crypto: add crypto::GetSSLCtx API for addon access to OpenSSL contexts#62254
Merged
nodejs-github-bot merged 2 commits intonodejs:mainfrom Mar 23, 2026
Merged
crypto: add crypto::GetSSLCtx API for addon access to OpenSSL contexts#62254nodejs-github-bot merged 2 commits intonodejs:mainfrom
nodejs-github-bot merged 2 commits intonodejs:mainfrom
Conversation
Collaborator
|
Review requested:
|
nodejs-github-bot
added
c++
This intended to replace usage of the unsupported _external field, offering an official API for native addons to access OpenSSL directly while reducing the JS API and internal field exposure.
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #62254 +/- ##
==========================================
- Coverage 89.66% 89.66% -0.01%
==========================================
Files 676 676
Lines 206500 206572 +72
Branches 39539 39555 +16
==========================================
+ Hits 185168 185231 +63
+ Misses 13463 13459 -4
- Partials 7869 7882 +13
🚀 New features to boost your workflow:
|
addaleax
reviewed
Mar 15, 2026
addaleax
approved these changes
Mar 15, 2026
github-actions
bot
removed
the
request-ci
Collaborator
Collaborator
Collaborator
Collaborator
Collaborator
pimterry
added
commit-queue-squash
nodejs-github-bot
added
commit-queue-failed
Collaborator
Commit Queue failed- Loading data for nodejs/node/pull/62254 ✔ Done loading data for nodejs/node/pull/62254 ----------------------------------- PR info ------------------------------------ Title crypto: add crypto::GetSSLCtx API for addon access to OpenSSL contexts (#62254) ⚠ Could not retrieve the email or name of the PR author's from user's GitHub profile! Branch pimterry:getsslctx-api -> nodejs:main Labels crypto, c++, needs-ci, commit-queue-squash Commits 2 - crypto: add crypto::GetSSLCtx API for addon access to OpenSSL contexts - Handle JS getter exceptions in GetSSLCtx Committers 1 - Tim Perry <pimterry@gmail.com> PR-URL: https://github.com/nodejs/node/pull/62254 Reviewed-By: Anna Henningsen <anna@addaleax.net> ------------------------------ Generated metadata ------------------------------ PR-URL: https://github.com/nodejs/node/pull/62254 Reviewed-By: Anna Henningsen <anna@addaleax.net> -------------------------------------------------------------------------------- ℹ This PR was created on Sat, 14 Mar 2026 16:27:50 GMT ✔ Approvals: 1 ✔ - Anna Henningsen (@addaleax): https://github.com/nodejs/node/pull/62254#pullrequestreview-3950716542 ✔ Last GitHub CI successful ℹ Last Full PR CI on 2026-03-18T17:02:27Z: https://ci.nodejs.org/job/node-test-pull-request/71864/ - Querying data for job/node-test-pull-request/71864/ ✔ Last Jenkins CI successful -------------------------------------------------------------------------------- ✔ No git cherry-pick in progress ✔ No git am in progress ✔ No git rebase in progress -------------------------------------------------------------------------------- - Bringing origin/main up to date... From https://github.com/nodejs/node * branch main -> FETCH_HEAD ✔ origin/main is now up-to-date - Downloading patch for 62254 From https://github.com/nodejs/node * branch refs/pull/62254/merge -> FETCH_HEAD ✔ Fetched commits as 22fc52bda16b..e37890620fa3 -------------------------------------------------------------------------------- [main ea4524b511] crypto: add crypto::GetSSLCtx API for addon access to OpenSSL contexts Author: Tim Perry <pimterry@gmail.com> Date: Sat Mar 14 16:09:37 2026 +0100 6 files changed, 159 insertions(+) create mode 100644 test/addons/openssl-get-ssl-ctx/binding.cc create mode 100644 test/addons/openssl-get-ssl-ctx/binding.gyp create mode 100644 test/addons/openssl-get-ssl-ctx/test.js [main a8907b2aca] Handle JS getter exceptions in GetSSLCtx Author: Tim Perry <pimterry@gmail.com> Date: Sun Mar 15 18:15:20 2026 +0100 2 files changed, 12 insertions(+) ✔ Patches applied There are 2 commits in the PR. Attempting to fixup everything into first commit. [main 55124ce18f] crypto: add crypto::GetSSLCtx API for addon access to OpenSSL contexts Author: Tim Perry <pimterry@gmail.com> Date: Sat Mar 14 16:09:37 2026 +0100 6 files changed, 171 insertions(+) create mode 100644 test/addons/openssl-get-ssl-ctx/binding.cc create mode 100644 test/addons/openssl-get-ssl-ctx/binding.gyp create mode 100644 test/addons/openssl-get-ssl-ctx/test.js --------------------------------- New Message ---------------------------------- crypto: add crypto::GetSSLCtx API for addon access to OpenSSL contexts
Temporary files removed.
|
pimterry
added
commit-queue
nodejs-github-bot
removed
the
commit-queue
Collaborator
|
Landed in 2263b4d |
aduh95
pushed a commit
that referenced
this pull request
Mar 25, 2026
This intended to replace usage of the unsupported _external field, offering an official API for native addons to access OpenSSL directly while reducing the JS API and internal field exposure. PR-URL: #62254 Reviewed-By: Anna Henningsen <anna@addaleax.net>
VaishnavIUpadyaya
pushed a commit
to VaishnavIUpadyaya/node
that referenced
this pull request
Mar 27, 2026
This intended to replace usage of the unsupported _external field, offering an official API for native addons to access OpenSSL directly while reducing the JS API and internal field exposure. PR-URL: nodejs#62254 Reviewed-By: Anna Henningsen <anna@addaleax.net>
aduh95
pushed a commit
that referenced
this pull request
Mar 28, 2026
This intended to replace usage of the unsupported _external field, offering an official API for native addons to access OpenSSL directly while reducing the JS API and internal field exposure. PR-URL: #62254 Reviewed-By: Anna Henningsen <anna@addaleax.net>
aduh95
pushed a commit
to Flarna/node
that referenced
this pull request
Mar 30, 2026
This intended to replace usage of the unsupported _external field, offering an official API for native addons to access OpenSSL directly while reducing the JS API and internal field exposure. PR-URL: nodejs#62254 Reviewed-By: Anna Henningsen <anna@addaleax.net>
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
Apr 2, 2026
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [node](https://nodejs.org) ([source](https://github.com/nodejs/node)) | minor | `25.8.2` → `25.9.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v25.9.0`](https://github.com/nodejs/node/releases/tag/v25.9.0): 2026-04-01, Version 25.9.0 (Current), @​aduh95 [Compare Source](nodejs/node@v25.8.2...v25.9.0) ##### Notable Changes ##### Test runner module mocking improvements `MockModuleOptions.defaultExport` and `MockModuleOptions.namedExports` have been consolidated into a single option `MockModuleOptions.exports` to align with user expectations and other test runners. A `default` property on `MockModuleOptions.exports` represents the default export, and own enumerable properties are treated as named exports. An automated migration is available to update user code: <https://github.com/nodejs/userland-migrations/tree/main/recipes/mock-module-exports> ```bash npx codemod @​nodejs/mock-module-exports ``` Contributed by sangwook in [#​61727](nodejs/node#61727). ##### Other notable changes - \[[`312476cb84`](nodejs/node@312476cb84)] - **(SEMVER-MINOR)** **async\_hooks**: add using scopes to `AsyncLocalStorage` (Stephen Belanger) [#​61674](nodejs/node#61674) - \[[`62d2cd473b`](nodejs/node@62d2cd473b)] - **(SEMVER-MINOR)** **cli**: add `--max-heap-size` option (tannal) [#​58708](nodejs/node#58708) - \[[`d0ebf0e44b`](nodejs/node@d0ebf0e44b)] - **(SEMVER-MINOR)** **crypto**: add `TurboSHAKE` and `KangarooTwelve` Web Cryptography algorithms (Filip Skokan) [#​62183](nodejs/node#62183) - \[[`f85b9d9fa8`](nodejs/node@f85b9d9fa8)] - **(SEMVER-MINOR)** **repl**: add customizable error handling (Anna Henningsen) [#​62188](nodejs/node#62188) - \[[`67b854d407`](nodejs/node@67b854d407)] - **(SEMVER-MINOR)** **repl**: remove dependency on `node:domain` (Matteo Collina) [#​61227](nodejs/node#61227) - \[[`966b700623`](nodejs/node@966b700623)] - **(SEMVER-MINOR)** **sea**: support code cache for ESM entrypoint in SEA (Joyee Cheung) [#​62158](nodejs/node#62158) - \[[`e1f0d2a014`](nodejs/node@e1f0d2a014)] - **(SEMVER-MINOR)** **stream**: add stream/iter Implementation (James M Snell) [#​62066](nodejs/node#62066) ##### Commits - \[[`312476cb84`](nodejs/node@312476cb84)] - **(SEMVER-MINOR)** **async\_hooks**: add using scopes to AsyncLocalStorage (Stephen Belanger) [#​61674](nodejs/node#61674) - \[[`bfff8cb2ab`](nodejs/node@bfff8cb2ab)] - **(SEMVER-MINOR)** **benchmark**: add benchmarks for experimental stream/iter (James M Snell) [#​62066](nodejs/node#62066) - \[[`c721d68502`](nodejs/node@c721d68502)] - **benchmark**: fix destructuring in dgram/single-buffer (Ali Hassan) [#​62084](nodejs/node#62084) - \[[`e2f03c8e92`](nodejs/node@e2f03c8e92)] - **buffer**: improve performance of multiple Buffer operations (Ali Hassan) [#​61871](nodejs/node#61871) - \[[`2fcd07f1ba`](nodejs/node@2fcd07f1ba)] - **build**: support empty libname flags in `configure.py` (Antoine du Hamel) [#​62477](nodejs/node#62477) - \[[`b800c57fce`](nodejs/node@b800c57fce)] - **build**: fix timezone-update path references (Chengzhong Wu) [#​62280](nodejs/node#62280) - \[[`7dc5a1e9b4`](nodejs/node@7dc5a1e9b4)] - **build**: skip dockit on IBMi (SRAVANI GUNDEPALLI) [#​62189](nodejs/node#62189) - \[[`f0eea0f905`](nodejs/node@f0eea0f905)] - **build**: fix --node-builtin-modules-path (Filip Skokan) [#​62115](nodejs/node#62115) - \[[`62d2cd473b`](nodejs/node@62d2cd473b)] - **(SEMVER-MINOR)** **cli**: add --max-heap-size option (tannal) [#​58708](nodejs/node#58708) - \[[`ac4b485698`](nodejs/node@ac4b485698)] - **crypto**: update root certificates to NSS 3.121 (Node.js GitHub Bot) [#​62485](nodejs/node#62485) - \[[`d0ebf0e44b`](nodejs/node@d0ebf0e44b)] - **(SEMVER-MINOR)** **crypto**: add TurboSHAKE and KangarooTwelve Web Cryptography algorithms (Filip Skokan) [#​62183](nodejs/node#62183) - \[[`3009980d9d`](nodejs/node@3009980d9d)] - **crypto**: add crypto::GetSSLCtx API for addon access to OpenSSL contexts (Tim Perry) [#​62254](nodejs/node#62254) - \[[`f5725ca81d`](nodejs/node@f5725ca81d)] - **crypto**: reject ML-KEM/ML-DSA [PKCS#8](https://github.com/PKCS/node/issues/8) import without seed in SubtleCrypto (Filip Skokan) [#​62218](nodejs/node#62218) - \[[`f69ed4bc3f`](nodejs/node@f69ed4bc3f)] - **crypto**: rename CShakeParams and KmacParams length to outputLength (Filip Skokan) [#​61875](nodejs/node#61875) - \[[`4d96e53570`](nodejs/node@4d96e53570)] - **crypto**: refactor WebCrypto AEAD algorithms auth tag handling (Filip Skokan) [#​62169](nodejs/node#62169) - \[[`93d77719e8`](nodejs/node@93d77719e8)] - **crypto**: read algorithm name property only once in normalizeAlgorithm (Filip Skokan) [#​62170](nodejs/node#62170) - \[[`3d2e23a981`](nodejs/node@3d2e23a981)] - **deps**: update ada to 3.4.4 (Node.js GitHub Bot) [#​62414](nodejs/node#62414) - \[[`176d6d2205`](nodejs/node@176d6d2205)] - **deps**: update timezone to 2026a (Node.js GitHub Bot) [#​62164](nodejs/node#62164) - \[[`95c7fc67ba`](nodejs/node@95c7fc67ba)] - **deps**: update googletest to [`2461743`](nodejs/node@2461743) (Node.js GitHub Bot) [#​62484](nodejs/node#62484) - \[[`e5e9f2044a`](nodejs/node@e5e9f2044a)] - **deps**: update simdjson to 4.5.0 (Node.js GitHub Bot) [#​62382](nodejs/node#62382) - \[[`905b94266a`](nodejs/node@905b94266a)] - **deps**: update ngtcp2 to 1.21.0 (Node.js GitHub Bot) [#​62051](nodejs/node#62051) - \[[`180c150122`](nodejs/node@180c150122)] - **deps**: V8: cherry-pick [`cf1bce4`](nodejs/node@cf1bce40a5ef) (Richard Lau) [#​62449](nodejs/node#62449) - \[[`bc265aa003`](nodejs/node@bc265aa003)] - **deps**: upgrade npm to 11.12.1 (npm team) [#​62448](nodejs/node#62448) - \[[`f1b28612c4`](nodejs/node@f1b28612c4)] - **deps**: V8: cherry-pick [`b25cd62`](nodejs/node@b25cd62c7ba2) (Yagiz Nizipli) [#​62354](nodejs/node#62354) - \[[`757719d2af`](nodejs/node@757719d2af)] - **deps**: disable rust icu compiled\_data features (Chengzhong Wu) [#​62284](nodejs/node#62284) - \[[`3bdc955b63`](nodejs/node@3bdc955b63)] - **deps**: update sqlite to 3.51.3 (Node.js GitHub Bot) [#​62256](nodejs/node#62256) - \[[`a9703d194a`](nodejs/node@a9703d194a)] - **deps**: update googletest to [`73a63ea`](nodejs/node@73a63ea) (Node.js GitHub Bot) [#​61927](nodejs/node#61927) - \[[`85138935cb`](nodejs/node@85138935cb)] - **deps**: update merve to 1.2.2 (Node.js GitHub Bot) [#​62213](nodejs/node#62213) - \[[`231521e75e`](nodejs/node@231521e75e)] - **diagnostics\_channel**: add diagnostics channels for web locks (Ilyas Shabi) [#​62123](nodejs/node#62123) - \[[`0093863664`](nodejs/node@0093863664)] - **doc**: deprecate `module.register()` (DEP0205) (Geoffrey Booth) [#​62395](nodejs/node#62395) - \[[`0b96ece6be`](nodejs/node@0b96ece6be)] - **doc**: clarify that features cannot be both experimental and deprecated (Antoine du Hamel) [#​62456](nodejs/node#62456) - \[[`8d3ea975f5`](nodejs/node@8d3ea975f5)] - **doc**: fix 'transfered' typo in quic.md (lilianakatrina684-a11y) [#​62492](nodejs/node#62492) - \[[`08ff16e0ba`](nodejs/node@08ff16e0ba)] - **doc**: move sqlite type conversion section to correct level (René) [#​62482](nodejs/node#62482) - \[[`61cc747dd8`](nodejs/node@61cc747dd8)] - **doc**: add Rafael to last security release steward (Rafael Gonzaga) [#​62423](nodejs/node#62423) - \[[`64cfa5a6fa`](nodejs/node@64cfa5a6fa)] - **doc**: use npm-published version of doc-kit (Aviv Keller) [#​62139](nodejs/node#62139) - \[[`1020321fb0`](nodejs/node@1020321fb0)] - **doc**: fix overstated Date header requirement in response.sendDate (Kit Dallege) [#​62206](nodejs/node#62206) - \[[`9caa7855b2`](nodejs/node@9caa7855b2)] - **doc**: fix guaranteed typo (lilianakatrina684-a11y) [#​62374](nodejs/node#62374) - \[[`e254f65306`](nodejs/node@e254f65306)] - **doc**: enhance clarification about the main field (Mowafak Almahaini) [#​62302](nodejs/node#62302) - \[[`9e724b53f8`](nodejs/node@9e724b53f8)] - **doc**: remove spawn with shell example from bat/cmd section (Kit Dallege) [#​62243](nodejs/node#62243) - \[[`7f37c17516`](nodejs/node@7f37c17516)] - **doc**: minor typo fix (Jeff Matson) [#​62358](nodejs/node#62358) - \[[`eb0ca98f01`](nodejs/node@eb0ca98f01)] - **doc**: add path to vulnerabilities.json mention (Rafael Gonzaga) [#​62355](nodejs/node#62355) - \[[`198b6e0932`](nodejs/node@198b6e0932)] - **doc**: deprecate CryptoKey use in node:crypto (Filip Skokan) [#​62321](nodejs/node#62321) - \[[`17e5aee6c5`](nodejs/node@17e5aee6c5)] - **doc**: fix small environment\_variables typo (chris) [#​62279](nodejs/node#62279) - \[[`193d629895`](nodejs/node@193d629895)] - **doc**: test and test-only targets do not run linter (Xavier Stouder) [#​62120](nodejs/node#62120) - \[[`4a1f20ec4a`](nodejs/node@4a1f20ec4a)] - **doc**: clarify fs.ReadStream and fs.WriteStream are not constructable (Kit Dallege) [#​62208](nodejs/node#62208) - \[[`f976c9214d`](nodejs/node@f976c9214d)] - **doc**: clarify that any truthy value of `shell` is part of DEP0190 (Antoine du Hamel) [#​62249](nodejs/node#62249) - \[[`4d83972681`](nodejs/node@4d83972681)] - **doc**: remove outdated Chrome 66 and ndb references from debugger (Kit Dallege) [#​62202](nodejs/node#62202) - \[[`71f2eada5b`](nodejs/node@71f2eada5b)] - **doc**: add throwIfNoEntry version history to fs.stat (kovan) [#​62204](nodejs/node#62204) - \[[`670c80893b`](nodejs/node@670c80893b)] - **doc**: add note (and caveat) for `mock.module` about customization hooks (Jacob Smith) [#​62075](nodejs/node#62075) - \[[`2ff5cb13f5`](nodejs/node@2ff5cb13f5)] - **doc,test**: clarify --eval syntax for leading '-' scripts (kovan) [#​62244](nodejs/node#62244) - \[[`6c6c9004c4`](nodejs/node@6c6c9004c4)] - **esm**: fix typo in worker loader hook comment (jakecastelli) [#​62475](nodejs/node#62475) - \[[`1cdd23c9f3`](nodejs/node@1cdd23c9f3)] - **esm**: fix source phase identity bug in loadCache eviction (Guy Bedford) [#​62415](nodejs/node#62415) - \[[`4f4ff15794`](nodejs/node@4f4ff15794)] - **esm**: fix path normalization in `finalizeResolution` (Antoine du Hamel) [#​62080](nodejs/node#62080) - \[[`088167d102`](nodejs/node@088167d102)] - **events**: avoid cloning listeners array on every emit (Gürgün Dayıoğlu) [#​62261](nodejs/node#62261) - \[[`0250b436ee`](nodejs/node@0250b436ee)] - **fs**: fix cpSync to handle non-ASCII characters (Stefan Stojanovic) [#​61950](nodejs/node#61950) - \[[`b67a8fb171`](nodejs/node@b67a8fb171)] - **inspector**: add Target.getTargets and extract TargetManager (Kohei) [#​62487](nodejs/node#62487) - \[[`ffcc5a5722`](nodejs/node@ffcc5a5722)] - **lib**: make SubtleCrypto.supports enumerable (Filip Skokan) [#​62307](nodejs/node#62307) - \[[`92ef2ad8fa`](nodejs/node@92ef2ad8fa)] - **lib**: prefer primordials in SubtleCrypto (Filip Skokan) [#​62226](nodejs/node#62226) - \[[`40a43ac4d0`](nodejs/node@40a43ac4d0)] - **module**: fix coverage of mocked CJS modules imported from ESM (Marco) [#​62133](nodejs/node#62133) - \[[`3ef0a5b90e`](nodejs/node@3ef0a5b90e)] - **quic**: remove CryptoKey support from session keys option (Filip Skokan) [#​62335](nodejs/node#62335) - \[[`3c8dd8eb8e`](nodejs/node@3c8dd8eb8e)] - **repl**: use vm DONT\_CONTEXTIFY context (Chengzhong Wu) [#​62371](nodejs/node#62371) - \[[`f85b9d9fa8`](nodejs/node@f85b9d9fa8)] - **(SEMVER-MINOR)** **repl**: add customizable error handling (Anna Henningsen) [#​62188](nodejs/node#62188) - \[[`e4c164e045`](nodejs/node@e4c164e045)] - **repl**: handle exceptions from async context after close (Anna Henningsen) [#​62165](nodejs/node#62165) - \[[`67b854d407`](nodejs/node@67b854d407)] - **(SEMVER-MINOR)** **repl**: remove dependency on domain module (Matteo Collina) [#​61227](nodejs/node#61227) - \[[`966b700623`](nodejs/node@966b700623)] - **(SEMVER-MINOR)** **sea**: support code cache for ESM entrypoint in SEA (Joyee Cheung) [#​62158](nodejs/node#62158) - \[[`fe82baf970`](nodejs/node@fe82baf970)] - **src**: improve EC JWK import performance (Filip Skokan) [#​62396](nodejs/node#62396) - \[[`d490b171e0`](nodejs/node@d490b171e0)] - **src**: handle null backing store in ArrayBufferViewContents::Read (Mert Can Altin) [#​62343](nodejs/node#62343) - \[[`0e4af848bc`](nodejs/node@0e4af848bc)] - **src**: convert context\_frame field in AsyncWrap to internal field (Anna Henningsen) [#​62103](nodejs/node#62103) - \[[`02980b8c8f`](nodejs/node@02980b8c8f)] - **src**: enable compilation/linking with OpenSSL 4.0 (Filip Skokan) [#​62410](nodejs/node#62410) - \[[`064f7c2fa6`](nodejs/node@064f7c2fa6)] - **src**: use stack allocation in indexOf latin1 path (Mert Can Altin) [#​62268](nodejs/node#62268) - \[[`ede52bc2dc`](nodejs/node@ede52bc2dc)] - **src,sqlite**: fix filterFunc dangling reference (Edy Silva) [#​62281](nodejs/node#62281) - \[[`e1f0d2a014`](nodejs/node@e1f0d2a014)] - **(SEMVER-MINOR)** **stream**: add stream/iter Implementation (James M Snell) [#​62066](nodejs/node#62066) - \[[`03839fb087`](nodejs/node@03839fb087)] - **stream**: preserve error over AbortError in pipeline (Marco) [#​62113](nodejs/node#62113) - \[[`0000d2f011`](nodejs/node@0000d2f011)] - **stream**: replace bind with arrow function for onwrite callback (Ali Hassan) [#​62087](nodejs/node#62087) - \[[`3796a73719`](nodejs/node@3796a73719)] - **test**: update WPT for WebCryptoAPI to [`2cb332d`](nodejs/node@2cb332d710) (Node.js GitHub Bot) [#​62483](nodejs/node#62483) - \[[`ad8309415b`](nodejs/node@ad8309415b)] - **test**: update WPT for url to [`fc3e651`](nodejs/node@fc3e651593) (Node.js GitHub Bot) [#​62379](nodejs/node#62379) - \[[`bed89b037e`](nodejs/node@bed89b037e)] - **test**: wait for reattach before initial break on restart (Yuya Inoue) [#​62471](nodejs/node#62471) - \[[`c9ffffcc55`](nodejs/node@c9ffffcc55)] - **test**: disable flaky WPT Blob test on AIX (James M Snell) [#​62470](nodejs/node#62470) - \[[`fd41ef31f6`](nodejs/node@fd41ef31f6)] - **(SEMVER-MINOR)** **test**: add tests for experimental stream/iter implementation (James M Snell) [#​62066](nodejs/node#62066) - \[[`1b9d8d3eec`](nodejs/node@1b9d8d3eec)] - **test**: avoid flaky run wait in debugger restart test (Yuya Inoue) [#​62112](nodejs/node#62112) - \[[`cb08a29d51`](nodejs/node@cb08a29d51)] - **test**: skip test-cluster-dgram-reuse on AIX 7.3 (Stewart X Addison) [#​62238](nodejs/node#62238) - \[[`abea0af8a9`](nodejs/node@abea0af8a9)] - **test**: add WebCrypto Promise.prototype.then pollution regression tests (Filip Skokan) [#​62226](nodejs/node#62226) - \[[`47a2132269`](nodejs/node@47a2132269)] - **test**: update WPT for WebCryptoAPI to [`6a1c545`](nodejs/node@6a1c545d77) (Node.js GitHub Bot) [#​62187](nodejs/node#62187) - \[[`2c63d3006c`](nodejs/node@2c63d3006c)] - **test\_runner**: add exports option for module mocks (sangwook) [#​61727](nodejs/node#61727) - \[[`44ac0e1302`](nodejs/node@44ac0e1302)] - **test\_runner**: make it compatible with fake timers (Matteo Collina) [#​59272](nodejs/node#59272) - \[[`1865691275`](nodejs/node@1865691275)] - **test\_runner**: set non-zero exit code when suite errors occur (Edy Silva) [#​62282](nodejs/node#62282) - \[[`0252b2bab8`](nodejs/node@0252b2bab8)] - **tools**: bump picomatch from 4.0.3 to 4.0.4 in /tools/eslint (dependabot\[bot]) [#​62439](nodejs/node#62439) - \[[`3368155267`](nodejs/node@3368155267)] - **tools**: bump yaml from 2.8.2 to 2.8.3 in /tools/doc (dependabot\[bot]) [#​62437](nodejs/node#62437) - \[[`5e47c359f5`](nodejs/node@5e47c359f5)] - **tools**: adopt the `--check-for-duplicates` NCU flag (Antoine du Hamel) [#​62478](nodejs/node#62478) - \[[`4a604e82d0`](nodejs/node@4a604e82d0)] - **tools**: bump picomatch in /tools/doc (dependabot\[bot]) [#​62438](nodejs/node#62438) - \[[`d1a98b4ddb`](nodejs/node@d1a98b4ddb)] - **tools**: bump flatted from 3.4.1 to 3.4.2 in /tools/eslint (dependabot\[bot]) [#​62375](nodejs/node#62375) - \[[`c32daa1ab4`](nodejs/node@c32daa1ab4)] - **tools**: bump eslint deps (Huáng Jùnliàng) [#​62356](nodejs/node#62356) - \[[`7a2fcc6d41`](nodejs/node@7a2fcc6d41)] - **tools**: do not swallow error in `lint-nix` workflow (Antoine du Hamel) [#​62292](nodejs/node#62292) - \[[`c41a2871b5`](nodejs/node@c41a2871b5)] - **tools**: add eslint-plugin-regexp (Huáng Jùnliàng) [#​62093](nodejs/node#62093) - \[[`56dfeb06df`](nodejs/node@56dfeb06df)] - **tools**: fix timeout errors in `lint-nix` job (Antoine du Hamel) [#​62265](nodejs/node#62265) - \[[`22fc8078e8`](nodejs/node@22fc8078e8)] - **tools**: bump flatted from 3.3.3 to 3.4.1 in /tools/eslint (dependabot\[bot]) [#​62255](nodejs/node#62255) - \[[`409b0663bd`](nodejs/node@409b0663bd)] - **tools**: bump undici from 6.23.0 to 6.24.1 in /tools/doc (dependabot\[bot]) [#​62250](nodejs/node#62250) - \[[`67c69750f4`](nodejs/node@67c69750f4)] - **tools**: validate all commits that are pushed to `main` (Antoine du Hamel) [#​62246](nodejs/node#62246) - \[[`7d9db8cd21`](nodejs/node@7d9db8cd21)] - **tools**: keep GN files when updating Merve (Antoine du Hamel) [#​62167](nodejs/node#62167) - \[[`6c8fa42ba2`](nodejs/node@6c8fa42ba2)] - **typings**: rationalise TypedArray types (René) [#​62174](nodejs/node#62174) - \[[`531c64d04e`](nodejs/node@531c64d04e)] - **url**: enable simdutf for ada (Yagiz Nizipli) [#​61477](nodejs/node#61477) - \[[`2000caccde`](nodejs/node@2000caccde)] - **util**: allow color aliases in styleText (sangwook) [#​62180](nodejs/node#62180) - \[[`0aed332ab4`](nodejs/node@0aed332ab4)] - **wasm**: support js string constant esm import (Guy Bedford) [#​62198](nodejs/node#62198) - \[[`d3fd4a978b`](nodejs/node@d3fd4a978b)] - **worker**: heap profile optimizations (Ilyas Shabi) [#​62201](nodejs/node#62201) - \[[`e992a34a18`](nodejs/node@e992a34a18)] - **zlib**: fix use-after-free when reset() is called during write (Matteo Collina) [#​62325](nodejs/node#62325) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTAiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbIlJlbm92YXRlIEJvdCIsImF1dG9tYXRpb246Ym90LWF1dGhvcmVkIiwiZGVwZW5kZW5jeS10eXBlOjptaW5vciJdfQ==-->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Once upon a time (#20237) we attempted to remove the
secureContext.context._externalfield which exposes OpenSSL contexts. This was later reverted (#21711) because it turns out there are external native addons which do want to integrate with Node's OpenSSL, and were using this JS API as it's currently the only way to do so.At the time, @sam-github said:
I think this makes a lot of sense. I'm in the process of building a native addon myself that needs access to OpenSSL contexts (user-space solution for #41112). I'd like to do this properly, without having to awkwardly hook onto internals like this.
This PR does that: creating a new
node::crypto::GetSSLCtxnative API, so C++ addons can access the OpenSSL context directly. With this in place, we could potentially drop_externalentirely from the JS API (and maybe even.context) in some future major bump. Naming is intended to match the SSL_CTX type and OpenSSL SSL_CTX_... APIs etc, but open to bikeshedding that further.This API itself should be easy to keep stable as OpenSSL changes, but obviously SSL_CTX won't be stable as it has APIs that will change as we upgrade OpenSSL versions etc. I think that's fine, there's clearly no real avoiding that and addons using this will have to be able to deal with OpenSSL changes like this appropriately. Reasonable given that it's a native-only API imo.