2022-04-07, Version 17.9.0 (Current), @BethGriggs prepared by @juanarbol

Notable Changes

• [7124f91cbf] - (SEMVER-MINOR) crypto: make authTagLength optional for CC20P1305 (Tobias Nießen) #42427
• [30dc6dd3fb] - deps: update undici to 4.16.0 (Node.js GitHub Bot) #42414
• [f0fc2744a5] - doc: add @meixg to collaborators (Xuguang Mei) #42576

Commits

• [bb71433334] - async_hooks: remove destroyed symbol on Promises (Gerhard Stöbich) #42402
• [b48a6cb3f9] - bootstrap: reset process._exit and process.exitCode in pre-execution (Joyee Cheung) #42466
• [b89f038537] - bootstrap: run inspector and event loop in snapshot builder (Joyee Cheung) #42466
• [177558600e] - bootstrap: make I/O streams work with user-land snapshot (Joyee Cheung) #42466
• [e3683cb34d] - bootstrap: refresh options in pre-execution (Joyee Cheung) #42466
• [d302d2f0d2] - bootstrap: use SnapshotData to pass snapshot data around (Joyee Cheung) #42360
• [eb3dfc00f0] - buffer: improve Blob constructor error message when passing a string (Xuguang Mei) #42338
• [f45d5537c1] - buffer: fix atob input validation (Antoine du Hamel) #42539
• [fb6a5ba8d7] - build: remove precompiled header and debug information for host builds (Niyas Sait) #42538
• [1f7d2e800c] - build: windows/arm64 native compilation support (Niyas Sait) #42408
• [d9a1d7866c] - build: consolidate JS and md linting GitHub Actions (Rich Trott) #42572
• [ecb5be845d] - build: set stale action back to running nightly (Michael Dawson) #42549
• [f9fb7f6d96] - build: add --node-snapshot-main configure option (Joyee Cheung) #42466
• [c6808f088b] - build: bump actions/checkout (Eliaz Bobadilla) #42460
• [9a54acb7c6] - child_process: add env contents types in JSDoc (Rich Trott) #42494
• [a2f07380ea] - crypto: do not add undefined hash in webcrypto normalizeAlgorithm (Filip Skokan) #42559
• [9b4bd7d031] - crypto: cleanup webcrypto jwk code (Filip Skokan) #42562
• [541a1328b0] - crypto: fix webcrypto derive key lengths (Filip Skokan) #42542
• [7124f91cbf] - (SEMVER-MINOR) crypto: make authTagLength optional for CC20P1305 (Tobias Nießen) #42427
• [30dc6dd3fb] - deps: update undici to 4.16.0 (Node.js GitHub Bot) #42414
• [6e56924274] - doc: simplify Http2Stream encoding text (Rich Trott) #42597
• [261672b1da] - doc: remove obsolete stream API selection text (Rich Trott) #42586
• [beffed1880] - doc: remove faulty justification for 128-bit AES (Tobias Nießen) #42578
• [71f4a39086] - doc: fix documentation of FileHandle.prototype.appendFile (Antoine du Hamel) #42588
• [c83ea22f7c] - doc: change "OCSP Request" to "OCSP request" (Tobias Nießen) #42582
• [71ab0dea35] - doc: aes webcrypto unwrap is not a node-specific extensions (Filip Skokan) #42561
• [1c614184da] - doc: simplify recommendations in process.md (Rich Trott) #42556
• [c036800ddc] - doc: clarify recommendations in stream.md (Rich Trott) #42555
• [dcf0abf8c7] - doc: simplify recommendation in webcrypto.md (Rich Trott) #42554
• [8333fa063b] - doc: update DEP0102 text (Rich Trott) #42553
• [8b08bff682] - doc: remove util.promisify() content in readline.md (Rich Trott) #42552
• [94492424ba] - doc: add introduction sentence for CJS (Antoine du Hamel) #42491
• [f0fc2744a5] - doc: add @meixg to collaborators (Xuguang Mei) #42576
• [d935fef594] - doc: consolidate CI sections (Rich Trott) #42534
• [fd45df314b] - doc: document breaking change in http.IncomingMessage 'close' event (Paolo Insogna) #42521
• [53584fa750] - doc: remove extraneous comma (Rich Trott) #42548
• [b819af6509] - doc: guide towards x509.fingerprint256 (Tobias Nießen) #42516
• [f2355e41ed] - doc: fix internal link in collaborator-guide.md (Daeyeon Jeong) #42551
• [ffc6776996] - doc: add suggestion for OpenSSL only sec releases (Michael Dawson) #42456
• [1454c0297d] - doc: fix comment text in async_hooks example (Rich Trott) #42499
• [b9ab9867f4] - doc: add stability class to legacy status description (Daniel Roe) #42525
• [6c13988d53] - doc: suggest checkHost in checkServerIdentity docs (Tobias Nießen) #42495
• [28665a9dd6] - doc: update security release onboarding (Joe Sepi) #42333
• [d335addf0c] - doc: fix question promise API example (Xuguang Mei) #42465
• [7cf9febcb4] - doc: remove comma splice in events.md (Rich Trott) #42484
• [3c3684d9f1] - doc: clarify napi_finalize behavior (Alba Mendez) #42461
• [334cc1936b] - doc: expand history for conditional exports changes in v12 (Greg Poole) #42339
• [fb146f9eaf] - doc: change comma-splice to two sentences (Rich Trott) #42455
• [ce4b823946] - doc: add link to section (Rich Trott) #42428
• [[5869275479](https://github...

2022-04-05, Version 12.22.12 'Erbium' (LTS), @richardlau

Notable Changes

This is planned to be the final Node.js 12 release. Node.js 12 will
reach End-of-Life status on 30 April 2022, after which it will no
receive updates. You are strongly advised to migrate your applications
to Node.js 16 or 14 (both of which are Long Term Support (LTS) releases)
to continue to receive future security updates beyond 30 April 2022.

This release fixes a shutdown crash in Node-API (formerly N-API) and a
potential stack overflow when using vm.runInNewContext().

The list of GPG keys used to sign releases and instructions on how to
fetch the keys for verifying binaries has been synchronized with the
main branch.

Commits

• [1193290f3f] - deps: V8: cherry-pick cc9a8a37445e (devsnek) #42065
• [333eda8d03] - doc: add a note about possible missing lines to readline.asyncIterator (Igor Mikhalev) #34675
• [518a49c0c6] - doc: use openpgp.org for keyserver examples (Nick Schonning) #39227
• [11aef2ad03] - doc: update release key for Danielle Adams (Danielle Adams) #36793
• [a9c38f1003] - doc: add release key for Danielle Adams (Danielle Adams) #35545
• [a35f553889] - doc: add release key for Bryan English (Bryan English) #42102
• [5f104e3218] - node-api: cctest on v8impl::Reference (legendecas) #38970
• [e23c04f0dc] - node-api: avoid SecondPassCallback crash (Michael Dawson) #38899
• [a7224c9559] - node-api: fix shutdown crashes (Michael Dawson) #38492
• [81b4dc88f1] - node-api: make reference weak parameter an indirect link to references (Chengzhong Wu) #38000
• [2aa9ca1ea9] - node-api: fix crash in finalization (Michael Dawson) #37876
• [a2f4206415] - node-api: stop ref gc during environment teardown (Gabriel Schulhof) #37616
• [171bb66ccc] - node-api: force env shutdown deferring behavior (Gabriel Schulhof) #37303
• [e707514c80] - src: fix finalization crash (James M Snell) #38250

2022-03-22, Version 17.8.0 (Current), @bengl

Notable Changes

• [3bd0078457] - doc: add @ShogunPanda to collaborators (Shogun) #42362
• [23354673be] - doc: deprecate string coercion in fs.write, fs.writeFileSync (Livia Medeiros) #42149
• [da42ffb85e] - (SEMVER-MINOR) http: trace http client by perf_hooks (theanarkh) #42345
• [84fd6e54b0] - deps: upgrade npm to 8.5.5 (npm team) #42382
• [b60262ee9f] - deps: update undici to 4.15.1 (Michaël Zasso) #42246

Commits

• [1796f035c7] - build: rename tools workflow and add undici to it (Michaël Zasso) #42246
• [f27bcec2ea] - build: use ccache in make-v8.sh on ppc64le and s390x (Richard Lau) #42204
• [f48c3baf5a] - crypto: fix auth tag length error when mode != GCM (Tobias Nießen) #42383
• [1d0468f749] - crypto: fix fingerprint string size calculation (Tobias Nießen) #42175
• [a4632a3dc2] - crypto: add CHECKs to remaining BIO_s_mem allocs (Tobias Nießen) #42155
• [3b55946452] - debugger: correct typo in inspect_repl.js (Kohei Ueno) #42267
• [84fd6e54b0] - deps: upgrade npm to 8.5.5 (npm team) #42382
• [f2178fcc1a] - deps: cares: cherry-pick b5a3d96 (bradh352) #42216
• [063ff08cb1] - deps: V8: cherry-pick c6f6626deb14 (Lu Yahan) #42240
• [b60262ee9f] - deps: update undici to 4.15.1 (Michaël Zasso) #42246
• [70c0758308] - deps: upgrade npm to 8.5.3 (npm team) #42205
• [fd51e78963] - doc: fix version history for net.Socket and net.Server (Antoine du Hamel) #42268
• [db83c4d6dc] - doc: improve README.md usability (Rich Trott) #42378
• [88d3401329] - doc: add that chacha20-poly1305 is IETF version (Tobias Nießen) #42370
• [04a7c0061b] - doc: update instructions for openssl updates (Michael Dawson) #42353
• [78b858dd4b] - doc: document goal to have examples (Michael Dawson) #42274
• [a5e42f0113] - doc: fix Embedder's Guide link to V8 official docs (Aroyan) #42373
• [6c265e7243] - doc: remove unneeded lint disable comment (Rich Trott) #42374
• [46d3d23e64] - doc: revise async_hooks docs (Rich Trott) #42337
• [3bd0078457] - doc: add @ShogunPanda to collaborators (Shogun) #42362
• [e7e8eb9f03] - doc: update base branch name for nodejs/nodejs.org (Danielle Adams) #42355
• [fd7e4ab654] - doc: fix async iterable pipeline signal examples (Randall Leeds) #42258
• [96dc591b55] - doc: clarify path search in child_process.spawn (Damjan Cvetko) #41418
• [72dd50016a] - doc: clarify the meaning of legacy status (Darshan Sen) #42269
• [8b99099063] - doc: improve pipe description (Mikael Finstad) #42295
• [701dc14fdf] - doc: remove outdated timeout.unref content (Xuguang Mei) #42241
• [23354673be] - doc: deprecate string coercion in fs.write, fs.writeFileSync (Livia Medeiros) #42149
• [f3c6c00963] - doc: remove refs to old OpenSSL list-* commands (Tobias Nießen) #42235
• [19851f8d2d] - doc: readline 'line' event emits final line (Matt Probert) #42214
• [e55283b978] - esm: make extension-less errors in type:module actionable (Bradley Farias) #42301
• [e17db8f0fa] - esm: improve typings and code coverage (Bradley Farias) #42305
• [4829a1047f] - esm: add runtime warning for specifier resolution flag (Geoffrey Booth) #42252
• [da42ffb85e] - (SEMVER-MINOR) http: trace http client by perf_hooks (theanarkh) #42345
• [88dee3c6b5] - http2: fix potential integer overflow (Michael Dawson) #42248
• [1fe0b69c31] - lib: refactor to use primordials in lib/assert.js (Akhil Marsonya) #41702
• [69a3792540] - lib: fix AsyncResource.bind not using 'this' from the caller by default (Roch Devost) #42177
• [1c87ce6a32] - meta: update AUTHORS (Node.js GitHub Bot) #42404
• [e7b8d83acd] - meta: update AUTHORS (Node.js GitHub Bot) #42317
• [7fc4b9f08d] - meta: add dependencies label to label-pr-config (Mestery) #42129
• [e96042442b] - src: convert hex2bin() into a regular function (Darshan Sen) #42321
• [21198c1407] - src: fix coverity warnings in node_file.cc (Michael Dawson) #42272
• [846b074075] - src: check EC_POINT_get_affine_coordinates result (Tobias Nießen) #42304
• [8b84e68cbd] - src: simplify bound check in ParseArrayIndex (Tobias Nießen) #42306
• [9500e5862e] - src: avoid returning invalid value from hex2bin (Tobias Nießen) #42307
• [08e2d8ab86] - src: check return value of HMAC_Final (Tobias Nießen) #42303
• [9fc4b9b04e] - src: include internal/options in the snapshot (Joyee Cheung) #42203
• [e43aa30982] - src: remove redundant buffer size check (Tobias Nießen) #42257
• [d06e92dba0] - src: perform minor cleanups on zlib code (Anna Henningsen) [#42247](https://github.com/nodejs/node...

2022-03-17, Version 17.7.2 (Current), @richardlau

This is a security release.

Notable Changes

Update to OpenSSL 3.0.2, which addresses the following vulnerability:

• Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
  More details are available at https://www.openssl.org/news/secadv/20220315.txt

Commits

• [55e293e05f] - deps: update archs files for quictls/openssl-3.0.2+quic (Hassaan Pasha) #42356
• [b8d090603d] - deps: upgrade openssl sources to quictls/openssl-3.0.2+quic (Hassaan Pasha) #42356
• [c8b6d92af0] - test: fix tests affected by OpenSSL update (Michael Dawson) #42356
• [457e31ea09] - test: renew certificates for specific test (Luigi Pinca) #42342

2022-03-17, Version 16.14.2 'Gallium' (LTS), @richardlau

This is a security release.

Notable Changes

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:

• Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
  More details are available at https://www.openssl.org/news/secadv/20220315.txt

Commits

• [3924618c74] - deps: update archs files for OpenSSL-1.1.1 (Hassaan Pasha) #42352
• [7a6a870d58] - deps: upgrade openssl sources to OpenSSL_1_1_1n (Hassaan Pasha) #42352
• [c533b430f4] - test: fix tests affected by OpenSSL update (Michael Dawson) #42352

2022-03-17, Version 14.19.1 'Fermium' (LTS), @richardlau

This is a security release.

Notable Changes

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:

• Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
  More details are available at https://www.openssl.org/news/secadv/20220315.txt

Commits

• [b5c52e337e] - build: pin Windows GitHub runner to windows-2019 (Richard Lau) #42350
• [3b1a0b24f0] - deps: update archs files for OpenSSL-1.1.1n (Richard Lau) #42347
• [c83dd99e0b] - deps: upgrade openssl sources to 1.1.1n (Richard Lau) #42347

2022-03-17, Version 12.22.11 'Erbium' (LTS), @richardlau

This is a security release.

Notable changes

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:

• Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
  More details are available at https://www.openssl.org/news/secadv/20220315.txt

Fix for building Node.js 12.x with Visual Studio 2019 to allow us to continue to
run CI tests.

Commits

• [e3e5bf11ba] - build: pin Windows GitHub runner to windows-2019 (Richard Lau) #42349
• [f41e7771bf] - build: fix detection of Visual Studio 2019 (Richard Lau) #42349
• [c372ec207d] - deps: update archs files for OpenSSL-1.1.n (Richard Lau) #42348
• [d574a1dccb] - deps: upgrade openssl sources to 1.1.1n (Richard Lau) #42348

2022-03-15, Version 16.14.1 'Gallium' (LTS), @danielleadams

Notable changes

• doc:
  • add release key for Bryan English (Bryan English) #42102

Commits

• [2a24e763d5] - async_hooks: fix imports in context example (Yash Ladha) #39229
• [c4a296f59b] - benchmark: enable no-empty ESLint rule (Rich Trott) #41831
• [abe2eb9fc0] - benchmark: avoid input param manipulation (Jithil P Ponnan) #41741
• [2c566a9830] - benchmark: use Object.hasOwn() instead of hasOwnProperty() (Rich Trott) #41769
• [b77e72ab12] - benchmark: replace hasOwnProperty() with Object.hasOwn() (Rich Trott) #41724
• [ec72cb4019] - benchmark: remove unreachable code from crypto/hash-stream-creation (Rich Trott) #41535
• [14bb6f97f0] - buffer: fix atob/btoa no-arg case (Benjamin Gruenbaum) #41478
• [79e2ab2a67] - build: remove windows-2022 from v16.x actions (Danielle Adams) #42299
• [2893b4c85a] - build: check if python is a executable program (himself65) #36696
• [5e4fc04821] - build: enable zoslib installation on z/OS (alexcfyung) #41493
• [1e3c9ebaae] - build: fix libuv builds for android aarch64 (Darshan Sen) #41555
• [46f714f92a] - crypto: check return code from EVP_DigestUpdate (Michael Dawson) #41800
• [33abbf9f21] - crypto: fix webcrypto.subtle signature (Antoine du Hamel) #41761
• [faceae486b] - crypto: revise variables for const use instead of let (Rich Trott) #41614
• [fe0f9dc611] - crypto: remove wildcard options for checkEmail (Tobias Nießen) #41599
• [188c3ab918] - crypto: adjust types for getRandomValues (LiviaMedeiros) #41481
• [1ef28f1a3d] - crypto: remove checkIP options argument (Tobias Nießen) #41571
• [74c0464572] - deps: upgrade npm to 8.5.0 (npm-robot) #41925
• [b5783288d1] - deps: upgrade npm to 8.4.1 (npm-robot) #41836
• [2b7c4b4afe] - deps: upgrade npm to 8.3.2 (npm team) #41621
• [906247933c] - dgram: remove unreachable connectState assign (Rongjian Zhang) #38590
• [330c1bc518] - doc: add comments to empty blocks in worker_threads text (Rich Trott) #41831
• [125ed0c6b0] - doc: remove empty block from console.timeEnd() example (Rich Trott) #41831
• [34d6f8e793] - doc: use the same case as the section heading (Mestery) #41876
• [fd28d252fa] - doc: use Oxford comma in crypto docs (Tobias Nießen) #41875
• [bf99ef8b57] - doc: use sentence case in readme introduction (Mestery) #41874
• [b15d9c2cc6] - doc: add missing space before hyphen (Mestery) #41873
• [77685d5ab0] - doc: add stream pipelining note on Http usage (Rafael Silva) #41796
• [c7bae97755] - doc: improve SSL_OP_PRIORITIZE_CHACHA description (Tobias Nießen) #41866
• [5cd38a4ff5] - doc: add missing commas in cluster docs (Tobias Nießen) #41865
• [cf6b5e0e33] - doc: add history information for Corepack (Antoine du Hamel) #41813
• [c742a1cc4d] - doc: feature management proposal (Michael Dawson) #41420
• [3f000a2627] - doc: add overhead hints for heap snapshot generation (Gerhard Stöbich) #41822
• [42c0a8353e] - doc: fix X509 CA acronym capitalization (Tobias Nießen) #41841
• [f5b0a3be12] - doc: use sentence case for X509 error codes header (Tobias Nießen) #41829
• [20d8fd1a83] - doc: add initial version of maintaining-http.md (Michael Dawson) #41798
• [077fcee008] - doc: add registry numbers for Electron 19 and 20 (Keeley Hammond) #41814
• [44b6927179] - doc: add note about resource type in async_hooks (Tony Gorez) #41797
• [1be701c9ca] - doc: use example.com for examples (Ateş Göral) #41827
• [4660c1fa7b] - doc: align tls port types with net port types (Tobias Nießen) #41799
• [5cd8bdc4d7] - doc: use UDPv4/UDPv6 consistently with TCPv4/TCPv6 (Tobias Nießen) #41824
• [3ef05a0216] - doc: improve wording surrounding TLS 1.3 ciphers (Tobias Nießen) #41778
• [51d955368e] - doc: add format-md step to release guide (Danielle Adams) #41809
• [8f00e5dcf7] - doc: add v16 changelog link to iojs changelog (Danielle Adams) #41808
• [4f194f3094] - doc: add security-steward rotation information (Michael Dawson) #41707
• [14ea8fcba8] - doc: use Object.hasOwn() in util doc (Rich Trott) #41780
• [9f77692491] - doc: remove section on "recent" ECDH changes (Tobias Nießen) #41773
• [211a3c4c4c] - doc: clarify that import also uses main (Ben McCann) #41720
• [20d9c4a2c5] - doc: update modules.md wording (Tobias Hernstig) #41728
• [e209f53ba2] - doc: update Mesteery email (Mestery) #41683
• [db1ce43173] - doc: avoid incomplete sentence in cluster docs (Tobias Nießen) #41701
• [ee79e53821] - doc: fix typo in contributing guides (Yoshiki Kurihara) #41723
• [9616fd5913...

2022-03-10, Version 17.7.1 (Current), @BethGriggs prepared by @sxa

Notable Changes

Fixed regression in url.resolve()

This release fixes an issue introduced in Node.js v17.7.0 with some URLs
that contain @. This issue affected yarn 1. This version reverts the
change that introduced the regression.

Commits

• [96a9e00fb3] - url: revert fix url.parse() for @hostname (Antoine du Hamel) #42280

2022-03-09, Version 17.7.0 (Current), @BethGriggs prepared by @sxa

Notable Changes

• [2b354223d4] - (SEMVER-MINOR) crypto: add KeyObject.prototype.equals method (Filip Skokan) #42093
• [a2926c477a] - (SEMVER-MINOR) net: add new options to net.Socket and net.Server (Paolo Insogna) #41310
• [86248f1178] - (SEMVER-MINOR) src: allow preventing InitializeInspector in env (Shelley Vohr) #35025
• [a4969d5c37] - doc: add release key for Bryan English (Bryan English) #42102

Dependency Updates

• [0b8efea182] - deps: update nghttp2 to 1.47.0 (Yash Ladha) #42127
• [ccacf99e5c] - deps: upgrade npm to 8.5.2 (npm team) #42122

New Collaborators

• [3df001fa93] - doc: add JakobJingleheimer to collaborators list (Jacob Smith) #42185
• [0ce00ca5e1] - doc: move bnoordhuis back to collaborators (Ben Noordhuis) #42064

Commits

• [d05758f79f] - buffer: improve blob read performance (Xuguang Mei) #42117
• [0bbb44741b] - build: drop shortened URL from lint-commit-message (Richard Lau) #42168
• [4e9fac6539] - build: fix usage of input in feature action (Michael Dawson) #42150
• [853cbd99b8] - build: increase max ops for stale feature action (Michael Dawson) #42130
• [3fc3f521d6] - build: add corepack to the auto-updated dependencies (Maël Nison) #42090
• [ec4c0de6d1] - build: last test of the stale feature action (Michael Dawson) #42085
• [03ebca86d9] - build: update feature close action for testing (Michael Dawson) #42082
• [c9ea6a9261] - crypto: validate this value for webcrypto.getRandomValues (Antoine du Hamel) #41760
• [2b354223d4] - (SEMVER-MINOR) crypto: add KeyObject.prototype.equals method (Filip Skokan) #42093
• [288f627c46] - crypto: clarify require("crypto").getRandomValues is Node.js specific (Antoine du Hamel) #41782
• [0b8efea182] - deps: update nghttp2 to 1.47.0 (Yash Ladha) #42127
• [ccacf99e5c] - deps: upgrade npm to 8.5.2 (npm team) #42122
• [1359f60338] - deps: V8: cherry-pick 77d515484864 (Lu Yahan) #42067
• [769e2a486f] - deps: V8: cherry-pick b66334313c8b (Lu Yahan) #42067
• [fc7d429516] - doc: update stale feature messages (Michael Dawson) #42217
• [6183749861] - doc: remove erroneous comma in cluster explainer (Tobias Nießen) #42238
• [555da9b658] - doc: remove "considered" for clarity (Rich Trott) #42218
• [05c3ff5e76] - doc: clarify that some modules don't work when compiled without ssl (Antoine du Hamel) #42198
• [a6c1abf7e1] - doc: add note about nghttp2 hd pair size (Rafael Silva) #42172
• [04d2c74c8a] - doc: use parenthesis instead of em dash (Antoine du Hamel) #42202
• [6a74fa91bb] - doc: add next-10 to strategic initiatives (Michael Dawson) #42167
• [ee027391e7] - doc: add missing single-quotes to http.OutgoingMessage (Juan José Arboleda) #42162
• [84859c4029] - doc: fix typos (apeltop) #42146
• [3df001fa93] - doc: add JakobJingleheimer to collaborators list (Jacob Smith) #42185
• [ce86fc3006] - doc: remove reference to obsolete security program (Rich Trott) #42144
• [5d010bcde2] - doc: remove repeated a word (apeltop) #42138
• [a32ec983c6] - doc: make building with ninja more discoverable (Balakrishna Avulapati) #41840
• [26fe61b6ad] - doc: document change to IncomingMessage.headers enumerability (Arnold Zokas) #42095
• [eb622a0761] - doc: add meixg to triagers (Xuguang Mei) #42066
• [bd04fc89da] - doc: clarify persistent ref behavior (Michael Dawson) #42035
• [0ce00ca5e1] - doc: move bnoordhuis back to collaborators (Ben Noordhuis) #42064
• [8b531dadb1] - doc: clarify supported versus enabled TLS ciphers (Tobias Nießen) #42063
• [3789d668f7] - doc: add missing api entries on performance (legendecas) #42018
• [a4969d5c37] - doc: add release key for Bryan English (Bryan English) #42102
• [8b94ea6e1c] - doc,tools: improve navigability of API docs (Paolo Insogna) #41404
• [2e1231b831] - errors: do not access .stack in debug (Benjamin Coe) #42096
• [8dd4878850] - esm: fix base URL for network imports (Bradley Farias) #42131
• [2bc136d3cb] - esm: fix relative imports for https (Bradley Farias) #42119
• [576c1aea8e] - fs: adjust default length for fs.readSync and fsPromises/read (Livia Medeiros) #42128
• [041373696f] - http: add default argument for Agent.prototype.getName (小菜) #41906
• [1de80872e8] - http2: add edge case to GOAWAY request (Rafael Silva) #42190
• [9bc7a954fd] - http2: close stream and session on frameError (Rafael Silva) #42147
• [384872fdbd] - lib: clean after the cancel algorithm throw error (Chen Gang) #41366
• [f7ea75fd0a] - lib: add legacy built-in functions to primordials (Antoine du Hamel) #42049
• [[7f1c83e674](https://githu...