chore(deps): update dependency node to v22.4.1 - autoclosed

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
node		minor	22.3.0 -> 22.4.1
node (source)		minor	22.3.0 -> 22.4.1
node	final	minor	22.3.0 -> 22.4.1
node	stage	minor	22.3.0 -> 22.4.1

---

Release Notes

nodejs/node (node)

v22.4.1: 2024-07-08, Version 22.4.1 (Current), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

• CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
• CVE-2024-22020 - Bypass network import restriction via data URL (Medium)
• CVE-2024-22018 - fs.lstat bypasses permission model (Low)
• CVE-2024-36137 - fs.fchown/fchmod bypasses permission model (Low)
• CVE-2024-37372 - Permission model improperly processes UNC paths (Low)

Commits

• [110902ff5e] - lib,esm: handle bypass network-import via data: (RafaelGSS) nodejs-private/node-private#522
• [0a0de3d491] - lib,permission: support fs.lstat (RafaelGSS)
• [93574335ff] - lib,permission: disable fchmod/fchown when pm enabled (RafaelGSS) nodejs-private/node-private#584
• [09899e6302] - src: handle permissive extension on cmd check (RafaelGSS) nodejs-private/node-private#596
• [5d9c811634] - src,permission: fix UNC path resolution (RafaelGSS) nodejs-private/node-private#581

v22.4.0: 2024-07-02, Version 22.4.0 (Current), @​targos

Compare Source

Notable Changes

Experimental Web Storage API

• [9e30724b53] - (SEMVER-MINOR) deps,lib,src: add experimental web storage (Colin Ihrig) #​52435

API stability updates

• [201266706b] - doc: move node --run stability to rc (Yagiz Nizipli) #​53433
• [16c0884d48] - doc: mark WebSocket as stable (Matthew Aitken) #​53352
• [cf375e73c1] - doc: mark --heap-prof and related flags stable (Joyee Cheung) #​53343
• [0160745057] - doc: mark --cpu-prof and related flags stable (Joyee Cheung) #​53343

Other Notable Changes

• [df4762722c] - doc: doc-only deprecate OpenSSL engine-based APIs (Richard Lau) #​53329
• [ad5282e196] - inspector: fix disable async hooks on Debugger.setAsyncCallStackDepth (Joyee Cheung) #​53473
• [e95af740fc] - (SEMVER-MINOR) lib: add diagnostics_channel events to module loading (RafaelGSS) #​44340
• [50733a1abe] - (SEMVER-MINOR) util: support --no- for argument with boolean type for parseArgs (Zhenwei Jin) #​53107

Commits

• [9f32002397] - assert,util: correct comparison when both contain same reference (Daniel Lemire) #​53431
• [dfdc062111] - buffer: make indexOf(byte) faster (Tobias Nießen) #​53455
• [1de437527e] - build: configure with shared sqlite3 (Chengzhong Wu) #​53519
• [c7d44ba1f3] - build: find version of Clang installed on Windows (Stefan Stojanovic) #​53228
• [36aad8b204] - build: fix spacing before NINJA_ARGS (jakecastelli) #​53181
• [82092cdaa3] - crypto: improve GetECGroupBits signature (Tobias Nießen) #​53364
• [073c231607] - deps: update c-ares to v1.31.0 (Node.js GitHub Bot) #​53554
• [977beab729] - (SEMVER-MINOR) deps: sqlite: fix Windows compilation (Colin Ihrig) #​52435
• [e69b8d202c] - deps: update undici to 6.19.2 (Node.js GitHub Bot) #​53468
• [c4a7e051c8] - deps: update undici to 6.19.1 (Node.js GitHub Bot) #​53468
• [fa34f8fcf0] - deps: update undici to 6.19.1 (Node.js GitHub Bot) #​53468
• [0b40bfad43] - deps: update undici to 6.19.0 (Node.js GitHub Bot) #​53468
• [1877f22a79] - deps: update simdjson to 3.9.4 (Node.js GitHub Bot) #​53467
• [1b84964b8d] - deps: patch V8 to 12.4.254.21 (Node.js GitHub Bot) #​53470
• [6acadeb59b] - deps: update acorn-walk to 8.3.3 (Node.js GitHub Bot) #​53466
• [7a7f438841] - deps: update zlib to 1.3.0.1-motley-209717d (Node.js GitHub Bot) #​53156
• [bf891bf64c] - deps: update c-ares to v1.30.0 (Node.js GitHub Bot) #​53416
• [bd68888261] - deps: V8: cherry-pick a3cc852 (kxxt) #​53412
• [2defaaf771] - deps: V8: cherry-pick 6ea594f (kxxt) #​53412
• [9e30724b53] - (SEMVER-MINOR) deps,lib,src: add experimental web storage (Colin Ihrig) #​52435
• [608cc05de1] - doc: recommend not using libuv node-api function (Michael Dawson) #​53521
• [30858eca59] - doc: add additional guidance for PRs to deps (Michael Dawson) #​53499
• [a5852cc710] - doc: only apply content-visibility on all.html (Filip Skokan) #​53510
• [befabe5c58] - doc: update the description of the return type for options.filter (Zhenwei Jin) #​52742
• [5ed1a036ba] - doc: remove first timer badge (Aviv Keller) #​53338
• [201266706b] - doc: move node --run stability to rc (Yagiz Nizipli) #​53433
• [46a7681cc4] - doc: add Buffer.from(string) to functions that use buffer pool (Christian Bates-White) #​52801
• [ec5364f6de] - doc: add initial text for ambassadors program (Michael Dawson) #​52857
• [fa113b8fc7] - doc: fix typo (EhsanKhaki) #​53397
• [d9182d0086] - doc: define more cases for stream event emissions (Aviv Keller) #​53317
• [923d24b6f2] - doc: remove mentions of policy model from security info (Aviv Keller) #​53249
• [48f78cd31b] - doc: fix mistakes in the module load hook api (István Donkó) #​53349
• [16c0884d48] - doc: mark WebSocket as stable (Matthew Aitken) #​53352
• [df4762722c] - doc: doc-only deprecate OpenSSL engine-based APIs (Richard Lau) #​53329
• [cf375e73c1] - doc: mark --heap-prof and related flags stable (Joyee Cheung) #​53343
• [0160745057] - doc: mark --cpu-prof and related flags stable (Joyee Cheung) #​53343
• [6e12d9f049] - doc: remove IRC from man page (Tobias Nießen) #​53344
• [24c7a9415b] - doc, http: add rejectNonStandardBodyWrites option, clear its behaviour (jakecastelli) #​53396
• [ec38f3dc6a] - doc, meta: organize contributing to Node-API guide (Aviv Keller) #​53243
• [cf5a973c42] - doc, meta: use markdown rather than HTML in CONTRIBUTING.md (Aviv Keller) #​53235
• [105b006fd2] - fs: move ToNamespacedPath to c++ (Yagiz Nizipli) #​52135
• [568377f7f0] - fs: do not crash if the watched file is removed while setting up watch (Matteo Collina) #​53452
• [fad179307c] - fs: add fast api for InternalModuleStat (Yagiz Nizipli) #​51344
• [41100b65f6] - http2: reject failed http2.connect when used with promisify (ehsankhfr) #​53475
• [ad5282e196] - inspector: fix disable async hooks on Debugger.setAsyncCallStackDepth (Joyee Cheung) #​53473
• [b5fc227344] - lib: fix typo in comment (codediverdev) #​53543
• [e95af740fc] - (SEMVER-MINOR) lib: add diagnostics_channel events to module loading (RafaelGSS) #​44340
• [123910f1de] - lib: remove the unused code (theanarkh) #​53463
• [452011b719] - lib: speed up MessageEvent creation internally (Matthew Aitken) #​52951
• [710cf7758c] - lib: reduce amount of caught URL errors (Yagiz Nizipli) #​52658
• [45b59e58d1] - lib: fix naming convention of Symbol (Deokjin Kim) #​53387
• [515dd24ee7] - lib: fix timer leak (theanarkh) #​53337
• [77166137be] - meta: use correct source for workflow in PR (Aviv Keller) #​53490
• [d1c10fee53] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #​53480
• [a5026386bf] - meta: fix typo in dependency updates (Aviv Keller) #​53471
• [0b9191da99] - meta: bump step-security/harden-runner from 2.7.1 to 2.8.0 (dependabot[bot]) #​53245
• [49cfb9d001] - src: reset process.versions during pre-execution (Richard Lau) #​53444
• [15df4edd22] - src: use args.This() instead of Holder (Michaël Zasso) #​53474
• [e16a04e852] - src: fix dynamically linked OpenSSL version (Richard Lau) #​53456
• [5961253824] - src: remove base64 from process.versions (Richard Lau) #​53442
• [11dd15c0b5] - src: remove SetEncoding from StringEncoder (Yagiz Nizipli) #​53441
• [0c7e69acd2] - src: simplify size() == 0 checks (Yagiz Nizipli) #​53440
• [f077afafda] - src: add utilities to help debugging reproducibility of snapshots (Joyee Cheung) #​50983
• [004b9ea4c4] - src: make sure that memcpy-ed structs in snapshot have no padding (Joyee Cheung) #​50983
• [bfc5236423] - src: return non-empty data in context data serializer (Joyee Cheung) #​50983
• [955454ba4d] - src: fix typo in env.cc (EhsanKhaki) #​53418
• [7d8787768c] - src: avoid strcmp in favor of operator== (Tobias Nießen) #​53439
• [599e7c3d8e] - src: remove ArrayBufferAllocator::Reallocate override (Shu-yu Guo) #​52910
• [f9075ff38e] - src: print v8::OOMDetails::detail when it's available (Joyee Cheung) #​53360
• [4704270443] - src: fix IsIPAddress for IPv6 (Hüseyin Açacak) #​53400
• [63f62d76de] - src: fix permission inspector crash (theanarkh) #​53389
• [70bbc02dac] - src, deps: add nbytes library (James M Snell) #​53507
• [8b877099d0] - stream: update outdated highwatermark doc (Jay Kim) #​53494
• [eded1e9768] - stream: support dispose in writable (Benjamin Gruenbaum) #​48547
• [b3372a8b0e] - stream: callback should be called when pendingcb is 0 (jakecastelli) #​53438
• [f4efb7f625] - stream: make sure _destroy is called (jakecastelli) #​53213
• [7dde37591c] - stream: prevent stream unexpected pause when highWaterMark set to 0 (jakecastelli) #​53261
• [6e66d9763f] - test: mark test-benchmark-crypto as flaky (Antoine du Hamel) #​52955
• [1eebcbf9bf] - test: skip reproducible snapshot test on 32-bit (Michaël Zasso) #​53592
• [91b2850303] - test: extend env for test-node-output-errors (Richard Lau) #​53535
• [bcad560726] - test: update compression web-platform tests (Yagiz Nizipli) #​53478
• [b8f436c755] - test: update encoding web-platform tests (Yagiz Nizipli) #​53477
• [d2c169a4f6] - test: update url web-platform tests (Yagiz Nizipli) #​53472
• [513e6aa4c7] - test: check against run-time OpenSSL version (Richard Lau) #​53456
• [602b9d63c4] - test: update tests for OpenSSL 3.0.14 (Richard Lau) #​53373
• [4a3525bb08] - test: fix test-http-server-keepalive-req-gc (Etienne Pierre-doray) #​53292
• [7349edb28b] - test: update TLS tests for OpenSSL 3.2 (Richard Lau) #​53384
• [a11a05763d] - tls: check result of SSL_CTX_set_*_proto_version (Tobias Nießen) #​53459
• [4b47f89eb2] - tls: avoid taking ownership of OpenSSL objects (Tobias Nießen) #​53436
• [ac8adeb99f] - tls: use SSL_get_peer_tmp_key (Tobias Nießen) #​53366
• [d5c380bb09] - tools: lock versions of irrelevant DB deps (Michaël Zasso) #​53546
• [71321bb249] - tools: fix skip detection of test runner output (Richard Lau) #​53545
• [ca198f4125] - tools: update eslint to 9.5.0 (Node.js GitHub Bot) #​53515
• [30fdd482a1] - tools: move ESLint to tools/eslint (Michaël Zasso) #​53413
• [fe85e05ba9] - tools: fix c-ares update script (Marco Ippolito) #​53414
• [8eb7bdf81b] - tools: update lint-md-dependencies (Node.js GitHub Bot) #​53158
• [9ece63d415] - tools: do not run Corepack code before it's reviewed (Antoine du Hamel) #​53405
• [ab2021492b] - tools: move ESLint tools to tools/eslint (Michaël Zasso) #​53393
• [78a9037a6d] - tools: use Ubuntu 24.04 and Clang on GitHub actions (Michaël Zasso) #​53212
• [855eb25dad] - tools: add stream label on PR when related files being changed in lib (jakecastelli) #​53269
• [50733a1abe] - (SEMVER-MINOR) util: support --no- for argument with boolean type for parseArgs (Zhenwei Jin) #​53107

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Branch automerge failure

This PR was configured for branch automerge. However, this is not possible, so it has been raised as a PR instead.

---

• Branch has one or more failed status checks

[BacLuc]

the docker compose and docker files are missing

[usu]

the docker compose and docker files are missing

They are now also included