9 hours ago
rustfs

1.0.0-beta.9

What's Changed

RustFS 1.0.0-beta.9 focuses on hardening the storage engine, S3 compatibility, table catalog support, runtime observability, security posture, and CI/release reliability. This summary condenses the full beta.8...beta.9 change set while preserving the contributor credits below.

Storage, ECStore, and GET Path

  • Hardened ECStore object reads/writes, listings, metadata updates, delete rollback, heal cleanup, and crash-consistency boundaries across degraded, multipart, and directory-marker cases.
  • Improved large-object and GET-path behavior with codec-streaming rollout controls, bitrot path cleanup, short-body/truncation detection, pooled shard reuse, hedged slow shard reads, fewer setup fanouts, and safer legacy fallback handling.
  • Added and refined io_uring read support behind runtime probes/rollout gates, including per-disk probe cache, degradation latch, O_DIRECT preservation, fd cache invariants, page-cache reclaim, and rustfs-uring updates.
  • Tightened object data cache correctness: write-unique keys, invalidation/fill race fixes, bounded memory admission, clear/drain stability, admin visibility, benchmarks, and Grafana coverage.
  • Improved capacity accounting and filesystem probing, including symlinked scan roots, safe env defaults, Linux filesystem magic mapping, and drive stall budgets for walks.

S3, Replication, Lifecycle, and Admin

  • Improved S3 API compatibility with flexible multipart checksums, content disposition on GET, native additional checksum support, virtual-hosted-style 501 guidance, stronger SigV4 negative coverage, and AWS-aligned object-lock overwrite tests.
  • Hardened replication and site-replication flows: bidirectional sync/backfill, MRF persistence, target refresh after peer edits, multipart fanout integrity, loopback coverage, version deletion convergence, service account sync, custom TLS peers, and outbound checksum consistency.
  • Made lifecycle/tiering recovery safer with recoverable tier cleanup, persisted remote-tier delete journal tasks, expire/GET race coverage, lifecycle debug acceleration for tests, and gated s3-tests lifecycle lanes.
  • Strengthened admin behavior for auth, server info, metrics auth, account info quotas, datausage live refresh, heal runtime state, site-replication import notifications, and external OIDC redirects.

Security and Correctness

  • Added or reinforced authorization and input-safety fixes across remote target listing, FTP handlers, metrics, admin auth, service-account deletion, JSON ingress, signed headers, SSE-C nonce persistence, local SSE-S3 fallback, KMS local key storage, outbound egress guards, Docker credential handling, log cleaner symlink safety, and GHSA regression tests.
  • Fixed correctness issues around incomplete object streams, DARE truncation, peer-health counting, storage error mapping, CommonPrefix merging, metadata early-stop quorum, rollback warnings, and background task cancellation.
  • Added adversarial validation policy/playbooks and removed agent-generated planning docs from version control.

Table Catalog and Iceberg

  • Expanded S3 Tables/Iceberg support with REST commit compatibility, exists endpoints, scoped credentials, data-plane policy bridge, protected ref metadata, production surfaces, refs/views semantics, external catalog sync, backing migration contracts, vendor compatibility profiles, maintenance workers, reachability cleanup, row-level conflict hardening, PyIceberg live smoke coverage, and conformance evidence.

Runtime, Config, Extensions, and Observability

  • Continued the InstanceContext/AppContext migration across startup, storage, IAM, admin, ECStore, runtime services, bucket metadata, embedded servers, per-server contexts, and optional runtime boundaries.
  • Added runtime capability, workload admission, memory/allocator/metrics controller status, extension/ops-profiler schemas, plugin/sidecar policy gates, and embedded multi-server support.
  • Reduced logging and telemetry noise while improving request IDs, redaction, OTLP/local output consistency, dial9 opt-in telemetry, runtime event governance, API boundary events, retention/durability, and warning rate limits.
  • Added NATS JetStream publish support for notify/audit targets, SFTP macOS/Windows support and docs, Helm multi-pool capacity expansion, and Docker/cluster startup hardening.

Performance

  • Improved PUT, GET, EC decode, multipart sync, object cache, metrics, report collection, and large-object first-byte latency paths.
  • Removed avoidable hot-path work such as repeated env reads, unnecessary metric-handle lookup, per-emission allocations, percentile sorting on per-IO paths, extra shard zeroing/copying, and blocking filesystem work in async paths.

Testing, CI, and Release

  • Expanded e2e, property, fuzz, table-catalog, lifecycle, replication, admin-auth, cache, ECStore, filemeta, parser, erasure, path-validator, and MinIO/SSE interop coverage.
  • Stabilized nextest profiles, quarantine policy, migration-critical count guards, e2e smoke lanes, weekly s3tests, Mint and perf pipelines, scheduled CI alerts, cargo-deny supply-chain checks, SBOM/provenance assets, release image scans, secret-scanning exclusions, and stable Rust toolchain usage.
  • Updated docs for scanner/runtime controls, SFTP operations, object data cache boundaries, testing pyramid, e2e contributor workflow, security advisory lessons, Makefile/CONTRIBUTING verification gates, and Podman instructions.

Notable External Contributions

  • Site replication fixes and replication startup behavior by @abdullahnah92.
  • SFTP platform support and NATS JetStream target support by @simon-escapecode.
  • Table catalog/IAM/metadata compatibility work by @GatewayJ.
  • ECStore, lifecycle, logging, replication, and admin fixes by @cxymds, @reatang, @RamakrishnaChilaka, and @majinghe.
  • Docs, CLI, Helm, and observability fixes from @w4hf, @Tirka, @Rohmilchkaese, @Littlew0od, and others.

Scale of This Release

  • 1,200+ merged PR entries condensed into this summary.
  • Largest areas: ECStore/storage, replication, table catalog, observability, runtime context migration, security hardening, and CI/test reliability.

New Contributors

Full Changelog: https://github.com/rustfs/rustfs/compare/1.0.0-beta.8...1.0.0-beta.9

1 days ago
nacos

2.5.3 (Jul 14th, 2026)

Nacos 2.5.3 is mainly a bugfix, security, and experience-improvement release for the 2.x series.

This release focuses on:

  • Compatible security dependency upgrades for the v2.x JDK 8 baseline.
  • Client stability and logging improvements.
  • Config namespace isolation fixes.
  • Server-side request validation improvements.

It also keeps incompatible major dependency lines out of v2.x, such as Spring Boot 3, Spring Framework 6, and other JDK 17+ only upgrades.


Detailed changes in this release:

Feature

No major feature changes.

Enhancement/Refactor

[#12323] Improve Logback packagingData behavior by making it configurable through nacos.logback.packagingData with default false, and upgrade the external Logback adapter to 1.1.5.

BugFix

[#13940] Fix continuous class unloading during Nacos Client Log4j2 configuration reload by using safe Log4j2 initialization.

[#14423] Fix missing exceptions when form parameters exceed the configured Tomcat request size limit.

[#15437] Fix client shutdown thread leaks and executor creation race conditions in ConfigRpcTransportClient and related client components.

[#15497] Fix Config namespace isolation for ID-based export, batch delete, and clone operations, and enforce source namespace read permission for clone requests.

Dependencies

[#13998][#14859] Upgrade embedded Tomcat to 9.0.118 to address known Tomcat CVEs.

[#15025][#15451] Upgrade compatible v2.x dependencies, including Jackson to 2.18.9, gRPC Java to 1.75.0, and Spring Security to 5.8.16, while preserving the JDK 8 baseline.


Java Version Requirements

Module Java Required
Nacos-Server / Nacos-Console Java 8
Nacos-Client Java 8

New Contributors

Full Changelog: https://github.com/alibaba/nacos/compare/2.5.2...2.5.3

3 days ago
superset

superset-helm-chart-0.20.0

Apache Superset is a modern, enterprise-ready business intelligence web application

5 days ago
prometheus

3.13.1 / 2026-07-10

This is a bugfix release for 3.13 LTS.

  • [BUGFIX] TSDB: Fix the head-chunk cache returning samples from the wrong chunk, or spurious not-found errors, to range queries after head-chunk truncation. #19134
5 days ago
milvus

milvus-2.6.20

Release note is coming soon...

5 days ago
seaweedfs

4.39

What's Changed

Seaweed Volume (Rust)

  • async, buffered writes in VolumeEcShardsCopy (#10237)
  • fix orphan purge against the rust volume server (#10289)

Volume (Go)

  • keep tier-uploaded volume reporting to master after volume.tier.upload (#10259)
  • clear remote flag when tiering a volume back to local (#10262)
  • reload a remote-tiered volume without re-entering the data lock (#10266)
  • parallelize under-replicated volume copies (#10275)
  • rank by physical disk usage (#10271)

Filer

  • keep the internal .system folder out of the per-bucket store path (#10248)
  • require JWT authorization on TUS upload endpoints (#10249)
  • cut metadata-subscription allocation churn (#10260)
  • share one log-buffer window snapshot across all subscriber reads (#10267)

S3

  • optimize encodePath memory allocations (#10252)
  • fail over routed object writes when the owner filer is unreachable (#10251)
  • keep empty-folder cleanup out of the multipart .uploads staging tree (#10273)
  • tear down the emptied .versions directory on last-version delete (#10278)
  • keep listing when empty directories fill the listing window (#10280)
  • measure quota usage by logical size (#10274)
  • verify SigV4 against each plausible reverse-proxy host (#10284)

Mount

  • re-assign to a live volume when a write can't land (#10239)

IAM

  • surface OIDC groups and roles into the STS session request context for resource-policy ABAC (#10263)

Java Client

  • HTTP Basic Auth for filer behind an Nginx reverse proxy (#10258)
  • fail cleanly when a chunk read returns short or empty data (#10269)

Shell & Admin

  • print markVolumeWritable/markVolumeReadonly based on the writable flag (#10283)
  • stop holding the shell admin lock across whole scheduler batches (#10290)

Topology & Balancer

  • share replica selection between shell and workers (#10276)

Other

  • reduce mem alloc while building str in refract (#10261)
  • cap the shared-snapshot race test's heap in log_buffer (#10281)
  • dropped test error in weed/worker/tasks/balance (#10291)
  • merge filer service annotations to avoid duplicate keys in Helm (#10293)

Dependencies

  • google.golang.org/api 0.278.0 → 0.287.0 (#10246)
  • github.com/Azure/azure-sdk-for-go/sdk/storage/azblob 1.7.0 → 1.8.0 (#10245)
  • github.com/aws/aws-sdk-go-v2/credentials 1.19.24 → 1.19.26 (#10243)
  • github.com/go-redsync/redsync/v4 4.16.0 → 4.17.0 (#10244)
  • github.com/ydb-platform/ydb-go-sdk-auth-environ 0.5.1 → 0.5.2 (#10240)
  • docker/setup-qemu-action 4.1.0 → 4.2.0 (#10242)
  • docker/login-action 4.2.0 → 4.4.0 (#10241)
  • golang.org/x/crypto 0.45.0 → 0.52.0 in /test/sftp (#10264)
  • golang.org/x/crypto 0.51.0 → 0.52.0 in /test/kafka/kafka-client-loadtest (#10265)

New Contributors

Full Changelog: https://github.com/seaweedfs/seaweedfs/compare/4.38...4.39

6 days ago
prometheus

3.5.5 / 2026-07-09

This release is built with Go 1.25.12 and fixes a security issue in a UI dependency.

  • [SECURITY] UI: Bump sanitize-html to v2.17.5 to fix CVE-2026-53606. #19060
6 days ago
dgraph

v25.3.8

What's Changed

Full Changelog: https://github.com/dgraph-io/dgraph/compare/v25.3.7...v25.3.8

6 days ago
etcd

v3.7.0

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux
ETCD_VER=v3.7.0

# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}

rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test

curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz

/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version

# start a local etcd server
/tmp/etcd-download-test/etcd

# write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo
macOS (Darwin)
ETCD_VER=v3.7.0

# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}

rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test

curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64

/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
Docker

etcd uses gcr.io/etcd-development/etcd as a primary container registry, and quay.io/coreos/etcd as secondary.

ETCD_VER=v3.7.0

rm -rf /tmp/etcd-data.tmp && mkdir -p /tmp/etcd-data.tmp && \
  docker rmi gcr.io/etcd-development/etcd:${ETCD_VER} || true && \
  docker run \
  -p 2379:2379 \
  -p 2380:2380 \
  --mount type=bind,source=/tmp/etcd-data.tmp,destination=/etcd-data \
  --name etcd-gcr-${ETCD_VER} \
  gcr.io/etcd-development/etcd:${ETCD_VER} \
  /usr/local/bin/etcd \
  --name s1 \
  --data-dir /etcd-data \
  --listen-client-urls http://0.0.0.0:2379 \
  --advertise-client-urls http://0.0.0.0:2379 \
  --listen-peer-urls http://0.0.0.0:2380 \
  --initial-advertise-peer-urls http://0.0.0.0:2380 \
  --initial-cluster s1=http://0.0.0.0:2380 \
  --initial-cluster-token tkn \
  --initial-cluster-state new \
  --log-level info \
  --logger zap \
  --log-outputs stderr

docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcd --version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdutl version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl endpoint health
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl put foo bar
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl get foo
6 days ago
node

2026-07-08, Version 26.5.0 (Current), @richardlau

Notable Changes

New release key

Welcome to our newest releaser, Stewart X Addison. Future Node.js releases may be signed with his release key, 655F3B5C1FB3FA8D1A0CA6BDE4A7D232B936D2FD.

Other notable changes

  • [55f48446c7] - (SEMVER-MINOR) buffer: implement blob.textStream() (Matthew Aitken) #64036
  • [b373202efc] - (SEMVER-MINOR) esm: add --experimental-import-text flag (Efe) #62300
  • [39e0c14455] - (SEMVER-MINOR) perf_hooks: sample delay per event loop iteration (Pablo Erhard) #62935
  • [999a83c937] - (SEMVER-MINOR) stream: expose ReadableStreamTee (Matteo Collina) #64195
  • [4e0236dc3d] - (SEMVER-MINOR) tls: report negotiated TLS groups (Filip Skokan) #64119

Commits

  • [87648c0a6c] - benchmark: trim down the argon2 sets (Filip Skokan) #64218
  • [a483bfd3f0] - buffer: remove unreachable overflow check in atob (haramjeong) #60161
  • [6d14279688] - buffer: add fast api for isUtf8 and isAscii (Gürgün Dayıoğlu) #64169
  • [55f48446c7] - (SEMVER-MINOR) buffer: implement blob.textStream() (Matthew Aitken) #64036
  • [a67d9a7a44] - build: allow linting node.1 (Aviv Keller) #64157
  • [06c1fbc25b] - build: enable Maglev for riscv64 (Jamie Magee) #62605
  • [518309c363] - build: suppress clang errors building libffi on Windows (René) #64222
  • [6a80ab485c] - build: add manually-dispatched stress-test workflow (Joyee Cheung) #64118
  • [f4e7bf1f1c] - build: pin envinfo versions in github actions (Joyee Cheung) #64117
  • [66f6ac0d86] - build: support setting an emulator from configure script (Ivan Trubach) #53899
  • [7f26c54aa6] - child_process: fix permission model propagation via NODE_OPTIONS (Matteo Collina) #63972
  • [32bb554f5b] - crypto: fix large DH generator validation (Tobias Nießen) #64092
  • [0908d76ef6] - crypto: reject small-order EdDSA points during verify (Filip Skokan) #64026
  • [7f7e5863c2] - deps: update undici to 8.7.0 (Node.js GitHub Bot) #64282
  • [af91029801] - deps: update nghttp3 to 1.17.0 (Node.js GitHub Bot) #64182
  • [2e500ba7b0] - deps: update googletest to 8b53336594cc52213c6c2c7a0b29194fa896d039 (Node.js GitHub Bot) #64181
  • [74e3aa24ba] - deps: update sqlite to 3.53.3 (Node.js GitHub Bot) #64180
  • [c7e57f55a7] - deps: c-ares: cherry-pick 8ba37af8e3fb (René) #64110
  • [879fdc4daf] - deps: V8: backport da20a197a7f9 (Kevin Gibbons) #64101
  • [a640543a7c] - deps: V8: cherry-pick 0cc9eb22c0b0 (Kevin Gibbons) #64101
  • [feefd179e5] - deps: V8: cherry-pick 1a391f98cc7a (Kevin Gibbons) #64101
  • [8ef643d4b0] - deps: update googletest to 0b1e895ba4226c2fda5ee0178c9b5b1195a741aa (Node.js GitHub Bot) #64039
  • [9e50bb0655] - dgram: skip dns.lookup() for literal IP addresses (Ruben Bridgewater) #64133
  • [dc052c095c] - diagnostics_channel: return original thenable (Stephen Belanger) #62407
  • [a22a840293] - doc: clarify QUIC stream state wording (EduardF1) #63660
  • [8d4bec2d71] - doc: update Http2SecureServer.on("timeout") default value (YuSheng Chen) #64187
  • [da88f70afa] - doc: add note on visibility of CI failures to new contributor guide (Stewart X Addison) #64256
  • [20ce359ccb] - doc: clarify HTTP/1.1 response ordering (Matteo Collina) #64213
  • [05eae2835c] - doc: recommend node-stress-single-test for flaky tests (Trivikram Kamat) #64223
  • [3966eb67e7] - doc: fix typo in examples (Vas Sudanagunta) #64184
  • [12a2b9daa3] - doc: fix typo in node-config-schema.json (Hamid Reza Ghavami) #64188
  • [0854482671] - doc: clarify defense-in-depth issues (Matteo Collina) #64215
  • [ef4915fc3a] - doc: fix Fast FFI argument count in ffi.md (Daijiro Wachi) #63960
  • [bb2eed863c] - doc: add sxa GPG key (ed25519) (Stewart X Addison) #64193
  • [b7bf6e3a06] - doc: add guide and answers to FAQs for first-time contributors (Joyee Cheung) #63685
  • [ff537ba858] - doc: update Http2Server.close & Http2SecureServer.close (YuSheng Chen) #63298
  • [f3db304588] - doc: update list of people in SECURITY.md (Richard Lau) #64152
  • [2a126647b0] - doc: clarify vfs is not a sandbox (Matteo Collina) #64143
  • [85fc79dd9b] - doc: fix broken links and duplicate stability label (Antoine du Hamel) #64130
  • [189e830eb3] - doc: add missing option to man page (Richard Lau) #64156
  • [7a16ccccd0] - doc: announce upcoming end of tier 2 support for macOS x64 (Antoine du Hamel) #63931
  • [d5f826045f] - doc: update toolchain for official AIX releases (Richard Lau) #64068
  • [60abc4400f] - doc: fix callback example import in fs docs (Kamal Rawal) #63912
  • [e470c74a6c] - doc: fix keepAliveTimeout default in http.createServer options (Jahanzaib iqbal) #63974
  • [851b460583] - esm: improve ERR_REQUIRE_ASYNC_MODULE (Joyee Cheung) #64260
  • [0cd443df39] - esm: print required top-level await locations without evaluating (Joyee Cheung) #64154
  • [b373202efc] - (SEMVER-MINOR) esm: add --experimental-import-text flag (Efe) #62300
  • [eacfbd0ca5] - http: add CONNECT method handling for default Host header with proxy (Archkon) #64114
  • [aeb539a383] - http: fix drain event with cork/uncork (David Evans) #64038
  • [8e8874b216] - http: document and validate options.path when it's in absolute-form (Joyee Cheung) #64108
  • [eb2e96bc28] - inspector: fix crash when writing to closed inspector socket (ympark2011) #64209
  • [243b0e4e57] - lib: reject string "0" in validatePort when allowZero is false (Daijiro Wachi) #64174
  • [34a537c0ed] - lib: use __proto__: null when calling ObjectDefineProperty (Antoine du Hamel) #64239
  • [1f72393f19] - lib: lazily initialize kEvents and kHandlers maps (Guilherme Araújo) #63702
  • [92a3dc3191] - lib,permission: fix addon permission drop (Martin Wagner) #64007
  • [87b8f2a296] - meta: fix linter warning in stale.yml (Antoine du Hamel) #64281
  • [829c4a5913] - meta: bump actions/cache from 5.0.5 to 6.1.0 (dependabot[bot]) #64248
  • [0808dcd31c] - meta: bump github/codeql-action/autobuild from 4.36.1 to 4.36.2 (dependabot[bot]) #64247
  • [64aa17058f] - meta: bump github/codeql-action/analyze from 4.36.1 to 4.36.2 (dependabot[bot]) #64246
  • [873d1e0412] - meta: bump actions/checkout from 6.0.2 to 7.0.0 (dependabot[bot]) #64245
  • [fe460ccf0b] - meta: bump codecov/codecov-action from 6.0.1 to 7.0.0 (dependabot[bot]) #64244
  • [845c63ed50] - meta: bump rtCamp/action-slack-notify from 2.3.3 to 2.4.0 (dependabot[bot]) #64243
  • [2cad2d6de5] - meta: bump github/codeql-action/init from 4.36.1 to 4.36.2 (dependabot[bot]) #64242
  • [0ddde950c7] - meta: bump actions/setup-python from 6.2.0 to 6.3.0 (dependabot[bot]) #64241
  • [c0a8760d2f] - meta: bump github/codeql-action/upload-sarif from 4.36.1 to 4.36.2 (dependabot[bot]) #64240
  • [f49704b9d0] - meta: clarify V8 flags are outside threat model (Matteo Collina) #64224
  • [6b8dc58e6e] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #64057
  • [fe5260cca7] - meta: update status of past strategic initiatives (Joyee Cheung) #63480
  • [7b01040008] - meta: speed up stale bot (Aviv Keller) #64075
  • [874c46c24f] - meta: update sccache version in test-linux-quic (René) #64043
  • [48c5c86363] - module: enable import support for addons by default (Chengzhong Wu) #64221
  • [39e0c14455] - (SEMVER-MINOR) perf_hooks: sample delay per event loop iteration (Pablo Erhard) #62935
  • [f90f1bd032] - perf_hooks: add NODE_PERFORMANCE_GC_MINOR_MARK_SWEEP constant (Attila Szegedi) #63877
  • [bdf32628c7] - process: fix finalization cleanup ref tracking (Trivikram Kamat) #64087
  • [9a65b7fff4] - quic: drop version negotiation packets with oversized CIDs (Mohamed Sayed) #64228
  • [2699fe4706] - quic: fixes undefined handle in QuicStream kInspect (Marten Richter) #64170
  • [00dea28bb3] - repl: lazy-load acorn and defer vm context creation (Daijiro Wachi) #63879
  • [ce659a1cf9] - src: fix escaping of single quotes in task runner (Antoine du Hamel) #64089
  • [dbb3126e5c] - src: abstract tracing agent for both legacy and perfetto (Chengzhong Wu) #64053
  • [12edf1d68d] - src: avoid redundant call to std::get_if<>() (Tobias Nießen) #64094
  • [eda91b6d01] - src: avoid copying source string in TextEncoder.encode (Yagiz Nizipli) #63897
  • [efbbb9a03c] - stream: preserve half-open duplexes in async iteration (Efe) #64275
  • [999a83c937] - (SEMVER-MINOR) stream: expose ReadableStreamTee (Matteo Collina) #64195
  • [ab5ed72903] - stream: reject iter consumers on abort (Trivikram Kamat) #64066
  • [d3fa77c5e2] - stream: fix merge abort for pending sources (Trivikram Kamat) #64013
  • [38b99140ed] - stream: refactor unnecessary optional chaining away (Antoine du Hamel) #64253
  • [c81f894ebe] - stream: cut per-chunk overhead in WHATWG streams (Matteo Collina) #64252
  • [f162234f24] - stream: normalize Broadcast.from() byte inputs (Trivikram Kamat) #64082
  • [1182ad8f3b] - stream: proxy first own method in Readable.wrap() (Daijiro Wachi) #64048
  • [d0b830b382] - stream: observe abort while awaiting pipeTo source (Trivikram Kamat) #64015
  • [f7adcd8359] - stream: respect iter consumer abort signals (Trivikram Kamat) #63997
  • [b09e624c6f] - test: make blob desiredSize assertion robust (Trivikram Kamat) #64106
  • [d0d8f0c774] - test: update WPT for urlpattern to 11a459a2b1 (Node.js GitHub Bot) #64037
  • [ff9122c20c] - test: improve lcov reporter snapshot diagnostics (Trivikram Kamat) #64049
  • [570952d4f3] - test: keep finalization close fixture ref alive (Trivikram Kamat) #64085
  • [1b4f213380] - test: fix typo from overriden to overridden (parkhojeong) #63403
  • [4c91090b8b] - test: fix typo from funciton to function (parkhojeong) #63403
  • [bf080c7917] - test: mark hr-time WPT flaky on macos15-x64 (Trivikram Kamat) #64054
  • [24e32098c5] - test: use one-off agent in http consumed timeout test (Trivikram Kamat) #64052
  • [3229886de2] - test: fix flaky test-runner coverage threshold test (Trivikram Kamat) #64051
  • [83b91ea6ec] - test_runner: filter execArgv fallback for child tests (Trivikram Kamat) #64056
  • [269b609a3d] - test_runner: improve coverage failure diagnostics (Trivikram Kamat) #64050
  • [0342744c34] - test_runner: add timestamp to JUnit reporter testsuites (sangwook) #64029
  • [086741d121] - timers: reuse Timeout objects in setStreamTimeout (Matteo Collina) #64254
  • [4e0236dc3d] - (SEMVER-MINOR) tls: report negotiated TLS groups (Filip Skokan) #64119
  • [3bdd7e20be] - tls: handle large RSA exponents in X.509 cert (Tobias Nießen) #64093
  • [c96c838977] - tools: update RUSTC_VERSION for remaining GHA workflows (René) #64325
  • [ee873b7aaf] - tools: bump temporal_rs version (Antoine du Hamel) #63281
  • [ea3b870155] - tools: remove envinfo from our workflows (Antoine du Hamel) #64259
  • [d940f02e8b] - tools: bump the eslint group in /tools/eslint with 8 updates (dependabot[bot]) #64249
  • [fe0ea2bb5d] - tools: bump @node-core/doc-kit (dependabot[bot]) #64010
  • [4dceefde1e] - tools: bump undici from 6.24.1 to 6.27.0 in /tools/doc (dependabot[bot]) #64031
  • [6e187db7d7] - tools: update c-ares updater script (Antoine du Hamel) #64194
  • [657a35f5a2] - tools: validate version number in release proposal commit message lint (Antoine du Hamel) #64070
  • [17228a861c] - tools: add GHA benchmark runner (Antoine du Hamel) #60293
  • [6d11a71d91] - tools: update build-shared/action.yml to a reusable workflow (Antoine du Hamel) #64059
  • [7a17c50b7f] - tools: update libffi updater script (Antoine du Hamel) #64046
  • [28047a3e71] - tools: exclude libffi changes from test-shared GHA CI (Antoine du Hamel) #64047
  • [58d9685acc] - typings: add typing for crypto (Filip Skokan) #64122
  • [7a9dcad44d] - util: fix OOM in inspect color stack formatting (Ijtihed Kilani) #64022
  • [d5f01bbbde] - vfs: reject rename into descendant directory (Trivikram Kamat) #64285
  • [0b6af91081] - vfs: handle current-position sentinel in memory files (Trivikram Kamat) #64163
  • [322230d641] - vfs: support writeFileSync with virtual fds (Trivikram Kamat) #64165
  • [9395d209c7] - vfs: avoid recursive readdir symlink cycles (Matteo Collina) #64168
  • [bbdd7643b6] - vfs: read RealFSProvider files from open fd (Trivikram Kamat) #64104
  • [92859b8097] - vm: fix copying PropertyDescriptor (Chengzhong Wu) #64073
  • [9046035475] - zlib: validate flush king for all streams (Ic3b3rg) #63746
  • [98be4304a3] - zlib: validate flush kind for brotli streams (Ic3b3rg) #63746
  • [90007a59a9] - zlib: expose rejectGarbageAfterEnd option (Filip Skokan) #64023
  • [5933516066] - zlib: reject trailing gzip members in web streams (Filip Skokan) #64023