@node-red/editor-client 3.1.8 → 4.0.0-beta.2

package/public/types/node/crypto.d.ts

@@ -1,5 +1,5 @@
 
-/* NOTE: Do not edit directly! This file is generated using `npm run update-types` in https://github.com/Steve-Mcl/monaco-editor-esm-i18n */
+/* NOTE: Do not edit directly! This file is generated using `npm run update-types` in https://github.com/node-red/nr-monaco-build */
 
 /**
  * The `crypto` module provides cryptographic functionality that includes a set of
@@ -16,47 +16,73 @@
  * // Prints:
  * //   c0fa1bc00531bd78ef38c628449c5102aeabd49b5dc3a2a516ea6ea959d6658e
  * ```
- * @see [source](https://github.com/nodejs/node/blob/v16.9.0/lib/crypto.js)
+ * @see [source](https://github.com/nodejs/node/blob/v18.0.0/lib/crypto.js)
  */
 declare module 'crypto' {
     import * as stream from 'node:stream';
     import { PeerCertificate } from 'node:tls';
-    interface Certificate {
+    /**
+     * SPKAC is a Certificate Signing Request mechanism originally implemented by
+     * Netscape and was specified formally as part of [HTML5's `keygen` element](https://developer.mozilla.org/en-US/docs/Web/HTML/Element/keygen).
+     *
+     * `<keygen>` is deprecated since [HTML 5.2](https://www.w3.org/TR/html52/changes.html#features-removed) and new projects
+     * should not use this element anymore.
+     *
+     * The `crypto` module provides the `Certificate` class for working with SPKAC
+     * data. The most common usage is handling output generated by the HTML5`<keygen>` element. Node.js uses [OpenSSL's SPKAC
+     * implementation](https://www.openssl.org/docs/man1.1.0/apps/openssl-spkac.html) internally.
+     * @since v0.11.8
+     */
+    class Certificate {
         /**
-         * @deprecated
-         * @param spkac
-         * @returns The challenge component of the `spkac` data structure,
-         * which includes a public key and a challenge.
+         * ```js
+         * const { Certificate } = await import('crypto');
+         * const spkac = getSpkacSomehow();
+         * const challenge = Certificate.exportChallenge(spkac);
+         * console.log(challenge.toString('utf8'));
+         * // Prints: the challenge as a UTF8 string
+         * ```
+         * @since v9.0.0
+         * @param encoding The `encoding` of the `spkac` string.
+         * @return The challenge component of the `spkac` data structure, which includes a public key and a challenge.
          */
-        exportChallenge(spkac: BinaryLike): Buffer;
+        static exportChallenge(spkac: BinaryLike): Buffer;
         /**
-         * @deprecated
-         * @param spkac
-         * @param encoding The encoding of the spkac string.
-         * @returns The public key component of the `spkac` data structure,
-         * which includes a public key and a challenge.
+         * ```js
+         * const { Certificate } = await import('crypto');
+         * const spkac = getSpkacSomehow();
+         * const publicKey = Certificate.exportPublicKey(spkac);
+         * console.log(publicKey);
+         * // Prints: the public key as <Buffer ...>
+         * ```
+         * @since v9.0.0
+         * @param encoding The `encoding` of the `spkac` string.
+         * @return The public key component of the `spkac` data structure, which includes a public key and a challenge.
          */
-        exportPublicKey(spkac: BinaryLike, encoding?: string): Buffer;
+        static exportPublicKey(spkac: BinaryLike, encoding?: string): Buffer;
         /**
-         * @deprecated
-         * @param spkac
-         * @returns `true` if the given `spkac` data structure is valid,
-         * `false` otherwise.
+         * ```js
+         * import { Buffer } from 'buffer';
+         * const { Certificate } = await import('crypto');
+         *
+         * const spkac = getSpkacSomehow();
+         * console.log(Certificate.verifySpkac(Buffer.from(spkac)));
+         * // Prints: true or false
+         * ```
+         * @since v9.0.0
+         * @param encoding The `encoding` of the `spkac` string.
+         * @return `true` if the given `spkac` data structure is valid, `false` otherwise.
          */
-        verifySpkac(spkac: NodeJS.ArrayBufferView): boolean;
-    }
-    const Certificate: Certificate & {
-        /** @deprecated since v14.9.0 - Use static methods of `crypto.Certificate` instead. */
-        new (): Certificate;
-        /** @deprecated since v14.9.0 - Use static methods of `crypto.Certificate` instead. */
-        (): Certificate;
+        static verifySpkac(spkac: NodeJS.ArrayBufferView): boolean;
         /**
+         * @deprecated
          * @param spkac
          * @returns The challenge component of the `spkac` data structure,
          * which includes a public key and a challenge.
          */
         exportChallenge(spkac: BinaryLike): Buffer;
         /**
+         * @deprecated
          * @param spkac
          * @param encoding The encoding of the spkac string.
          * @returns The public key component of the `spkac` data structure,
@@ -64,12 +90,13 @@ declare module 'crypto' {
          */
         exportPublicKey(spkac: BinaryLike, encoding?: string): Buffer;
         /**
+         * @deprecated
          * @param spkac
          * @returns `true` if the given `spkac` data structure is valid,
          * `false` otherwise.
          */
         verifySpkac(spkac: NodeJS.ArrayBufferView): boolean;
-    };
+    }
     namespace constants {
         // https://nodejs.org/dist/latest-v10.x/docs/api/crypto.html#crypto_crypto_constants
         const OPENSSL_VERSION_NUMBER: number;
@@ -175,7 +202,7 @@ declare module 'crypto' {
      *
      * The `algorithm` is dependent on the available algorithms supported by the
      * version of OpenSSL on the platform. Examples are `'sha256'`, `'sha512'`, etc.
-     * On recent releases of OpenSSL, `openssl list -digest-algorithms`(`openssl list-message-digest-algorithms` for older versions of OpenSSL) will
+     * On recent releases of OpenSSL, `openssl list -digest-algorithms` will
      * display the available digest algorithms.
      *
      * Example: generating the sha256 sum of a file
@@ -215,7 +242,7 @@ declare module 'crypto' {
      *
      * The `algorithm` is dependent on the available algorithms supported by the
      * version of OpenSSL on the platform. Examples are `'sha256'`, `'sha512'`, etc.
-     * On recent releases of OpenSSL, `openssl list -digest-algorithms`(`openssl list-message-digest-algorithms` for older versions of OpenSSL) will
+     * On recent releases of OpenSSL, `openssl list -digest-algorithms` will
      * display the available digest algorithms.
      *
      * The `key` is the HMAC key used to generate the cryptographic HMAC hash. If it is
@@ -253,7 +280,7 @@ declare module 'crypto' {
      */
     function createHmac(algorithm: string, key: BinaryLike | KeyObject, options?: stream.TransformOptions): Hmac;
     // https://nodejs.org/api/buffer.html#buffer_buffers_and_character_encodings
-    type BinaryToTextEncoding = 'base64' | 'base64url' | 'hex';
+    type BinaryToTextEncoding = 'base64' | 'base64url' | 'hex' | 'binary';
     type CharacterEncoding = 'utf8' | 'utf-8' | 'utf16le' | 'latin1';
     type LegacyCharacterEncoding = 'ascii' | 'binary' | 'ucs2' | 'ucs-2';
     type Encoding = BinaryToTextEncoding | CharacterEncoding | LegacyCharacterEncoding;
@@ -662,12 +689,13 @@ declare module 'crypto' {
      * Creates and returns a `Cipher` object that uses the given `algorithm` and`password`.
      *
      * The `options` argument controls stream behavior and is optional except when a
-     * cipher in CCM or OCB mode is used (e.g. `'aes-128-ccm'`). In that case, the`authTagLength` option is required and specifies the length of the
+     * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the`authTagLength` option is required and specifies the length of the
      * authentication tag in bytes, see `CCM mode`. In GCM mode, the `authTagLength`option is not required but can be used to set the length of the authentication
      * tag that will be returned by `getAuthTag()` and defaults to 16 bytes.
+     * For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes.
      *
      * The `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On
-     * recent OpenSSL releases, `openssl list -cipher-algorithms`(`openssl list-cipher-algorithms` for older versions of OpenSSL) will
+     * recent OpenSSL releases, `openssl list -cipher-algorithms` will
      * display the available cipher algorithms.
      *
      * The `password` is used to derive the cipher key and initialization vector (IV).
@@ -700,12 +728,13 @@ declare module 'crypto' {
      * initialization vector (`iv`).
      *
      * The `options` argument controls stream behavior and is optional except when a
-     * cipher in CCM or OCB mode is used (e.g. `'aes-128-ccm'`). In that case, the`authTagLength` option is required and specifies the length of the
+     * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the`authTagLength` option is required and specifies the length of the
      * authentication tag in bytes, see `CCM mode`. In GCM mode, the `authTagLength`option is not required but can be used to set the length of the authentication
      * tag that will be returned by `getAuthTag()` and defaults to 16 bytes.
+     * For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes.
      *
      * The `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On
-     * recent OpenSSL releases, `openssl list -cipher-algorithms`(`openssl list-cipher-algorithms` for older versions of OpenSSL) will
+     * recent OpenSSL releases, `openssl list -cipher-algorithms` will
      * display the available cipher algorithms.
      *
      * The `key` is the raw key used by the `algorithm` and `iv` is an [initialization vector](https://en.wikipedia.org/wiki/Initialization_vector). Both arguments must be `'utf8'` encoded
@@ -925,8 +954,9 @@ declare module 'crypto' {
      * Creates and returns a `Decipher` object that uses the given `algorithm` and`password` (key).
      *
      * The `options` argument controls stream behavior and is optional except when a
-     * cipher in CCM or OCB mode is used (e.g. `'aes-128-ccm'`). In that case, the`authTagLength` option is required and specifies the length of the
+     * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the`authTagLength` option is required and specifies the length of the
      * authentication tag in bytes, see `CCM mode`.
+     * For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes.
      *
      * The implementation of `crypto.createDecipher()` derives keys using the OpenSSL
      * function [`EVP_BytesToKey`](https://www.openssl.org/docs/man1.1.0/crypto/EVP_BytesToKey.html) with the digest algorithm set to MD5, one
@@ -951,12 +981,13 @@ declare module 'crypto' {
      * Creates and returns a `Decipher` object that uses the given `algorithm`, `key`and initialization vector (`iv`).
      *
      * The `options` argument controls stream behavior and is optional except when a
-     * cipher in CCM or OCB mode is used (e.g. `'aes-128-ccm'`). In that case, the`authTagLength` option is required and specifies the length of the
+     * cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the`authTagLength` option is required and specifies the length of the
      * authentication tag in bytes, see `CCM mode`. In GCM mode, the `authTagLength`option is not required but can be used to restrict accepted authentication tags
      * to those with the specified length.
+     * For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes.
      *
      * The `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On
-     * recent OpenSSL releases, `openssl list -cipher-algorithms`(`openssl list-cipher-algorithms` for older versions of OpenSSL) will
+     * recent OpenSSL releases, `openssl list -cipher-algorithms` will
      * display the available cipher algorithms.
      *
      * The `key` is the raw key used by the `algorithm` and `iv` is an [initialization vector](https://en.wikipedia.org/wiki/Initialization_vector). Both arguments must be `'utf8'` encoded
@@ -1162,13 +1193,11 @@ declare module 'crypto' {
         format?: KeyFormat | undefined;
         type?: 'pkcs1' | 'pkcs8' | 'sec1' | undefined;
         passphrase?: string | Buffer | undefined;
-        encoding?: string | undefined;
     }
     interface PublicKeyInput {
         key: string | Buffer;
         format?: KeyFormat | undefined;
         type?: 'pkcs1' | 'spki' | undefined;
-        encoding?: string | undefined;
     }
     /**
      * Asynchronously generates a new random secret key of the given `length`. The`type` will determine which validations will be performed on the `length`.
@@ -1279,7 +1308,6 @@ declare module 'crypto' {
     interface VerifyKeyObjectInput extends SigningOptions {
         key: KeyObject;
     }
-    interface VerifyJsonWebKeyInput extends JsonWebKeyInput, SigningOptions {}
     type KeyLike = string | Buffer | KeyObject;
     /**
      * The `Sign` class is a utility for generating signatures. It can be used in one
@@ -1434,8 +1462,8 @@ declare module 'crypto' {
          * be passed instead of a public key.
          * @since v0.1.92
          */
-        verify(object: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput | VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView): boolean;
-        verify(object: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput | VerifyJsonWebKeyInput, signature: string, signature_format?: BinaryToTextEncoding): boolean;
+        verify(object: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput, signature: NodeJS.ArrayBufferView): boolean;
+        verify(object: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput, signature: string, signature_format?: BinaryToTextEncoding): boolean;
     }
     /**
      * Creates a `DiffieHellman` key exchange object using the supplied `prime` and an
@@ -1453,10 +1481,10 @@ declare module 'crypto' {
      * @param [generator=2]
      * @param generatorEncoding The `encoding` of the `generator` string.
      */
-    function createDiffieHellman(primeLength: number, generator?: number | NodeJS.ArrayBufferView): DiffieHellman;
-    function createDiffieHellman(prime: NodeJS.ArrayBufferView): DiffieHellman;
-    function createDiffieHellman(prime: string, primeEncoding: BinaryToTextEncoding): DiffieHellman;
-    function createDiffieHellman(prime: string, primeEncoding: BinaryToTextEncoding, generator: number | NodeJS.ArrayBufferView): DiffieHellman;
+    function createDiffieHellman(primeLength: number, generator?: number): DiffieHellman;
+    function createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView): DiffieHellman;
+    function createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator: string, generatorEncoding: BinaryToTextEncoding): DiffieHellman;
+    function createDiffieHellman(prime: string, primeEncoding: BinaryToTextEncoding, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView): DiffieHellman;
     function createDiffieHellman(prime: string, primeEncoding: BinaryToTextEncoding, generator: string, generatorEncoding: BinaryToTextEncoding): DiffieHellman;
     /**
      * The `DiffieHellman` class is a utility for creating Diffie-Hellman key
@@ -1805,7 +1833,7 @@ declare module 'crypto' {
      * Return a random integer `n` such that `min <= n < max`.  This
      * implementation avoids [modulo bias](https://en.wikipedia.org/wiki/Fisher%E2%80%93Yates_shuffle#Modulo_bias).
      *
-     * The range (`max - min`) must be less than `2**48`. `min` and `max` must
+     * The range (`max - min`) must be less than 2^48. `min` and `max` must
      * be [safe integers](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/isSafeInteger).
      *
      * If the `callback` function is not provided, the random integer is
@@ -2281,11 +2309,11 @@ declare module 'crypto' {
          * If `encoding` is specified, a string is returned; otherwise a `Buffer` is
          * returned.
          * @since v0.11.14
-         * @param encoding The `encoding` of the return value.
+         * @param [encoding] The `encoding` of the return value.
          * @param [format='uncompressed']
          * @return The EC Diffie-Hellman public key in the specified `encoding` and `format`.
          */
-        getPublicKey(): Buffer;
+        getPublicKey(encoding?: null, format?: ECDHKeyFormat): Buffer;
         getPublicKey(encoding: BinaryToTextEncoding, format?: ECDHKeyFormat): string;
         /**
          * Sets the EC Diffie-Hellman private key.
@@ -2316,7 +2344,8 @@ declare module 'crypto' {
      * comparing HMAC digests or secret values like authentication cookies or [capability urls](https://www.w3.org/TR/capability-urls/).
      *
      * `a` and `b` must both be `Buffer`s, `TypedArray`s, or `DataView`s, and they
-     * must have the same byte length.
+     * must have the same byte length. An error is thrown if `a` and `b` have
+     * different byte lengths.
      *
      * If at least one of `a` and `b` is a `TypedArray` with more than one byte per
      * entry, such as `Uint16Array`, the result will be computed using the platform
@@ -2331,7 +2360,7 @@ declare module 'crypto' {
     /** @deprecated since v10.0.0 */
     const DEFAULT_ENCODING: BufferEncoding;
     type KeyType = 'rsa' | 'rsa-pss' | 'dsa' | 'ec' | 'ed25519' | 'ed448' | 'x25519' | 'x448';
-    type KeyFormat = 'pem' | 'der' | 'jwk';
+    type KeyFormat = 'pem' | 'der';
     interface BasePrivateKeyEncodingOptions<T extends KeyFormat> {
         format: T;
         cipher?: string | undefined;
@@ -2942,16 +2971,11 @@ declare module 'crypto' {
      * If the `callback` function is provided this function uses libuv's threadpool.
      * @since v12.0.0
      */
+    function verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput, signature: NodeJS.ArrayBufferView): boolean;
     function verify(
         algorithm: string | null | undefined,
         data: NodeJS.ArrayBufferView,
-        key: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput | VerifyJsonWebKeyInput,
-        signature: NodeJS.ArrayBufferView
-    ): boolean;
-    function verify(
-        algorithm: string | null | undefined,
-        data: NodeJS.ArrayBufferView,
-        key: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput | VerifyJsonWebKeyInput,
+        key: KeyLike | VerifyKeyObjectInput | VerifyPublicKeyInput,
         signature: NodeJS.ArrayBufferView,
         callback: (error: Error | null, result: boolean) => void
     ): void;
@@ -3100,34 +3124,33 @@ declare module 'crypto' {
          */
         disableEntropyCache?: boolean | undefined;
     }
-    type UUID = `${string}-${string}-${string}-${string}-${string}`;
     /**
      * Generates a random [RFC 4122](https://www.rfc-editor.org/rfc/rfc4122.txt) version 4 UUID. The UUID is generated using a
      * cryptographic pseudorandom number generator.
-     * @since v15.6.0
+     * @since v15.6.0, v14.17.0
      */
-    function randomUUID(options?: RandomUUIDOptions): UUID;
+    function randomUUID(options?: RandomUUIDOptions): string;
     interface X509CheckOptions {
         /**
          * @default 'always'
          */
-        subject?: 'always' | 'default' | 'never';
+        subject: 'always' | 'never';
         /**
          * @default true
          */
-        wildcards?: boolean;
+        wildcards: boolean;
         /**
          * @default true
          */
-        partialWildcards?: boolean;
+        partialWildcards: boolean;
         /**
          * @default false
          */
-        multiLabelWildcards?: boolean;
+        multiLabelWildcards: boolean;
         /**
          * @default false
          */
-        singleLabelSubdomains?: boolean;
+        singleLabelSubdomains: boolean;
     }
     /**
      * Encapsulates an X509 certificate and provides read-only access to
@@ -3144,12 +3167,16 @@ declare module 'crypto' {
      */
     class X509Certificate {
         /**
-         * Will be \`true\` if this is a Certificate Authority (ca) certificate.
+         * Will be \`true\` if this is a Certificate Authority (CA) certificate.
          * @since v15.6.0
          */
         readonly ca: boolean;
         /**
          * The SHA-1 fingerprint of this certificate.
+         *
+         * Because SHA-1 is cryptographically broken and because the security of SHA-1 is
+         * significantly worse than that of algorithms that are commonly used to sign
+         * certificates, consider using `x509.fingerprint256` instead.
          * @since v15.6.0
          */
         readonly fingerprint: string;
@@ -3208,6 +3235,10 @@ declare module 'crypto' {
         readonly raw: Buffer;
         /**
          * The serial number of this certificate.
+         *
+         * Serial numbers are assigned by certificate authorities and do not uniquely
+         * identify certificates. Consider using `x509.fingerprint256` as a unique
+         * identifier instead.
          * @since v15.6.0
          */
         readonly serialNumber: string;
@@ -3224,18 +3255,50 @@ declare module 'crypto' {
         constructor(buffer: BinaryLike);
         /**
          * Checks whether the certificate matches the given email address.
+         *
+         * If the `'subject'` option is undefined or set to `'default'`, the certificate
+         * subject is only considered if the subject alternative name extension either does
+         * not exist or does not contain any email addresses.
+         *
+         * If the `'subject'` option is set to `'always'` and if the subject alternative
+         * name extension either does not exist or does not contain a matching email
+         * address, the certificate subject is considered.
+         *
+         * If the `'subject'` option is set to `'never'`, the certificate subject is never
+         * considered, even if the certificate contains no subject alternative names.
          * @since v15.6.0
          * @return Returns `email` if the certificate matches, `undefined` if it does not.
          */
         checkEmail(email: string, options?: Pick<X509CheckOptions, 'subject'>): string | undefined;
         /**
          * Checks whether the certificate matches the given host name.
+         *
+         * If the certificate matches the given host name, the matching subject name is
+         * returned. The returned name might be an exact match (e.g., `foo.example.com`)
+         * or it might contain wildcards (e.g., `*.example.com`). Because host name
+         * comparisons are case-insensitive, the returned subject name might also differ
+         * from the given `name` in capitalization.
+         *
+         * If the `'subject'` option is undefined or set to `'default'`, the certificate
+         * subject is only considered if the subject alternative name extension either does
+         * not exist or does not contain any DNS names. This behavior is consistent with [RFC 2818](https://www.rfc-editor.org/rfc/rfc2818.txt) ("HTTP Over TLS").
+         *
+         * If the `'subject'` option is set to `'always'` and if the subject alternative
+         * name extension either does not exist or does not contain a matching DNS name,
+         * the certificate subject is considered.
+         *
+         * If the `'subject'` option is set to `'never'`, the certificate subject is never
+         * considered, even if the certificate contains no subject alternative names.
          * @since v15.6.0
-         * @return Returns `name` if the certificate matches, `undefined` if it does not.
+         * @return Returns a subject name that matches `name`, or `undefined` if no subject name matches `name`.
          */
         checkHost(name: string, options?: X509CheckOptions): string | undefined;
         /**
          * Checks whether the certificate matches the given IP address (IPv4 or IPv6).
+         *
+         * Only [RFC 5280](https://www.rfc-editor.org/rfc/rfc5280.txt) `iPAddress` subject alternative names are considered, and they
+         * must match the given `ip` address exactly. Other subject alternative names as
+         * well as the subject field of the certificate are ignored.
          * @since v15.6.0
          * @return Returns `ip` if the certificate matches, `undefined` if it does not.
          */
@@ -3408,6 +3471,19 @@ declare module 'crypto' {
      * @param [flags=crypto.constants.ENGINE_METHOD_ALL]
      */
     function setEngine(engine: string, flags?: number): void;
+    /**
+     * A convenient alias for `crypto.webcrypto.getRandomValues()`.
+     * This implementation is not compliant with the Web Crypto spec,
+     * to write web-compatible code use `crypto.webcrypto.getRandomValues()` instead.
+     * @since v17.4.0
+     * @returns Returns `typedArray`.
+     */
+    function getRandomValues<T extends webcrypto.BufferSource>(typedArray: T): T;
+    /**
+     * A convenient alias for `crypto.webcrypto.subtle`.
+     * @since v17.4.0
+     */
+    const subtle: webcrypto.SubtleCrypto;
     /**
      * An implementation of the Web Crypto API standard.
      *
@@ -3565,7 +3641,7 @@ declare module 'crypto' {
              * The UUID is generated using a cryptographic pseudorandom number generator.
              * @since v16.7.0
              */
-            randomUUID(): UUID;
+            randomUUID(): string;
             CryptoKey: CryptoKeyConstructor;
         }
         // This constructor throws ILLEGAL_CONSTRUCTOR so it should not be newable.
@@ -3650,17 +3726,22 @@ declare module 'crypto' {
             /**
              * Using the method and parameters specified in `algorithm` and the keying material provided by `baseKey`,
              * `subtle.deriveBits()` attempts to generate `length` bits.
-             * The Node.js implementation requires that `length` is a multiple of `8`.
+             * The Node.js implementation requires that when `length` is a number it must be multiple of `8`.
+             * When `length` is `null` the maximum number of bits for a given algorithm is generated. This is allowed
+             * for the `'ECDH'`, `'X25519'`, and `'X448'` algorithms.
              * If successful, the returned promise will be resolved with an `<ArrayBuffer>` containing the generated data.
              *
              * The algorithms currently supported include:
              *
              * - `'ECDH'`
+             * - `'X25519'`
+             * - `'X448'`
              * - `'HKDF'`
              * - `'PBKDF2'`
              * @since v15.0.0
              */
-            deriveBits(algorithm: AlgorithmIdentifier | EcdhKeyDeriveParams | HkdfParams | Pbkdf2Params, baseKey: CryptoKey, length: number): Promise<ArrayBuffer>;
+            deriveBits(algorithm: EcdhKeyDeriveParams, baseKey: CryptoKey, length: number | null): Promise<ArrayBuffer>;
+            deriveBits(algorithm: AlgorithmIdentifier | HkdfParams | Pbkdf2Params, baseKey: CryptoKey, length: number): Promise<ArrayBuffer>;
             /**
              * Using the method and parameters specified in `algorithm`, and the keying material provided by `baseKey`,
              * `subtle.deriveKey()` attempts to generate a new <CryptoKey>` based on the method and parameters in `derivedKeyAlgorithm`.
@@ -3671,6 +3752,8 @@ declare module 'crypto' {
              * The algorithms currently supported include:
              *
              * - `'ECDH'`
+             * - `'X25519'`
+             * - `'X448'`
              * - `'HKDF'`
              * - `'PBKDF2'`
              * @param keyUsages See {@link https://nodejs.org/docs/latest/api/webcrypto.html#cryptokeyusages Key usages}.
@@ -3739,7 +3822,11 @@ declare module 'crypto' {
              * - `'RSA-PSS'`
              * - `'RSA-OAEP'`
              * - `'ECDSA'`
+             * - `'Ed25519'`
+             * - `'Ed448'`
              * - `'ECDH'`
+             * - `'X25519'`
+             * - `'X448'`
              * The `<CryptoKey>` (secret key) generating algorithms supported include:
              *
              * - `'HMAC'`
@@ -3787,6 +3874,8 @@ declare module 'crypto' {
              * - `'RSASSA-PKCS1-v1_5'`
              * - `'RSA-PSS'`
              * - `'ECDSA'`
+             * - `'Ed25519'`
+             * - `'Ed448'`
              * - `'HMAC'`
              * @since v15.0.0
              */
@@ -3812,7 +3901,11 @@ declare module 'crypto' {
              * - `'RSA-PSS'`
              * - `'RSA-OAEP'`
              * - `'ECDSA'`
+             * - `'Ed25519'`
+             * - `'Ed448'`
              * - `'ECDH'`
+             * - `'X25519'`
+             * - `'X448'`
              * - `'HMAC'`
              * - `'AES-CTR'`
              * - `'AES-CBC'`
@@ -3841,6 +3934,8 @@ declare module 'crypto' {
              * - `'RSASSA-PKCS1-v1_5'`
              * - `'RSA-PSS'`
              * - `'ECDSA'`
+             * - `'Ed25519'`
+             * - `'Ed448'`
              * - `'HMAC'`
              * @since v15.0.0
              */

package/public/types/node/dgram.d.ts

@@ -1,5 +1,5 @@
 
-/* NOTE: Do not edit directly! This file is generated using `npm run update-types` in https://github.com/Steve-Mcl/monaco-editor-esm-i18n */
+/* NOTE: Do not edit directly! This file is generated using `npm run update-types` in https://github.com/node-red/nr-monaco-build */
 
 /**
  * The `dgram` module provides an implementation of UDP datagram sockets.
@@ -26,7 +26,7 @@
  * server.bind(41234);
  * // Prints: server listening 0.0.0.0:41234
  * ```
- * @see [source](https://github.com/nodejs/node/blob/v16.9.0/lib/dgram.js)
+ * @see [source](https://github.com/nodejs/node/blob/v18.0.0/lib/dgram.js)
  */
 declare module 'dgram' {
     import { AddressInfo } from 'node:net';
@@ -263,7 +263,7 @@ declare module 'dgram' {
          *
          * The `address` argument is a string. If the value of `address` is a host name,
          * DNS will be used to resolve the address of the host. If `address` is not
-         * provided or otherwise falsy, `'127.0.0.1'` (for `udp4` sockets) or `'::1'`(for `udp6` sockets) will be used by default.
+         * provided or otherwise nullish, `'127.0.0.1'` (for `udp4` sockets) or `'::1'`(for `udp6` sockets) will be used by default.
          *
          * If the socket has not been previously bound with a call to `bind`, the socket
          * is assigned a random port number and is bound to the "all interfaces" address
@@ -454,7 +454,7 @@ declare module 'dgram' {
          * TTL. If the TTL is decremented to 0 by a router, it will not be forwarded.
          * Changing TTL values is typically done for network probes or when multicasting.
          *
-         * The `ttl` argument may be between between 1 and 255\. The default on most systems
+         * The `ttl` argument may be between 1 and 255\. The default on most systems
          * is 64.
          *
          * This method throws `EBADF` if called on an unbound socket.

package/public/types/node/diagnostics_channel.d.ts

@@ -1,5 +1,5 @@
 
-/* NOTE: Do not edit directly! This file is generated using `npm run update-types` in https://github.com/Steve-Mcl/monaco-editor-esm-i18n */
+/* NOTE: Do not edit directly! This file is generated using `npm run update-types` in https://github.com/node-red/nr-monaco-build */
 
 /**
  * The `diagnostics_channel` module provides an API to create named channels
@@ -23,7 +23,7 @@
  * should generally include the module name to avoid collisions with data from
  * other modules.
  * @experimental
- * @see [source](https://github.com/nodejs/node/blob/v16.9.0/lib/diagnostics_channel.js)
+ * @see [source](https://github.com/nodejs/node/blob/v18.0.0/lib/diagnostics_channel.js)
  */
 declare module 'diagnostics_channel' {
     /**
@@ -44,7 +44,7 @@ declare module 'diagnostics_channel' {
      * @param name The channel name
      * @return If there are active subscribers
      */
-    function hasSubscribers(name: string | symbol): boolean;
+    function hasSubscribers(name: string): boolean;
     /**
      * This is the primary entry-point for anyone wanting to interact with a named
      * channel. It produces a channel object which is optimized to reduce overhead at
@@ -59,8 +59,8 @@ declare module 'diagnostics_channel' {
      * @param name The channel name
      * @return The named channel object
      */
-    function channel(name: string | symbol): Channel;
-    type ChannelListener = (message: unknown, name: string | symbol) => void;
+    function channel(name: string): Channel;
+    type ChannelListener = (message: unknown, name: string) => void;
     /**
      * The class `Channel` represents an individual named channel within the data
      * pipeline. It is use to track subscribers and to publish messages when there
@@ -71,7 +71,7 @@ declare module 'diagnostics_channel' {
      * @since v15.1.0, v14.17.0
      */
     class Channel {
-        readonly name: string | symbol;
+        readonly name: string;
         /**
          * Check if there are active subscribers to this channel. This is helpful if
          * the message you want to send might be expensive to prepare.
@@ -91,7 +91,7 @@ declare module 'diagnostics_channel' {
          * @since v15.1.0, v14.17.0
          */
         readonly hasSubscribers: boolean;
-        private constructor(name: string | symbol);
+        private constructor(name: string);
         /**
          * Publish a message to any subscribers to the channel. This will
          * trigger message handlers synchronously so they will execute within
@@ -146,6 +146,7 @@ declare module 'diagnostics_channel' {
          * ```
          * @since v15.1.0, v14.17.0
          * @param onMessage The previous subscribed handler to remove
+         * @return `true` if the handler was found, `false` otherwise.
          */
         unsubscribe(onMessage: ChannelListener): void;
     }