node-linux-arm64 16.18.1 → 16.19.1

package/CHANGELOG.md

@@ -9,6 +9,8 @@
 </tr>
 <tr>
 <td valign="top">
+<a href="#16.19.1">16.19.1</a><br/>
+<a href="#16.19.0">16.19.0</a><br/>
 <a href="#16.18.1">16.18.1</a><br/>
 <a href="#16.18.0">16.18.0</a><br/>
 <a href="#16.17.1">16.17.1</a><br/>
@@ -66,6 +68,156 @@
   * [io.js](CHANGELOG_IOJS.md)
   * [Archive](CHANGELOG_ARCHIVE.md)
 
+<a id="16.19.1"></a>
+
+## 2023-02-16, Version 16.19.1 'Gallium' (LTS), @richardlau
+
+This is a security release.
+
+### Notable Changes
+
+The following CVEs are fixed in this release:
+
+* **[CVE-2023-23918](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23918)**: Node.js Permissions policies can be bypassed via process.mainModule (High)
+* **[CVE-2023-23919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23919)**: Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
+* **[CVE-2023-23920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920)**: Node.js insecure loading of ICU data through ICU\_DATA environment variable (Low)
+
+Fixed by an update to undici:
+
+* **[CVE-2023-23936](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23936)**: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium)
+  * See <https://github.com/nodejs/undici/security/advisories/GHSA-5r9g-qh6m-jxff> for more information.
+* **[CVE-2023-24807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24807)**: Regular Expression Denial of Service in Headers in Node.js fetch API (Low)
+  * See <https://github.com/nodejs/undici/security/advisories/GHSA-r6ch-mqf9-qc9w> for more information.
+
+More detailed information on each of the vulnerabilities can be found in [February 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/) blog post.
+
+This security release includes OpenSSL security updates as outlined in the recent
+[OpenSSL security advisory](https://www.openssl.org/news/secadv/20230207.txt).
+
+### Commits
+
+* \[[`7fef050447`](https://github.com/nodejs/node/commit/7fef050447)] - **build**: build ICU with ICU\_NO\_USER\_DATA\_OVERRIDE (RafaelGSS) [nodejs-private/node-private#374](https://github.com/nodejs-private/node-private/pull/374)
+* \[[`b558e9f476`](https://github.com/nodejs/node/commit/b558e9f476)] - **crypto**: clear OpenSSL error on invalid ca cert (RafaelGSS) [nodejs-private/node-private#375](https://github.com/nodejs-private/node-private/pull/375)
+* \[[`160adb7ffc`](https://github.com/nodejs/node/commit/160adb7ffc)] - **crypto**: clear OpenSSL error queue after calling X509\_check\_private\_key() (Filip Skokan) [#45495](https://github.com/nodejs/node/pull/45495)
+* \[[`d0ece30948`](https://github.com/nodejs/node/commit/d0ece30948)] - **crypto**: clear OpenSSL error queue after calling X509\_verify() (Takuro Sato) [#45377](https://github.com/nodejs/node/pull/45377)
+* \[[`2d9ae4f184`](https://github.com/nodejs/node/commit/2d9ae4f184)] - **deps**: update undici to v5.19.1 (Matteo Collina) [nodejs-private/node-private#388](https://github.com/nodejs-private/node-private/pull/388)
+* \[[`d80e8312fd`](https://github.com/nodejs/node/commit/d80e8312fd)] - **deps**: cherry-pick Windows ARM64 fix for openssl (Richard Lau) [#46568](https://github.com/nodejs/node/pull/46568)
+* \[[`de5c8d2c2f`](https://github.com/nodejs/node/commit/de5c8d2c2f)] - **deps**: update archs files for quictls/openssl-1.1.1t+quic (RafaelGSS) [#46568](https://github.com/nodejs/node/pull/46568)
+* \[[`1a8ccfe908`](https://github.com/nodejs/node/commit/1a8ccfe908)] - **deps**: upgrade openssl sources to OpenSSL\_1\_1\_1t+quic (RafaelGSS) [#46568](https://github.com/nodejs/node/pull/46568)
+* \[[`693789780b`](https://github.com/nodejs/node/commit/693789780b)] - **doc**: clarify release notes for Node.js 16.19.0 (Richard Lau) [#45846](https://github.com/nodejs/node/pull/45846)
+* \[[`f95ef064f4`](https://github.com/nodejs/node/commit/f95ef064f4)] - **lib**: makeRequireFunction patch when experimental policy (RafaelGSS) [nodejs-private/node-private#358](https://github.com/nodejs-private/node-private/pull/358)
+* \[[`b02d895137`](https://github.com/nodejs/node/commit/b02d895137)] - **policy**: makeRequireFunction on mainModule.require (RafaelGSS) [nodejs-private/node-private#358](https://github.com/nodejs-private/node-private/pull/358)
+* \[[`d7f83c420c`](https://github.com/nodejs/node/commit/d7f83c420c)] - **test**: avoid left behind child processes (Richard Lau) [#46276](https://github.com/nodejs/node/pull/46276)
+
+<a id="16.19.0"></a>
+
+## 2022-12-13, Version 16.19.0 'Gallium' (LTS), @richardlau
+
+### Notable Changes
+
+#### OpenSSL 1.1.1s
+
+This OpenSSL version does not address any security vulnerabilities.
+
+#### Root certificates updated to NSS 3.85
+
+Certificates added:
+
+* Autoridad de Certificacion Firmaprofesional CIF A62634068
+* Certainly Root E1
+* Certainly Root R1
+* D-TRUST BR Root CA 1 2020
+* D-TRUST EV Root CA 1 2020
+* DigiCert TLS ECC P384 Root G5
+* DigiCert TLS RSA4096 Root G5
+* E-Tugra Global Root CA ECC v3
+* E-Tugra Global Root CA RSA v3
+* HiPKI Root CA - G1
+* ISRG Root X2
+* Security Communication ECC RootCA1
+* Security Communication RootCA3
+* Telia Root CA v2
+* vTrus ECC Root CA
+* vTrus Root CA
+
+Certificates removed:
+
+* Cybertrust Global Root
+* DST Root CA X3
+* GlobalSign Root CA - R2
+* Hellenic Academic and Research Institutions RootCA 2011
+
+#### Time zone update to 2022f
+
+Time zone data has been updated to 2022f. This includes changes to Daylight
+Savings Time (DST) for Fiji and Mexico. For more information, see
+<https://mm.icann.org/pipermail/tz-announce/2022-October/000075.html>.
+
+#### Other Notable Changes
+
+* \[[`33707dcd03`](https://github.com/nodejs/node/commit/33707dcd03)] - **(SEMVER-MINOR)** **dgram**: add dgram send queue info (theanarkh) [#44149](https://github.com/nodejs/node/pull/44149)
+
+Dependency updates:
+
+* \[[`3b2b70d792`](https://github.com/nodejs/node/commit/3b2b70d792)] - **deps**: upgrade npm to 8.19.3 (npm team) [#45322](https://github.com/nodejs/node/pull/45322)
+
+Experimental features:
+
+* \[[`1e0dcd1ee0`](https://github.com/nodejs/node/commit/1e0dcd1ee0)] - **(SEMVER-MINOR)** **cli**: add `--watch` (Moshe Atlow) [#44366](https://github.com/nodejs/node/pull/44366)
+* \[[`8c73279ebb`](https://github.com/nodejs/node/commit/8c73279ebb)] - **(SEMVER-MINOR)** **util**: add default value option to parsearg (Manuel Spigolon) [#44631](https://github.com/nodejs/node/pull/44631)
+
+### Commits
+
+* \[[`bbef3c42f6`](https://github.com/nodejs/node/commit/bbef3c42f6)] - **build**: add version info to timezone update PR (Darshan Sen) [#45021](https://github.com/nodejs/node/pull/45021)
+* \[[`cc2c7648e0`](https://github.com/nodejs/node/commit/cc2c7648e0)] - **build**: support Python 3.11 (Luigi Pinca) [#45191](https://github.com/nodejs/node/pull/45191)
+* \[[`ac24c80663`](https://github.com/nodejs/node/commit/ac24c80663)] - **build**: remove redundant condition from common.gypi (Richard Lau) [#45076](https://github.com/nodejs/node/pull/45076)
+* \[[`03dcbe3030`](https://github.com/nodejs/node/commit/03dcbe3030)] - **build**: fix bad upstream merge (Stephen Gallagher) [#44642](https://github.com/nodejs/node/pull/44642)
+* \[[`1e0dcd1ee0`](https://github.com/nodejs/node/commit/1e0dcd1ee0)] - **(SEMVER-MINOR)** **cli**: add `--watch` (Moshe Atlow) [#44366](https://github.com/nodejs/node/pull/44366)
+* \[[`96d131665e`](https://github.com/nodejs/node/commit/96d131665e)] - **cluster**: use inspector utils (Moshe Atlow) [#44592](https://github.com/nodejs/node/pull/44592)
+* \[[`704836033a`](https://github.com/nodejs/node/commit/704836033a)] - **crypto**: update root certificates (Luigi Pinca) [#45490](https://github.com/nodejs/node/pull/45490)
+* \[[`5a776d4a69`](https://github.com/nodejs/node/commit/5a776d4a69)] - **deps**: update timezone to 2022f (Richard Lau) [#45613](https://github.com/nodejs/node/pull/45613)
+* \[[`3b2b70d792`](https://github.com/nodejs/node/commit/3b2b70d792)] - **deps**: upgrade npm to 8.19.3 (npm team) [#45322](https://github.com/nodejs/node/pull/45322)
+* \[[`9fbc8b21db`](https://github.com/nodejs/node/commit/9fbc8b21db)] - **deps**: update corepack to 0.15.1 (Node.js GitHub Bot) [#45331](https://github.com/nodejs/node/pull/45331)
+* \[[`87e3d002ca`](https://github.com/nodejs/node/commit/87e3d002ca)] - **deps**: update corepack to 0.15.0 (Node.js GitHub Bot) [#45235](https://github.com/nodejs/node/pull/45235)
+* \[[`e972ff7b13`](https://github.com/nodejs/node/commit/e972ff7b13)] - **deps**: V8: backport bbd800c6e359 (Chengzhong Wu) [#44947](https://github.com/nodejs/node/pull/44947)
+* \[[`af9d8217c0`](https://github.com/nodejs/node/commit/af9d8217c0)] - **deps**: V8: cherry-pick b95354290941 (Chengzhong Wu) [#44947](https://github.com/nodejs/node/pull/44947)
+* \[[`38202d321b`](https://github.com/nodejs/node/commit/38202d321b)] - **deps**: update undici to 5.12.0 (Node.js GitHub Bot) [#45236](https://github.com/nodejs/node/pull/45236)
+* \[[`7c0da6adf9`](https://github.com/nodejs/node/commit/7c0da6adf9)] - **deps**: update archs files for OpenSSL-1.1.1s (RafaelGSS) [#45274](https://github.com/nodejs/node/pull/45274)
+* \[[`1149ead6f7`](https://github.com/nodejs/node/commit/1149ead6f7)] - **deps**: upgrade openssl sources to OpenSSL\_1\_1\_1s (RafaelGSS) [#45274](https://github.com/nodejs/node/pull/45274)
+* \[[`cd54bce4f5`](https://github.com/nodejs/node/commit/cd54bce4f5)] - **deps**: update timezone (Node.js GitHub Bot) [#44950](https://github.com/nodejs/node/pull/44950)
+* \[[`2901abe4f0`](https://github.com/nodejs/node/commit/2901abe4f0)] - **deps**: update undici to 5.11.0 (Node.js GitHub Bot) [#44929](https://github.com/nodejs/node/pull/44929)
+* \[[`c80cf97033`](https://github.com/nodejs/node/commit/c80cf97033)] - **deps**: update corepack to 0.14.2 (Node.js GitHub Bot) [#44775](https://github.com/nodejs/node/pull/44775)
+* \[[`33707dcd03`](https://github.com/nodejs/node/commit/33707dcd03)] - **(SEMVER-MINOR)** **dgram**: add dgram send queue info (theanarkh) [#44149](https://github.com/nodejs/node/pull/44149)
+* \[[`c708d9bb94`](https://github.com/nodejs/node/commit/c708d9bb94)] - **doc**: fix typo in parseArgs default value (Tobias Nießen) [#45083](https://github.com/nodejs/node/pull/45083)
+* \[[`5a0efa05d2`](https://github.com/nodejs/node/commit/5a0efa05d2)] - **node-api**: handle no support for external buffers (Michael Dawson) [#45181](https://github.com/nodejs/node/pull/45181)
+* \[[`db31de634e`](https://github.com/nodejs/node/commit/db31de634e)] - **readline**: refactor to avoid unsafe regex primordials (Antoine du Hamel) [#43475](https://github.com/nodejs/node/pull/43475)
+* \[[`fbc52e5729`](https://github.com/nodejs/node/commit/fbc52e5729)] - **src**: disambiguate terms used to refer to builtins and addons (Joyee Cheung) [#44135](https://github.com/nodejs/node/pull/44135)
+* \[[`953072d3db`](https://github.com/nodejs/node/commit/953072d3db)] - **src**: let http2 streams end after session close (Santiago Gimeno) [#45153](https://github.com/nodejs/node/pull/45153)
+* \[[`54608d8dc3`](https://github.com/nodejs/node/commit/54608d8dc3)] - **src**: split property helpers from node::Environment (Chengzhong Wu) [#44056](https://github.com/nodejs/node/pull/44056)
+* \[[`6733556783`](https://github.com/nodejs/node/commit/6733556783)] - **test**: add test to validate changelogs for releases (Richard Lau) [#45325](https://github.com/nodejs/node/pull/45325)
+* \[[`821d832cef`](https://github.com/nodejs/node/commit/821d832cef)] - **test**: mark test-watch-mode\* as flaky on all platforms (Pierrick Bouvier) [#45049](https://github.com/nodejs/node/pull/45049)
+* \[[`02a18eac69`](https://github.com/nodejs/node/commit/02a18eac69)] - **test**: fix test-runner-inspect (Moshe Atlow) [#44620](https://github.com/nodejs/node/pull/44620)
+* \[[`197df63f74`](https://github.com/nodejs/node/commit/197df63f74)] - **test**: add a test to ensure the correctness of timezone upgrades (Darshan Sen) [#45299](https://github.com/nodejs/node/pull/45299)
+* \[[`42e9d8016a`](https://github.com/nodejs/node/commit/42e9d8016a)] - **test**: fix textdecoder test for small-icu builds (Richard Lau) [#45225](https://github.com/nodejs/node/pull/45225)
+* \[[`6d736a56d8`](https://github.com/nodejs/node/commit/6d736a56d8)] - **test**: fix watch mode test flake (Moshe Atlow) [#44739](https://github.com/nodejs/node/pull/44739)
+* \[[`543d3d2bf3`](https://github.com/nodejs/node/commit/543d3d2bf3)] - **test**: deflake watch mode tests (Moshe Atlow) [#44621](https://github.com/nodejs/node/pull/44621)
+* \[[`97f6caf4eb`](https://github.com/nodejs/node/commit/97f6caf4eb)] - **test**: split watch mode inspector tests to sequential (Moshe Atlow) [#44551](https://github.com/nodejs/node/pull/44551)
+* \[[`499750ff7a`](https://github.com/nodejs/node/commit/499750ff7a)] - **test**: update list of known globals (Antoine du Hamel) [#45255](https://github.com/nodejs/node/pull/45255)
+* \[[`64d343af74`](https://github.com/nodejs/node/commit/64d343af74)] - **test\_runner**: support using `--inspect` with `--test` (Moshe Atlow) [#44520](https://github.com/nodejs/node/pull/44520)
+* \[[`99ee5e484d`](https://github.com/nodejs/node/commit/99ee5e484d)] - **test\_runner**: fix `duration_ms` to be milliseconds (Moshe Atlow) [#44450](https://github.com/nodejs/node/pull/44450)
+* \[[`37e909251c`](https://github.com/nodejs/node/commit/37e909251c)] - **test\_runner**: support programmatically running `--test` (Moshe Atlow) [#44241](https://github.com/nodejs/node/pull/44241)
+* \[[`0ae5694f88`](https://github.com/nodejs/node/commit/0ae5694f88)] - **tools**: update certdata.txt (Luigi Pinca) [#45490](https://github.com/nodejs/node/pull/45490)
+* \[[`891368cefd`](https://github.com/nodejs/node/commit/891368cefd)] - **tools**: remove faulty early termination logic from update-timezone.mjs (Darshan Sen) [#44870](https://github.com/nodejs/node/pull/44870)
+* \[[`543493c242`](https://github.com/nodejs/node/commit/543493c242)] - **tools**: fix timezone update tool (Darshan Sen) [#44870](https://github.com/nodejs/node/pull/44870)
+* \[[`c77f660b75`](https://github.com/nodejs/node/commit/c77f660b75)] - **tools**: fix `create-or-update-pull-request-action` hash on GHA (Antoine du Hamel) [#45166](https://github.com/nodejs/node/pull/45166)
+* \[[`58c30dd049`](https://github.com/nodejs/node/commit/58c30dd049)] - **tools**: update gr2m/create-or-update-pull-request-action (Luigi Pinca) [#45022](https://github.com/nodejs/node/pull/45022)
+* \[[`749a4b3e5e`](https://github.com/nodejs/node/commit/749a4b3e5e)] - **tools**: use Python 3.11 in GitHub Actions workflows (Luigi Pinca) [#45191](https://github.com/nodejs/node/pull/45191)
+* \[[`6f541d99a5`](https://github.com/nodejs/node/commit/6f541d99a5)] - **tools**: have test-asan use ubuntu-20.04 (Filip Skokan) [#45581](https://github.com/nodejs/node/pull/45581)
+* \[[`e7ed56f501`](https://github.com/nodejs/node/commit/e7ed56f501)] - **tools**: make license-builder.sh comply with shellcheck 0.8.0 (Rich Trott) [#41258](https://github.com/nodejs/node/pull/41258)
+* \[[`cc819b4bf8`](https://github.com/nodejs/node/commit/cc819b4bf8)] - **tools**: fix typo in `avoid-prototype-pollution` lint rule (Antoine du Hamel) [#44446](https://github.com/nodejs/node/pull/44446)
+* \[[`254358c81e`](https://github.com/nodejs/node/commit/254358c81e)] - **tools**: refactor `avoid-prototype-pollution` lint rule (Antoine du Hamel) [#43476](https://github.com/nodejs/node/pull/43476)
+* \[[`8c73279ebb`](https://github.com/nodejs/node/commit/8c73279ebb)] - **(SEMVER-MINOR)** **util**: add default value option to parsearg (Manuel Spigolon) [#44631](https://github.com/nodejs/node/pull/44631)
+
 <a id="16.18.1"></a>
 
 ## 2022-11-04, Version 16.18.1 'Gallium' (LTS), @BethGriggs

package/LICENSE

@@ -763,56 +763,129 @@ The externally maintained libraries used by Node.js are:
 
 - OpenSSL, located at deps/openssl, is licensed as follows:
   """
-    Copyright (c) 1998-2019 The OpenSSL Project.  All rights reserved.
-
-    Redistribution and use in source and binary forms, with or without
-    modification, are permitted provided that the following conditions
-    are met:
-
-    1. Redistributions of source code must retain the above copyright
-    notice, this list of conditions and the following disclaimer.
-
-    2. Redistributions in binary form must reproduce the above copyright
-    notice, this list of conditions and the following disclaimer in
-    the documentation and/or other materials provided with the
-    distribution.
-
-    3. All advertising materials mentioning features or use of this
-    software must display the following acknowledgment:
-    "This product includes software developed by the OpenSSL Project
-    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-
-    4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-    endorse or promote products derived from this software without
-    prior written permission. For written permission, please contact
-    openssl-core@openssl.org.
-
-    5. Products derived from this software may not be called "OpenSSL"
-    nor may "OpenSSL" appear in their names without prior written
-    permission of the OpenSSL Project.
-
-    6. Redistributions of any form whatsoever must retain the following
-    acknowledgment:
-    "This product includes software developed by the OpenSSL Project
-    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-
-    THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-    EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-    IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-    PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-    ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-    SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-    NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-    LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-    HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-    STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-    OF THE POSSIBILITY OF SUCH DAMAGE.
-    ====================================================================
-
-    This product includes cryptographic software written by Eric Young
-    (eay@cryptsoft.com).  This product includes software written by Tim
-    Hudson (tjh@cryptsoft.com).
+      LICENSE ISSUES
+      ==============
+
+      The OpenSSL toolkit stays under a double license, i.e. both the conditions of
+      the OpenSSL License and the original SSLeay license apply to the toolkit.
+      See below for the actual license texts.
+
+      OpenSSL License
+      ---------------
+
+    /* ====================================================================
+     * Copyright (c) 1998-2019 The OpenSSL Project.  All rights reserved.
+     *
+     * Redistribution and use in source and binary forms, with or without
+     * modification, are permitted provided that the following conditions
+     * are met:
+     *
+     * 1. Redistributions of source code must retain the above copyright
+     *    notice, this list of conditions and the following disclaimer.
+     *
+     * 2. Redistributions in binary form must reproduce the above copyright
+     *    notice, this list of conditions and the following disclaimer in
+     *    the documentation and/or other materials provided with the
+     *    distribution.
+     *
+     * 3. All advertising materials mentioning features or use of this
+     *    software must display the following acknowledgment:
+     *    "This product includes software developed by the OpenSSL Project
+     *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+     *
+     * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+     *    endorse or promote products derived from this software without
+     *    prior written permission. For written permission, please contact
+     *    openssl-core@openssl.org.
+     *
+     * 5. Products derived from this software may not be called "OpenSSL"
+     *    nor may "OpenSSL" appear in their names without prior written
+     *    permission of the OpenSSL Project.
+     *
+     * 6. Redistributions of any form whatsoever must retain the following
+     *    acknowledgment:
+     *    "This product includes software developed by the OpenSSL Project
+     *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+     *
+     * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+     * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+     * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+     * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+     * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+     * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+     * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+     * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+     * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+     * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+     * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+     * OF THE POSSIBILITY OF SUCH DAMAGE.
+     * ====================================================================
+     *
+     * This product includes cryptographic software written by Eric Young
+     * (eay@cryptsoft.com).  This product includes software written by Tim
+     * Hudson (tjh@cryptsoft.com).
+     *
+     */
+
+     Original SSLeay License
+     -----------------------
+
+    /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+     * All rights reserved.
+     *
+     * This package is an SSL implementation written
+     * by Eric Young (eay@cryptsoft.com).
+     * The implementation was written so as to conform with Netscapes SSL.
+     *
+     * This library is free for commercial and non-commercial use as long as
+     * the following conditions are aheared to.  The following conditions
+     * apply to all code found in this distribution, be it the RC4, RSA,
+     * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+     * included with this distribution is covered by the same copyright terms
+     * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+     *
+     * Copyright remains Eric Young's, and as such any Copyright notices in
+     * the code are not to be removed.
+     * If this package is used in a product, Eric Young should be given attribution
+     * as the author of the parts of the library used.
+     * This can be in the form of a textual message at program startup or
+     * in documentation (online or textual) provided with the package.
+     *
+     * Redistribution and use in source and binary forms, with or without
+     * modification, are permitted provided that the following conditions
+     * are met:
+     * 1. Redistributions of source code must retain the copyright
+     *    notice, this list of conditions and the following disclaimer.
+     * 2. Redistributions in binary form must reproduce the above copyright
+     *    notice, this list of conditions and the following disclaimer in the
+     *    documentation and/or other materials provided with the distribution.
+     * 3. All advertising materials mentioning features or use of this software
+     *    must display the following acknowledgement:
+     *    "This product includes cryptographic software written by
+     *     Eric Young (eay@cryptsoft.com)"
+     *    The word 'cryptographic' can be left out if the rouines from the library
+     *    being used are not cryptographic related :-).
+     * 4. If you include any Windows specific code (or a derivative thereof) from
+     *    the apps directory (application code) you must include an acknowledgement:
+     *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+     *
+     * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+     * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+     * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+     * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+     * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+     * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+     * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+     * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+     * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+     * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+     * SUCH DAMAGE.
+     *
+     * The licence and distribution terms for any publically available version or
+     * derivative of this code cannot be changed.  i.e. this code cannot simply be
+     * copied and put under another distribution licence
+     * [including the GNU Public Licence.]
+     */
   """
 
 - Punycode.js, located at lib/punycode.js, is licensed as follows:
@@ -1340,7 +1413,7 @@ The externally maintained libraries used by Node.js are:
 
 - ESLint, located at tools/node_modules/eslint, is licensed as follows:
   """
-    Copyright JS Foundation and other contributors, https://js.foundation
+    Copyright OpenJS Foundation and other contributors, <www.openjsf.org>
 
     Permission is hereby granted, free of charge, to any person obtaining a copy
     of this software and associated documentation files (the "Software"), to deal

package/include/node/common.gypi

@@ -29,6 +29,7 @@
     'error_on_warn%': 'false',
 
     'openssl_fips%': '',
+    'openssl_product': '<(STATIC_LIB_PREFIX)openssl<(STATIC_LIB_SUFFIX)',
     'openssl_no_asm%': 0,
 
     # Don't use ICU data file (icudtl.dat) from V8, we use our own.
@@ -36,7 +37,7 @@
 
     # Reset this number to 0 on major V8 upgrades.
     # Increment by one for each non-official patch applied to deps/v8.
-    'v8_embedder_string': '-node.22',
+    'v8_embedder_string': '-node.24',
 
     ##### V8 defaults for Node.js #####
 
@@ -101,11 +102,6 @@
         'obj_dir%': '<(PRODUCT_DIR)/obj.target',
         'v8_base': '<(PRODUCT_DIR)/obj.target/tools/v8_gypfiles/libv8_snapshot.a',
       }],
-      ['openssl_fips != ""', {
-        'openssl_product': '<(STATIC_LIB_PREFIX)openssl<(STATIC_LIB_SUFFIX)',
-      }, {
-        'openssl_product': '<(STATIC_LIB_PREFIX)openssl<(STATIC_LIB_SUFFIX)',
-      }],
       ['OS=="mac"', {
         'clang%': 1,
         'obj_dir%': '<(PRODUCT_DIR)/obj.target',

package/include/node/config.gypi

@@ -1,5 +1,5 @@
 # Do not edit. Generated by the configure script.
-{ 'target_defaults': {'cflags': ['-msign-return-address=all'], 'default_configuration': 'Release', 'defines': ['NODE_OPENSSL_CONF_NAME=nodejs_conf'], 'include_dirs': [], 'libraries': []},
+{ 'target_defaults': {'cflags': ['-msign-return-address=all'], 'default_configuration': 'Release', 'defines': ['NODE_OPENSSL_CONF_NAME=nodejs_conf', 'ICU_NO_USER_DATA_OVERRIDE'], 'include_dirs': [], 'libraries': []},
   'variables': { 'asan': 0,
                  'coverage': 'false',
                  'dcheck_always_on': 0,
@@ -222,8 +222,10 @@
                                          'lib/internal/per_context/primordials.js',
                                          'lib/internal/test_runner/harness.js',
                                          'lib/internal/test_runner/utils.js',
+                                         'lib/internal/test_runner/runner.js',
                                          'lib/internal/test_runner/test.js',
                                          'lib/internal/test_runner/tap_stream.js',
+                                         'lib/internal/watch_mode/files_watcher.js',
                                          'lib/internal/tls/secure-context.js',
                                          'lib/internal/tls/secure-pair.js',
                                          'lib/internal/tls/parse-cert-string.js',
@@ -241,6 +243,7 @@
                                          'lib/internal/main/mksnapshot.js',
                                          'lib/internal/main/print_help.js',
                                          'lib/internal/main/eval_stdin.js',
+                                         'lib/internal/main/watch_mode.js',
                                          'lib/internal/streams/writable.js',
                                          'lib/internal/streams/lazy_transform.js',
                                          'lib/internal/streams/duplexify.js',
@@ -267,6 +270,7 @@
                                          'lib/internal/util/inspect.js',
                                          'lib/internal/util/inspector.js',
                                          'lib/internal/util/types.js',
+                                         'lib/internal/util/colors.js',
                                          'lib/internal/util/parse_args/utils.js',
                                          'lib/internal/util/parse_args/parse_args.js',
                                          'lib/internal/perf/event_loop_delay.js',

package/include/node/js_native_api.h

@@ -401,6 +401,7 @@ NAPI_EXTERN napi_status NAPI_CDECL napi_create_arraybuffer(napi_env env,
                                                            size_t byte_length,
                                                            void** data,
                                                            napi_value* result);
+#ifndef NODE_API_NO_EXTERNAL_BUFFERS_ALLOWED
 NAPI_EXTERN napi_status NAPI_CDECL
 napi_create_external_arraybuffer(napi_env env,
                                  void* external_data,
@@ -408,6 +409,7 @@ napi_create_external_arraybuffer(napi_env env,
                                  napi_finalize finalize_cb,
                                  void* finalize_hint,
                                  napi_value* result);
+#endif  // NODE_API_NO_EXTERNAL_BUFFERS_ALLOWED
 NAPI_EXTERN napi_status NAPI_CDECL napi_get_arraybuffer_info(
     napi_env env, napi_value arraybuffer, void** data, size_t* byte_length);
 NAPI_EXTERN napi_status NAPI_CDECL napi_is_typedarray(napi_env env,

package/include/node/js_native_api_types.h

@@ -98,7 +98,8 @@ typedef enum {
   napi_date_expected,
   napi_arraybuffer_expected,
   napi_detachable_arraybuffer_expected,
-  napi_would_deadlock  // unused
+  napi_would_deadlock,  // unused
+  napi_no_external_buffers_allowed
 } napi_status;
 // Note: when adding a new enum value to `napi_status`, please also update
 //   * `const int last_status` in the definition of `napi_get_last_error_info()'

package/include/node/node_api.h

@@ -3,7 +3,7 @@
 
 #ifdef BUILDING_NODE_EXTENSION
 #ifdef _WIN32
-// Building native module against node
+// Building native addon against node
 #define NAPI_EXTERN __declspec(dllimport)
 #elif defined(__wasm32__)
 #define NAPI_EXTERN __attribute__((__import_module__("napi")))
@@ -153,6 +153,7 @@ NAPI_EXTERN napi_status NAPI_CDECL napi_create_buffer(napi_env env,
                                                       size_t length,
                                                       void** data,
                                                       napi_value* result);
+#ifndef NODE_API_NO_EXTERNAL_BUFFERS_ALLOWED
 NAPI_EXTERN napi_status NAPI_CDECL
 napi_create_external_buffer(napi_env env,
                             size_t length,
@@ -160,6 +161,7 @@ napi_create_external_buffer(napi_env env,
                             napi_finalize finalize_cb,
                             void* finalize_hint,
                             napi_value* result);
+#endif  // NODE_API_NO_EXTERNAL_BUFFERS_ALLOWED
 NAPI_EXTERN napi_status NAPI_CDECL napi_create_buffer_copy(napi_env env,
                                                            size_t length,
                                                            const void* data,

package/include/node/node_version.h

@@ -23,7 +23,7 @@
 #define SRC_NODE_VERSION_H_
 
 #define NODE_MAJOR_VERSION 16
-#define NODE_MINOR_VERSION 18
+#define NODE_MINOR_VERSION 19
 #define NODE_PATCH_VERSION 1
 
 #define NODE_VERSION_IS_LTS 1

package/include/node/openssl/archs/BSD-x86/asm/crypto/buildinf.h

@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86"
-#define DATE "built on: Tue Jul  5 15:02:24 2022 UTC"
+#define DATE "built on: Wed Feb  8 13:03:07 2023 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a

package/include/node/openssl/archs/BSD-x86/asm/include/progs.h

@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy

package/include/node/openssl/archs/BSD-x86/asm_avx2/crypto/buildinf.h

@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86"
-#define DATE "built on: Tue Jul  5 15:02:26 2022 UTC"
+#define DATE "built on: Wed Feb  8 13:03:09 2023 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a

package/include/node/openssl/archs/BSD-x86/asm_avx2/include/progs.h

@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy

package/include/node/openssl/archs/BSD-x86/no-asm/crypto/buildinf.h

@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86"
-#define DATE "built on: Tue Jul  5 15:02:28 2022 UTC"
+#define DATE "built on: Wed Feb  8 13:03:10 2023 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a

package/include/node/openssl/archs/BSD-x86/no-asm/include/progs.h

@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy

package/include/node/openssl/archs/BSD-x86_64/asm/crypto/buildinf.h

@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86_64"
-#define DATE "built on: Tue Jul  5 15:02:29 2022 UTC"
+#define DATE "built on: Wed Feb  8 13:03:12 2023 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a

package/include/node/openssl/archs/BSD-x86_64/asm/include/progs.h

@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy

package/include/node/openssl/archs/BSD-x86_64/asm_avx2/crypto/buildinf.h

@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86_64"
-#define DATE "built on: Tue Jul  5 15:02:34 2022 UTC"
+#define DATE "built on: Wed Feb  8 13:03:16 2023 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a

package/include/node/openssl/archs/BSD-x86_64/asm_avx2/include/progs.h

@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy

package/include/node/openssl/archs/BSD-x86_64/no-asm/crypto/buildinf.h

@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86_64"
-#define DATE "built on: Tue Jul  5 15:02:38 2022 UTC"
+#define DATE "built on: Wed Feb  8 13:03:20 2023 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a

package/include/node/openssl/archs/BSD-x86_64/no-asm/include/progs.h

@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy