Skip to content

[pull] main from nodejs:main#1093

Merged
pull[bot] merged 8 commits into
adamlaska:mainfrom
nodejs:main
Jul 2, 2026
Merged

[pull] main from nodejs:main#1093
pull[bot] merged 8 commits into
adamlaska:mainfrom
nodejs:main

Conversation

@pull

@pull pull Bot commented Jul 1, 2026

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

panva and others added 8 commits July 1, 2026 06:40
When OpenSSL reports no peer temporary key object for TLS key
agreement, fall back to the negotiated TLS Supported Group name.
This lets getEphemeralKeyInfo() identify PQ, hybrid, and other
group-based key agreement as TLSGroup without synthesizing a size.

Keep existing DH and ECDH results unchanged when OpenSSL provides
a recognizable temporary key.

Fixes: #59452
Signed-off-by: Filip Skokan <panva.ip@gmail.com>
PR-URL: #64119
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Signed-off-by: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: #64194
Reviewed-By: Richard Lau <richard.lau@ibm.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: René <contact.9a5d6388@renegade334.me.uk>
When `options.path` passed to `http.request()` contains an absolute
URL, `http.request` has been sending it directly as the request target
in the HTTP 1.1 message. If the receiving server is a proxy,
the proxy server typically forwards the request to the destination
specified in the request target and ignores the Host header.
This means eventually the request can be forwarded to a destination
that is not consistent with `options.host`, depending on how the
receiving server behaves. Mimatched Host header and request target
also violates RFC 9112 Section 3.2, which we have been entirely
leaving to the users to verify.

This patch documents this behavior and warns that the user needs
to ensure the `path`, `option` and `headers` conform to the RFC.
If the receiving server is known to be a proxy server because
the request is routed by Node.js' built-in HTTP proxy support,
we now do a best-effort check to verify that the authority in
`options.path` (if absolute), Host headers and `options.host`
agree at request construction time. Node.js will give up on the
require target rewriting and throw an error when they don't match
at request construction.

Signed-off-by: Joyee Cheung <joyeec9h3@gmail.com>
PR-URL: #64108
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Add a GitHub action workflow that can be manually dispatched to
stress-run tests on a PR/branch to verify flakiness.

Signed-off-by: Joyee Cheung <joyeec9h3@gmail.com>
PR-URL: #64118
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: René <contact.9a5d6388@renegade334.me.uk>
Signed-off-by: Stewart X Addison <sxa@ibm.com>
PR-URL: #64193
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Richard Lau <richard.lau@ibm.com>
Signed-off-by: Renegade334 <contact.9a5d6388@renegade334.me.uk>
PR-URL: #64222
Refs: #64040
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Stefan Stojanovic <stefan.stojanovic@janeasystems.com>
Reviewed-By: Richard Lau <richard.lau@ibm.com>
The text said functions with more than 7 arguments fall back to the
generic call path, contradicting the preceding sentence that Fast FFI
calls support up to 8 arguments.

The real limit is architecture- and type-dependent: the hard cap is 8
public arguments (src/ffi/fast.cc), but register pressure lowers the
effective count to 7 integer/pointer arguments on AArch64 and 6 on
x86-64, while floating-point arguments can use up to 8 on both. Describe
this instead of the previous, inaccurate single threshold.

Signed-off-by: Daijiro Wachi <daijiro.wachi@gmail.com>
PR-URL: #63960
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
V8's Maglev compiler has supported riscv64 since V8 14.0 (with full
source files in deps/v8/src/maglev/riscv/), but Node.js never wired
it up:

- configure.py excluded riscv64 from maglev_enabled_architectures
- tools/v8_gypfiles/v8.gyp lacked GN-scraper conditions for riscv64
  Maglev sources in both the v8_internal_headers and
  v8_base_without_compiler blocks

This adds riscv64 to both, following the same pattern used for s390x
in #60863 and matching V8's own BUILD.gn which already lists riscv64
alongside arm, arm64, x64, s390x, and ppc64 as Maglev-enabled
architectures.

Refs: nodejs/build#4099
Signed-off-by: Jamie Magee <jamie.magee@gmail.com>
PR-URL: #62605
Reviewed-By: René <contact.9a5d6388@renegade334.me.uk>
Reviewed-By: Stewart X Addison <sxa@redhat.com>
Reviewed-By: Richard Lau <richard.lau@ibm.com>
@pull pull Bot locked and limited conversation to collaborators Jul 1, 2026
@pull pull Bot added the ⤵️ pull label Jul 1, 2026
@pull pull Bot merged commit 42fd49a into adamlaska:main Jul 2, 2026
36 of 37 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

7 participants