Skip to content

Commit 0755537

Browse files
renovate[bot]renovate[bot]
authored
chore(deps): update node.js to v22.22.0 (#312)
This PR contains the following updates: | Package | Update | Change | OpenSSF | |---|---|---|---| | [node](https://nodejs.org) ([source](https://redirect.github.com/nodejs/node)) | minor | `22.21.1` → `22.22.0` | [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/nodejs/node/badge)](https://securityscorecards.dev/viewer/?uri=github.com/nodejs/node) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v22.22.0`](https://redirect.github.com/nodejs/node/releases/tag/v22.22.0): 2026-01-13, Version 22.22.0 &#x27;Jod&#x27; (LTS), @&#8203;marco-ippolito [Compare Source](https://redirect.github.com/nodejs/node/compare/v22.21.1...v22.22.0) This is a security release. ##### Notable Changes lib: - (CVE-2025-59465) add TLSSocket default error handler - (CVE-2025-55132) disable futimes when permission model is enabled lib,permission: - (CVE-2025-55130) require full read and write to symlink APIs src: - (CVE-2025-59466) rethrow stack overflow exceptions in async\_hooks src,lib: - (CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle tls: - (CVE-2026-21637) route callback exceptions through error handlers ##### Commits - \[[`6badf4e6f4`](https://redirect.github.com/nodejs/node/commit/6badf4e6f4)] - **deps**: update c-ares to v1.34.6 (Node.js GitHub Bot) [#&#8203;60997](https://redirect.github.com/nodejs/node/pull/60997) - \[[`37509c3ff0`](https://redirect.github.com/nodejs/node/commit/37509c3ff0)] - **deps**: update undici to 6.23.0 (Matteo Collina) [nodejs-private/node-private#791](https://redirect.github.com/nodejs-private/node-private/pull/791) - \[[`eb8e41f8db`](https://redirect.github.com/nodejs/node/commit/eb8e41f8db)] - **(CVE-2025-59465)** **lib**: add TLSSocket default error handler (RafaelGSS) [nodejs-private/node-private#797](https://redirect.github.com/nodejs-private/node-private/pull/797) - \[[`ebbf942a83`](https://redirect.github.com/nodejs/node/commit/ebbf942a83)] - **(CVE-2025-55132)** **lib**: disable futimes when permission model is enabled (RafaelGSS) [nodejs-private/node-private#748](https://redirect.github.com/nodejs-private/node-private/pull/748) - \[[`6b4849583a`](https://redirect.github.com/nodejs/node/commit/6b4849583a)] - **(CVE-2025-55130)** **lib,permission**: require full read and write to symlink APIs (RafaelGSS) [nodejs-private/node-private#760](https://redirect.github.com/nodejs-private/node-private/pull/760) - \[[`ddadc31f09`](https://redirect.github.com/nodejs/node/commit/ddadc31f09)] - **(CVE-2025-59466)** **src**: rethrow stack overflow exceptions in async\_hooks (Matteo Collina) [nodejs-private/node-private#773](https://redirect.github.com/nodejs-private/node-private/pull/773) - \[[`d4d9f3915f`](https://redirect.github.com/nodejs/node/commit/d4d9f3915f)] - **(CVE-2025-55131)** **src,lib**: refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) [nodejs-private/node-private#759](https://redirect.github.com/nodejs-private/node-private/pull/759) - \[[`25d6799df6`](https://redirect.github.com/nodejs/node/commit/25d6799df6)] - **(CVE-2026-21637)** **tls**: route callback exceptions through error handlers (Matteo Collina) [nodejs-private/node-private#796](https://redirect.github.com/nodejs-private/node-private/pull/796) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday ( * 0-4,22-23 * * 1-5 ), Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/settlemint/settlemint-action). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43NC41IiwidXBkYXRlZEluVmVyIjoiNDIuNzQuNSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19--> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Upgrade Node.js from 22.21.1 to 22.22.0 (LTS) to pick up the latest security fixes and keep our runtime current. This ensures local and CI environments using .node-version run the patched Node, including fixes in TLS error handling, async_hooks, symlink permission checks, and buffer creation. <sup>Written for commit cddafc8. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
1 parent d4d3376 commit 0755537

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

.node-version

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
22.21.1
1+
22.22.0

0 commit comments

Comments
 (0)