• Add namedGroup to SslHandlerInfo and add Builder pattern by @gavinbunney in https://github.com/Netflix/zuul/pull/2086
• Allow configuring of TLS named groups by @gavinbunney in https://github.com/Netflix/zuul/pull/2087

Full Changelog: https://github.com/Netflix/zuul/compare/v3.4.2...v3.4.3

• [b0a79b10f0] - (SEMVER-MINOR) http2: add http1Options for HTTP/1 fallback configuration (Amol Yadav) #61713
• [2d874dfb8e] - (SEMVER-MINOR) sea: support ESM entry point in SEA (Joyee Cheung) #61813
• [ee59127664] - sqlite: mark as release candidate (Matteo Collina) #61262
• [608736e19e] - (SEMVER-MINOR) stream: rename Duplex.toWeb() type option to readableType (René) #61632
• [a43375999f] - (SEMVER-MINOR) test_runner: show interrupted test on SIGINT (Matteo Collina) #61676

• [ab4375e141] - benchmark: add startup benchmark for ESM entrypoint (Joyee Cheung) #61769
• [8d83d8026b] - build: add temporal test on GHA windows (Chengzhong Wu) #61810
• [aab153eec3] - build: skip sscache action on non-main branches (Joyee Cheung) #61790
• [9e40fb93bc] - build: use path-ignore in GHA coverage-windows.yml (Chengzhong Wu) #61811
• [4896653361] - build: generate_config_gypi.py generates valid JSON (Shelley Vohr) #61791
• [bb82b44de0] - build: build with v8 gdbjit support on supported platform (Joyee Cheung) #61010
• [e7173a093a] - build: show cc outputs when version detection failed (Chengzhong Wu) #61700
• [848050d38f] - build,win: add WinGet Visual Studio 2022 Build Tools Edition config (Mike McCready) #61652
• [938841e1cd] - crypto: always return certificate serial numbers as uppercase (Anna Henningsen) #61752
• [dba9001d6f] - deps: upgrade npm to 11.10.1 (npm team) #61892
• [75c8e18d2f] - deps: update nbytes to 0.1.3 (Node.js GitHub Bot) #61879
• [4ca1597f25] - deps: remove stale OpenSSL arch configs (René) #61834
• [c4f298c729] - deps: update llhttp to 9.3.1 (Node.js GitHub Bot) #61827
• [7d63a2df93] - deps: V8: cherry-pick 64b36b441179 (Rafael Magrin) #61712
• [241a6b7088] - deps: update googletest to 5a9c3f9e8d9b90bbbe8feb32902146cb8f7c1757 (Node.js GitHub Bot) #61731
• [eec896c0e0] - deps: V8: backport 6a0a25abaed3 (Vivian Wang) #61666
• [5a9874af09] - doc: clarify status of feature request issues (Antoine du Hamel) #61505
• [0648ac64aa] - doc: add esm and cjs examples to node:vm (Alfredo González) #61498
• [8b38718294] - doc: clarify build environment is trusted in threat model (Matteo Collina) #61865
• [10e86818ee] - doc: remove incorrect mention of module in typescript.md (Rob Palmer) #61839
• [b50376f527] - doc: simplify addAbortListener example (Chemi Atlow) #61842
• [dea0e7a856] - doc: fix typo in --disable-wasm-trap-handler description (Dmytro Semchuk) #61820
• [57ac1f5aa0] - doc: clean up globals.md (René) #61822
• [4c30d2bb4d] - doc: remove obsolete Boxstarter automated install (Mike McCready) #61785
• [db610b9e32] - doc: clarify async caveats for events.once() (René) #61572
• [b4a826b11c] - doc: update Juan's security steward info (Juan José) #61754
• [7d9cc5dc54] - doc: fix methods being documented as properties in process.md (Antoine du Hamel) #61765
• [aa0362c26a] - doc: add riscv64 info into platform list (Lu Yahan) #42251
• [9b0101b65b] - doc: fix dropdown menu being obscured at <600px due to stacking context (Jeff) #61735
• [df2c65b3e4] - doc: fix spacing in process message event (Aviv Keller) #61756
• [01018559f5] - doc: move describe/it aliases section before expectFailure (Luca Raveri) #61567
• [49443583af] - doc: fix broken links of net.md (YuSheng Chen) #61673
• [af7c927a2a] - doc: clean up Windows code snippet in child_process.md (reillylm) #61422
• [221648a687] - esm: update outdated FIXME comment in translators.js (Karan Mangtani) #61715
• [4484e14a31] - events: don't call resume after close (Сковорода Никита Андреевич) #60548
• [4cecbe1f53] - fs: add throwIfNoEntry option for fs.stat and fs.promises.stat (Juan José) #61178
• [2c94967684] - http: remove redundant keepAliveTimeoutBuffer assignment (Efe) #61743
• [435f3dd8e4] - http: attach error handler to socket synchronously in onSocket (RajeshKumar11) #61770
• [ce0ebd853d] - http: fix keep-alive socket reuse race in requestOnFinish (Martin Slota) #61710
• [8103a78b6a] - http2: add strictSingleValueFields option to relax header validation (Tim Perry) #59917
• [b0a79b10f0] - (SEMVER-MINOR) http2: add http1Options for HTTP/1 fallback configuration (Amol Yadav) #61713
• [c589b6b23c] - http2: fix FileHandle leak in respondWithFile (sangwook) #61707
• [df477202ae] - lib: reduce cycles in esm loader and load it in snapshot (Joyee Cheung) #61769
• [deda50a819] - lib: remove top-level getOptionValue() calls in lib/internal/modules (Joyee Cheung) #61769
• [b1c1ddff79] - lib: optimize styleText when validateStream is false (Rafael Gonzaga) #61792
• [df334f7fa0] - meta: use SCCACHE_GHA_ENABLED for shared build workflows (René) #61640
• [e1b2cd605f] - meta: bump cachix/install-nix-action from 31.9.0 to 31.9.1 (dependabot[bot]) #61910
• [24b858547a] - module: fix extensionless entry with explicit type=commonjs (Yuya Inoue) #61600
• [4f2f8006bd] - repl: fix FileHandle leak in history initialization (sangwook) #61706
• [2d874dfb8e] - (SEMVER-MINOR) sea: support ESM entry point in SEA (Joyee Cheung) #61813
• [ee59127664] - sqlite: mark as release candidate (Matteo Collina) #61262
• [f14ff14473] - src: remove unnecessary c_str() conversions in diagnostic messages (Anna Henningsen) #61786
• [26a09e541d] - src: use bool literals in TraceEnvVarOptions (Tobias Nießen) #61425
• [62b0758c47] - src: fix --build-sea default executable path (Alex Schwartz) #61708
• [b5724921b1] - src: track allocations made by zstd streams (Anna Henningsen) #61717
• [3d1d1523a5] - src: do not store compression methods on Brotli classes (Anna Henningsen) #61717
• [b2915cda77] - src: extract zlib allocation tracking into its own class (Anna Henningsen) #61717
• [3032a7e3c6] - src: release memory for zstd contexts in Close() (Anna Henningsen) #61717
• [bc2287db74] - src: add more checks and clarify docs for external references (Joyee Cheung) #61719
• [5daf282e33] - src: fix cjs_lexer external reference registration (Joyee Cheung) #61718
• [fb2db5f947] - src: support import() and import.meta in embedder-run modules (Joyee Cheung) #61654
• [e146591002] - stream: fix decoded fromList chunk boundary check (Thomas Watson) #61884
• [065200a5f0] - stream: add fast paths for webstreams read and pipeTo (Matteo Collina) #61807
• [608736e19e] - (SEMVER-MINOR) stream: rename Duplex.toWeb() type option to readableType (René) #61632
• [51587d684d] - test: fix typos in test files (Daijiro Wachi) #61408
• [17b2361360] - test: allow filtering async internal frames in assertSnapshot (Joyee Cheung) #61769
• [3f6a5f5f7f] - test: unify assertSnapshot stacktrace transform (Chengzhong Wu) #61665
• [c8dac320de] - test: check stability block position in API markdown (René) #58590
• [6809ef8d04] - test: adapt buffer test for v8 sandbox (Shelley Vohr) #61772
• [60f5771a74] - test: update FileAPI tests from WPT (Ms2ger) #61750
• [d2fef4a31a] - test: update WPT for WebCryptoAPI to 7cbe7e8ed9 (Node.js GitHub Bot) #61729
• [d7a87f14da] - test: update WPT for url to efb889eb4c (Node.js GitHub Bot) #61728
• [b6ae1fc4b8] - test: split test-embedding.js and run tests in parallel (Joyee Cheung) #61571
• [a43375999f] - (SEMVER-MINOR) test_runner: show interrupted test on SIGINT (Matteo Collina) #61676
• [1c02aa09b0] - test_runner: fix suite rerun (Moshe Atlow) #61775
• [47821ec609] - tools: switch to ARM runners on GHA jobs (Antoine du Hamel) #61903
• [1630a56370] - tools: avoid building twice in coverage jobs (Antoine du Hamel) #61899
• [89318b0a02] - tools: fix auto-start-ci (Antoine du Hamel) #61900
• [ee107f5e84] - tools: do not checkout repo in auto-start-ci.yml (Antoine du Hamel) #61874
• [c2de1fa619] - tools: cache V8 build on test-shared workflow (Antoine du Hamel) #61860
• [111c77ec94] - tools: automate updates for test/fixtures/test426 (Rich Trott) #60978
• [ea8886f7d5] - tools: use ubuntu-slim runner in GHA (Antoine du Hamel) #61759
• [9db82ba786] - tools: bump unist-util-visit in /tools/doc in the doc group (dependabot[bot]) #61646
• [c8e58c56b9] - tools: bump the eslint group in /tools/eslint with 6 updates (dependabot[bot]) #61628
• [2518ec77e8] - tools: use ubuntu-slim runner in GHA (Antoine du Hamel) #61734
• [c5ad2beba3] - tools: fix small inconsistencies in JSON doc output (Antoine du Hamel) #61757
• [a9f90bee0a] - tools: use ubuntu-latest runner in notify-on-push workflow (Antoine du Hamel) #61742
• [30e38182d9] - watch: get flags from execArgv (Efe) #61779
• [da1a08a3a5] - worker: eliminate race condition in process.cwd() (giulioAZ) #61664
• [dfac82a235] - zlib: add support for brotli compression dictionary (Andy Weiss) #61763

• [8b6d31d379] - (SEMVER-MINOR) async_hooks: add trackPromises option to createHook() (Joyee Cheung) #61415
• [68da144b4e] - build,deps: replace cjs-module-lexer with merve (Yagiz Nizipli) #61456
• [f3a24c76e4] - (SEMVER-MINOR) deps: add LIEF as a dependency (Joyee Cheung) #61167
• [1948861d23] - (SEMVER-MINOR) events: repurpose events.listenerCount() to accept EventTargets (René) #60214
• [d6f7c8d06f] - (SEMVER-MINOR) fs: add ignore option to fs.watch (Matteo Collina) #61433
• [cb54b3ca6e] - (SEMVER-MINOR) http: add http.setGlobalProxyFromEnv() (Joyee Cheung) #60953
• [35b1759d06] - (SEMVER-MINOR) module: allow subpath imports that start with #/ (Jan Martin) #60864
• [2d72ea66f2] - (SEMVER-MINOR) process: preserve AsyncLocalStorage in queueMicrotask only when needed (Gürgün Dayıoğlu) #60913
• [6f4a4f6c8e] - (SEMVER-MINOR) sea: split sea binary manipulation code (Joyee Cheung) #61167
• [c0ceb9b065] - (SEMVER-MINOR) sqlite: enable defensive mode by default (Bart Louwers) #61266
• [33d8e8303b] - (SEMVER-MINOR) sqlite: add sqlite prepare options args (Guilherme Araújo) #61311
• [563ab699eb] - (SEMVER-MINOR) src: add initial support for ESM in embedder API (Joyee Cheung) #61548
• [4c80031000] - (SEMVER-MINOR) stream: add bytes() method to node:stream/consumers (wantaek) #60426
• [f5233df4ff] - (SEMVER-MINOR) stream: do not pass readable.compose() output via Readable.from() (René) #60907
• [345a40fda3] - (SEMVER-MINOR) test: use fixture directories for sea tests (Joyee Cheung) #61167
• [972f82411d] - (SEMVER-MINOR) test_runner: add env option to run function (Ethan Arrowood) #61367
• [d77f98c4b6] - (SEMVER-MINOR) test_runner: support expecting a test-case to fail (Jacob Smith) #60669
• [8e900af6ba] - (SEMVER-MINOR) util: add convertProcessSignalToExitCode utility (Erick Wendel) #60963

• [180778fb9a] - assert: fix loose deepEqual arrays with undefined and null failing (Ruben Bridgewater) #61587
• [8b6d31d379] - (SEMVER-MINOR) async_hooks: add trackPromises option to createHook() (Joyee Cheung) #61415
• [83bcd38d35] - benchmark: add streaming TextDecoder benchmark (Сковорода Никита Андреевич) #61549
• [4c105844c5] - build: add support for Visual Studio 2026 (Michaël Zasso) #60727
• [1f84fd91d9] - build: skip sscache action on non-main branches (Joyee Cheung) #61790
• [30601b680f] - build: add --shared-nbytes configure flag (Antoine du Hamel) #61341
• [c6253eda49] - build: add --shared-hdr-histogram configure flag (Antoine du Hamel) #61280
• [584c189037] - build: add --shared-gtest configure flag (Antoine du Hamel) #61279
• [5998987881] - build: aix: deoptimize implementation-visitor.cc with --shared (Stewart X Addison) #61550
• [68da144b4e] - build,deps: replace cjs-module-lexer with merve (Yagiz Nizipli) #61456
• [6a4511bafb] - build,win: fix vs2022 compilation (Stefan Stojanovic) #61530
• [2d6735db8a] - deps: upgrade npm to 11.9.0 (npm team) #61685
• [699e2f8f81] - deps: update amaro to 1.1.7 (Node.js GitHub Bot) #61730
• [7be76316d6] - deps: update minimatch to 10.1.2 (Node.js GitHub Bot) #61732
• [97e5a65013] - deps: update undici to 7.21.0 (Node.js GitHub Bot) #61683
• [74e4710ee7] - deps: update googletest to 56efe3983185e3f37e43415d1afa97e3860f187f (Node.js GitHub Bot) #61605
• [b5113e2a2a] - deps: update amaro to 1.1.6 (Node.js GitHub Bot) #61603
• [f3a24c76e4] - (SEMVER-MINOR) deps: add LIEF as a dependency (Joyee Cheung) #61167
• [c370c3dc06] - (SEMVER-MINOR) deps: add tools and scripts to pull LIEF as a dependency (Joyee Cheung) #61167
• [e54975e17d] - deps: V8: cherry-pick highway@dcc0ca1cd42 (Richard Lau) #61008
• [625b90b76b] - deps: update undici to 7.19.2 (Node.js GitHub Bot) #61566
• [05e9a9fb5e] - deps: update undici to 7.19.1 (Node.js GitHub Bot) #61514
• [3d41643e38] - deps: update undici to 7.19.0 (Node.js GitHub Bot) #61470
• [17b363a66c] - dns: fix Windows SRV ECONNREFUSED by adjusting c-ares fallback detection (notvivek12) #61453
• [33d0a8c22d] - doc: clarify EventEmitter error handling in threat model (Matteo Collina) #61701
• [5b8e72cf85] - doc: mention default option for test runner env (Steven) #61659
• [f44e67fac2] - doc: fix --inspect security warning section (Tim Perry) #61675
• [a0e09c9043] - doc: document url.format(urlString) as deprecated under DEP0169 (René) #61644
• [5e719248fe] - doc: deprecation add more codemod (Augustin Mauroy) #61642
• [8f5a3e5df4] - doc: fix grammatical error in README.md (ayj8201) #61653
• [d52b535163] - doc: correct tools README Boxstarter link (Mike McCready) #61638
• [4889dc4f59] - doc: update server.dropMaxConnection link (YuSheng Chen) #61584
• [8e48e72f2a] - doc: clean up writing-and-running-benchmarks.md (Hardanish Singh) #61345
• [1948861d23] - (SEMVER-MINOR) events: repurpose events.listenerCount() to accept EventTargets (René) #60214
• [d6f7c8d06f] - (SEMVER-MINOR) fs: add ignore option to fs.watch (Matteo Collina) #61433
• [2d7e5f9581] - http: implement slab allocation for HTTP header parsing (Mert Can Altin) #61375
• [cb54b3ca6e] - (SEMVER-MINOR) http: add http.setGlobalProxyFromEnv() (Joyee Cheung) #60953
• [6df8be48ce] - lib: use utf8 fast path for streaming TextDecoder (Сковорода Никита Андреевич) #61549
• [830fff0aca] - lib: recycle queues (Robert Nagy) #61461
• [069874bdbd] - lib: use StringPrototypeStartsWith from primordials in locks (Taejin Kim) #61492
• [7824c7589e] - lib: unify ICU and no-ICU TextDecoder (Сковорода Никита Андреевич) #61409
• [f81430702a] - lib: prefer call() over apply() if argument list is not array (Livia Medeiros) #60796
• [a723f72e1e] - lib: add support for readable byte streams to .toWeb() (Hans Klunder) #58664
• [b78d814b3d] - meta: persist sccache daemon until end of build workflows (René) #61639
• [40a872a4b9] - meta: bump github/codeql-action from 4.31.9 to 4.32.0 (dependabot[bot]) #61622
• [0637bdb3be] - meta: bump step-security/harden-runner from 2.14.0 to 2.14.1 (dependabot[bot]) #61621
• [e8d9bd9fc5] - meta: bump actions/setup-python from 6.1.0 to 6.2.0 (dependabot[bot]) #61627
• [c517df2b65] - meta: bump actions/setup-node from 6.1.0 to 6.2.0 (dependabot[bot]) #61625
• [9a64f2f25d] - meta: bump actions/cache from 5.0.1 to 5.0.3 (dependabot[bot]) #61624
• [0e5922e95e] - meta: bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (dependabot[bot]) #61623
• [5da7b51091] - meta: bump actions/stale from 10.1.0 to 10.1.1 (dependabot[bot]) #61620
• [c085c8a43f] - meta: bump actions/checkout from 6.0.1 to 6.0.2 (dependabot[bot]) #61619
• [ce2acf0275] - meta: bump actions/download-artifact from 6.0.0 to 7.0.0 (dependabot[bot]) #61242
• [629f0eaac5] - meta: bump actions/checkout from 6.0.0 to 6.0.1 (dependabot[bot]) #61239
• [cd80d369c9] - meta: bump actions/upload-artifact from 5.0.0 to 6.0.0 (dependabot[bot]) #61238
• [8c75e4e1fa] - meta: bump actions/checkout from 5.0.1 to 6.0.0 (dependabot[bot]) #60925
• [5a9e9f4127] - meta: bump actions/checkout from 5.0.0 to 5.0.1 (dependabot[bot]) #60767
• [1519251dd1] - module: do not invoke resolve hooks twice for imported cjs (Joyee Cheung) #61529
• [8d7190b3fe] - module: do not wrap module._load when tracing is not enabled (Joyee Cheung) #61479
• [35b1759d06] - (SEMVER-MINOR) module: allow subpath imports that start with #/ (Jan Martin) #60864
• [7a83b38921] - net: defer synchronous destroy calls in internalConnect (RajeshKumar11) #61658
• [16bab79421] - process: do not truncate long strings in --print (Mohamed Akram) #61497
• [2d72ea66f2] - (SEMVER-MINOR) process: preserve AsyncLocalStorage in queueMicrotask only when needed (Gürgün Dayıoğlu) #60913
• [9cc1c4604f] - repl: fix getters triggering side effects during completion (Dario Piotrowicz) #61043
• [93703306a1] - repl: tab completion targets <class> instead of new <class> (Đỗ Trọng Hải) #60319
• [6f4a4f6c8e] - (SEMVER-MINOR) sea: split sea binary manipulation code (Joyee Cheung) #61167
• [46a2dad4db] - sqlite: avoid extra copy for large text binds (Ali Hassan) #61580
• [f91a377f7e] - sqlite: use DictionaryTemplate for run() result (Mert Can Altin) #61432
• [0e7571ae3e] - sqlite: change approach to fix segfault SQLTagStore (Bart Louwers) #60462
• [8e8f70524a] - sqlite: reserve vectors space (Guilherme Araújo) #61540
• [c0ceb9b065] - (SEMVER-MINOR) sqlite: enable defensive mode by default (Bart Louwers) #61266
• [33d8e8303b] - (SEMVER-MINOR) sqlite: add sqlite prepare options args (Guilherme Araújo) #61311
• [f0d8f37002] - src: elide heap allocation in structured clone implementation (Anna Henningsen) #61703
• [db478c4336] - src: use simdutf for one-byte string UTF-8 write in stringBytes (Mert Can Altin) #61696
• [563ab699eb] - (SEMVER-MINOR) src: add initial support for ESM in embedder API (Joyee Cheung) #61548
• [da13186a15] - src: throw RangeError on failed ArrayBuffer BackingStore allocation (Chengzhong Wu) #61480
• [4c80031000] - (SEMVER-MINOR) stream: add bytes() method to stream/consumers (wantaek) #60426
• [f5233df4ff] - (SEMVER-MINOR) stream: do not pass readable.compose() output via Readable.from() (René) #60907
• [ad04a469c8] - test: restraint version replacement pattern in snapshots (Chengzhong Wu) #61748
• [2d3b4a8d65] - test: print stack immediately avoiding GC interleaving (Chengzhong Wu) #61699
• [38f43a6d4e] - test: fix case-insensitive path matching on Windows (Matteo Collina) #61682
• [06513f5ff2] - test: fix flaky test-performance-eventloopdelay (Matteo Collina) #61629
• [9d79c66c61] - test: remove duplicate wpt tests (Filip Skokan) #61617
• [eac9f4f401] - test: fix race condition in watch mode tests (Matteo Collina) #61615
• [ecf5947575] - test: update WPT for url to e3c46fdf55 (Node.js GitHub Bot) #61602
• [356ff5fece] - test: use the skipIfNoWatch() utility function (Luigi Pinca) #61531
• [4b2187aea2] - test: unify assertSnapshot common patterns (Chengzhong Wu) #61590
• [8c25489d63] - test: split test-fs-watch-ignore-* (Luigi Pinca) #61494
• [43b8a2b7e7] - test: add some validation for JSON doc output (Antoine du Hamel) #61413
• [345a40fda3] - (SEMVER-MINOR) test: use fixture directories for sea tests (Joyee Cheung) #61167
• [24cf6b8326] - test: reveal wpt evaluation errors in status files (Chengzhong Wu) #61358
• [d4034dfb62] - test: forbid use of named imports for fixtures (Antoine du Hamel) #61228
• [4f871ee897] - test: enforce better never-settling-promise detection (Antoine du Hamel) #60976
• [8e9adedf02] - test: ensure assertions are reached on all tests (Antoine du Hamel) #60845
• [273832802e] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60763
• [e06adcb52f] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60760
• [aeed0ccc02] - test: use RegExp.escape to improve test reliability (Antoine du Hamel) #60803
• [74bcd0adab] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60728
• [407807b08e] - test: skip tests not passing without NODE_OPTIONS support (Antoine du Hamel) #60912
• [a9e70cefb0] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60634
• [21b23cd0d0] - test_runner: fix test enqueue when test file has syntax error (Edy Silva) #61573
• [6a4de694b2] - test_runner: fix passing expectFailure (Moshe Atlow) #61568
• [6640de2b0f] - test_runner: differentiate todo and failure styles (Moshe Atlow) #61564
• [972f82411d] - (SEMVER-MINOR) test_runner: add env option to run function (Ethan Arrowood) #61367
• [d77f98c4b6] - (SEMVER-MINOR) test_runner: support expecting a test-case to fail (Jacob Smith) #60669
• [f98986cbb9] - tools: switch to ARM runners on GHA jobs (Antoine du Hamel) #61903
• [034589dd93] - tools: avoid building twice in coverage jobs (Antoine du Hamel) #61899
• [e50e2f00bb] - tools: use ubuntu-slim runner in GHA (Antoine du Hamel) #61759
• [f658f48ccb] - tools: use ubuntu-slim runner in GHA (Antoine du Hamel) #61734
• [65c77d74ff] - tools: use ubuntu-latest runner in notify-on-push workflow (Antoine du Hamel) #61742
• [605905556a] - tools: enforce removal of lts-watch-* labels on release proposals (Antoine du Hamel) #61672
• [f0f98d4c03] - tools: use ubuntu-slim runner in meta GitHub Actions (Tierney Cyren) #61663
• [ab63ddf354] - tools: add LIEF to license builder (Chengzhong Wu) #61523
• [8a0f6192c9] - tools: enforce trailing commas in test/es-module (Antoine du Hamel) #60891
• [4afbbcf39e] - tools: enforce trailing commas in test/sequential (Antoine du Hamel) #60892
• [4c1abf752c] - tools,win: upgrade install additional tools to Visual Studio 2026 (Mike McCready) #61562
• [8e900af6ba] - (SEMVER-MINOR) util: add convertProcessSignalToExitCode utility (Erick Wendel) #60963

Download page What's new highlights

• Dashboard Export: Fix datasource variable templating in dashboard export #118327, @kristinademeshchik
• Provisioning: Bump nanogit v0.3.1 with missing objects fixes #118225, @MissingRoberto

Download page What's new highlights

• Dashboard Export: Fix datasource variable templating in dashboard export #118324, @kristinademeshchik

Download page What's new highlights

• Dashboard Export: Fix datasource variable templating in dashboard export #118321, @kristinademeshchik

Download page What's new highlights

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

• (CVE-2025-67733) RESP Protocol Injection via Lua error_reply
• (CVE-2026-21863) Remote DoS with malformed Valkey Cluster bus message
• (CVE-2026-27623) Reset request type after handling empty requests

• Avoids crash during MODULE UNLOAD when ACL rules reference a module command and subcommand (#3160)
• Fix server assert on ACL LOAD when current user loses permission to channels (#3182)
• Fix bug causing no response flush sometimes when IO threads are busy (#3205)

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

• (CVE-2026-21863) Remote DoS with malformed Valkey Cluster bus message
• (CVE-2025-67733) RESP Protocol Injection via Lua error_reply

• Restrict ttl from being negative and avoid crash in import-mode (#2944)
• Fix chained replica crash when doing dual channel replication (#2983)
• Fix used_memory_dataset underflow due to miscalculated used_memory_overhead (#3005)
• Fix crashing while MODULE UNLOAD when ACL rules reference a module command or subcommand (#3160)
• Fix server assert on ACL LOAD and resetchannels (#3182)
• Fix bug causing no response flush sometimes when IO threads are busy (#3205)

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

• (CVE-2026-21863) Remote DoS with malformed Valkey Cluster bus message
• (CVE-2025-67733) RESP Protocol Injection via Lua error_reply

• Fix ltrim should not call signalModifiedKey when no elements are removed (#2787)
• Fix chained replica crash when doing dual channel replication (#2983)
• Fix used_memory_dataset underflow due to miscalculated used_memory_overhead (#3005)
• Avoids crash during MODULE UNLOAD when ACL rules reference a module command and subcommand (#3160)
• Fix server assert on ACL LOAD and resetchannels (#3182)
• Fix bug causing no response flush sometimes when IO threads are busy (#3205)