Download page What's new highlights

Download page What's new highlights

Download page What's new highlights

• feat(profiling): support cross-platform memory profiling with mimalloc and pprof by @houseme in https://github.com/rustfs/rustfs/pull/1674
• fix: init container security hardened for operation permission error by @majinghe in https://github.com/rustfs/rustfs/pull/1680
• fix: add gatewayApi.enabled check to TraefikService template by @moechs in https://github.com/rustfs/rustfs/pull/1679
• fix(lifecycle): lifecycle fixes by @likewu in https://github.com/rustfs/rustfs/pull/1625
• fix(pprof): Fixed the problem that pprof crate does not support the window platform by @houseme in https://github.com/rustfs/rustfs/pull/1681
• Revert "fix: resolve Issue #1465 - IAM credential change crash (#1535)" by @yxrxy in https://github.com/rustfs/rustfs/pull/1685
• Fix/correctly handle terraform s3 backend with versioned bucket by @LeonWang0735 in https://github.com/rustfs/rustfs/pull/1686
• fix: Fixed that account_id returns normal value by @houseme in https://github.com/rustfs/rustfs/pull/1695
• Refactor trusted-proxies: modernize utils, improve safety, and fix clippy lints by @houseme in https://github.com/rustfs/rustfs/pull/1693
• feat: add obs log rotations environment variables by @majinghe in https://github.com/rustfs/rustfs/pull/1702
• fix: object lock compliance mode allows deletion by @LeonWang0735 in https://github.com/rustfs/rustfs/pull/1687
• feat: add glibc based docker image support by @majinghe in https://github.com/rustfs/rustfs/pull/1705
• build(deps): bump bytes from 1.11.0 to 1.11.1 by @dependabot[bot] in https://github.com/rustfs/rustfs/pull/1711
• fix: return null versionId when suspended (#1066) by @loverustfs in https://github.com/rustfs/rustfs/pull/1709
• fix: replication delete by @weisd in https://github.com/rustfs/rustfs/pull/1714
• Refactor: refactor SSE layer and KMS subsystem by @reatang in https://github.com/rustfs/rustfs/pull/1703
• enhancement: add support for http to https redirect for traefik gatew… by @majinghe in https://github.com/rustfs/rustfs/pull/1712
• Fix/fix issues #1564 by @houseme in https://github.com/rustfs/rustfs/pull/1708
• fix: bucket policy id field serde by @GatewayJ in https://github.com/rustfs/rustfs/pull/1726
• feat: add contour as ingress controller with http proxy by @majinghe in https://github.com/rustfs/rustfs/pull/1729
• fix: fetch_owner set to true when calling list_objects_v2 in the list_objects function by @LeonWang0735 in https://github.com/rustfs/rustfs/pull/1730
• test(e2e_test): add automated cluster environment for conditional PUT race test by @LeonWang0735 in https://github.com/rustfs/rustfs/pull/1673
• feat: migrate FTP/SFTP to protocols crate and update dependencies by @yxrxy in https://github.com/rustfs/rustfs/pull/1580
• Propogate tracing context from HTTP requests into spans by @StratusFearMe21 in https://github.com/rustfs/rustfs/pull/1739
• build(deps): bump the dependencies group with 19 updates by @houseme in https://github.com/rustfs/rustfs/pull/1745
• fix: persist replication status and timestamp after replicate_object by @LeonWang0735 in https://github.com/rustfs/rustfs/pull/1747
• feat: add support for mtls with kubernetes installation by @majinghe in https://github.com/rustfs/rustfs/pull/1741
• perf(quota): Skip expensive usage checks when no quota configured by @thorntonmc in https://github.com/rustfs/rustfs/pull/1749
• perf(regex): Compile bucket validation regex once by @evanofslack in https://github.com/rustfs/rustfs/pull/1753
• build(deps): bump the dependencies group with 5 updates by @houseme in https://github.com/rustfs/rustfs/pull/1755
• build(deps): bump libunftp from 0.21.0 to 0.22.0 in the dependencies group across 1 directory by @dependabot[bot] in https://github.com/rustfs/rustfs/pull/1756
• fix(replication): avoid re-replication loop in Active-Active replication by @LeonWang0735 in https://github.com/rustfs/rustfs/pull/1751
• perf(scanner): Change DataUseageEntry from clone to borrow by @evanofslack in https://github.com/rustfs/rustfs/pull/1757
• fix: stabilize head metadata responses and heal tests by @LoganZ2 in https://github.com/rustfs/rustfs/pull/1732
• fix: improve part size calculation in optimal_part_info function by @mengyu-sxyz in https://github.com/rustfs/rustfs/pull/1532
• fix: Allow non-admin users to read bucket quota configuration. by @yxrxy in https://github.com/rustfs/rustfs/pull/1759
• fix(entrypoint): remove dead HTTP URL check in volume filtering by @amdadulbari in https://github.com/rustfs/rustfs/pull/1761
• feat(metrics): async collection with configurable intervals & graceful shutdown by @houseme in https://github.com/rustfs/rustfs/pull/1768
• Fix/resolve pr 1710 by @Tyooughtul in https://github.com/rustfs/rustfs/pull/1743
• build(deps): bump the dependencies group with 2+ updates by @heihutu in https://github.com/rustfs/rustfs/pull/1769
• feat(observability): Add grafana dashboard, observability changes by @evanofslack in https://github.com/rustfs/rustfs/pull/1770

• @moechs made their first contribution in https://github.com/rustfs/rustfs/pull/1679
• @StratusFearMe21 made their first contribution in https://github.com/rustfs/rustfs/pull/1739
• @thorntonmc made their first contribution in https://github.com/rustfs/rustfs/pull/1749
• @LoganZ2 made their first contribution in https://github.com/rustfs/rustfs/pull/1732
• @mengyu-sxyz made their first contribution in https://github.com/rustfs/rustfs/pull/1532
• @amdadulbari made their first contribution in https://github.com/rustfs/rustfs/pull/1761
• @Tyooughtul made their first contribution in https://github.com/rustfs/rustfs/pull/1743

Full Changelog: https://github.com/rustfs/rustfs/compare/1.0.0-alpha.82...1.0.0-alpha.83

Apache Superset is a modern, enterprise-ready business intelligence web application

This is the General Availability release of Redis 8.6 in Redis Open Source.

• Substantial performance improvements
• Substantial memory reduction for hashes (hashtable-encoded) and sorted sets (skiplist-encoded)
• Streams: XADD idempotency (at-most-once guarantee) with new IDMPAUTO and IDMP arguments
• New eviction policies - least recently modified: volatile-lrm and allkeys-lrm
• Hot keys detection and reporting; new command: HOTKEYS
• TLS certificate-based automatic client authentication
• Time series: support NaN values; new aggregators: COUNTNAN and COUNTALL

• Alpine and Debian Docker images - https://hub.docker.com/_/redis
• Install using snap - see https://github.com/redis/redis-snap
• Install using brew - see https://github.com/redis/homebrew-redis
• Install using RPM - see https://github.com/redis/redis-rpm
• Install using Debian APT - see https://github.com/redis/redis-debian

• Ubuntu 22.04 (Jammy Jellyfish), 24.04 (Noble Numbat)
• Rocky Linux 8.10, 9.5
• AlmaLinux 8.10, 9.5, 10.1
• Debian 12 (Bookworm), Debian 13 (Trixie)
• macOS 14 (Sonoma), 15 (Sequoia)

• #14695 Keys memory size histograms

• #14714 Optimize user ACL permission verification
• #14692 Optimize peak memory metric collection
• #14739 Avoid allocating and releasing list node in reply copy avoidance
• #14713 Reduce per command syscalls by reusing cached time when hardware monotonic clock is available
• #14726 Optimize XREADGROUP CLAIM
• #13962 Vector set: replace manual popcount with __builtin_popcountll for binary vector distance (Intel, AMD, ARM)
• #14474 Vector set: vectorized the quantized 8-bit vector distance calculation (Intel, AMD)
• #14492 Vector set: vectorize binary quantization path for vectorsets distance calculation (Intel, AMD)

• #14719 cluster-slot-stats-enabled - per-slot resource consumptions statistics to collect
• #14695 key-memory-histograms collect memory consumption histograms per data type

• #14695 db0_distrib_lists_sizes, db0_distrib_sets_sizes, db0_distrib_hashes_sizes, db0_distrib_zsets_sizes

• Streams: avoid using XADD with the new IDMP or IDMPAUTO options when using appendonly yes with aof-use-rdb-preamble no (non default). This limitation will be removed in the next patch.

This release includes 92 updates, covering enhancements, bug fixes, performance optimizations, and more.

• New Features: 48
• Bug Fixes: 20
• Refactoring and Optimization: 3
• Documentation Updates: 20
• Testing Improvements: 1

• Related PR: #3459
  Contributor: @johnlanni
  Change Log: This PR adds the claudeCodeMode configuration option, enabling the system to simulate Claude Code client request formats, supporting specific OAuth token authentication mechanisms and special headers and parameters.
  Feature Value: Adding support for Claude Code mode greatly expands the ability to interact with the Anthropic Claude API, allowing users to use OAuth tokens more flexibly for authentication, thereby enhancing the security and compatibility of API calls.

• Related PR: #3455
  Contributor: @EndlessSeeker
  Change Log: This PR updates the git submodules, including upgrading Envoy and go-control-plane versions, and syncing Istio to the latest go-control-plane version.
  Feature Value: By updating key dependencies to the latest versions, this enhances the system's security and performance stability, providing a more reliable service experience for users.

• Related PR: #3438
  Contributor: @johnlanni
  Change Log: Adjusted the documentation structure and created a dedicated Clawdbot plugin directory to achieve true compatibility with Clawdbot. Includes new configuration files and example code.
  Feature Value: By improving the skill integration process, users can configure plugins more smoothly while ensuring full compatibility with Clawdbot, enhancing user experience and system flexibility.

• Related PR: #3437
  Contributor: @johnlanni
  Change Log: This PR integrates the higress-ai-gateway plugin into the higress-clawdbot-integration skill, including moving and renaming related files and updating documentation to simplify the user installation and configuration process.
  Feature Value: By integrating the Higress AI Gateway plugin into Clawbot/OpenClaw skills, users can more easily manage and use the AI gateway, thereby enhancing development efficiency and user experience.

• Related PR: #3436
  Contributor: @johnlanni
  Change Log: This PR updates the SKILL provider list for Higress-OpenClaw integration and migrates the OpenClaw plugin package from higress-standalone to the main repository, enhancing support for commonly used providers.
  Feature Value: By enhancing the provider list and migrating the plugin package, this improves the availability and flexibility of Higress-OpenClaw integration, making it easier for users to use their preferred AI services.

• Related PR: #3428
  Contributor: @johnlanni
  Change Log: Added two skills, higress-auto-router and higress-clawdbot-integration, to support natural language configuration for automatic model routing and integrated deployment of Higress AI Gateway with Clawdbot.
  Feature Value: These new features allow users to more easily manage and configure the AI gateway, improving operational efficiency and system flexibility, especially suitable for applications requiring frequent route rule adjustments or multi-language support.

• Related PR: #3427
  Contributor: @johnlanni
  Change Log: Added the use_default_attributes configuration option, allowing the ai-statistics plugin to automatically apply a set of default attributes, simplifying the user configuration process.
  Feature Value: By providing default attribute configurations, this reduces the initial setup burden for users, making the plugin more user-friendly while maintaining the possibility for advanced customization, enhancing the user experience.

• Related PR: #3426
  Contributor: @johnlanni
  Change Log: This PR adds an Agent Session Monitor skill for LLM usage in the Higress environment, implementing real-time session monitoring and log analysis.
  Feature Value: This feature enhances the visibility of model usage during multi-turn conversations, helping users better understand and optimize LLM performance in practical scenarios.

• Related PR: #3424
  Contributor: @johnlanni
  Change Log: This PR adds support for recording detailed token usage information in the ai-statistics plugin, including new built-in attribute keys reasoning_tokens and cached_tokens.
  Feature Value: By providing more detailed token usage reports, users can better understand resource consumption during AI processing, helping to optimize costs and performance.

• Related PR: #3420
  Contributor: @johnlanni
  Change Log: Added session ID tracking functionality, supporting the retrieval of session IDs through custom or default headers to track multi-turn conversations.
  Feature Value: This feature allows users to better track and analyze behavior in multi-turn conversations, enhancing the performance and user experience of chatbots.

• Related PR: #3417
  Contributor: @johnlanni
  Change Log: Added prominent warnings for unsupported configuration snippets and provided pre-migration check commands to identify affected Ingress resources, while also updating annotation mappings in the documentation.
  Feature Value: By providing critical warnings and guidance, this helps users avoid potential issues when migrating from Nginx to Higress, ensuring a smoother and safer migration process.

• Related PR: #3411
  Contributor: @johnlanni
  Change Log: Added a set of skills for migrating from ingress-nginx to Higress, including compatibility analysis scripts, migration test script generation, and WASM plugin framework generation tools.
  Feature Value: This provides users with a convenient way to seamlessly migrate existing ingress-nginx configurations to Higress, reducing the difficulty and risk of migration and enhancing the user experience.

• Related PR: #3409
  Contributor: @johnlanni
  Change Log: This PR adds the contextCleanupCommands configuration option to the ai-proxy plugin, allowing users to define commands for cleaning up conversation context. When a user message exactly matches any of the predefined cleanup commands, all non-system messages prior to that command are cleared.
  Feature Value: By introducing customizable context cleanup commands, users can actively manage conversation history, which helps maintain clarity and enhances the user experience. This feature is particularly useful for applications requiring frequent conversation resets, significantly improving flexibility and practicality.

• Related PR: #3404
  Contributor: @johnlanni
  Change Log: Introduced a community governance daily report generation feature using the Claude AI assistant to automatically track and summarize project activities, including new issues/PRs and comment dynamics.
  Feature Value: This feature enhances the transparency and efficiency of community governance, helping members stay informed about project progress through daily reports, promoting issue resolution and experience sharing.

• Related PR: #3403
  Contributor: @johnlanni
  Change Log: Added an automatic model routing feature based on user message content, using regex rules to analyze content and decide which model to use.
  Feature Value: This feature enables the gateway to intelligently select the most appropriate processing model based on user input, significantly enhancing the user experience and system flexibility.

• Related PR: #3402
  Contributor: @johnlanni
  Change Log: Added a Claude skill for developing Higress WASM plugins using Go 1.24+, with detailed documentation and examples provided.
  Feature Value: This provides developers with a new way to create, modify, or debug Higress gateway plugins, particularly useful for HTTP request-response handling, enhancing development efficiency.

• Related PR: #3394
  Contributor: @changsci
  Change Log: This PR implements the functionality to retrieve API keys from request headers when provider.apiTokens is not configured. It modifies the relevant code in the wasm-go plugin to add support for OpenAI services.
  Feature Value: This enhances the flexibility and usability of the system, allowing users to use the service even without explicitly configuring API tokens, simplifying the setup process and enhancing the user experience.

• Related PR: #3384
  Contributor: @ThxCode-Chen
  Change Log: This PR adds support for upstream IPv6 static addresses in the watcher.go file, modifying the service entry generation logic to accommodate the new network configuration.
  Feature Value: By supporting upstream IPv6 static addresses, users can more flexibly configure network environments, especially in scenarios requiring IPv6 communication, improving system compatibility and availability.

• Related PR: #3375
  Contributor: @wydream
  Change Log: This PR adds support for Vertex Raw mode in the Vertex AI Provider of the ai-proxy plugin, enabling the getAccessToken mechanism when accessing native Vertex REST APIs via Vertex.
  Feature Value: The newly added Vertex Raw mode support allows users to directly call third-party models or other non-standard API paths on Vertex AI while enjoying automatic OAuth authentication, enhancing the user experience and flexibility.

• Related PR: #3367
  Contributor: @rinfx
  Change Log: This PR updates the wasm-go dependency and introduces Foreign Function, allowing Wasm plugins to perceive the Envoy host's log level in real-time, optimizing the logging process.
  Feature Value: By performing log level checks in advance, this avoids unnecessary memory operations, enhancing performance and resource utilization, especially important for applications that prioritize efficiency and performance.

• Related PR: #3342
  Contributor: @Aias00
  Change Log: This PR implements the mapping of Nacos instance weights to Istio WorkloadEntry weights, using the math library for conversion and adding extensive test cases to ensure correctness.
  Feature Value: This enhancement allows users to more flexibly control traffic distribution strategies between services, especially when using Istio as a service mesh, enabling better weight-based service discovery and routing.

• Related PR: #3335
  Contributor: @wydream
  Change Log: This PR adds image generation support in the Vertex AI Provider of the ai-proxy plugin, implementing the text-to-image feature by converting the OpenAI protocol to Vertex AI.
  Feature Value: This allows users to call Vertex AI's image generation capabilities using the standard OpenAI SDK, simplifying the process of integrating different AI services and enhancing the plugin's functional diversity.

• Related PR: #3324
  Contributor: @wydream
  Change Log: This PR adds OpenAI-compatible endpoint support in the Vertex AI Provider of the ai-proxy plugin, enabling direct invocation of Vertex AI models using the OpenAI SDK and API format.
  Feature Value: This feature allows users to seamlessly migrate existing OpenAI-based applications to Vertex AI without changing the original code logic, greatly simplifying the migration work for developers.

• Related PR: #3318
  Contributor: @hanxiantao
  Change Log: This PR adds an authentication wrapper for debug endpoints using the withConditionalAuth middleware, maintaining existing behavior based on the DebugAuth feature flag.
  Feature Value: This enhances the security of debug endpoints, ensuring that only requests verified by Istio's local authentication logic can access these endpoints, thus improving system security and controllability.

• Related PR: #3317
  Contributor: @rinfx
  Change Log: Added two WASM-Go plugins, model-mapper and model-router, to implement mapping and routing functions based on the model parameter in the LLM protocol.
  Feature Value: This enhances the governance capabilities of Higress in large language model scenarios, supporting model name mapping, seamless degradation, unified client model names, and route distribution based on provider/model parameters.

• Related PR: #3305
  Contributor: @CZJCC
  Change Log: Added Bearer Token authentication support for AWS Bedrock services, while retaining the existing AWS Signature V4 authentication method and cleaning up some unused code.
  Feature Value: By introducing Bearer Token authentication options, users can now more flexibly choose the authentication mechanism that suits their security needs, enhancing system security and usability.

• Related PR: #3301
  Contributor: @wydream
  Change Log: This PR adds Express Mode support to the Vertex AI Provider of the ai-proxy plugin, simplifying the configuration process and allowing users to access Vertex AI using only an API Key.
  Feature Value: By introducing Express Mode, users can start using Vertex AI services more quickly and conveniently, without the need for complex Service Account authentication setup, significantly enhancing the user experience and development efficiency.

• Related PR: #3295
  Contributor: @rinfx
  Change Log: This PR adds support for MCP (Model Context Protocol) in the ai-security-guard plugin, implementing the HandleMcpResponseBody and HandleMcpStreamingResponseBody methods to check and possibly intercept standard and streaming responses.
  Feature Value: The new MCP support feature enhances the plugin's ability to handle different API types, allowing users to use MCP APIs more securely by preventing the transmission of potentially unsafe information through content security checks.

• Related PR: #3267
  Contributor: @erasernoob
  Change Log: Added the hgctl agent module, involving modifications and additions to multiple files, including go.mod dependency updates, adding README documentation, and core functionality code implementation in agent.go and base.go.
  Feature Value: By introducing the hgctl agent module, this provides users with a new management and operation method, enhancing system flexibility and scalability, making it easier for users to manage and configure clusters.

• Related PR: #3261
  Contributor: @rinfx
  Change Log: This PR adds support for disabling thinking in gemini-2.5-flash and gemini-2.5-flash-lite, and adds reasoning token information in the response.
  Feature Value: By adding the feature to disable thinking and displaying reasoning token usage, users can more flexibly control AI agent behavior and obtain more detailed execution information.

• Related PR: #3255
  Contributor: @nixidexiangjiao
  Change Log: Optimized the Lua-based minimum in-flight requests load balancing strategy, addressing issues such as preference for abnormal nodes, inconsistent handling of new nodes, and uneven sampling distribution.
  Feature Value: This improves system stability and service availability, reducing service failures due to uneven load and enhancing the adaptive circuit-breaking capability for abnormal nodes.

• Related PR: #3236
  Contributor: @rinfx
  Change Log: This PR adds support for the claude model in vertex and handles the case where delta might be empty, implementing the new feature by modifying the relevant Go files.
  Feature Value: The addition of claude model support expands the range of available AI capabilities, enhancing system flexibility and practicality. Handling edge cases also improves system stability and robustness.

• Related PR: #3218
  Contributor: @johnlanni
  Change Log: This PR enhances the model mapper and router, adding an automatic rebuild trigger mechanism based on request count and memory usage, and extending the supported path suffixes.
  Feature Value: By monitoring key metrics and triggering rebuilds at the right time, this improves system stability and response speed; extending path support also enhances API functionality.

• Related PR: #3213
  Contributor: @rinfx
  Change Log: This PR removes region specification, allowing the ai-proxy to support global (global) access mode to be compatible with the latest gemini-3 series model requirements.
  Feature Value: This enhances the system's adaptability to different deployment environments, especially providing a consistent and seamless support experience for users with global region configurations.

• Related PR: #3206
  Contributor: @rinfx
  Change Log: This PR implements the functionality to check prompts and images within the request body in the content security detection plugin, involving parsing image and text data generated by OpenAI and Qwen.
  Feature Value: This enhances content security protection, ensuring that AI-generated content meets security standards, improving the safety and reliability of the user experience.

• Related PR: #3200
  Contributor: @YTGhost
  Change Log: This PR adds support for array content in the chatToolMessage2BedrockMessage function, enhancing the ai-proxy plugin's ability to handle different types of messages.
  Feature Value: Supporting array-form content expands the flexibility of message passing between chat tools and Bedrock, making it easier for developers to integrate diverse application requirements.

• Related PR: #3185
  Contributor: @rinfx
  Change Log: This PR adds a rebuild logic to ai-cache, optimizing cache management by triggering a rebuild when memory usage is too high.
  Feature Value: The new rebuild mechanism helps prevent memory overflow issues caused by caching, improving system stability and the user experience.

• Related PR: #3184
  Contributor: @rinfx
  Change Log: This PR adds support for user-defined domain configuration for the DouBao service, involving modifications to the Makefile and ai-proxy related files to achieve more flexible service deployment.
  Feature Value: Allowing users to configure custom domains for the DouBao service enhances service deployment flexibility and the user experience, meeting the need for personalized domain configuration.

• Related PR: #3175
  Contributor: @wydream
  Change Log: This PR implements a new generic provider for handling requests that do not require path remapping, updates the README file to include configuration details, and adds tests for the new feature.
  Feature Value: The new generic provider allows users to more flexibly handle service requests from different vendors, simplifying cross-platform application development and enhancing the system's maintainability and extensibility.

• Related PR: #3173
  Contributor: @EndlessSeeker
  Change Log: Added a global parameter to support inference scaling, introducing a new environment variable in the controller deployment configuration and updating the relevant configuration files.
  Feature Value: This feature allows users to more flexibly configure and use inference scaling, enhancing the system's customizability and adaptability, providing more control options for users.

• Related PR: #3171
  Contributor: @wilsonwu
  Change Log: This PR adds support for topology spread constraints for the gateway and controller, introducing new configuration options in the Helm templates to allow users to customize the deployment strategy of these components.
  Feature Value: The new topology spread constraint feature allows users to better control the distribution of service instances in the cluster, improving system availability and stability.

• Related PR: #3160
  Contributor: @EndlessSeeker
  Change Log: This PR upgrades the gateway API to the latest version, involving updates to Makefile, go.mod, and other files, and adding new rules in the Helm configuration.
  Feature Value: By upgrading the gateway API to the latest version, this enhances system compatibility and performance, allowing users to leverage the latest API features, enhancing the flexibility and scalability of applications.

• Related PR: #3136
  Contributor: @Wangzy455
  Change Log: Implemented a tool semantic search feature based on the Milvus vector database, converting tool descriptions into vector representations and using vector similarity search to achieve semantic matching.
  Feature Value: This feature allows users to find the most relevant tools through natural language queries, significantly improving the accuracy and user experience of tool searches.

• Related PR: #3075
  Contributor: @rinfx
  Change Log: Refactored the ai-security-guard plugin to support multi-modal input processing, including text and image generation scenarios, and modularized the code.
  Feature Value: This enhances AI security protection, allowing the system to more comprehensively check multi-modal content, improving the user experience and system security.

• Related PR: #3066
  Contributor: @EndlessSeeker
  Change Log: Upgraded Istio to version 1.27.1 and adjusted higress-core to adapt to the new version, fixing submodule branch pulling and integration testing issues.
  Feature Value: By upgrading the Istio version and related dependencies, this improves system stability and performance, ensuring users can use the latest features and reduce potential compatibility issues.

• Related PR: #3063
  Contributor: @rinfx
  Change Log: This PR introduces load balancing based on specific metrics (such as concurrency, TTFT, RT, etc.), allowing users to customize the metrics used for load balancing.
  Feature Value: This new feature enables the system to intelligently distribute requests based on finer-grained performance metrics, improving cluster resource utilization and response speed, enhancing the user experience.

• Related PR: #3061
  Contributor: @Jing-ze
  Change Log: This PR implements fixes and enhancements for the response cache plugin, including improving cache key extraction logic, removing redundant parameters, correcting configuration validation issues, and adding comprehensive unit tests.
  Feature Value: The enhanced response cache plugin significantly improves application performance by extracting cache keys from request headers or bodies and storing response values, reducing the pressure on backend services from repeated requests.

• Related PR: #2825
  Contributor: @CH3CHO
  Change Log: This PR adds a traffic-editor plugin, supporting various modification operations on request/response headers, and uses a more extensible code structure.
  Feature Value: The new plugin allows users to flexibly edit request and response header information, enhancing the functionality and user experience of the Higress gateway, improving system flexibility and maintainability.

• Related PR: #3448
  Contributor: @lexburner
  Change Log: Fixed an out-of-bounds error in the Choices array when processing Qwen API responses. The fix includes adding a check for an empty array to prevent program crashes.
  Feature Value: This resolved a potential program crash in high-concurrency scenarios, enhancing system stability and robustness, ensuring that user requests are handled correctly.

• Related PR: #3434
  Contributor: @johnlanni
  Change Log: Corrected an issue where the description value in the skill file preamble was not properly quoted, causing YAML parsing errors. The fix involves wrapping the description value in double quotes.
  Feature Value: This resolved a YAML parsing failure caused by specific characters, ensuring that the skill documentation is correctly displayed and parsed, enhancing the user experience and document accuracy.

• Related PR: #3422
  Contributor: @johnlanni
  Change Log: Fixed an issue where the model field in the request body was not updated in sync in the automatic routing mode of the model-router plugin. The fix ensures that the model field in the request body correctly reflects the actual model used after the routing decision.
  Feature Value: This fix resolved issues downstream services faced due to receiving incorrect model names in the request body, enhancing system accuracy and reliability, ensuring users receive the correct processing results in automatic routing mode.

• Related PR: #3400
  Contributor: @johnlanni
  Change Log: Removed the duplicate loadBalancerClass definition in the service.yaml file, resolving the YAML parsing error caused by the duplicate definition.
  Feature Value: This fixed the YAML parsing error when configuring loadBalancerClass, enhancing the user experience and system stability.

• Related PR: #3380
  Contributor: @Thomas-Eliot
  Change Log: Added a context setting operation in the request body handling function, storing the request model in the context to ensure the request model data can be correctly obtained in the call chain.
  Feature Value: This fixed the issue of the request model context not being set, improving system stability and data consistency, preventing users from encountering errors due to missing context during use.

• Related PR: #3370
  Contributor: @rinfx
  Change Log: Fixed an issue in the model-mapper where the request body was still processed even if the suffix did not match. The fix also adds JSON validation for the request body to ensure the incoming data is valid JSON.
  Feature Value: This fix enhances system robustness and user data accuracy. By filtering out invalid inputs and ensuring data integrity, it improves the user experience and system stability.

• Related PR: #3341
  Contributor: @zth9
  Change Log: Fixed an issue with concurrent SSE connections returning the wrong endpoint, ensuring correct handling of SSE requests in multi-connection scenarios, involving configuration and filter logic adjustments.
  Feature Value: This improved system stability and reliability, avoiding incorrect responses due to concurrent access, enhancing the user experience and data transmission accuracy.

• Related PR: #3258
  Contributor: @johnlanni
  Change Log: Fixed the MCP server version negotiation issue to comply with the specification and adjusted the dependency library version.
  Feature Value: This ensured the MCP server operates as expected and is compliant with the specification, improving system stability and reliability, reducing potential communication errors.

• Related PR: #3257
  Contributor: @sjtuzbk
  Change Log: This PR fixed an issue where the ai-proxy plugin directly rewrote the host to difyApiUrl, using the net/url package to correctly parse and extract the hostname.
  Feature Value: This fix ensures that when difyApiUrl is configured, only the target hostname is replaced, not the entire URL, enhancing system stability and the user experience.

• Related PR: #3252
  Contributor: @rinfx
  Change Log: This PR adjusted the debug log information and introduced a penalty mechanism for error responses, ensuring that the system does not attempt to reselect services too quickly when encountering error responses.
  Feature Value: By adding a mechanism to handle error responses, this effectively avoids service selection interference caused by rapid retries, enhancing system stability and the user experience.

• Related PR: #3251
  Contributor: @rinfx
  Change Log: This PR added special handling for cases where the content extracted from the configuration via jsonpath is empty, using a predefined string [empty content] to replace the originally empty content.
  Feature Value: This change ensures the system can still operate normally when the content to be inspected is empty, avoiding potential issues or errors caused by empty content, enhancing system stability and the user experience.

• Related PR: #3237
  Contributor: @CH3CHO
  Change Log: This PR increased the request body buffer size for multipart data in the model-router, resolving the issue of a too-small buffer when handling large file uploads or other large-volume multipart data.
  Feature Value: This improved the system's ability to handle large multipart data, reducing data loss or processing failures due to insufficient buffer, enhancing the user experience and system robustness.

• Related PR: #3225
  Contributor: @wydream
  Change Log: Fixed an issue where the basePathHandling: removePrefix configuration did not work correctly when set to protocol: original. The fix involves modifying the TransformRequestHeaders implementation of multiple providers to avoid overwriting basePath handling.
  Feature Value: This ensures that the basePathHandling function works correctly when using protocol: original, improving the consistency and reliability of 27+ providers, including Azure and OpenAI.

• Related PR: #3220
  Contributor: @Aias00
  Change Log: This PR fixed two issues: skipping unhealthy or disabled service instances in Nacos, and ensuring the AllowTools field is always included during serialization.
  Feature Value: By filtering out unhealthy or disabled service instances, this improves system stability and reliability; additionally, it ensures configuration consistency, avoiding potential issues due to missing fields.

• Related PR: #3211
  Contributor: @CH3CHO
  Change Log: This PR fixed an issue with the old HasRequestBody logic in the ai-proxy plugin, ensuring that the presence of a valid request body is correctly determined under specific conditions.
  Feature Value: By updating the logic, this improves the accuracy and stability of request processing, avoiding functional anomalies due to incorrect judgments, enhancing the user experience.

• Related PR: #3187
  Contributor: @CH3CHO
  Change Log: This PR bypassed the handling of streamable response bodies in MCP to allow progress notifications, addressing issues that may arise when processing specific types of data.
  Feature Value: By bypassing unnecessary response body processing steps, this fix enhances system flexibility and the user experience, especially in applications that require real-time status updates.

• Related PR: #3168
  Contributor: @wydream
  Change Log: Fixed an issue where query strings were discarded during the OpenAI capability rewrite process. The fix involves stripping and saving query parameters before executing regex matching and reattaching them afterward.
  Feature Value: This ensures that API requests with query strings are correctly parsed and processed, enhancing the system's support for complex paths and improving the user experience.

• Related PR: #3167
  Contributor: @EndlessSeeker
  Change Log: This PR updated the versions of multiple submodules and simplified the commands in the Makefile for initializing and updating submodules, ensuring they are correctly pulled.
  Feature Value: By updating submodules and optimizing related scripts, this improves the build process efficiency, reducing potential build errors and enhancing the developer experience.

• Related PR: #3148
  Contributor: @rinfx
  Change Log: Removed the omitempty tag from the index field in the toolcall struct, ensuring the default value is 0 when the response does not provide an index.
  Feature Value: This fixed the issue of missing toolcall indices in responses, ensuring data consistency and integrity, enhancing system stability and the user experience.

• Related PR: #3022
  Contributor: @lwpk110
  Change Log: This PR fixed issues in the helm and podmonitor configurations by adding the podMonitorSelector option to support gateway.metrics.labels, ensuring compatibility with kube-prometheus-stack.
  Feature Value: This enhances the auto-discovery capability of the monitoring system, allowing users to more flexibly configure and monitor gateway metrics, improving system maintainability and the user experience.

• Related PR: #3462
  Contributor: @johnlanni
  Change Log: Removed the automatic Bash tool injection feature in Claude Code mode, including related constants, logic code, and test cases, and updated the English and Chinese documentation.
  Feature Value: By removing unnecessary automatic Bash tool injection, this simplifies the codebase and improves system performance while maintaining the completeness and availability of core functionalities.

• Related PR: #3457
  Contributor: @johnlanni
  Change Log: This PR mainly updated the version number to 2.2.0, adjusted the branch pointers of some submodules, and modified the ENVOY_PACKAGE_URL_PATTERN variable value in the Makefile.
  Feature Value: By updating the version number and related configurations, this ensures the project remains consistent with the latest dependency libraries, avoiding potential build errors due to version mismatches.

• Related PR: #3155
  Contributor: @github-actions[bot]

This release includes 18 updates, covering feature enhancements, bug fixes, and performance optimizations.

• New Features: 7 items
• Bug Fixes: 10 items
• Documentation Updates: 1 item

• Related PR: #621
  Contributor: @Thomas-Eliot
  Change Log: This PR optimizes the interaction capabilities of the mcp server, including rewriting the header host, supporting the selection of transport methods, replacing paths with complete paths, and updating the DSN character handling logic to support special characters like @.
  Feature Value: These improvements enhance the user experience in configuration and service usage, especially for scenarios where direct routing to the mcp server or connecting from a DB to the mcp service is required, simplifying the setup process and reducing issues caused by misconfiguration.

• Related PR: #612
  Contributor: @zhwaaaaaa
  Change Log: This PR adds support for hop-to-hop headers, specifically ignoring the transfer-encoding: chunked header, to resolve the issue of Grafana pages not working properly.
  Feature Value: By ignoring specific hop-to-hop headers, it ensures that Grafana pages work correctly behind a reverse proxy server, enhancing user experience and system compatibility.

• Related PR: #608
  Contributor: @Libres-coder
  Change Log: This PR adds the functionality to display enabled plugins on the AI route management page, allowing users to view and manage plugins in AI routes.
  Feature Value: This feature aligns AI route management with regular route management, improving the user experience and making it easier for users to see which plugins are active in AI route configurations.

• Related PR: #604
  Contributor: @CH3CHO
  Change Log: This PR enhances path handling flexibility by adding support for path rewriting using regular expressions via the higress.io/rewrite-target annotation.
  Feature Value: The introduction of regex-based path rewriting allows users to configure more flexible request path transformation rules, meeting the needs of more complex application scenarios.

• Related PR: #603
  Contributor: @CH3CHO
  Change Log: This PR adds a display logic for a static service port 80 in the frontend components, implemented by defining the constant STATIC_SERVICE_PORT and referencing it appropriately.
  Feature Value: This feature allows users to clearly see that the static service source uses port 80, enhancing interface transparency and user experience.

• Related PR: #602
  Contributor: @CH3CHO
  Change Log: This PR adds search support when selecting upstream services for AI routes in the frontend, improving user efficiency by introducing a search bar in the service list.
  Feature Value: It provides a more convenient service configuration experience, especially when dealing with a large number of available services, allowing users to quickly locate the desired service, significantly improving work efficiency and user experience.

• Related PR: #566
  Contributor: @OuterCyrex
  Change Log: This PR extends the system's functionality by adding support for custom Qwen services through the QwenLlmProviderHandler class and related configurations, including enabling internet search and file ID upload features.
  Feature Value: The added support for custom Qwen services provides users with more flexible configuration options, particularly useful for those requiring custom settings or specific features, enhancing user experience and system flexibility.

• Related PR: #620
  Contributor: @CH3CHO
  Change Log: This PR corrects a spelling error in the sortWasmPluginMatchRules logic, ensuring the accuracy of the rule sorting function.
  Feature Value: Fixing the spelling error improves system stability and user experience, preventing potential issues caused by simple typographical errors.

• Related PR: #619
  Contributor: @CH3CHO
  Change Log: This PR removes version information from the data JSON when converting an AiRoute to a ConfigMap, as this information is already stored in the ConfigMap metadata.
  Feature Value: By removing redundant version information, it simplifies the ConfigMap data structure, avoids redundancy, and ensures data consistency and accuracy.

• Related PR: #618
  Contributor: @CH3CHO
  Change Log: This PR refactors the API authentication logic in the SystemController, enhancing system security by removing a security vulnerability. The changes focus on several controller files, including the addition of the AllowAnonymous annotation.
  Feature Value: It addresses a potential security issue, enhancing system security and preventing unauthorized access, thus protecting user data and applications from attacks.

• Related PR: #617
  Contributor: @CH3CHO
  Change Log: This PR fixes several issues in the frontend console, including missing unique key attributes for list elements, image loading issues violating the Content Security Policy (CSP), and incorrect type for the Consumer.name field.
  Feature Value: Addressing these issues improves application stability and security, enhances user experience, and ensures the correctness of data types.

• Related PR: #614
  Contributor: @lc0138
  Change Log: This PR fixes an error in the ServiceSource type field by adding dictionary value validation to ensure the correctness of the type field.
  Feature Value: This fix improves system stability and data accuracy, preventing issues caused by incorrect service source types, enhancing user experience.

• Related PR: #613
  Contributor: @lc0138
  Change Log: This PR resolves a security vulnerability (issue #594) by modifying the frontend document.tsx file, specifically adjusting the CSP (Content Security Policy) configuration to enhance application security.
  Feature Value: It addresses front-end CSP and other security risks, enhancing overall system security and protecting users from potential threats such as XSS attacks, thereby improving user experience and data protection.

• Related PR: #611
  Contributor: @qshuai
  Change Log: This PR corrects a spelling error in LlmProvidersController.java, changing the API description from 'Add a new route' to 'Add a new LlmProvider'.
  Feature Value: Correcting the documentation spelling error enhances code readability and accuracy, ensuring developers are not confused by misleading information when using the API.

• Related PR: #609
  Contributor: @CH3CHO
  Change Log: This PR fixes an issue with the incorrect data type for the name field in the Consumer interface, changing it from boolean to string.
  Feature Value: It ensures the correct data type for the Consumer.name field, avoiding potential errors due to type mismatches, enhancing system stability and data accuracy.

• Related PR: #605
  Contributor: @SaladDay
  Change Log: This PR corrects the AI route name validation rules to support dots and only allow lowercase letters. It also updates the Chinese and English error messages to accurately describe the new validation rules.
  Feature Value: It resolves the inconsistency between the UI prompt and the actual validation logic, improving the user experience and accuracy when configuring AI routes, reducing confusion caused by inconsistent validation rules.

• Related PR: #552
  Contributor: @lcfang
  Change Log: To address compatibility issues caused by inconsistent backend service ports, this PR introduces the vport attribute. By selectively configuring vport during registration center configuration, either the default port or a specified virtual port for the service, it ensures the validity of route configurations.
  Feature Value: This fix enhances the system's adaptability to different service instance port changes, improving system stability and user experience. For users of eureka, nacos, and other registration centers, it prevents service interruptions due to port changes, enhancing service availability and consistency.

• Related PR: #610
  Contributor: @heimanba
  Change Log: This PR mainly adjusts the frontend canary plugin documentation, including making fields like rewrite optional and updating the association rules for the name field in rules. It also corrects some terminology and descriptions for consistency.
  Feature Value: These documentation updates improve the flexibility and compatibility of the frontend canary plugin, allowing developers to configure services more accurately based on their needs, reducing errors due to unclear configurations.

• 🚀 New Features: 7 items
• 🐛 Bug Fixes: 10 items
• 📚 Documentation Updates: 1 item

Total: 18 changes

Thanks to all contributors for their hard work! 🎉

• @EndlessSeeker made their first contribution in https://github.com/alibaba/higress/pull/3066
• @YTGhost made their first contribution in https://github.com/alibaba/higress/pull/3200
• @Wangzy455 made their first contribution in https://github.com/alibaba/higress/pull/3136
• @maplecap made their first contribution in https://github.com/alibaba/higress/pull/3244
• @lwpk110 made their first contribution in https://github.com/alibaba/higress/pull/3022
• @wilsonwu made their first contribution in https://github.com/alibaba/higress/pull/3171
• @nixidexiangjiao made their first contribution in https://github.com/alibaba/higress/pull/3255
• @CZJCC made their first contribution in https://github.com/alibaba/higress/pull/3305
• @qshuai made their first contribution in https://github.com/alibaba/higress/pull/3241
• @zth9 made their first contribution in https://github.com/alibaba/higress/pull/3341
• @ThxCode-Chen made their first contribution in https://github.com/alibaba/higress/pull/3384
• @changsci made their first contribution in https://github.com/alibaba/higress/pull/3394

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.9...v2.2.0

• [47df4328d7] - build,deps: replace cjs-module-lexer with merve (Yagiz Nizipli) #61456

• [47df4328d7] - build,deps: replace cjs-module-lexer with merve (Yagiz Nizipli) #61456
• [a727054503] - deps: upgrade npm to 11.9.0 (npm team) #61685
• [c78c49ed6b] - deps: update amaro to 1.1.7 (Node.js GitHub Bot) #61730
• [4790816d9b] - deps: update minimatch to 10.1.2 (Node.js GitHub Bot) #61732
• [8c71740e8a] - deps: update undici to 7.21.0 (Node.js GitHub Bot) #61683
• [e559ef6ab1] - deps: update googletest to 56efe3983185e3f37e43415d1afa97e3860f187f (Node.js GitHub Bot) #61605
• [300de2bb5a] - deps: update amaro to 1.1.6 (Node.js GitHub Bot) #61603
• [e71e9505ef] - dns: fix Windows SRV ECONNREFUSED by adjusting c-ares fallback detection (notvivek12) #61453
• [439b816bc7] - doc: clarify EventEmitter error handling in threat model (Matteo Collina) #61701
• [c1c6641f23] - doc: mention default option for test runner env (Steven) #61659
• [41ec451f98] - doc: fix --inspect security warning section (Tim Perry) #61675
• [bb90ef2356] - doc: document url.format(urlString) as deprecated under DEP0169 (René) #61644
• [513df82e6f] - doc: update to Visual Studio 2026 manual install (Mike McCready) #61655
• [9409d30736] - doc: deprecation add more codemod (Augustin Mauroy) #61642
• [75a7a67151] - doc: fix grammatical error in README.md (ayj8201) #61653
• [821e59e884] - doc: correct tools README Boxstarter link (Mike McCready) #61638
• [4998f539a0] - doc: update server.dropMaxConnection link (YuSheng Chen) #61584
• [9383ac4ab7] - http: implement slab allocation for HTTP header parsing (Mert Can Altin) #61375
• [e90eb1d561] - meta: persist sccache daemon until end of build workflows (René) #61639
• [ade36ac367] - meta: bump github/codeql-action from 4.31.9 to 4.32.0 (dependabot[bot]) #61622
• [26638bd67f] - meta: bump step-security/harden-runner from 2.14.0 to 2.14.1 (dependabot[bot]) #61621
• [eaa9a96cb6] - meta: bump actions/setup-python from 6.1.0 to 6.2.0 (dependabot[bot]) #61627
• [fd98187828] - meta: bump cachix/cachix-action (dependabot[bot]) #61626
• [820c1d021c] - meta: bump actions/setup-node from 6.1.0 to 6.2.0 (dependabot[bot]) #61625
• [72a4136bd5] - meta: bump actions/cache from 5.0.1 to 5.0.3 (dependabot[bot]) #61624
• [e3ef6cb3bc] - meta: bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (dependabot[bot]) #61623
• [020a836202] - meta: bump actions/stale from 10.1.0 to 10.1.1 (dependabot[bot]) #61620
• [0df72f07c8] - meta: bump actions/checkout from 6.0.1 to 6.0.2 (dependabot[bot]) #61619
• [d147c08b83] - module: do not invoke resolve hooks twice for imported cjs (Joyee Cheung) #61529
• [a2843f8556] - net: defer synchronous destroy calls in internalConnect (RajeshKumar11) #61658
• [7fb7030781] - repl: fix flaky test-repl-programmatic-history (Matteo Collina) #61614
• [d4c9b5cf5b] - sqlite: avoid extra copy for large text binds (Ali Hassan) #61580
• [aa1b3661d9] - sqlite: use DictionaryTemplate for run() result (Mert Can Altin) #61432
• [9c8ad7e881] - src: elide heap allocation in structured clone implementation (Anna Henningsen) #61703
• [c4ecfef93d] - src: use simdutf for one-byte string UTF-8 write in stringBytes (Mert Can Altin) #61696
• [28905b9734] - src: consolidate C++ ReadFileSync/WriteFileSync utilities (Joyee Cheung) #61662
• [e90cec2f69] - test: restraint version replacement pattern in snapshots (Chengzhong Wu) #61748
• [adce20c0a1] - test: print stack immediately avoiding GC interleaving (Chengzhong Wu) #61699
• [7643bc8999] - test: fix case-insensitive path matching on Windows (Matteo Collina) #61682
• [23d1ecf66f] - test: fix flaky test-performance-eventloopdelay (Matteo Collina) #61629
• [99012a88ed] - test: remove duplicate wpt tests (Filip Skokan) #61617
• [a8b32b8ce1] - test: fix race condition in watch mode tests (Matteo Collina) #61615
• [086a5a5a25] - test: update WPT for url to e3c46fdf55 (Node.js GitHub Bot) #61602
• [f0574fd419] - test: use the skipIfNoWatch() utility function (Luigi Pinca) #61531
• [b064ddc221] - test: unify assertSnapshot common patterns (Chengzhong Wu) #61590
• [17122e521b] - test_runner: fix test enqueue when test file has syntax error (Edy Silva) #61573
• [bad3f02dd9] - tools: enforce removal of lts-watch-* labels on release proposals (Antoine du Hamel) #61672
• [a8f33fd6bd] - tools: use ubuntu-slim runner in meta GitHub Actions (Tierney Cyren) #61663
• [c843e447ca] - tools: test --shared-merve in test-shared workflow (Antoine du Hamel) #61649
• [2fedc03f96] - tools: update OpenSSL to 3.5.5 in test-shared (Antoine du Hamel) #61551
• [1c1db94670] - tools,win: upgrade install additional tools to Visual Studio 2026 (Mike McCready) #61562

• [1f64d6841e] - build: add support for Python 3.14 (Christian Clauss) #59983
• [30e500fc09] - cli: mark --heapsnapshot-near-heap-limit as stable (Joyee Cheung) #60956
• [bc0a55f086] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #61419
• [8a67c00bf5] - doc: mark --build-snapshot and --build-snapshot-config as stable (Joyee Cheung) #60954
• [3999c2a910] - meta: add avivkeller to collaborators (Aviv Keller) #61115
• [fa542fbae6] - meta: add gurgunday to collaborators (Gürgün Dayıoğlu) #61094
• [ff11eda2f2] - meta: add Renegade334 to collaborators (Renegade334) #60714
• [2e387fb969] - url: update ada to v3.4.2 and support unicode 17 (Yagiz Nizipli) #61593
• [bb206782d4] - v8: mark v8.queryObjects() as stable (Joyee Cheung) #60957

• [a73279c60d] - assert: use a set instead of an array for faster lookup (Ruben Bridgewater) #61076
• [6a61bcd73c] - assert,util: fix deep comparison for sets and maps with mixed types (Ruben Bridgewater) #61388
• [cf0eabcd42] - assert,util: improve deep comparison performance (Ruben Bridgewater) #61076
• [ff3b9ac183] - benchmark: add SQLite benchmarks (Guilherme Araújo) #61401
• [e1f7d68c94] - benchmark: use boolean options in benchmark tests (SeokhunEom) #60129
• [91127c91cd] - benchmark: allow boolean option values (SeokhunEom) #60129
• [170fda55f6] - benchmark: add microbench on isInsideNodeModules (Chengzhong Wu) #60991
• [3976381b41] - benchmark: fix incorrect base64 input in byteLength benchmark (semimikoh) #60841
• [c702fccd76] - benchmark: use typescript for import cjs benchmark (Joyee Cheung) #60663
• [92c517c62d] - buffer: make methods work on Uint8Array instances (Neal Beeken) #56578
• [be95382edb] - buffer: let Buffer.of use heap (Сковорода Никита Андреевич) #60503
• [1f64d6841e] - build: test on Python 3.14 (Christian Clauss) #59983
• [ea4687981b] - build: update android-patches/trap-handler.h.patch (Mo Luo) #60369
• [b3a7a8c780] - build: update devcontainer.json to use paired nix env (Joyee Cheung) #61414
• [7168d0b5e3] - build: add embedtest into native suite (Joyee Cheung) #61357
• [e00755a977] - build: fix misplaced comma in ldflags (hqzing) #61294
• [72fcc3ee9d] - build: fix crate vendor file checksums on windows (Chengzhong Wu) #61329
• [76a73d68fd] - build: expose libplatform symbols in shared libnode (Joyee Cheung) #61144
• [ef8d26ce5c] - build: fix inconsistent quoting in Makefile (Antoine du Hamel) #60511
• [2d23968783] - build: remove temporal updater (Chengzhong Wu) #61151
• [4c2655f1c2] - build: update test-wpt-report to use NODE instead of OUT_NODE (Filip Skokan) #61024
• [eaea6821fc] - build: skip build-ci on actions with a separate test step (Chengzhong Wu) #61073
• [dfd4e12037] - build: run embedtest with node_g when BUILDTYPE=Debug (Chengzhong Wu) #60850
• [775c77234b] - build,tools: fix addon build deadlock on errors (Vladimir Morozov) #61321
• [5deafc10fa] - build,win: improve logs when ClangCL is missing (Mike McCready) #61438
• [e2481c5c6e] - build,win: update WinGet configurations to Python 3.14 (Mike McCready) #61431
• [d2586b7e4c] - child_process: treat ipc length header as unsigned uint32 (Ryuhei Shima) #61344
• [30e500fc09] - cli: mark --heapsnapshot-near-heap-limit as stable (Joyee Cheung) #60956
• [2c7da15612] - cluster: fix port reuse between cluster (Ryuhei Shima) #60141
• [bc0a55f086] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #61419
• [2d5f20e9c3] - crypto: update root certificates to NSS 3.117 (Node.js GitHub Bot) #60741
• [fba95be188] - deps: update archs files for openssl-3.5.5 (Node.js GitHub Bot) #61547
• [08697289e0] - deps: upgrade openssl sources to openssl-3.5.5 (Node.js GitHub Bot) #61547
• [403c50c04d] - deps: update corepack to 0.34.6 (Node.js GitHub Bot) #61510
• [3b24691aeb] - deps: upgrade npm to 11.8.0 (npm team) #61466
• [2bba7efdc4] - deps: update googletest to 85087857ad10bd407cd6ed2f52f7ea9752db621f (Node.js GitHub Bot) #61417
• [8f8c6f6162] - deps: update sqlite to 3.51.2 (Node.js GitHub Bot) #61339
• [c46009053c] - deps: update icu to 78.2 (Node.js GitHub Bot) #60523
• [b46b8dd91b] - deps: update ada to v3.4.0 (Yagiz Nizipli) #61315
• [88c6b17e18] - deps: update zlib to 1.3.1-e00f703 (Node.js GitHub Bot) #61135
• [0030c05ba9] - deps: update cjs-module-lexer to 2.2.0 (Node.js GitHub Bot) #61271
• [77437cff89] - deps: update nbytes to 0.1.2 (Node.js GitHub Bot) #61270
• [fb0f05a937] - deps: update timezone to 2025c (Node.js GitHub Bot) #61138
• [b426a47c05] - deps: nghttp2: revert 7784fa979d0b (Antoine du Hamel) #61136
• [c07a38f700] - deps: update nghttp2 to 1.68.0 (nodejs-github-bot) #61136
• [c2ddc9a18b] - deps: update simdjson to 4.2.4 (Node.js GitHub Bot) #61056
• [f38cd6da8e] - deps: update googletest to 065127f1e4b46c5f14fc73cf8d323c221f9dc68e (Node.js GitHub Bot) #61055
• [a9a6a4cdb2] - deps: brotli: cherry-pick e230f474b87 (liujiahui) #61003
• [5a40023aae] - deps: upgrade npm to 11.7.0 (npm team) #61011
• [4121e7a413] - deps: update sqlite to 3.51.1 (Node.js GitHub Bot) #60899
• [e8a09fc896] - deps: update zlib to 1.3.1-63d7e16 (Node.js GitHub Bot) #60898
• [8df5862ee5] - deps: upgrade npm to 11.6.4 (npm team) #60853
• [6c1c8cbdcc] - deps: update sqlite to 3.51.0 (Node.js GitHub Bot) #60614
• [2d1efc7c1b] - deps: upgrade npm to 11.6.3 (npm team) #60785
• [3a2de1c23b] - deps: update brotli to 1.2.0 (Node.js GitHub Bot) #60540
• [58c5d40bd1] - deps: update simdjson to 4.2.2 (Node.js GitHub Bot) #60740
• [e6b607ef50] - deps: update googletest to 1b96fa13f549387b7549cc89e1a785cf143a1a50 (Node.js GitHub Bot) #60739
• [650c9e0305] - deps: update minimatch to 10.1.1 (Node.js GitHub Bot) #60543
• [ef1951d5d5] - deps: update inspector_protocol to 1b1bcbbe060e8c8cd8704f00f78978c50991 (Node.js GitHub Bot) #60705
• [eb068305dd] - deps: update cjs-module-lexer to 2.1.1 (Node.js GitHub Bot) #60646
• [ee1d99131c] - deps: update simdjson to 4.2.1 (Node.js GitHub Bot) #60644
• [23582967b7] - deps: V8: cherry-pick 1441665e0d87 (Domagoj Stolfa) #60989
• [155eaedff2] - deps: V8: cherry-pick 394a8053b59e (Lu Yahan) #60962
• [c95a4a0f43] - deps: V8: backport bbaae8e36164 (Lu Yahan) #60962
• [6f123f186d] - doc: move Security-Team from TSC to SECURITY (Rafael Gonzaga) #61495
• [2e3337d15b] - doc: added requestOCSP option to tls.connect (ikeyan) #61064
• [f505f81577] - doc: restore @ChALkeR to collaborators (Сковорода Никита Андреевич) #61553
• [12fb95d0c9] - doc: update IBM/Red Hat volunteers with dedicated project time (Beth Griggs) #61588
• [283ab61ed2] - doc: align Buffer.concat documentation with behavior (Gürgün Dayıoğlu) #60405
• [fc9c906d5f] - doc: remove v prefix for version references (Mike McCready) #61488
• [4a88ed09e8] - doc: mention constructor comparison in assert.deepStrictEqual (Hamza Kargin) #60253
• [9b29d56491] - doc: add CVE delay mention (Rafael Gonzaga) #61465
• [4815e4ac52] - doc: update previous version links in BUILDING (Mike McCready) #61457
• [8a43244e6c] - doc: include OpenJSF handle for security stewards (Rafael Gonzaga) #61454
• [89a7f184a1] - doc: clarify process.argv[1] behavior for -e/--eval (Jeevankumar S) #61366
• [b4041aba1c] - doc: remove Windows Dev Home instructions from BUILDING (Mike McCready) #61434
• [fa7830bac0] - doc: clarify TypedArray properties on Buffer (Roman Reiss) #61355
• [45663c8956] - doc: update Python 3.14 manual install instructions (Windows) (Mike McCready) #61428
• [0248357f26] - doc: note resume build should not be done on node-test-commit (Stewart X Addison) #61373
• [b254bab513] - doc: refine WebAssembly error documentation (sangwook) #61382
• [8aca37c6ef] - doc: add deprecation history for url.parse (Eng Zer Jun) #61389
• [8047ac3aac] - doc: add marco and rafael in last sec release (Marco Ippolito) #61383
• [61190bf4b4] - doc: packages: example of private import switch to internal (coderaiser) #61343
• [346311c42f] - doc: add esm and cjs examples to node:v8 (Alfredo González) #61328
• [c07c80717c] - doc: added 'secure' event to tls.TLSSocket (ikeyan) #61066
• [9f68d30f11] - doc: restore @watilde to collaborators (Daijiro Wachi) #61350
• [a3b08ddb51] - doc: run license-builder (github-actions[bot]) #61348
• [4990812dd9] - doc: document ALPNCallback option for TLSSocket constructor (ikeyan) #61331
• [89e9d19693] - doc: update MDN links (Livia Medeiros) #61062
• [dcffa88fec] - doc: correct description of error.stack accessor behavior (René) #61090
• [31476cd4d1] - doc: add documentation for process.traceProcessWarnings (Alireza Ebrahimkhani) #53641
• [99c783b9ec] - doc: add sqlite session disposal method (René) #61273
• [c7764bed35] - doc: fix filename typo (Hardanish Singh) #61297
• [0f16bca9d8] - doc: fix typos and grammar in BUILDING.md & onboarding.md (Hardanish Singh) #61267
• [4b691b562d] - doc: mention --newVersion release script (Rafael Gonzaga) #61255
• [32e56ab71f] - doc: correct typo in api contributing doc (Mike McCready) #61260
• [9ebf1ffbeb] - doc: add PR-URL requirement for security backports (Rafael Gonzaga) #61256
• [940f83d95d] - doc: add reusePort error behavior to net module (mag123c) #61250
• [8881859ee0] - doc: note corepack package removal in distribution doc (Mike McCready) #61207
• [03a1540cd1] - doc: fix tls.connect() timeout documentation (Azad Gupta) #61079
• [816ce7530d] - doc: missing passed, error and passed properties on TestContext (Xavier Stouder) #61185
• [d825c8858a] - doc: clarify threat model for application-level API exposure (Rafael Gonzaga) #61184
• [a3dd30d0e0] - doc: correct options for net.Socket class and socket.connect (Xavier Stouder) #61179
• [c3e776becd] - doc: document error event on readline InterfaceConstructor (Xavier Stouder) #61170
• [05a6372d30] - doc: add a smooth scrolling effect to the sidebar (btea) #59007
• [76a7eb09ef] - doc: fix test settime docs (Efe) #61117
• [bcbbde6ccc] - doc: correct invalid collaborator profile (JJ) #61091
• [084741d09d] - doc: add a tip about developer mode on Windows (Joyee Cheung) #61112
• [ed4de371d3] - doc: exclude compile-time flag features from security policy (Matteo Collina) #61109
• [3999c2a910] - doc: add @avivkeller to collaborators (Aviv Keller) #61115
• [f3ec066f1a] - doc: warn about short GCM tags visibly (Tobias Nießen) #61082
• [fa542fbae6] - doc: add gurgunday to collaborators (Gürgün Dayıoğlu) #61094
• [49f36722dc] - doc: mark sync module hooks as release candidate (Joyee Cheung) #60960
• [a0adc6afd2] - doc: reorganize docs of module customization hooks (Joyee Cheung) #60960
• [a4097ca048] - doc: mark crypto.hash as stable (Joyee Cheung) #60994
• [8a67c00bf5] - doc: mark --build-snapshot and --build-snapshot-config as stable (Joyee Cheung) #60954
• [0c83169c35] - doc: add File modes cross-references in fs methods (Mohit Raj Saxena) #60286
• [dae815262a] - doc: add missing zstd to mjs example of zlib (Deokjin Kim) #60915
• [28b284880e] - doc: clarify fileURLToPath security considerations (Rafael Gonzaga) #60887
• [6c440af39b] - doc: show the use of string expressions in the SQLTagStore example (schliepa) #60873
• [4c5b62209c] - doc: replace column with columnNumber in example of util.getCallSites (Deokjin Kim) #60881
• [8875c9148e] - doc: correct spelling in BUILDING.md (Rich Trott) #60875
• [d6cb762426] - doc: update debuglog examples to use 'foo-bar' instead of 'foo' (xiaoyao) #60867
• [9eae518796] - doc: correct 'event handle' to 'event handler' in Utf8Stream drop event (Riddhi) #60692
• [c3c3ed27c1] - doc: fix typos in changelogs (Rich Trott) #60855
• [1b975e3017] - doc: mark module.register as active development (Chengzhong Wu) #60849
• [6a6fc0c851] - doc: add fullName property to SuiteContext (PaulyBearCoding) #60762
• [8347d734e6] - doc: add additional codemods for deprecation (Augustin Mauroy) #60811
• [7cc87037c3] - doc: keep sidebar module visible when navigating docs (Botato) #60410
• [1c6618f643] - doc: correct concurrency wording in test() documentation (Azad Gupta) #60773
• [488208004e] - doc: clarify that CQ only picks up PRs targeting main (René) #60731
• [34517940c2] - doc: clarify license section and add contributor note (KaleruMadhu) #60590
• [f080721df4] - doc: correct and expand documentation for SQLTagStore (René) #60200
• [be3d26709d] - doc: correct tls ALPNProtocols types (René) #60143
• [ef82c53131] - doc: remove mention of SMS 2FA (Antoine du Hamel) #60707
• [11b190f63e] - doc: add info about renamed flag in cli.md (Antoine du Hamel) #60690
• [59db9bc654] - doc: fix incorrect slh-dsa oids in crypto.md (Artsiom Malakhau) #60681
• [ad52750cf6] - doc: domain.add() does not accept timer objects (René) #60675
• [2592d94e29] - doc: fix v24 changelog after security release (Marco Ippolito) #61371
• [e0f4ad0af0] - doc,test: add documentation and test on how to use addons in SEA (Joyee Cheung) #59582
• [13af640d94] - esm: ensure watch mode restarts after syntax errors (Xavier Stouder) #61232
• [31afe95d15] - esm: avoid throw when module specifier is not url (Craig Macomber (Microsoft)) #61000
• [311a04cf2d] - esm: improve error messages for ambiguous module syntax (mag123c) #60376
• [cacef92937] - events: remove redundant todo (Gürgün Dayıoğlu) #60595
• [42e1f72561] - events: remove eventtarget custom inspect branding (Efe) #61128
• [fd8b61369b] - fs: remove duplicate getValidatedPath calls (Mert Can Altin) #61359
• [9bb9fc7f2c] - fs: fix errorOnExist behavior for directory copy in fs.cp (Nicholas Paun) #60946
• [55a3c70780] - fs: fix ENOTDIR in globSync when file is treated as dir (sangwook) #61259
• [073a145095] - fs: remove duplicate fd validation in sync functions (Mert Can Altin) #61361
• [b132ecdf60] - fs: validate statfs path (Efe) #61230
• [0ed0a30f74] - fs: fix rmSync to handle non-ASCII characters (Yeaseen) #61108
• [99632b1a3b] - fs: remove broken symlinks in rmSync (sangwook) #61040
• [9cb6757a67] - fs: detect dot files when using globstar (Robin van Wijngaarden) #61012
• [e22aad19e0] - gyp: aix: change gcc version detection so CXX="ccache g++" works (Stewart X Addison) #61464
• [59d94ba7e7] - http: fix rawHeaders exceeding maxHeadersCount limit (Max Harari) #61285
• [ae6a1fd40a] - http,https: fix double ERR_PROXY_TUNNEL emission (Shima Ryuhei) #60699
• [53bfbaa4b1] - http2: validate initialWindowSize per HTTP/2 spec (Matteo Collina) #61402
• [14b421b677] - http2,zlib: prefer call() over apply() if argument list is not array (Livia Medeiros) #60834
• [32b03d0604] - (CVE-2025-59465) lib: add TLSSocket default error handler (RafaelGSS) nodejs-private/node-private#750
• [4ef7a6c77e] - lib: backport _tls_common and _tls_wrap refactors (Dario Piotrowicz) #57643
• [820e0a5cfa] - lib: fix typo in util.js comment (Taejin Kim) #61365
• [8de391e1cb] - lib: fix TypeScript support check in jitless mode (sangwook) #61382
• [f22f622b3e] - lib: add lint rules for reflective function calls (Michaël Zasso) #60825
• [603f0bf8e1] - lib: implement all 1-byte encodings in js (Сковорода Никита Андреевич) #61093
• [1c0a1aa5ef] - lib: gbk decoder is gb18030 decoder per spec (Сковорода Никита Андреевич) #61099
• [2cf963df73] - lib: enforce use of URLParse (Antoine du Hamel) #61016
• [bb90630470] - lib: use FastBuffer for empty buffer allocation (Gürgün Dayıoğlu) #60558
• [10893a6f13] - lib: refactor JWK import PQC support check (Filip Skokan) #60586
• [d43806291f] - lib,src: isInsideNodeModules should test on the first non-internal frame (Chengzhong Wu) #60991
• [0bb8f5fe03] - lib,src,test: fix tests without SQLite (Antoine du Hamel) #60906
• [f3fe0e7fc2] - lib,test: enforce use of assert.fail via a lint rule (Antoine du Hamel) #61004
• [8b783d46ef] - meta: do not fast-track npm updates (Antoine du Hamel) #61475
• [de4a11b50e] - meta: fix typos in issue template config (Daijiro Wachi) #61399
• [97b1492783] - meta: label v8 module PRs (René) #61325
• [9bf899b743] - meta: bump step-security/harden-runner from 2.13.2 to 2.14.0 (dependabot[bot]) #61245
• [4df7134324] - meta: bump actions/setup-node from 6.0.0 to 6.1.0 (dependabot[bot]) #61244
• [ff98f610d8] - meta: bump actions/cache from 4.3.0 to 5.0.1 (dependabot[bot]) #61243
• [86950a41ab] - meta: bump github/codeql-action from 4.31.6 to 4.31.9 (dependabot[bot]) #61241
• [96901b4828] - meta: bump codecov/codecov-action from 5.5.1 to 5.5.2 (dependabot[bot]) #61240
• [c90fc7c0d3] - meta: bump peter-evans/create-pull-request from 7.0.9 to 8.0.0 (dependabot[bot]) #61237
• [f130d4b6de] - meta: move lukekarrys to emeritus (Node.js GitHub Bot) #60985
• [416f34ccfc] - meta: bump actions/setup-python from 6.0.0 to 6.1.0 (dependabot[bot]) #60927
• [2239939305] - meta: bump github/codeql-action from 4.31.3 to 4.31.6 (dependabot[bot]) #60926
• [7f146b6a97] - meta: bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 (dependabot[bot]) #60924
• [d9020f0089] - meta: bump github/codeql-action from 4.31.2 to 4.31.3 (dependabot[bot]) #60770
• [4bba259d3b] - meta: bump step-security/harden-runner from 2.13.1 to 2.13.2 (dependabot[bot]) #60769
• [ff11eda2f2] - meta: add Renegade334 to collaborators (Renegade334) #60714
• [e3b5593c0f] - module: fix sync resolve hooks for require with node: prefixes (Joyee Cheung) #61088
• [edec5be805] - module: preserve URL in the parent created by createRequire() (Joyee Cheung) #60974
• [5cc3596eb4] - node-api: fix node_api_create_object_with_properties name (Vladimir Morozov) #61319
• [179162fe42] - node-api: use Node-API in comments (Vladimir Morozov) #61320
• [b3fe457a89] - node-api: add napi_set_prototype (siaeyy) #60711
• [1e13e84f16] - node-api: fix data race and use-after-free in napi_threadsafe_function (Mika Fischer) #55877
• [36ce6d636d] - node-api: add support for Float16Array (Ilyas Shabi) #58879
• [95e6659e2b] - node-api: support SharedArrayBuffer in napi_create_dataview (Kevin Eady) #60473
• [54f58e2fb2] - os: freeze signals constant (Xavier Stouder) #61038
• [31489310f8] - process: improve process.cwd() error message (TseIan) #61164
• [f7450a90ed] - repl: move completion logic to internal module (Dario Piotrowicz) #59889
• [27117625df] - sqlite: add some tests (Guilherme Araújo) #61410
• [d56066ce8c] - sqlite: improve error messages for tag store (Pramit Sharma) #61096
• [9d993be6c1] - sqlite: make SQLTagStore.prototype.size a getter (René) #60246
• [ceaa200d16] - src: improve StringBytes::Encode perf on UTF8 (Сковорода Никита Андреевич) #61131
• [034a5f2346] - src: add missing override specifier to Clean() (Tobias Nießen) #61429
• [977f46cc20] - src: cache context lookup in vectored io loops (Mert Can Altin) #61387
• [bb9e4e0784] - src: cache missing package.json files in the C++ package config cache (Michael Smith) #60425
• [c1aa9f49cd] - src: use starts_with instead of rfind/find (Tobias Nießen) #61426
• [d3676d0a82] - src: use C++ nullptr in sqlite (Tobias Nießen) #61416
• [001be8aa7c] - src: use C++ nullptr in webstorage (Tobias Nießen) #61407
• [4f832b1e3d] - src: fix pointer alignment (jhofstee) #61336
• [a0a8c96fd1] - src: dump snapshot source with node:generate_default_snapshot_source (Joyee Cheung) #61101
• [b6d3caeda8] - src: improve StringBytes::Encode perf on ASCII (Сковорода Никита Андреевич) #61119
• [9c80e5ac87] - src: add HandleScope to edge loop in heap_utils (Mert Can Altin) #60885
• [09ccd94312] - src: remove redundant CHECK (Tobias Nießen) #61130
• [6008354b8a] - src: remove unused private field in SQLTagStore (Michaël Zasso) #61027
• [7484a34a7d] - src: implement Windows-1252 encoding support and update related tests (Mert Can Altin) #60893
• [47851db855] - src: fix off-thread cert loading in bundled cert mode (Joyee Cheung) #60764
• [4702a8696b] - src: handle DER decoding errors from system certificates (Joyee Cheung) #60787
• [19a4926965] - src: use static_cast instead of C-style cast (Michaël Zasso) #60868
• [6529334dec] - src: add test flag to config file (Marco Ippolito) #60798
• [d153b30773] - src: split inspector protocol domains files (Chengzhong Wu) #60754
• [7191b847c6] - src,permission: fix permission.has on empty param (Rafael Gonzaga) #60674
• [a188b954bb] - src,permission: add debug log on is_tree_granted (Rafael Gonzaga) #60668
• [b483b5a8ea] - stream: export namespace object from internal end-of-stream module (René) #61455
• [0472104536] - stream: fix isErrored/isWritable for WritableStreams (René) #60905
• [dd13f1046f] - test: skip --build-sea tests on platforms where SEA is flaky (Joyee Cheung) #61504
• [6c18bf26f4] - test: update WPT for url to 81a2aed262 (Node.js GitHub Bot) #61509
• [f511c24d6b] - test: fix flaky debugger test (Ryuhei Shima) #58324
• [41710ba953] - test: ensure removeListener event fires for once() listeners (sangwook) #60137
• [0035f3fa0f] - test: delay writing the files only on macOS (Luigi Pinca) #61532
• [99c29eb261] - test: add implicit test for fs dispose handling with using (Ilyas Shabi) #61140
• [e349d34c8a] - test: check new WebCryptoAPI enum values (Filip Skokan) #61406
• [e75617d25f] - test: split test-esm-loader-hooks (Joyee Cheung) #61374
• [42110af62a] - test: aix: mark test-emit-on-destroyed as flaky (Stewart X Addison) #61381
• [180fdbf188] - test: update url web-platform tests (Yagiz Nizipli) #61315
• [4bac4ecd9d] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60761
• [39ca74e57e] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60759
• [7327b04875] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60726
• [fd6601c710] - test: asserts that import.meta.resolve invokes sync loader hooks (Chengzhong Wu) #61158
• [da4d4d4fde] - test: check util.parseArgs argv parsing with actual process execution (René) #61089
• [368b32d410] - test: update WPT for urlpattern to a2e15ad405 (Node.js GitHub Bot) #61134
• [e880062de8] - test: make buffer sizes 32bit-aware in test-internal-util-construct-sab (René) #61026
• [f2706e1166] - test: remove unneccessary repl magic_mode tests (Dario Piotrowicz) #61053
• [327dd25f86] - test: skip sea tests on riscv64 (Stewart X Addison) #61111
• [6da34027e2] - test: simplify test-cli-node-options-docs (Antoine du Hamel) #61006
• [74df70d1da] - test: mark stringbytes-external-max flaky on AIX (Stewart X Addison) #60995
• [5513338446] - test: update test426 fixtures (Rich Trott) #60982
• [9f594f53a7] - test: update WPT for urlpattern to aed1f3d244 (Node.js GitHub Bot) #60642
• [18e3b91bf1] - test: deflake test-repl-paste-big-data (Livia Medeiros) #60975
• [28ecdc5c98] - test: skip SEA inspect test if inspector is not available (Livia Medeiros) #60872
• [24a50b31e0] - test: update WPT for WebCryptoAPI to 1e4933113d (Node.js GitHub Bot) #60896
• [78ad2f4dad] - test: lint more assert(regexp.test(...)) cases (René) #60878
• [280d567e1c] - test: use assert.match for non-literal regexp tests (René) #60879
• [74b14258cb] - test: fix embedtest in debug windows (Vladimir Morozov) #60806
• [163c17de51] - test: skip failing tests when compiled without amaro (Yuki Okita) #60815
• [5763a304d2] - test: fix debug test crashes caused by sea tests (Vladimir Morozov) #60807
• [1fb83e240d] - test: add lint rule to forbid use of assert.ok(/regex/.test(…)) (Antoine du Hamel) #60832
• [8c97827913] - test: replace deprecated regex test assertions in http trailers test (Aditya Chopra) #60831
• [a88bffeedc] - test: prefer major GC in cppgc-object teardown (sangwook) #60672
• [2e2963f3ed] - test: ensure assertions are reached on HTTP2 tests (Antoine du Hamel) #60730
• [9b748942ec] - test: ensure assertions are reached on HTTP tests (Antoine du Hamel) #60729
• [37947e0adf] - test: skip test that cause timeout on IBM i (SRAVANI GUNDEPALLI) #60700
• [357825979e] - test: add missing r.close() calls in REPL multiline tests (sangwook) #60226
• [ccecbd9f80] - test: update WPT for WebCryptoAPI to c58b6f4e0e (Node.js GitHub Bot) #60702
• [63a2400c64] - test: limit the concurrency of WPTRunner for RISC-V (Levi Zim) #60591
• [ec40989dfb] - test: fix test-strace-openat-openssl for RISC-V (Levi Zim) #60588
• [b09129df18] - test: split test-runner-run-watch.mjs (Joyee Cheung) #60653
• [0f05221aec] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60641
• [078cfa2cd6] - test_runner: fix memory leaks in runner (Abhishek Kv. Savani) #60860
• [73146e9c50] - test_runner: fix coverage report when a directory is named file (Heath Dutton🕴️) #61169
• [8fc61e45e2] - test_runner: print info when test restarts (Xavier Stouder) #61160
• [9382be5b16] - test_runner: fix rerun ambiguous test failures (Moshe Atlow) #61392
• [ce417b14c0] - test_runner: nix dead reporter code (Vas Sudanagunta) #59700
• [ce79c72829] - test_runner: fix lazy test.assert accessor (René) #61097
• [9a25541bd2] - test_runner: propagate V8 options to child process (Pietro Marchini) #60999
• [d61b0584ca] - test_runner: fix line feed escaping in JUnit (Aliaksandr) #60274
• [fc98343591] - test_runner: simplify code and make it more consistent (Antoine du Hamel) #60777
• [36e29bf400] - (CVE-2026-21637) tls: route callback exceptions through error handlers (Matteo Collina) nodejs-private/node-private#782
• [bc610a825d] - tools: update gyp-next to 0.21.1 (Node.js GitHub Bot) #61528
• [c335462a6a] - tools: validate release commit diff as part of lint-release-proposal (Antoine du Hamel) #61440
• [0e53c48ab6] - tools: fix vcbuild lint-js-build (Vladimir Morozov) #61318
• [f989fdc469] - tools: bump the eslint group in /tools/eslint with 2 updates (dependabot[bot]) #61246
• [f104719490] - tools: only report commit validation failure on Slack (Antoine du Hamel) #61124
• [0267293e79] - tools: use sparse-checkout in linter jobs (Antoine du Hamel) #61123
• [2c861d4bd4] - tools: simplify notify-on-push (Antoine du Hamel) #61050
• [678f2caa71] - tools: fix update-nghttp2 signature verification (Richard Lau) #61035
• [2ef5be0570] - tools: improve log output of create-release-proposal (Antoine du Hamel) #61028
• [cd5c76cffe] - tools: fix vcbuild test when path contain spaces (stduhpf) #56481
• [da6cb8e1d2] - tools: do not run test-linux workflow for changes on vcbuild.bat (Antoine du Hamel) #60979
• [49f7a8c07a] - tools: bump mdast-util-to-hast from 13.2.0 to 13.2.1 in /tools/doc (dependabot[bot]) #60930
• [4f12d38359] - tools: replace deprecated eslint-plugin-markdown (Michaël Zasso) #60908
• [78aef6c098] - tools: remove deprecated ESLint plugins (Michaël Zasso) #60908
• [de57704198] - tools: update ESLint dependencies (Michaël Zasso) #60908
• [fd155c9764] - tools: disable some new cpplint rules before update (Michaël Zasso) #60901
• [f7f987305b] - tools: don't fetch V8 deps in the source tree (Richard Lau) #60883
• [f7a7e363f9] - tools: add temporal updater (Chengzhong Wu) #60828
• [a7bb9746ba] - tools: dump config.gypi as json (Chengzhong Wu) #60794
• [23792b1334] - tools: bump js-yaml from 4.1.0 to 4.1.1 in /tools/lint-md (dependabot[bot]) #60781
• [5b75fec005] - tools: bump js-yaml from 4.1.0 to 4.1.1 in /tools/doc in the doc group (dependabot[bot]) #60766
• [a8cf03323b] - tools: update install_tools.bat old echo from 2019 to 2022 (David Hidalgo) #60736
• [1e9281e147] - tools: remove unsupported cooldown from Dependabot config (Antoine du Hamel) #60747
• [497184baff] - tools: update sccache to v0.12.0 (Michaël Zasso) #60723
• [0a33189050] - tools: update gyp-next to 0.21.0 (Node.js GitHub Bot) #60645
• [d2c8dd29cc] - tools,doc: fix format-md files list (Stefan Stojanovic) #61147
• [0ca4fac44a] - typings: add typing for string_decoder (Taejin Kim) #61368
• [2e387fb969] - url: update ada to v3.4.2 and support unicode 17 (Yagiz Nizipli) #61593
• [d65326c4e6] - url: add fast path to getPathFromURL decoder (Gürgün Dayıoğlu) #60749
• [77f72e0bfc] - url: remove array.reduce usage (Gürgün Dayıoğlu) #60748
• [bfee9d0187] - util: optimize toASCIILower function using V8s native toLowerCase (Mert Can Altin) #61107
• [6acc9d75ec] - util: limit inspect to only show own properties (Ruben Bridgewater) #61032
• [bb6e680eb1] - util: fix parseArgs skipping positional arg with --eval and --print (azadgupta1) #60814
• [b97081a7ba] - util: assert getCallSites does not invoke Error.prepareStackTrace (Chengzhong Wu) #60922
• [722094ca3a] - util: safely inspect getter errors whose message throws (Yves M.) #60684
• [746206b6ee] - v8: add GCProfiler support for erm (Ilyas Shabi) #61191
• [bb206782d4] - v8: mark v8.queryObjects() as stable (Joyee Cheung) #60957
• [e0ff861a8e] - worker: update code examples for node:worker_threads module (fisker Cheung) #58264
• [06be1db72c] - worker: remove not implemented declarations (Artur Gawlik) #60655
• [c9b0dc60ec] - zlib: validate write_result array length (Ryuhei Shima) #61342
• [ba318c5d44] - zlib: add CHECK to validate fast path input (Matteo Collina) #61175