Skip to content

chore(deps): update node.js to v24.14.1#23

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/node-24.x
Open

chore(deps): update node.js to v24.14.1#23
renovate[bot] wants to merge 1 commit intomainfrom
renovate/node-24.x

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate bot commented Feb 14, 2026
edited
Loading

This PR contains the following updates:

Package Update Change Pending
node (source) minor 24.13.024.14.1 v24.15.0

Release Notes

nodejs/node (node)

v24.14.1

Compare Source

v24.14.0

Compare Source

v24.13.1

Compare Source

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Feb 14, 2026
edited
Loading

Renovate PR Review Results

⚖️ Safety Assessment: ✅ Safe

🔍 Release Content Analysis

This PR updates Node.js from v24.13.0 to v24.14.1, spanning three minor releases (v24.13.1, v24.14.0, and v24.14.1). Key changes include:

v24.14.1 (Security Release - March 24, 2026)

  • 8 CVEs addressed including 2 high severity, 4 medium severity, and 2 low severity issues
  • Updated undici to 7.24.4, npm to 11.11.0
  • V8 engine backports for hash collision fixes

v24.14.0 (LTS Release - February 24, 2026)

  • New async_hooks option for promise tracking
  • New http.setGlobalProxyFromEnv() function
  • fs.watch() ignore option
  • Test runner improvements (env option, expectFailure support)
  • SQLite defensive mode enabled by default
  • Updated npm to 11.9.0, undici to 7.21.0

v24.13.1 (LTS Release - February 10, 2026)

  • Python 3.14 support for build system
  • Stability markers for CLI flags
  • Root certificates updated to NSS 3.119
  • OpenSSL upgraded to 3.5.5
  • Various bug fixes for Buffer, HTTP/HTTP2, File System operations

Breaking Changes: None identified across all three releases

🎯 Impact Scope Investigation

Direct Node.js API Usage:

  • The SDK does NOT use any Node.js-specific APIs (no node:* imports)
  • Uses only standard Web APIs: fetch, Response, Request, globalThis
  • The codebase is runtime-agnostic and primarily targets Bun (v1.3.5 as build tool)

Development Environment:

  • Node.js version is managed via mise.toml (tool version manager)
  • CI/CD uses mise-action which automatically installs the specified Node.js version
  • GitHub Actions setup (.github/actions/setup/action.yml) uses mise to install tools
  • No hardcoded Node.js version requirements in package.json (specifies >=18)

Testing:

  • All tests use Vitest with mocked fetch implementations
  • No tests depend on specific Node.js runtime behaviors
  • Test suite validates HTTP client logic, error handling, and data transformation

Dependencies:

  • All devDependencies are Node.js version agnostic
  • TypeScript target is ES2022 with NodeNext module resolution
  • No dependencies are affected by Node.js version changes

Configuration Files:

  • tsconfig.json: Uses NodeNext module resolution (compatible with all Node.js 18+)
  • package.json: Engine requirement is >=18 (v24.14.1 satisfies this)

💡 Recommended Actions

Immediate Actions:

  1. Merge this PR - The update is safe and brings important security fixes
  2. No code changes required - The SDK is runtime-agnostic and doesn't use Node.js-specific APIs

Post-Merge Verification:

  1. Verify CI pipeline passes all checks (build, typecheck, lint, test)
  2. Confirm that mise installs Node.js v24.14.1 correctly in CI environment

Security Benefits:

  • This update addresses 8 CVEs, including 2 high-severity issues related to HTTP and TLS
  • Strongly recommended to merge for security posture improvement

Version Note:

  • The PR mentions v24.15.0 is pending, but v24.14.1 is the latest stable LTS release
  • Future updates to v24.15.0 should follow the same safe update pattern

🔗 Reference Links

Generated by koki-develop/claude-renovate-review

@renovate renovate bot force-pushed the renovate/node-24.x branch from b9629c8 to 52296eb Compare February 16, 2026 13:02
@renovate renovate bot force-pushed the renovate/node-24.x branch from 52296eb to 523996a Compare February 27, 2026 02:37
@renovate renovate bot changed the title chore(deps): update node.js to v24.13.1 chore(deps): update node.js to v24.14.0 Feb 27, 2026
@renovate renovate bot force-pushed the renovate/node-24.x branch from 523996a to 2ae3f91 Compare March 13, 2026 17:48
@renovate renovate bot force-pushed the renovate/node-24.x branch from 2ae3f91 to ea34301 Compare March 27, 2026 01:17
@renovate renovate bot changed the title chore(deps): update node.js to v24.14.0 chore(deps): update node.js to v24.14.1 Mar 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants