[[`69b3d2c845`](nodejs/node@69b3d2c845)] - **http**: replace startsWith with strict equality (btea) [#&#8203;59394](nodejs/node#59394)
- \[[`a38e2f5975`](nodejs/node@a38e2f5975)] - **http2**: add diagnostics channels for client stream request body (Darshan Sen) [#&#8203;60480](nodejs/node#60480)
- \[[`c047e73a00`](nodejs/node@c047e73a00)] - **inspector**: inspect HTTP response body (Chengzhong Wu) [#&#8203;60572](nodejs/node#60572)
- \[[`d2087bae92`](nodejs/node@d2087bae92)] - **inspector**: support inspecting HTTP/2 request and response bodies (Darshan Sen) [#&#8203;60483](nodejs/node#60483)
- \[[`003121c475`](nodejs/node@003121c475)] - **inspector**: fix crash when receiving non json message (Shima Ryuhei) [#&#8203;60388](nodejs/node#60388)
- \[[`a37c01e6a1`](nodejs/node@a37c01e6a1)] - **(SEMVER-MINOR)** **lib**: add options to util.deprecate (Rafael Gonzaga) [#&#8203;59982](nodejs/node#59982)
- \[[`219d2e978d`](nodejs/node@219d2e978d)] - **lib**: replace global SharedArrayBuffer constructor with bound method (Renegade334) [#&#8203;60497](nodejs/node#60497)
- \[[`4fbb1ab101`](nodejs/node@4fbb1ab101)] - **lib**: throw from localStorage getter on missing storage path (René) [#&#8203;60351](nodejs/node#60351)
- \[[`ca8934f44d`](nodejs/node@ca8934f44d)] - **meta**: bump cachix/install-nix-action from 31.6.1 to 31.8.2 (dependabot\[bot]) [#&#8203;60534](nodejs/node#60534)
- \[[`166490230a`](nodejs/node@166490230a)] - **meta**: bump github/codeql-action from 3.30.5 to 4.31.2 (dependabot\[bot]) [#&#8203;60533](nodejs/node#60533)
- \[[`b722236a12`](nodejs/node@b722236a12)] - **meta**: bump actions/download-artifact from 5.0.0 to 6.0.0 (dependabot\[bot]) [#&#8203;60532](nodejs/node#60532)
- \[[`3314b0bc60`](nodejs/node@3314b0bc60)] - **meta**: bump actions/upload-artifact from 4.6.2 to 5.0.0 (dependabot\[bot]) [#&#8203;60531](nodejs/node#60531)
- \[[`d1d9891feb`](nodejs/node@d1d9891feb)] - **meta**: bump actions/github-script from 7.0.1 to 8.0.0 (dependabot\[bot]) [#&#8203;60530](nodejs/node#60530)
- \[[`995596a34f`](nodejs/node@995596a34f)] - **meta**: bump actions/setup-node from 5.0.0 to 6.0.0 (dependabot\[bot]) [#&#8203;60529](nodejs/node#60529)
- \[[`b60157a0fe`](nodejs/node@b60157a0fe)] - **meta**: bump actions/stale from 10.0.0 to 10.1.0 (dependabot\[bot]) [#&#8203;60528](nodejs/node#60528)
- \[[`07fa6c9081`](nodejs/node@07fa6c9081)] - **meta**: call `create-release-post.yml` post release (Aviv Keller) [#&#8203;60366](nodejs/node#60366)
- \[[`727560a96d`](nodejs/node@727560a96d)] - **(SEMVER-MINOR)** **module**: mark type stripping as stable (Marco Ippolito) [#&#8203;60600](nodejs/node#60600)
- \[[`506b79e888`](nodejs/node@506b79e888)] - **(SEMVER-MINOR)** **net**: increase network family autoselection timeout to 500ms (Rod Vagg) [#&#8203;60334](nodejs/node#60334)
- \[[`166c72ec02`](nodejs/node@166c72ec02)] - **(SEMVER-MINOR)** **node-api**: add napi\_create\_object\_with\_properties (Miguel Marcondes Filho) [#&#8203;59953](nodejs/node#59953)
- \[[`6ab83cf979`](nodejs/node@6ab83cf979)] - **node-api**: use local files for instanceof test (Vladimir Morozov) [#&#8203;60190](nodejs/node#60190)
- \[[`3671851879`](nodejs/node@3671851879)] - **perf\_hooks**: move non-standard performance properties to perf\_hooks (Chengzhong Wu) [#&#8203;60370](nodejs/node#60370)
- \[[`6ddee4a7ed`](nodejs/node@6ddee4a7ed)] - **repl**: fix pasting after moving the cursor to the left (Ruben Bridgewater) [#&#8203;60470](nodejs/node#60470)
- \[[`edc3033905`](nodejs/node@edc3033905)] - **sqlite,doc**: fix StatementSync section (Edy Silva) [#&#8203;60474](nodejs/node#60474)
- \[[`e9b68e60d4`](nodejs/node@e9b68e60d4)] - **src**: move import.meta initializer to native land (Joyee Cheung) [#&#8203;60603](nodejs/node#60603)
- \[[`0ebf839a4f`](nodejs/node@0ebf839a4f)] - **src**: use CP\_UTF8 for wide file names on win32 (Fedor Indutny) [#&#8203;60575](nodejs/node#60575)
- \[[`a31ad37714`](nodejs/node@a31ad37714)] - **src**: show original file name in FileHandle GC close errors (Anna Henningsen) [#&#8203;60593](nodejs/node#60593)
- \[[`a6c221324b`](nodejs/node@a6c221324b)] - **src**: avoid C strings in more C++ exception throws (Anna Henningsen) [#&#8203;60592](nodejs/node#60592)
- \[[`fdff838ce3`](nodejs/node@fdff838ce3)] - **src**: add internal binding for constructing SharedArrayBuffers (Renegade334) [#&#8203;60497](nodejs/node#60497)
- \[[`4385b0b65f`](nodejs/node@4385b0b65f)] - **src**: move `napi_addon_register_func` to `node_api_types.h` (Anna Henningsen) [#&#8203;60512](nodejs/node#60512)
- \[[`de78da7887`](nodejs/node@de78da7887)] - **src**: move Node-API version detection to where it is used (Anna Henningsen) [#&#8203;60512](nodejs/node#60512)
- \[[`b606d46c3f`](nodejs/node@b606d46c3f)] - **src**: remove unconditional NAPI\_EXPERIMENTAL in node.h (Chengzhong Wu) [#&#8203;60345](nodejs/node#60345)
- \[[`5941341889`](nodejs/node@5941341889)] - **src**: clean up generic counter implementation (Anna Henningsen) [#&#8203;60447](nodejs/node#60447)
- \[[`7015f30e62`](nodejs/node@7015f30e62)] - **src**: add enum handle for ToStringHelper + formatting (Burkov Egor) [#&#8203;56829](nodejs/node#56829)
- \[[`39dfcbad6e`](nodejs/node@39dfcbad6e)] - **stream**: don't try to read more if reading (Robert Nagy) [#&#8203;60454](nodejs/node#60454)
- \[[`ee333c9177`](nodejs/node@ee333c9177)] - **test**: deflake test-perf-hooks-timerify-histogram-sync (Joyee Cheung) [#&#8203;60639](nodejs/node#60639)
- \[[`f0d81c91e7`](nodejs/node@f0d81c91e7)] - **test**: apply a delay to `watch-mode-kill-signal` tests (Joyee Cheung) [#&#8203;60610](nodejs/node#60610)
- \[[`68791e2ccc`](nodejs/node@68791e2ccc)] - **test**: async iife in repl (Tony Gorez) [#&#8203;44878](nodejs/node#44878)
- \[[`c4eb9c3383`](nodejs/node@c4eb9c3383)] - **test**: parallelize sea tests when there's enough disk space (Joyee Cheung) [#&#8203;60604](nodejs/node#60604)
- \[[`be8c4172d9`](nodejs/node@be8c4172d9)] - **test**: only show overridden env in child process failures (Joyee Cheung) [#&#8203;60556](nodejs/node#60556)
- \[[`8cae858f88`](nodejs/node@8cae858f88)] - **test**: ensure assertions are reached on more tests (Antoine du Hamel) [#&#8203;60498](nodejs/node#60498)
- \[[`759d69331e`](nodejs/node@759d69331e)] - **test**: ensure assertions are reachable in `test/es-module` (Antoine du Hamel) [#&#8203;60501](nodejs/node#60501)
- \[[`6aaf18c333`](nodejs/node@6aaf18c333)] - **test**: ensure assertions are reached on more tests (Antoine du Hamel) [#&#8203;60485](nodejs/node#60485)
- \[[`bc41acf087`](nodejs/node@bc41acf087)] - **test**: ensure assertions are reached on more tests (Antoine du Hamel) [#&#8203;60500](nodejs/node#60500)
- \[[`22fd621daf`](nodejs/node@22fd621daf)] - **test**: split test-perf-hooks-timerify (Joyee Cheung) [#&#8203;60568](nodejs/node#60568)
- \[[`5efe4f722e`](nodejs/node@5efe4f722e)] - **test**: add more logs to test-esm-loader-hooks-inspect-wait (Joyee Cheung) [#&#8203;60466](nodejs/node#60466)
- \[[`2a57268f34`](nodejs/node@2a57268f34)] - **test**: mark stringbytes-external-exceed-max tests as flaky on AIX (Joyee Cheung) [#&#8203;60565](nodejs/node#60565)
- \[[`2c199f7f61`](nodejs/node@2c199f7f61)] - **test**: split test-esm-wasm.js (Joyee Cheung) [#&#8203;60491](nodejs/node#60491)
- \[[`bc8f7db5bb`](nodejs/node@bc8f7db5bb)] - **test**: correct conditional secure heap flags test (Shelley Vohr) [#&#8203;60385](nodejs/node#60385)
- \[[`3bf42a5dd3`](nodejs/node@3bf42a5dd3)] - **test**: spin longer on flaky platforms for test-worker-prof (Joyee Cheung) [#&#8203;60492](nodejs/node#60492)
- \[[`eca6227e7e`](nodejs/node@eca6227e7e)] - **test**: ensure assertions are reachable in `test/internet` (Antoine du Hamel) [#&#8203;60513](nodejs/node#60513)
- \[[`313983453b`](nodejs/node@313983453b)] - **test**: fix flaky test-watch-mode-kill-signal-\* (Joyee Cheung) [#&#8203;60443](nodejs/node#60443)
- \[[`ccc26377b5`](nodejs/node@ccc26377b5)] - **test**: capture stack trace in debugger timeout errors (Joyee Cheung) [#&#8203;60457](nodejs/node#60457)
- \[[`12e9213a24`](nodejs/node@12e9213a24)] - **test**: ensure assertions are reachable in `test/sequential` (Antoine du Hamel) [#&#8203;60412](nodejs/node#60412)
- \[[`781a2661de`](nodejs/node@781a2661de)] - **test**: ensure assertions are reachable in more folders (Antoine du Hamel) [#&#8203;60411](nodejs/node#60411)
- \[[`1e979e6eb7`](nodejs/node@1e979e6eb7)] - **test**: split test-runner-watch-mode (Joyee Cheung) [#&#8203;60391](nodejs/node#60391)
- \[[`8c31cbb99b`](nodejs/node@8c31cbb99b)] - **test**: move test-runner-watch-mode helper into common (Joyee Cheung) [#&#8203;60391](nodejs/node#60391)
- \[[`c94c6555cc`](nodejs/node@c94c6555cc)] - **test,crypto**: handle a few more BoringSSL tests (Shelley Vohr) [#&#8203;59030](nodejs/node#59030)
- \[[`fd63c27444`](nodejs/node@fd63c27444)] - **test,crypto**: update x448 and ed448 expectation when on boringssl (Shelley Vohr) [#&#8203;60387](nodejs/node#60387)
- \[[`bf0de92446`](nodejs/node@bf0de92446)] - **tls**: fix leak on invalid protocol method (Shelley Vohr) [#&#8203;60427](nodejs/node#60427)
- \[[`7e8373b378`](nodejs/node@7e8373b378)] - **tools**: replace invalid expression in dependabot config (Riddhi) [#&#8203;60649](nodejs/node#60649)
- \[[`ac08760547`](nodejs/node@ac08760547)] - **tools**: extract Nix dependency lists to separate files (Antoine du Hamel) [#&#8203;60495](nodejs/node#60495)
- \[[`ae91a6cc3a`](nodejs/node@ae91a6cc3a)] - **tools**: only add test reporter args when node:test is used (Joyee Cheung) [#&#8203;60551](nodejs/node#60551)
- \[[`97ed560222`](nodejs/node@97ed560222)] - **tools**: skip unaffected GHA jobs for changes in `test/internet` (Antoine du Hamel) [#&#8203;60517](nodejs/node#60517)
- \[[`44ca97b404`](nodejs/node@44ca97b404)] - **tools**: fix update-icu script (Michaël Zasso) [#&#8203;60521](nodejs/node#60521)
- \[[`07b0b5a5ba`](nodejs/node@07b0b5a5ba)] - **tools**: fix linter for semver-major release proposals (Antoine du Hamel) [#&#8203;60481](nodejs/node#60481)
- \[[`97d74224c3`](nodejs/node@97d74224c3)] - **tools**: fix failing release-proposal linter for LTS transitions (Antoine du Hamel) [#&#8203;60465](nodejs/node#60465)
- \[[`019af5bc27`](nodejs/node@019af5bc27)] - **tools**: skip running test-shared on deps changes (Antoine du Hamel) [#&#8203;60433](nodejs/node#60433)
- \[[`3ec9764151`](nodejs/node@3ec9764151)] - **tools**: pin OpenSSL to 3.5.4 on test-shared workflow (Antoine du Hamel) [#&#8203;60428](nodejs/node#60428)
- \[[`fe2d6d44d4`](nodejs/node@fe2d6d44d4)] - **tools**: remove undici from daily wpt.fyi job (Filip Skokan) [#&#8203;60444](nodejs/node#60444)
- \[[`d09ba98398`](nodejs/node@d09ba98398)] - **tools**: document that nixpkgs updates should not be backported (Antoine du Hamel) [#&#8203;60431](nodejs/node#60431)
- \[[`7fc99319e7`](nodejs/node@7fc99319e7)] - **tools**: do not use short hashes for deps versioning to avoid collision (Antoine du Hamel) [#&#8203;60407](nodejs/node#60407)
- \[[`815edb0c3a`](nodejs/node@815edb0c3a)] - **tools,doc**: update JavaScript primitive types to match MDN Web Docs (JustApple) [#&#8203;60581](nodejs/node#60581)
- \[[`6877139a2d`](nodejs/node@6877139a2d)] - **util**: fix stylize of special properties in inspect (Ge Gao) [#&#8203;60479](nodejs/node#60479)
- \[[`399b340022`](nodejs/node@399b340022)] - **(SEMVER-MINOR)** **v8**: adding total\_allocated\_bytes to HeapStatistics (Caio Lima) [#&#8203;60573](nodejs/node#60573)
- \[[`d64795b318`](nodejs/node@d64795b318)] - **watch**: fix interaction with multiple env files (Marco Ippolito) [#&#8203;60605](nodejs/node#60605)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNzMuMSIsInVwZGF0ZWRJblZlciI6IjQxLjE3My4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lpinca lpinca lpinca approved these changes

@targos targos targos approved these changes

@cjihrig cjihrig cjihrig approved these changes

@UlisesGascon UlisesGascon UlisesGascon approved these changes

Assignees

No one assigned

Labels

author ready PRs that have at least one approval, no pending requests for changes, and a CI started. dependencies Pull requests that update a dependency file. github_actions Pull requests that update GitHub Actions code meta Issues and PRs related to the general management of the project.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@nodejs-github-bot @lpinca @targos @cjihrig @UlisesGascon