Skip to content

[pull] main from nodejs:main#1113

Merged
pull[bot] merged 6 commits into
adamlaska:mainfrom
nodejs:main
Jul 8, 2026
Merged

[pull] main from nodejs:main#1113
pull[bot] merged 6 commits into
adamlaska:mainfrom
nodejs:main

Conversation

@pull

@pull pull Bot commented Jul 8, 2026

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

MayaLekova and others added 6 commits July 8, 2026 15:58
  - when the defer imported module contains top-level await
  - when the defer imported module is also eagerly imported

Refs: https://github.com/tc39/proposal-defer-import-eval
Signed-off-by: Maya Lekova <maya@igalia.com>
PR-URL: #64197
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
The http3 application had misinterpreted some of
nghttp3 callbacks regarding stopSending
and ResetStream.
Actually, these callbacks asks the application
to do the action and not informs about an event
from the peer.

The fixes lead to some failures of the automated
tests, uncovering some problems:

First headers, and pendingTrailers were reset,
when the internal object went away,
though the test wanted to read them.

Second, during a graceful session shutdown,
the implemented did not waited for all stream
to be removed, but only one.

Fixes: #63657

Signed-off-by: Marten Richter <marten.richter@freenet.de>
PR-URL: #64289
Fixes: #63657
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>
PR-URL: #64199
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Gürgün Dayıoğlu <hey@gurgun.day>
Reviewed-By: Richard Lau <richard.lau@ibm.com>
One small fix notably included:

- Check is_destroyed() after StreamCommit, since it calls JS callbacks
  which could destroy the session.

Signed-off-by: Tim Perry <pimterry@gmail.com>
PR-URL: #64127
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: #64330
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Richard Lau <richard.lau@ibm.com>
This separates the native crypto backend paths for OpenSSL >= 3,
BoringSSL, and legacy OpenSSL. The OpenSSL >= 3 path now builds with
`OPENSSL_API_COMPAT=30000` and `OPENSSL_NO_DEPRECATED`, moving normal
crypto/TLS code away from APIs that OpenSSL 3.0.0 marks deprecated.
BoringSSL remains on its own branch, and OpenSSL < 3 remains the legacy
fallback.

The exception is ENGINE support. ENGINE APIs are isolated into a
dedicated compatibility target so they can remain available while the
JS-facing engine APIs are runtime-deprecated in 27.x. That gives us a
clear removal point for 28.x, without letting ENGINE usage leak back
into the strict OpenSSL 3 path.

The split also makes the eventual OpenSSL 1.1.1 removal easier to reason
about. Once support for OpenSSL < 3 is dropped, the legacy branch can be
removed in a focused follow-up, possibly targeting 27.x, instead of
untangling mixed version guards throughout the crypto implementation.

No public crypto or TLS API behavior is intentionally changed.

Assisted-by: Codex:gpt-5
Signed-off-by: Filip Skokan <panva.ip@gmail.com>
PR-URL: #64211
Refs: #56733
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Richard Lau <richard.lau@ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@pull pull Bot locked and limited conversation to collaborators Jul 8, 2026
@pull pull Bot added the ⤵️ pull label Jul 8, 2026
@pull pull Bot merged commit db7cc5b into adamlaska:main Jul 8, 2026
0 of 2 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

6 participants