Weekly GitHub Report for Node: July 14, 2025 - July 21, 2025 (12:03:51)

Weekly GitHub Report for Node

Thank you for subscribing to our weekly newsletter! Each week, we deliver a comprehensive summary of your GitHub project's latest activity right to your inbox, including an overview of your project's issues, pull requests, contributors, and commit activity.

---

Table of Contents

• I. News
  • 1.1. Recent Version Releases
  • 1.2. Other Noteworthy Updates
• II. Issues
  • 2.1. Top 5 Active Issues
  • 2.2. Top 5 Stale Issues
  • 2.3. Open Issues
  • 2.4. Closed Issues
  • 2.5. Issue Discussion Insights

• III. Pull Requests
  • 3.1. Open Pull Requests
  • 3.2. Closed Pull Requests
  • 3.3. Pull Request Discussion Insights

• IV. Contributors
  • 4.1. Contributors

I. News

1.1 Recent Version Releases:

The current version of this repository is v23.10.0

1.2 Version Information:

The version released on March 13, 2025, introduces the --experimental-config-file feature, allowing developers to use a JSON configuration file to streamline the use of multiple flags, enhancing the developer experience. Notable updates include improvements in error handling, updates to root certificates, and the addition of new methods like tls.getCACertificates() and v8.getCppHeapStatistics(), reflecting a trend towards increased configurability and enhanced security features.

II. Issues

2.1 Top 5 Active Issues:

We consider active issues to be issues that that have been commented on most frequently within the last week. Bot comments are omitted.

1. Doc(esm): import explaining need to be rephrased: This issue is about the need to rephrase a sentence in the Node.js documentation regarding the use of import expressions, as the current explanation is not entirely accurate. The discussion highlights that the existing guidance suggests import as the sole method for importing ES modules in CommonJS, which is no longer the case due to the availability of other methods like require("esm").

   • The comments discuss the accuracy of the current documentation, with suggestions to clarify that import is not the only method for importing ES modules in CommonJS. There is a consensus on rephrasing the sentence to include information about the asynchronous nature of import, its compatibility with both CJS and ESM, and its ability to dynamically import modules, without linking to external documentation.
   • Number of comments this week: 6

2. Progress bar and notification for installing dependencies by chocolatery or something: This issue highlights a problem with the installation process of Node.js on a fresh Windows 11 system using Chocolatey, where the user experiences an excessively long installation time without any progress indicators or notifications, leading to confusion. The user suggests adding a progress bar to improve the user experience and mentions that the installation process seems to be consuming a single CPU core while possibly compiling something in the background.

   • The comments suggest that the issue might be more relevant to the Chocolatey community rather than the Node.js repository, with a humorous reference to Willy Wonka. The user expresses confusion and frustration over the prolonged installation time and lack of warnings, indicating a poor user experience. Another commenter inquires if the download was completed.
   • Number of comments this week: 3

3. TypeScript: ECMAScript private method overloading results in syntax error: This issue involves a syntax error encountered when using function overloading with ECMAScript private methods in TypeScript, which compiles correctly with tsc but fails during execution with Node.js due to type stripping. The problem is consistently reproducible and is expected to output 42 when the example code is run, but instead, it results in a syntax error related to an unexpected token.

   • The comments discuss that the issue appears to be a bug in the swc compiler, with a link provided to demonstrate the problem. It is acknowledged that the issue has been reported to the swc project, and a suggestion is made that updating a component called "amaro" might resolve the issue, with plans to write a test to ensure the fix.
   • Number of comments this week: 3

4. BroadcastChannel doesn't fill in useful MessageEvent fields like source, or ports: This issue highlights a problem with the BroadcastChannel in the node:worker_threads subsystem, where it fails to populate useful MessageEvent fields like 'source' or 'ports', making it challenging to coordinate between worker threads unless they share the same supervisor. This limitation is particularly problematic for applications involving caching or telemetry, as the expected metadata is not provided, resulting in empty strings and arrays.

   • The comments suggest integrating the feature with existing worker thread functionalities to enhance coordination and discovery between workers. Implementing the missing fields could potentially eliminate the need for the current postMessageToThread() functionality, allowing for more efficient communication between worker threads.
   • Number of comments this week: 2

5. crypto.getHashes() return empty array after enabling FIPS: This issue involves a problem with the Node.js application where enabling FIPS mode results in the crypto.getHashes() function returning an empty array, despite FIPS being successfully enabled as indicated by crypto.getFips() returning 1. The user is seeking assistance to understand why no FIPS-compliant hashes are available when FIPS is enabled, even after attempting to build Node.js from the source.

   • The comments suggest that the issue might be due to a misconfiguration, specifically regarding the OPENSSL_CONF and OPENSSL_MODULES environment variables. A detailed example is provided to demonstrate the correct configuration, including setting these environment variables and verifying the FIPS provider's loading using process.report.
   • Number of comments this week: 2

2.2 Top 5 Stale Issues:

We consider stale issues to be issues that has had no activity within the last 30 days. The team should work together to get these issues resolved and closed as soon as possible.

1. Flaky GC-related tests with V8 12.2: This issue concerns flaky garbage collection-related tests in the V8 12.2 engine, specifically affecting test-shadow-realm-gc-module, test-shadow-realm-gc, and test-net-write-fully-async-hex-string. The problem seems to stem from incorrect assumptions in the tests that are disrupted by V8's new garbage collection strategy, leading to a suggestion to skip these tests temporarily and find a more reliable testing method in the future.
2. Flaky test-worker-arraybuffer-zerofill with V8 12.2: This issue concerns a flaky test named test-worker-arraybuffer-zerofill associated with V8 version 12.2, which has been open for 477 days. The test intermittently fails, possibly due to a real bug or broken timing assumptions, and it has been suggested to mark it as flaky and add logs for better debugging.
3. Support loading dynamic addon modules (.node files) when embedding the Node.js shared library without needing to link with node.def: This issue addresses the challenge of loading dynamic addon modules (.node files) when embedding the Node.js shared library into a different executable without the need to link with node.def. The proposed solution suggests modifying the delay load hook to utilize an environment variable, potentially named NODE_LIBRARY, to facilitate the loading process, although the security implications of this approach are still uncertain.
4. Please make Node.js embeddable (e.g. libnode): This issue is about the request to make Node.js embeddable by creating a libnode library that would allow Node.js capabilities to be exported and enable N-API access to the host context, which would be particularly beneficial for projects that want to integrate Node.js within other environments, such as a Rust-based host process. The issue highlights the current limitations of using Node.js as an embedded runtime and suggests that a C++ library or a Rust crate could address these challenges, providing a more seamless integration for projects that currently have to rely on alternatives like Deno, which may lack certain necessary features.
5. unable to sign with external OpenSSL engine after usage of crypto.hash: This issue involves a problem with signing using an external OpenSSL engine after utilizing the crypto.hash function in Node.js, specifically affecting versions v21.7.0 and v21.7.1. The error, which consistently reproduces, is linked to changes in the Node.js codebase and results in an unsupported digital envelope routine error, whereas the code functions correctly in version v21.6.2 and earlier.

2.3 Open Issues

This section lists, groups, and then summarizes issues that were created within the last week in the repository.

Issues Opened This Week: 18

Summarized Issues:

• BroadcastChannel MessageEvent Fields: The BroadcastChannel in Node.js has issues with not populating important MessageEvent fields like 'source' and 'ports'. This makes it difficult to coordinate between worker threads unless they share the same supervisor, complicating tasks such as caching or telemetry.
  • issues/59053

• Node.js Update Methods on Windows: Users are seeking alternative methods to update Node.js on Windows without using Docker. There is a specific inquiry about the availability of nvm as an option soon.
  • issues/59058

• Node.js Collaborator Nomination: A nomination for @Aditi-1400 as a collaborator for the Node.js project is proposed due to her active contributions. This aims to enable her to continue and expand her work more effectively.
  • issues/59064

• FIPS Mode and crypto.getHashes(): Enabling FIPS mode in a Node.js application results in crypto.getHashes() returning an empty array. This unexpected behavior may be related to a misconfiguration of OpenSSL environment variables.
  • issues/59069

• Chocolatey Installation Feedback: There is a need for a progress bar and notifications during the installation of dependencies using Chocolatey on Windows. Users experience confusion and frustration due to the lack of feedback and prolonged installation times.
  • issues/59073

• ECMAScript Modules Documentation: The Node.js website documentation on import expressions in the ESM API needs rephrasing. The current explanation inaccurately suggests that using import is the only method to import ES modules in CJS.
  • issues/59077

• Intel CET Support in Node.js: Enabling Intel CET support in Node.js is challenging due to difficulties in passing the annocheck test for the main binary. This may be due to the requirement that all code in a process must support CET for the feature to be enabled.
  • issues/59084

• Flaky Test on Windows x64: The "test-inspector-network-fetch" on Windows x64 platforms intermittently fails due to an assertion error. This has been affecting most Windows CI builds since a security embargo.
  • issues/59090

• PascalCase Naming Convention: A proposal to add a new lint rule to enforce PascalCase naming conventions for method names in C++ code within the Node.js project is made. This aims to prevent unnecessary manual corrections and commits due to miscommunication.
  • issues/59092

• Floating Point Behavior Divergence: There is a divergence in floating point behavior between Unix and MacOS builds of version 22.10.0. This is attributed to changes in the ffp-contract flag between clang versions 13 and 14.
  • issues/59095

• Proxy Command-Line Flag Proposal: A proposal to add a --use-env-proxy command-line flag and support via NODE_OPTIONS=--use-env-proxy is made. This addresses the limitations of the NODE_USE_ENV_PROXY environment variable.
  • issues/59100

• ECMAScript Private Method Overloading: A syntax error occurs in Node.js v24.4.1 when using ECMAScript private method overloading in TypeScript. This compiles correctly with tsc but fails during execution due to a bug in the swc compiler.
  • issues/59102

• X509Certificate Signature Algorithm: Adding a new property to the X509Certificate class to expose the signature algorithm's name is proposed. This simplifies identifying the algorithm used to sign a certificate without relying on external tools.
  • issues/59103

• Compression Dictionaries in zstd: Support for using compression dictionaries in zstd (de)compression within Node's zlib library is proposed. This prevents errors when decompressing archives initially compressed with a dictionary.
  • issues/59105

• Coverage Reporter Inaccuracy: The coverage reporter in Node.js has issues with tests involving module mocking, resulting in inaccurate coverage reports. Lines are incorrectly marked as uncovered, and mocked modules show 100% coverage.
  • issues/59112

• Memory Leak in vm.SourceTextModule: A memory leak in the vm.SourceTextModule of a Node.js project leads to an out-of-memory error. This can be consistently reproduced by repeatedly creating new SourceTextModule instances.
  • issues/59118

• Buffer.from Hexadecimal String Issue: The Buffer.from method in Node.js fails to process a hexadecimal string correctly if the string's length is odd. It ignores the trailing character instead of padding it, leading to inconsistencies.
  • issues/59122

• Removal of synopsis.md: The removal of synopsis.md from the Node.js project is suggested. Its content is largely redundant, overlapping with information already available in cli.md and the official Node.js getting started guide.
  • issues/59124

2.4 Closed Issues

This section lists, groups, and then summarizes issues that were closed within the last week in the repository. This section also links the associated pull requests if applicable.

Issues Closed This Week: 2

Summarized Issues:

• Out of Memory (OOM) Error in Node.js 24.4.0 with pnpm on Linux: This issue involves a consistent OOM error when using Node.js version 24.4.0 with pnpm on Linux platforms. The problem is linked to changes in the Hash::OneShotDigest function, which improperly handles data type checking before creating a Utf8Value from binary data, and can be resolved by downgrading to Node 24.3.
  • issues/59057

• Absence of FormData as a Built-in Data Type in NodeJS: The discussion highlights the benefits of including FormData as a built-in data type in NodeJS, such as improved documentation and compatibility with NodeJS-specific mechanisms. However, the issue was closed after realizing that FormData is already available in Node.js since versions 16/17.
  • issues/59088

2.5 Issue Discussion Insights

This section will analyze the tone and sentiment of discussions within this project's open and closed issues that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment.

Based on our analysis, there are no instances of toxic discussions in the project's open or closed issues from the past week.

---

III. Pull Requests

3.1 Open Pull Requests

This section provides a summary of pull requests that were opened in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. Other pull requests are grouped based on similar characteristics for easier analysis. Up to 25 pull requests are displayed in this section, while any remaining pull requests beyond this limit are omitted for brevity.

Pull Requests Opened This Week: 36

Key Open Pull Requests

1. meta: clarify pr objection process further: This pull request aims to provide further clarification on the objection process for pull requests within the Node.js project by updating the collaborator guide to specify that objections must be made directly in the pull request, all objections are treated equally regardless of the objector's status, and any revert or fixup pull requests following a mistake are subject to the same objection process, with the possibility of fast-tracking if they are uncontroversial.

• URL: pull/59096

• Merged: No

• Associated Commits: 14193, 8266a, 98906, a6ef5, 63a6c, 74af4, 6df48, a42de, 8bea1, e12cd, 87a00, 98273, 67acf, 64a01

2. node-api: added SharedArrayBuffer api: This pull request introduces a new SharedArrayBuffer API to the Node.js project, addressing issue #23276, and includes multiple commits for adding the API, unifying ArrayBuffer and SharedArrayBuffer information, fixing naming conventions, resolving conflicts, updating tests, and ensuring code quality through linting and markdown repairs.

• URL: pull/59071

• Merged: No

• Associated Commits: 80236, 70b29, 4cec3, 60d11, ef04c, bcde3, 1a674, 98b35, 38532, da55c, fcf96, 54b60

3. cli: support ${pid} placeholder in --cpu-prof-name: This pull request introduces the ability to use the ${pid} placeholder in the --cpu-prof-name option for Node.js, allowing for dynamic substitution with the current process ID to prevent file name collisions in environments with multiple processes, and includes updates to the CLI documentation and tests to support this new feature.

• URL: pull/59072

• Merged: No

• Associated Commits: ead4d, 9916a, b3667, 323e9, 89d05, 38483, 7b0a2, 09a24

Other Open Pull Requests

• Memory Management Enhancements: This topic covers improvements in memory management by allowing the --max-old-space-size option to be specified as a percentage of system memory. The changes include parsing and validating percentage values, updating documentation, and adding test coverage for both valid and invalid cases.
  • pull/59082

• Documentation Improvements: Several pull requests focus on enhancing documentation across various Node.js components. These include updates to the stream API documentation, recommendations for verifying Node.js releases, and fixing broken links to ensure users have access to accurate and helpful information.
  • pull/59089, pull/59113, pull/59080

• Performance and API Enhancements: Enhancements to the dgram module and the introduction of a JavaScript-level cache for getNearestParentPackageJSON significantly improve performance. These changes reduce overhead and improve runtime efficiency by optimizing API usage and reducing C++ crossings.
  • pull/59054, pull/59086

• Fast API and Backporting: The fast API changes are backported to the v22.x branch, addressing issues with future pull requests. This involves incorporating necessary modifications from previous commits and ensuring compatibility with the current codebase.
  • pull/59065, pull/59099

• Node.js CLI Enhancements: Improvements to the Node.js CLI include enabling the --print flag to work with ES modules and adding test coverage. These changes allow the use of top-level await in one-liner scripts, enhancing the flexibility and functionality of the CLI.
  • pull/59068

• Asynchronous API Development: The introduction of an asynchronous API for the node:sqlite module marks a significant development. This includes a preliminary implementation of the exec method and plans for a public API with classes like Database and Statement.
  • pull/59109

• Benchmark Tool Enhancements: New options, setup and teardown, are added to the Benchmark tool, executing before and after forks. This update includes a test file modification to address the issue linked in the description.
  • pull/59120

• Environment Variables Documentation: A new documentation page for environment variables in Node.js is proposed, providing a comprehensive specification for .env files. This aims to improve the current practice by introducing validation and independent evolution.
  • pull/59052

• Deprecation and Signal Handling: Proposals to deprecate the writeHeader function and replace process.noDeprecation with getOptionValue aim to improve deprecation management. Additionally, calling the unmask function after installing a signal handler ensures proper signal catching.
  • pull/59060, pull/59063, pull/59059

• Node-API Enum Stability: Clarifications on ABI stability guarantees for Node-API enum types are provided. This includes handling unknown values and noting that enum types are not compatible with bit operators unless documented.
  • pull/59085

• BaseObject Class Consistency: The removal of static function declarations from the BaseObject class ensures consistency with the current codebase. This aligns the class declarations with previous code changes.
  • pull/59093

• SafeMap and Histogram Wrapper: The issue of exposing SafeMap through the Histogram wrapper is addressed by reverting to using a plain old Map. This ensures the map property is accessible to users and secure against prototype pollution.
  • pull/59094

• AsyncIteratorPrototype Prioritization: Changes to prioritize the use of the AsyncIteratorPrototype primordial address the mutable nature of the prototype chain. This proposal can be reviewed in detail at the provided GitHub URL.
  • pull/59097

• StyleText Utility Enhancement: The styleText utility is modified to properly handle nested formats, ensuring correct text styling within nested structures. This addresses issue #59035.
  • pull/59098

3.2 Closed Pull Requests

This section provides a summary of pull requests that were closed in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. Other pull requests are grouped based on similar characteristics for easier analysis. Up to 25 pull requests are displayed in this section, while any remaining pull requests beyond this limit are omitted for brevity.

Pull Requests Closed This Week: 18

Key Closed Pull Requests

1. test_runner: emit 'test:restarted' event when tests are restarted: This pull request introduces a feature to the test runner that emits a 'test:restarted' event when a test file is restarted due to file changes, allowing custom reporters to handle these events for logging or other purposes, and includes the addition of a timestamp event emitter and corresponding tests to ensure the functionality works as intended.

• URL: pull/59115

• Merged: No

• Associated Commits: 84b0c, 20a05, b752a

2. repl: handle errors from getters during completion: This pull request addresses the handling of errors from getters during the completion process in the Node.js REPL, as indicated by the commits which include a specific fix for this issue and an additional test correction.

• URL: pull/59044

• Merged: Yes

• Associated Commits: 9fbd2, 11222

3. doc: clarify ERR_FS_FILE_TOO_LARGE explanation to reflect fs.readFile() I/O limit: This pull request updates the documentation to clarify that the ERR_FS_FILE_TOO_LARGE error message is due to an internal constraint of the fs.readFile() function rather than Buffer limitations, and advises users to use fs.createReadStream() for handling large files.

• URL: pull/59050

• Merged: Yes

• Associated Commits: d1f99, d99eb

Other Closed Pull Requests

• Documentation Updates: Several pull requests focused on improving the Node.js documentation. These updates include adding missing documentation for methods, introducing guides for runtime-specific exports, and clarifying the use of dynamic imports in CommonJS contexts. Additionally, there were efforts to standardize links to the ECMA-262 specification and update contributor information.
  • pull/59074, pull/59066, pull/59078, pull/59083, pull/59087

• README.md Updates: Multiple pull requests involved updates to the README.md file in the Node.js project. Some of these updates were merged, while others were not, indicating ongoing efforts to refine the project's introductory documentation and examples.
  • pull/59070, pull/59076, pull/59108, pull/59114

• Code and Build Process Changes: Various pull requests addressed code and build process improvements. These included resolving issues in the crypto.hash() function, removing obsolete files from the build process, and marking tests as flaky to improve CI stability.
  • pull/59067, pull/59079, pull/59091

• Android and Miscellaneous Updates: Some pull requests focused on Android-related updates and other miscellaneous changes. These included the deletion of the "android-configure" component and ensuring the proper functionality of inspect.colors.
  • pull/59106, pull/59107

• Unmerged Pull Requests: A few pull requests were submitted but not merged into the main codebase. These include a pull request titled "cravour" and others with minimal or unclear changes.
  • pull/59127

3.3 Pull Request Discussion Insights

This section will analyze the tone and sentiment of discussions within this project's open and closed pull requests that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment.

Based on our analysis, there are no instances of toxic discussions in the project's open or closed pull requests from the past week.

---

IV. Contributors

4.1 Contributors

Active Contributors:

We consider an active contributor in this project to be any contributor who has made at least 1 commit, opened at least 1 issue, created at least 1 pull request, or made more than 2 comments in the last month.

If there are more than 10 active contributors, the list is truncated to the top 10 based on contribution metrics for better clarity.

Contributor	Commits	Pull Requests	Issues	Comments
jasnell	14	1	1	71
joyeecheung	10	5	2	31
legendecas	12	7	1	16
aduh95	9	4	0	22
Renegade334	12	8	2	13
dario-piotrowicz	13	7	1	12
mertcanaltin	15	3	0	10
himself65	3	3	0	17
geeksilva97	5	4	1	11
LiviaMedeiros	9	5	1	4