Skip to content

Commit 4bc7d2b

Browse files
ECG Bottmeijn
ECG Bot
authored and
tmeijn
committed
build(deps): update node to v25.3.0
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [node](https://nodejs.org) ([source](https://github.com/nodejs/node)) | minor | `25.2.1` → `25.3.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v25.3.0`](https://github.com/nodejs/node/releases/tag/v25.3.0): 2026-01-13, Version 25.3.0 (Current), @&#8203;RafaelGSS [Compare Source](nodejs/node@v25.2.1...v25.3.0) This is a security release. ##### Notable Changes lib: - (CVE-2025-59465) add TLSSocket default error handler (RafaelGSS) [nodejs-private/node-private#750](https://github.com/nodejs-private/node-private/pull/750) permission: - (CVE-2026-21636) add network check on pipe\_wrap connect (RafaelGSS) [nodejs-private/node-private#784](https://github.com/nodejs-private/node-private/pull/784) - (CVE-2025-55130) require full read and write to symlink APIs (RafaelGSS) [nodejs-private/node-private#760](https://github.com/nodejs-private/node-private/pull/760) - (CVE-2025-55132) disable futimes when permission model is enabled (RafaelGSS) [nodejs-private/node-private#748](https://github.com/nodejs-private/node-private/pull/748) src: - (CVE-2025-59466) rethrow stack overflow exceptions in async\_hooks (Matteo Collina) [nodejs-private/node-private#773](https://github.com/nodejs-private/node-private/pull/773) src,lib: - (CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) [nodejs-private/node-private#759](https://github.com/nodejs-private/node-private/pull/759) tls: - (CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) [nodejs-private/node-private#790](https://github.com/nodejs-private/node-private/pull/790) ##### Commits - \[[`a6a74b89a7`](nodejs/node@a6a74b89a7)] - **deps**: update c-ares to v1.34.6 (Node.js GitHub Bot) [#&#8203;60997](nodejs/node#60997) - \[[`5100614e26`](nodejs/node@5100614e26)] - **deps**: update undici to 7.18.2 (Node.js GitHub Bot) [#&#8203;61283](nodejs/node#61283) - \[[`f0a8916887`](nodejs/node@f0a8916887)] - **(CVE-2025-59465)** **lib**: add TLSSocket default error handler (RafaelGSS) [nodejs-private/node-private#750](https://github.com/nodejs-private/node-private/pull/750) - \[[`b4b887c5f7`](nodejs/node@b4b887c5f7)] - **(CVE-2025-55132)** **lib**: disable futimes when permission model is enabled (RafaelGSS) [nodejs-private/node-private#748](https://github.com/nodejs-private/node-private/pull/748) - \[[`26be208039`](nodejs/node@26be208039)] - **(CVE-2025-55130)** **lib,permission**: require full read and write to symlink APIs (RafaelGSS) [nodejs-private/node-private#760](https://github.com/nodejs-private/node-private/pull/760) - \[[`bdf5873d44`](nodejs/node@bdf5873d44)] - **(CVE-2026-21636)** **permission**: add network check on pipe\_wrap connect (RafaelGSS) [nodejs-private/node-private#784](https://github.com/nodejs-private/node-private/pull/784) - \[[`0578e3e921`](nodejs/node@0578e3e921)] - **(CVE-2025-59466)** **src**: rethrow stack overflow exceptions in async\_hooks (Matteo Collina) [nodejs-private/node-private#773](https://github.com/nodejs-private/node-private/pull/773) - \[[`4d6b55a6d1`](nodejs/node@4d6b55a6d1)] - **(CVE-2025-55131)** **src,lib**: refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) [nodejs-private/node-private#759](https://github.com/nodejs-private/node-private/pull/759) - \[[`c357a39e14`](nodejs/node@c357a39e14)] - **(CVE-2026-21637)** **tls**: route callback exceptions through error handlers (Matteo Collina) [nodejs-private/node-private#790](https://github.com/nodejs-private/node-private/pull/790) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi44MC4xIiwidXBkYXRlZEluVmVyIjoiNDIuODAuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiUmVub3ZhdGUgQm90IiwiYXV0b21hdGlvbjpib3QtYXV0aG9yZWQiLCJkZXBlbmRlbmN5LXR5cGU6Om1pbm9yIl19-->
1 parent cc07513 commit 4bc7d2b

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

chezmoi/dot_config/mise/config.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ glab = "1.80.4"
55
go = "1.25.5"
66
hcloud = "1.59.0"
77
hk = "1.29.0"
8-
node = "25.2.1"
8+
node = "25.3.0"
99
pkl = "0.30.2"
1010
python = "3.14.2"
1111
pre-commit = "4.5.1"

0 commit comments

Comments
 (0)