Update Node.js to v20.16.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
node	stage	minor	20.15.1-alpine -> 20.16.0-alpine

---

Release Notes

nodejs/node (node)

v20.16.0: 2024-07-24, Version 20.16.0 'Iron' (LTS), @​marco-ippolito

Compare Source

process: add process.getBuiltinModule(id)

process.getBuiltinModule(id) provides a way to load built-in modules
in a globally available function. ES Modules that need to support
other environments can use it to conditionally load a Node.js built-in
when it is run in Node.js, without having to deal with the resolution
error that can be thrown by import in a non-Node.js environment or
having to use dynamic import() which either turns the module into
an asynchronous module, or turns a synchronous API into an asynchronous one.

if (globalThis.process?.getBuiltinModule) {
  // Run in Node.js, use the Node.js fs module.
  const fs = globalThis.process.getBuiltinModule('fs');
  // If `require()` is needed to load user-modules, use createRequire()
  const module = globalThis.process.getBuiltinModule('module');
  const require = module.createRequire(import.meta.url);
  const foo = require('foo');
}

If id specifies a built-in module available in the current Node.js process,
process.getBuiltinModule(id) method returns the corresponding built-in
module. If id does not correspond to any built-in module, undefined
is returned.

process.getBuiltinModule(id) accepts built-in module IDs that are recognized
by module.isBuiltin(id).

The references returned by process.getBuiltinModule(id) always point to
the built-in module corresponding to id even if users modify
require.cache so that require(id) returns something else.

Contributed by Joyee Cheung in #​52762

doc: doc-only deprecate OpenSSL engine-based APIs

OpenSSL 3 deprecated support for custom engines with a recommendation to switch to its new provider model.
The clientCertEngine option for https.request(), tls.createSecureContext(), and tls.createServer(); the privateKeyEngine and privateKeyIdentifier for tls.createSecureContext(); and crypto.setEngine() all depend on this functionality from OpenSSL.

Contributed by Richard Lau in #​53329

inspector: fix disable async hooks on Debugger.setAsyncCallStackDepth

Debugger.setAsyncCallStackDepth was previously calling the enable function by mistake. As a result, when profiling using Chrome DevTools, the async hooks won't be turned off properly after receiving Debugger.setAsyncCallStackDepth with depth 0.

Contributed by Joyee Cheung in #​53473

Other Notable Changes

• [09e2191432] - (SEMVER-MINOR) buffer: add .bytes() method to Blob (Matthew Aitken) #​53221
• [394e00f41c] - (SEMVER-MINOR) doc: add context.assert docs (Colin Ihrig) #​53169
• [a8601efa5e] - (SEMVER-MINOR) doc: improve explanation about built-in modules (Joyee Cheung) #​52762
• [5e76c258f7] - doc: add StefanStojanovic to collaborators (StefanStojanovic) #​53118
• [5e694026f1] - doc: add Marco Ippolito to TSC (Rafael Gonzaga) #​53008
• [f3ba1eb72f] - (SEMVER-MINOR) net: add new net.server.listen tracing channel (Paolo Insogna) #​53136
• [2bcce3255b] - (SEMVER-MINOR) src,permission: --allow-wasi & prevent WASI exec (Rafael Gonzaga) #​53124
• [a03a4c7bdd] - (SEMVER-MINOR) test_runner: add context.fullName (Colin Ihrig) #​53169
• [69b828f5a5] - (SEMVER-MINOR) util: support --no- for argument with boolean type for parseArgs (Zhenwei Jin) #​53107

Commits

• [76fd0ea92e] - assert,util: correct comparison when both contain same reference (Daniel Lemire) #​53431
• [65308b6692] - benchmark: fix api restriction for the permission category (Ryan Tsien) #​51528
• [1e2bc2c2d0] - benchmark: fix napi/ref addon (Michaël Zasso) #​53233
• [09e2191432] - (SEMVER-MINOR) buffer: add .bytes() method to Blob (Matthew Aitken) #​53221
• [e1951a4804] - build: fix spacing before NINJA_ARGS (jakecastelli) #​53181
• [76f3bb3460] - build: generate binlog in out directories (Chengzhong Wu) #​53325
• [eded0c187b] - build: support python 3.13 (Chengzhong Wu) #​53190
• [1e57c67fdb] - build: update ruff to v0.4.5 (Yagiz Nizipli) #​53180
• [28e71ede63] - build: add --skip-tests to test-ci-js target (Antoine du Hamel) #​53105
• [bb06778a65] - build: fix building embedtest in GN build (Cheng) #​53145
• [117ff5f139] - build: use broader detection for 'help' (Aviv Keller) #​53045
• [9aa896e7f5] - build: fix -j propagation to ninja (Tobias Nießen) #​53088
• [acdbc78955] - build: exit on unsupported host OS for Android (Mohammed Keyvanzadeh) #​52882
• [bf3d94478e] - build: fix --enable-d8 builds (Richard Lau) #​53106
• [99da7d7237] - build: set "clang" in config.gypi in GN build (Cheng) #​53004
• [9446278f03] - crypto: improve GetECGroupBits signature (Tobias Nießen) #​53364
• [dc2a4af68d] - crypto: fix propagation of "memory limit exceeded" (Tobias Nießen) #​53300
• [c5174f5e60] - deps: update c-ares to v1.31.0 (Node.js GitHub Bot) #​53554
• [28e932dc7a] - deps: update undici to 6.19.2 (Node.js GitHub Bot) #​53468
• [e4f9c663c4] - deps: update undici to 6.19.1 (Node.js GitHub Bot) #​53468
• [171dc50fdc] - deps: update undici to 6.19.1 (Node.js GitHub Bot) #​53468
• [6bb6a9100d] - deps: update undici to 6.19.0 (Node.js GitHub Bot) #​53468
• [815d71b4cd] - deps: update acorn-walk to 8.3.3 (Node.js GitHub Bot) #​53466
• [8b5f1d765a] - deps: update zlib to 1.3.0.1-motley-209717d (Node.js GitHub Bot) #​53156
• [fc73da6f50] - deps: update c-ares to v1.30.0 (Node.js GitHub Bot) #​53416
• [a6b803abd6] - deps: update undici to 6.18.2 (Node.js GitHub Bot) #​53255
• [0f235535bb] - deps: update ada to 2.8.0 (Node.js GitHub Bot) #​53254
• [63407269a8] - deps: update corepack to 0.28.2 (Node.js GitHub Bot) #​53253
• [7a126e8773] - deps: update c-ares to 1.29.0 (Node.js GitHub Bot) #​53155
• [0c8fcceefa] - deps: upgrade npm to 10.8.1 (npm team) #​53207
• [23866979f2] - deps: update undici to 6.18.1 (Node.js GitHub Bot) #​53073
• [4987a00142] - deps: update undici to 6.18.0 (Node.js GitHub Bot) #​53073
• [af226d0d9c] - deps: update undici to 6.17.0 (Node.js GitHub Bot) #​53034
• [c9c6bf8bfb] - deps: update undici to 6.16.1 (Node.js GitHub Bot) #​52948
• [b32b62d590] - deps: update undici to 6.15.0 (Matthew Aitken) #​52763
• [6e6641bea2] - deps: update googletest to 33af80a (Node.js GitHub Bot) #​53053
• [aa96fbe03e] - deps: update zlib to 1.3.0.1-motley-4f653ff (Node.js GitHub Bot) #​53052
• [ba3310ded5] - deps: upgrade npm to 10.8.0 (npm team) #​53014
• [8537a2aecf] - doc: recommend not using libuv node-api function (Michael Dawson) #​53521
• [c13600f0db] - doc: add additional guidance for PRs to deps (Michael Dawson) #​53499
• [7c3edd952e] - doc: only apply content-visibility on all.html (Filip Skokan) #​53510
• [ac5be14ed8] - doc: update the description of the return type for options.filter (Zhenwei Jin) #​52742
• [cac300e351] - doc: remove first timer badge (Aviv Keller) #​53338
• [feb61459fd] - doc: add Buffer.from(string) to functions that use buffer pool (Christian Bates-White) #​52801
• [9e0a6e938b] - doc: add initial text for ambassadors program (Michael Dawson) #​52857
• [55ac53cb0b] - doc: define more cases for stream event emissions (Aviv Keller) #​53317
• [7128e0f9c9] - doc: remove mentions of policy model from security info (Aviv Keller) #​53249
• [3e290433df] - doc: fix mistakes in the module load hook api (István Donkó) #​53349
• [3445c08144] - doc: doc-only deprecate OpenSSL engine-based APIs (Richard Lau) #​53329
• [a3e8cda019] - doc: mark --heap-prof and related flags stable (Joyee Cheung) #​53343
• [0b9daaae4d] - doc: mark --cpu-prof and related flags stable (Joyee Cheung) #​53343
• [daf91834f6] - doc: remove IRC from man page (Tobias Nießen) #​53344
• [4246c8fa31] - doc: fix broken link in static-analysis.md (Richard Lau) #​53345
• [955b98a0e4] - doc: remove cases for keys not containing "*" in PATTERN_KEY_COMPARE (Maarten Zuidhoorn) #​53215
• [7832b1815f] - doc: add err param to fs.cp callback (Feng Yu) #​53234
• [01533df87f] - doc: add err param to fs.copyFile callback (Feng Yu) #​53234
• [b081bc7d5e] - doc: reserve 128 for Electron 32 (Keeley Hammond) #​53203
• [6b8460b560] - doc: add note to ninjia build for macOS using -jn flag (jakecastelli) #​53187
• [394e00f41c] - (SEMVER-MINOR) doc: add context.assert docs (Colin Ihrig) #​53169
• [c143d61d0e] - doc: include ESM import for HTTP (Aviv Keller) #​53165
• [a8601efa5e] - (SEMVER-MINOR) doc: improve explanation about built-in modules (Joyee Cheung) #​52762
• [560392de3d] - doc: fix minor grammar and style issues in SECURITY.md (Rich Trott) #​53168
• [9f8e34323d] - doc: mention pm is not enforced when using fd (Rafael Gonzaga) #​53125
• [3ac775b015] - doc: fix format in esm.md (Pop Moore) #​53170
• [41b08bdcf7] - doc: fix wrong variable name in example of timers.tick() (Deokjin Kim) #​53147
• [698ea7aa5a] - doc: fix wrong function name in example of context.plan() (Deokjin Kim) #​53140
• [a99359d79d] - doc: add note for windows users and symlinks (Aviv Keller) #​53117
• [61ec2af292] - doc: move all TLS-PSK documentation to its section (Alba Mendez) #​35717
• [5e76c258f7] - doc: add StefanStojanovic to collaborators (StefanStojanovic) #​53118
• [1dc406ba62] - doc: improve ninja build for --built-in-modules-path (jakecastelli) #​53007
• [2854585662] - doc: avoid hiding by navigation bar in anchor jumping (Cloyd Lau) #​45131
• [3f432f829f] - doc: remove unavailable youtube link in pull requests (Deokjin Kim) #​52982
• [5e694026f1] - doc: add Marco Ippolito to TSC (Rafael Gonzaga) #​53008
• [231e44043e] - doc: add missing supported timer values in timers.enable() (Deokjin Kim) #​52969
• [b8944f6938] - doc, http: add rejectNonStandardBodyWrites option, clear its behaviour (jakecastelli) #​53396
• [0354584738] - doc, meta: organize contributing to Node-API guide (Aviv Keller) #​53243
• [9ae3719c4e] - doc, meta: use markdown rather than HTML in CONTRIBUTING.md (Aviv Keller) #​53235
• [621e073c96] - fs: do not crash if the watched file is removed while setting up watch (Matteo Collina) #​53452
• [f00ee1c377] - fs: fix cp dir/non-dir mismatch error messages (Mathis Wiehl) #​53150
• [655b960418] - http2: reject failed http2.connect when used with promisify (ehsankhfr) #​53475
• [eb0b68bb29] - inspector: fix disable async hooks on Debugger.setAsyncCallStackDepth (Joyee Cheung) #​53473
• [1c0b89be4c] - lib: fix typo in comment (codediverdev) #​53543
• [55922d9cb0] - lib: remove the unused code (theanarkh) #​53463
• [06374ef96b] - lib: fix naming convention of Symbol (Deokjin Kim) #​53387
• [d1a780039a] - lib: fix timer leak (theanarkh) #​53337
• [8689ce4b41] - lib: fix misleading argument of validateUint32 (Tobias Nießen) #​53307
• [57d7bbf624] - lib: fix the name of the fetch global function (Gabriel Bota) #​53227
• [23f086c363] - lib: do not call callback if socket is closed (theanarkh) #​52829
• [f325c54c80] - meta: use correct source for workflow in PR (Aviv Keller) #​53490
• [8172412dbe] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #​53480
• [01b61d65d3] - meta: fix typo in dependency updates (Aviv Keller) #​53471
• [12f5737cd3] - meta: bump step-security/harden-runner from 2.7.1 to 2.8.0 (dependabot[bot]) #​53245
• [102e4eee3c] - meta: bump ossf/scorecard-action from 2.3.1 to 2.3.3 (dependabot[bot]) #​53248
• [5ba185580d] - meta: bump actions/checkout from 4.1.4 to 4.1.6 (dependabot[bot]) #​53247
• [9d186cce2b] - meta: bump github/codeql-action from 3.25.3 to 3.25.7 (dependabot[bot]) #​53246
• [29ab74009e] - meta: bump codecov/codecov-action from 4.3.1 to 4.4.1 (dependabot[bot]) #​53244
• [bd4b593f30] - meta: remove initializeCommand from devcontainer (Aviv Keller) #​53137
• [61b1f573cf] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #​53065
• [f3ba1eb72f] - (SEMVER-MINOR) net: add new net.server.listen tracing channel (Paolo Insogna) #​53136
• [67333a5796] - (SEMVER-MINOR) process: add process.getBuiltinModule(id) (Joyee Cheung) #​52762
• [092aa09eb3] - repl: fix await object patterns without values (Luke Haas) #​53331
• [554d25f526] - src: reset process.versions during pre-execution (Richard Lau) #​53444
• [a0879ad628] - src: fix dynamically linked OpenSSL version (Richard Lau) #​53456
• [91c05f34de] - src: remove SetEncoding from StringEncoder (Yagiz Nizipli) #​53441
• [4f49384be5] - src: fix typo in env.cc (EhsanKhaki) #​53418
• [9730d1e186] - src: avoid strcmp in favor of operator== (Tobias Nießen) #​53439
• [436ad8ceb9] - src: print v8::OOMDetails::detail when it's available (Joyee Cheung) #​53360
• [f773b289eb] - src: fix IsIPAddress for IPv6 (Hüseyin Açacak) #​53400
• [7705efd860] - src: fix permission inspector crash (theanarkh) #​53389
• [260d8d9ae1] - src: use __FUNCSIG__ on Windows in backtrace (Joyee Cheung) #​53135
• [3b79e9c24e] - src: fix external module env and kDisableNodeOptionsEnv (Rafael Gonzaga) #​52905
• [32839c63cb] - src: reduce unnecessary GetCwd calls (Yagiz Nizipli) #​53064
• [840dd092ce] - src: improve node::Dotenv declarations (Tobias Nießen) #​52973
• [2bcce3255b] - (SEMVER-MINOR) src,permission: --allow-wasi & prevent WASI exec (Rafael Gonzaga) #​53124
• [e092c62a22] - stream: update outdated highwatermark doc (Jay Kim) #​53494
• [71af3e8172] - stream: support dispose in writable (Benjamin Gruenbaum) #​48547
• [33a15be32f] - stream: callback should be called when pendingcb is 0 (jakecastelli) #​53438
• [1b46ebbf69] - stream: make sure _destroy is called (jakecastelli) #​53213
• [9f95d41947] - stream: prevent stream unexpected pause when highWaterMark set to 0 (jakecastelli) #​53261
• [d02651c9d6] - stream: micro-optimize writable condition (Orgad Shaneh) #​53189
• [324070c410] - stream: fix memory usage regression in writable (Orgad Shaneh) #​53188
• [48138afd35] - stream: fixes for webstreams (Mattias Buelens) #​51168
• [24f078a22b] - test: mark test-benchmark-crypto as flaky (Antoine du Hamel) #​52955
• [0d69ce3474] - test: extend env for test-node-output-errors (Richard Lau) #​53535
• [1aaaad8518] - test: update encoding web-platform tests (Yagiz Nizipli) #​53477
• [54e0ba8771] - test: check against run-time OpenSSL version (Richard Lau) #​53456
• [059e47c320] - test: update tests for OpenSSL 3.0.14 (Richard Lau) #​53373
• [49e6f33021] - test: fix test-http-server-keepalive-req-gc (Etienne Pierre-doray) #​53292
• [292d13a289] - test: update TLS tests for OpenSSL 3.2 (Richard Lau) #​53384
• [82017c90bb] - test: fix test when compiled without engine support (Richard Lau) #​53232
• [a54090b385] - test: update TLS trace tests for OpenSSL >= 3.2 (Richard Lau) #​53229
• [3a1693421d] - test: fix Windows native test suites (Stefan Stojanovic) #​53173
• [2b07d01272] - test: skip test-setproctitle when ps is not available (Antoine du Hamel) #​53104
• [0051d1c83d] - test: increase allocation so it fails for the test (Adam Majer) #​53099
• [048cbe3304] - test: remove timers from test-tls-socket-close (Luigi Pinca) #​53019
• [8653d9223e] - test: replace .substr with .slice (Antoine du Hamel) #​53070
• [d74bda4241] - test: add AbortController to knownGlobals (Luigi Pinca) #​53020
• [f29e1e9838] - test: skip unstable shadow realm gc tests (Chengzhong Wu) #​52855
• [dfa498697e] - test,doc: enable running embedtest for Windows (Vladimir Morozov) #​52646
• [0381817f1d] - test_runner: calculate executed lines using source map (Moshe Atlow) #​53315
• [9d3699b5b0] - test_runner: handle file rename and deletion under watch mode (jakecastelli) #​53114
• [9a36258ca0] - test_runner: refactor to use min/max of validateInteger (Deokjin Kim) #​53148
• [a03a4c7bdd] - (SEMVER-MINOR) test_runner: add context.fullName (Colin Ihrig) #​53169
• [a72157077a] - test_runner: fix t.assert methods (Colin Ihrig) #​53049
• [ba764db9ab] - test_runner: avoid error when coverage line not found (Moshe Atlow) #​53000
• [3a4a0ebd06] - test_runner,doc: align documentation with actual stdout/stderr behavior (Moshe Atlow) #​53131
• [6e6646bdd5] - tls: check result of SSL_CTX_set_*_proto_version (Tobias Nießen) #​53459
• [2aceed4297] - tls: avoid taking ownership of OpenSSL objects (Tobias Nießen) #​53436
• [faa5cac18c] - tls: use SSL_get_peer_tmp_key (Tobias Nießen) #​53366
• [68fcbb635e] - tls: fix negative sessionTimeout handling (Tobias Nießen) #​53002
• [61a1c43ef1] - tools: fix skip detection of test runner output (Richard Lau) #​53545
• [53a7b6e1c0] - tools: fix c-ares update script (Marco Ippolito) #​53414
• [3bd5f46a15] - tools: update lint-md-dependencies (Node.js GitHub Bot) #​53158
• [daab9e170f] - tools: do not run Corepack code before it's reviewed (Antoine du Hamel) #​53405
• [d18a67f937] - tools: use Ubuntu 24.04 and Clang on GitHub actions (Michaël Zasso) #​53212
• [e9b7a52848] - tools: add stream label on PR when related files being changed in lib (jakecastelli) #​53269
• [04d78dd56d] - tools: remove no-goma arg from make-v8 script (Michaël Zasso) #​53336
• [37e725a500] - tools: use sccache Github action (Moshe Atlow) #​53316
• [2a1fde7e32] - tools: update error message for Type Error (Aviv Keller) #​53047
• [8f5fb4192d] - Revert "tools: add --certify-safe to nci-ci" (Antoine du Hamel) #​53098
• [69b828f5a5] - (SEMVER-MINOR) util: support --no- for argument with boolean type for parseArgs (Zhenwei Jin) #​53107
• [1a2f3ab4f5] - watch: fix variable naming (jakecastelli) #​53101

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.