From b65e01b3ad21865fcdc9120730cea4b8a2330ef3 Mon Sep 17 00:00:00 2001 From: Chengzhong Wu Date: Fri, 1 Aug 2025 17:46:23 +0100 Subject: [PATCH 01/11] test: fix not escaped handles (#1676) --- test/function_reference.cc | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/test/function_reference.cc b/test/function_reference.cc index 99f560f27..b50eb46fd 100644 --- a/test/function_reference.cc +++ b/test/function_reference.cc @@ -30,17 +30,17 @@ class FuncRefObject : public Napi::ObjectWrap { namespace { Value ConstructRefFromExisitingRef(const CallbackInfo& info) { - HandleScope scope(info.Env()); + EscapableHandleScope scope(info.Env()); FunctionReference ref; FunctionReference movedRef; ref.Reset(info[0].As()); movedRef = std::move(ref); - return MaybeUnwrap(movedRef({})); + return scope.Escape(MaybeUnwrap(movedRef({}))); } Value CallWithVectorArgs(const CallbackInfo& info) { - HandleScope scope(info.Env()); + EscapableHandleScope scope(info.Env()); std::vector newVec; FunctionReference ref; ref.Reset(info[0].As()); @@ -48,27 +48,28 @@ Value CallWithVectorArgs(const CallbackInfo& info) { for (int i = 1; i < (int)info.Length(); i++) { newVec.push_back(info[i]); } - return MaybeUnwrap(ref.Call(newVec)); + return scope.Escape(MaybeUnwrap(ref.Call(newVec))); } Value CallWithInitList(const CallbackInfo& info) { - HandleScope scope(info.Env()); + EscapableHandleScope scope(info.Env()); FunctionReference ref; ref.Reset(info[0].As()); - return MaybeUnwrap(ref.Call({info[1], info[2], info[3]})); + return scope.Escape(MaybeUnwrap(ref.Call({info[1], info[2], info[3]}))); } Value CallWithRecvInitList(const CallbackInfo& info) { - HandleScope scope(info.Env()); + EscapableHandleScope scope(info.Env()); FunctionReference ref; ref.Reset(info[0].As()); - return MaybeUnwrap(ref.Call(info[1], {info[2], info[3], info[4]})); + return scope.Escape( + MaybeUnwrap(ref.Call(info[1], {info[2], info[3], info[4]}))); } Value CallWithRecvVector(const CallbackInfo& info) { - HandleScope scope(info.Env()); + EscapableHandleScope scope(info.Env()); FunctionReference ref; std::vector newVec; ref.Reset(info[0].As()); @@ -76,11 +77,11 @@ Value CallWithRecvVector(const CallbackInfo& info) { for (int i = 2; i < (int)info.Length(); i++) { newVec.push_back(info[i]); } - return MaybeUnwrap(ref.Call(info[1], newVec)); + return scope.Escape(MaybeUnwrap(ref.Call(info[1], newVec))); } Value CallWithRecvArgc(const CallbackInfo& info) { - HandleScope scope(info.Env()); + EscapableHandleScope scope(info.Env()); FunctionReference ref; ref.Reset(info[0].As()); @@ -91,7 +92,7 @@ Value CallWithRecvArgc(const CallbackInfo& info) { args[i] = info[i + 2]; } - return MaybeUnwrap(ref.Call(info[1], argLength, args.get())); + return scope.Escape(MaybeUnwrap(ref.Call(info[1], argLength, args.get()))); } Value MakeAsyncCallbackWithInitList(const Napi::CallbackInfo& info) { @@ -163,19 +164,19 @@ Value CreateFunctionReferenceUsingNewVec(const Napi::CallbackInfo& info) { } Value Call(const CallbackInfo& info) { - HandleScope scope(info.Env()); + EscapableHandleScope scope(info.Env()); FunctionReference ref; ref.Reset(info[0].As()); - return MaybeUnwrapOr(ref.Call({}), Value()); + return scope.Escape(MaybeUnwrapOr(ref.Call({}), Value())); } Value Construct(const CallbackInfo& info) { - HandleScope scope(info.Env()); + EscapableHandleScope scope(info.Env()); FunctionReference ref; ref.Reset(info[0].As()); - return MaybeUnwrapOr(ref.New({}), Object()); + return scope.Escape(MaybeUnwrapOr(ref.New({}), Object())); } } // namespace From fc213028f7b5955b5a515fff0d6949c5b896d686 Mon Sep 17 00:00:00 2001 From: Chengzhong Wu Date: Mon, 22 Sep 2025 10:04:55 +0100 Subject: [PATCH 02/11] chore: enable OIDC npm publishing (#1682) --- .github/workflows/release-please.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index dd5477b3c..a6e752e37 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -6,6 +6,10 @@ on: - main workflow_dispatch: +permissions: + id-token: write # Required for OIDC + contents: read + jobs: release-please: runs-on: ubuntu-latest @@ -42,8 +46,6 @@ jobs: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: - node-version: lts/* + node-version: 24 # npm >= 11.5.1 registry-url: 'https://registry.npmjs.org' - run: npm publish --provenance --access public - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} From c38bc483ef040d6b757ce622bd83daefb2a9a2ff Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 15:58:53 +0100 Subject: [PATCH 03/11] chore(deps): bump the all group across 1 directory with 10 updates (#1683) Bumps the all group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.12.1` | `2.13.1` | | [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `5.0.0` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.6.0` | `6.0.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.4.0` | `5.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.29.1` | `3.30.6` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.4.3` | `5.5.1` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.7.1` | `4.8.0` | | [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4.2.0` | `4.3.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.2` | `2.4.3` | | [actions/stale](https://github.com/actions/stale) | `9.1.0` | `10.1.0` | Updates `step-security/harden-runner` from 2.12.1 to 2.13.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a) Updates `actions/checkout` from 4.2.2 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8) Updates `actions/setup-python` from 5.6.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...e797f83bcb11b83ae66e0230d6156d7c80228e7c) Updates `actions/setup-node` from 4.4.0 to 5.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/49933ea5288caeca8642d1e84afbd3f7d6820020...a0853c24544627f65ddf259abe73b1d18a591444) Updates `github/codeql-action` from 3.29.1 to 3.30.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/39edc492dbe16b1465b0cafca41432d857bdb31a...64d10c13136e1c5bce3e5fbde8d4906eeaafc885) Updates `codecov/codecov-action` from 5.4.3 to 5.5.1 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/18283e04ce6e62d37312384ff67231eb8fd56d24...5a1091511ad55cbe89839c7260b706298ca349f7) Updates `actions/dependency-review-action` from 4.7.1 to 4.8.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/da24556b548a50705dd671f47852072ea4c105d9...56339e523c0409420f6c2c9a2f4292bbb3c07dd3) Updates `googleapis/release-please-action` from 4.2.0 to 4.3.0 - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/release-please-action/compare/a02a34c4d625f9be7cb89156071d8567266a2445...c2a5a2bd6a758a0937f1ddb1e8950609867ed15c) Updates `ossf/scorecard-action` from 2.4.2 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/05b42c624433fc40578a4040d5cf5e36ddca8cde...4eaacf0543bb3f2c246792bd56e8cdeffafb205a) Updates `actions/stale` from 9.1.0 to 10.1.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/5bef64f19d7facfb25b37b414482c7164d639639...5f858e3efba33a5ca4407a664cc011ad407f2008) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/setup-python dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/setup-node dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: github/codeql-action dependency-version: 3.30.6 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: codecov/codecov-action dependency-version: 5.5.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/dependency-review-action dependency-version: 4.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: googleapis/release-please-action dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/stale dependency-version: 10.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci-win.yml | 8 ++++---- .github/workflows/ci.yml | 8 ++++---- .github/workflows/codeql.yml | 10 +++++----- .github/workflows/coverage-linux.yml | 10 +++++----- .github/workflows/dependency-review.yml | 6 +++--- .github/workflows/linter.yml | 6 +++--- .github/workflows/node-api-headers.yml | 8 ++++---- .github/workflows/release-please.yml | 10 +++++----- .github/workflows/scorecards.yml | 8 ++++---- .github/workflows/stale.yml | 4 ++-- 10 files changed, 39 insertions(+), 39 deletions(-) diff --git a/.github/workflows/ci-win.yml b/.github/workflows/ci-win.yml index 9bdc87f5d..ea8e11e16 100644 --- a/.github/workflows/ci-win.yml +++ b/.github/workflows/ci-win.yml @@ -28,17 +28,17 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 with: node-version: ${{ matrix.node-version }} architecture: ${{ matrix.architecture }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 93b3595a3..f0b770a5f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,17 +33,17 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 with: node-version: ${{ matrix.node-version }} - name: Check Node.js installation diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bf7967240..548eacf08 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,16 +41,16 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@39edc492dbe16b1465b0cafca41432d857bdb31a # v3.29.1 + uses: github/codeql-action/init@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -70,7 +70,7 @@ jobs: - name: Use Node.js v18.x if: matrix.language == 'cpp' - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 with: node-version: 18.x @@ -80,6 +80,6 @@ jobs: npx node-gyp rebuild -C test - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@39edc492dbe16b1465b0cafca41432d857bdb31a # v3.29.1 + uses: github/codeql-action/analyze@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/coverage-linux.yml b/.github/workflows/coverage-linux.yml index d9cc42c67..d93e1afa8 100644 --- a/.github/workflows/coverage-linux.yml +++ b/.github/workflows/coverage-linux.yml @@ -35,19 +35,19 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 with: node-version: ${{ env.NODE_VERSION }} - name: Environment Information @@ -63,6 +63,6 @@ jobs: run: | npm run report-coverage-xml - name: Upload - uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3 + uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 with: directory: ./coverage-xml diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index d0aa2289d..c28207303 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,11 +17,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: 'Checkout Repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: 'Dependency Review' - uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1 + uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4.8.0 diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index e3f307c5f..271419aea 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -16,16 +16,16 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 - run: git branch -a - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 with: node-version: ${{ matrix.node-version }} - run: npm install diff --git a/.github/workflows/node-api-headers.yml b/.github/workflows/node-api-headers.yml index 5cc8bbdd8..8b3418a22 100644 --- a/.github/workflows/node-api-headers.yml +++ b/.github/workflows/node-api-headers.yml @@ -30,17 +30,17 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 with: node-version: ${{ matrix.node-version }} - name: Check Node.js installation diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index a6e752e37..38cf410ac 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -20,11 +20,11 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit - - uses: googleapis/release-please-action@a02a34c4d625f9be7cb89156071d8567266a2445 # v4.2.0 + - uses: googleapis/release-please-action@c2a5a2bd6a758a0937f1ddb1e8950609867ed15c # v4.3.0 id: release with: config-file: release-please-config.json @@ -39,12 +39,12 @@ jobs: id-token: write steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 with: node-version: 24 # npm >= 11.5.1 registry-url: 'https://registry.npmjs.org' diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index dd086cb6f..54a1bbdd5 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -31,17 +31,17 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: "Checkout code" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2 + uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: results_file: results.sarif results_format: sarif @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@39edc492dbe16b1465b0cafca41432d857bdb31a # v3.29.1 + uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 with: sarif_file: results.sarif diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 9efdeb9d3..5d6302d14 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,11 +14,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit - - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0 + - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: 'This issue is stale because it has been open many days with no activity. It will be closed soon unless the stale label is removed or a comment is made.' From d0845b3f7da911baeef0524180f170cc063b6407 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 26 Oct 2025 20:22:11 +0100 Subject: [PATCH 04/11] chore(deps): bump the all group across 1 directory with 3 updates (#1685) Bumps the all group with 3 updates in the / directory: [actions/setup-node](https://github.com/actions/setup-node), [github/codeql-action](https://github.com/github/codeql-action) and [actions/dependency-review-action](https://github.com/actions/dependency-review-action). Updates `actions/setup-node` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/a0853c24544627f65ddf259abe73b1d18a591444...2028fbc5c25fe9cf00d9f06a71cc4710d4507903) Updates `github/codeql-action` from 3.30.6 to 4.30.9 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/64d10c13136e1c5bce3e5fbde8d4906eeaafc885...16140ae1a102900babc80a33c44059580f687047) Updates `actions/dependency-review-action` from 4.8.0 to 4.8.1 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/56339e523c0409420f6c2c9a2f4292bbb3c07dd3...40c09b7dc99638e5ddb0bfd91c1673effc064d8a) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: github/codeql-action dependency-version: 4.30.9 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/dependency-review-action dependency-version: 4.8.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci-win.yml | 2 +- .github/workflows/ci.yml | 2 +- .github/workflows/codeql.yml | 6 +++--- .github/workflows/coverage-linux.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/linter.yml | 2 +- .github/workflows/node-api-headers.yml | 2 +- .github/workflows/release-please.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 9 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci-win.yml b/.github/workflows/ci-win.yml index ea8e11e16..5ad0fff65 100644 --- a/.github/workflows/ci-win.yml +++ b/.github/workflows/ci-win.yml @@ -38,7 +38,7 @@ jobs: with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 + uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: ${{ matrix.node-version }} architecture: ${{ matrix.architecture }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f0b770a5f..5198b3c31 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -43,7 +43,7 @@ jobs: with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 + uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: ${{ matrix.node-version }} - name: Check Node.js installation diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 548eacf08..2baa07c34 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/init@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -70,7 +70,7 @@ jobs: - name: Use Node.js v18.x if: matrix.language == 'cpp' - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 + uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: 18.x @@ -80,6 +80,6 @@ jobs: npx node-gyp rebuild -C test - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/coverage-linux.yml b/.github/workflows/coverage-linux.yml index d93e1afa8..4f7632036 100644 --- a/.github/workflows/coverage-linux.yml +++ b/.github/workflows/coverage-linux.yml @@ -47,7 +47,7 @@ jobs: with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 + uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: ${{ env.NODE_VERSION }} - name: Environment Information diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index c28207303..f1e538c90 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -24,4 +24,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: 'Dependency Review' - uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4.8.0 + uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1 diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 271419aea..c1e56a1ea 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -25,7 +25,7 @@ jobs: fetch-depth: 0 - run: git branch -a - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 + uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: ${{ matrix.node-version }} - run: npm install diff --git a/.github/workflows/node-api-headers.yml b/.github/workflows/node-api-headers.yml index 8b3418a22..4f5ecf7b9 100644 --- a/.github/workflows/node-api-headers.yml +++ b/.github/workflows/node-api-headers.yml @@ -40,7 +40,7 @@ jobs: with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 + uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: ${{ matrix.node-version }} - name: Check Node.js installation diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 38cf410ac..21c77105a 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -44,7 +44,7 @@ jobs: egress-policy: audit - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 + - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: 24 # npm >= 11.5.1 registry-url: 'https://registry.npmjs.org' diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 54a1bbdd5..c401deb65 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 with: sarif_file: results.sarif From 60d439ef1223260e8f221485f81ac5ec00543008 Mon Sep 17 00:00:00 2001 From: Kevin Eady <8634912+KevinEady@users.noreply.github.com> Date: Tue, 28 Oct 2025 12:33:20 +0100 Subject: [PATCH 05/11] ci: update Node.js versions in tests (#1686) * ci: update Node.js versions in tests Use maintenance and current Node.js versions in CI workflows. * chore: add define to skip experimental warning Define NODE_API_EXPERIMENTAL_NO_WARNING in tests when NAPI_EXPERIMENTAL is set. --- .github/workflows/ci-win.yml | 10 +++++++++- .github/workflows/ci.yml | 3 ++- common.gypi | 2 +- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci-win.yml b/.github/workflows/ci-win.yml index 5ad0fff65..a0fdf43c9 100644 --- a/.github/workflows/ci-win.yml +++ b/.github/workflows/ci-win.yml @@ -18,13 +18,21 @@ jobs: - standard - experimental node-version: - - 18.x - 20.x - 22.x + - 24.x + - 25.x architecture: [x64, x86] os: - windows-2022 - windows-2025 + exclude: + # Skip when node 24.x or 25.x AND architecture is x86 since there is + # no published Node.js x86 build for those versions. + - node-version: 24.x + architecture: x86 + - node-version: 25.x + architecture: x86 runs-on: ${{ matrix.os }} steps: - name: Harden Runner diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5198b3c31..3e4ef234c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,9 +18,10 @@ jobs: - standard - experimental node-version: - - 18.x - 20.x - 22.x + - 24.x + - 25.x os: - macos-latest - ubuntu-latest diff --git a/common.gypi b/common.gypi index e594f14ff..5fda7e77a 100644 --- a/common.gypi +++ b/common.gypi @@ -5,7 +5,7 @@ }, 'conditions': [ ['NAPI_VERSION!=""', { 'defines': ['NAPI_VERSION=<@(NAPI_VERSION)'] } ], - ['NAPI_VERSION==2147483647', { 'defines': ['NAPI_EXPERIMENTAL'] } ], + ['NAPI_VERSION==2147483647', { 'defines': ['NAPI_EXPERIMENTAL', 'NODE_API_EXPERIMENTAL_NO_WARNING'] } ], ['disable_deprecated=="true"', { 'defines': ['NODE_ADDON_API_DISABLE_DEPRECATED'] }], From 23ce3b17d9155811bf45f487c3aa87fbb4f53836 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Henr=C3=A9=20Botha?= Date: Tue, 28 Oct 2025 15:42:01 +0100 Subject: [PATCH 06/11] docs: language & formatting improvements (#1679) --- doc/node-gyp.md | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/doc/node-gyp.md b/doc/node-gyp.md index 529aa0ea2..a39d5b8c0 100644 --- a/doc/node-gyp.md +++ b/doc/node-gyp.md @@ -4,19 +4,19 @@ C++ code needs to be compiled into executable form whether it be as an object file to linked with others, a shared library, or a standalone executable. The main reason for this is that we need to link to the Node.js dependencies and -headers correctly, another reason is that we need a cross platform way to build +headers correctly. Another reason is that we need a cross-platform way to build C++ source into binary for the target platform. -Until now **node-gyp** is the **de-facto** standard build tool for writing -Node.js addons. It's based on Google's **gyp** build tool, which abstract away -many of the tedious issues related to cross platform building. +**node-gyp** remains the **de-facto** standard build tool for writing +Node.js addons. It's based on Google's **gyp** build tool, which abstracts away +many of the tedious issues related to cross-platform building. -**node-gyp** uses a file called ```binding.gyp``` that is located on the root of +**node-gyp** uses a file called `binding.gyp` that is located in the root of your addon project. -```binding.gyp``` file, contains all building configurations organized with a -JSON like syntax. The most important parameter is the **target** that must be -set to the same value used on the initialization code of the addon as in the +The `binding.gyp` file contains all building configurations organized with a +JSON-like syntax. The most important parameter is the **target** that must be +set to the same value used in the initialization code of the addon, as in the examples reported below: ### **binding.gyp** @@ -41,8 +41,8 @@ examples reported below: // ... /** -* This code is our entry-point. We receive two arguments here, the first is the -* environment that represent an independent instance of the JavaScript runtime, +* This code is our entry point. We receive two arguments here: the first is the +* environment that represent an independent instance of the JavaScript runtime; * the second is exports, the same as module.exports in a .js file. * You can either add properties to the exports object passed in or create your * own exports object. In either case you must return the object to be used as @@ -56,7 +56,7 @@ Napi::Object Init(Napi::Env env, Napi::Object exports) { } /** -* This code defines the entry-point for the Node addon, it tells Node where to go +* This code defines the entry point for the Node addon. It tells Node where to go * once the library has been loaded into active memory. The first argument must * match the "target" in our *binding.gyp*. Using NODE_GYP_MODULE_NAME ensures * that the argument will be correct, as long as the module is built with @@ -75,8 +75,8 @@ NODE_API_MODULE(NODE_GYP_MODULE_NAME, Init) - [Command options](https://www.npmjs.com/package/node-gyp#command-options) - [Configuration](https://www.npmjs.com/package/node-gyp#configuration) -Sometimes finding the right settings for ```binding.gyp``` is not easy so to -accomplish at most complicated task please refer to: +Sometimes finding the right settings for `binding.gyp` is not easy, so to +accomplish the most complicated tasks, please refer to: - [GYP documentation](https://gyp.gsrc.io/index.md) -- [node-gyp wiki](https://github.com/nodejs/node-gyp/wiki) +- [node-gyp wiki](https://github.com/nodejs/node-gyp/tree/main/docs) From 220bee244fae2e36405bf2bda33cb3985a846912 Mon Sep 17 00:00:00 2001 From: Kevin Eady <8634912+KevinEady@users.noreply.github.com> Date: Thu, 4 Dec 2025 12:11:17 +0100 Subject: [PATCH 07/11] feat: add SharedArrayBuffer (#1688) --- doc/README.md | 1 + doc/shared_array_buffer.md | 65 ++++++++++++++++++++++ doc/value.md | 13 +++++ napi-inl.h | 62 +++++++++++++++++++++ napi.h | 18 +++++++ test/binding.cc | 8 +++ test/binding.gyp | 1 + test/shared_array_buffer.cc | 104 ++++++++++++++++++++++++++++++++++++ test/shared_array_buffer.js | 55 +++++++++++++++++++ test/value_type_cast.cc | 10 ++++ test/value_type_cast.js | 9 +++- 11 files changed, 345 insertions(+), 1 deletion(-) create mode 100644 doc/shared_array_buffer.md create mode 100644 test/shared_array_buffer.cc create mode 100644 test/shared_array_buffer.js diff --git a/doc/README.md b/doc/README.md index bad1a5c5a..e5e24dfbe 100644 --- a/doc/README.md +++ b/doc/README.md @@ -60,6 +60,7 @@ The following is the documentation for node-addon-api. - [ClassPropertyDescriptor](class_property_descriptor.md) - [Buffer](buffer.md) - [ArrayBuffer](array_buffer.md) + - [SharedArrayBuffer](shared_array_buffer.md) - [TypedArray](typed_array.md) - [TypedArrayOf](typed_array_of.md) - [DataView](dataview.md) diff --git a/doc/shared_array_buffer.md b/doc/shared_array_buffer.md new file mode 100644 index 000000000..872dbb408 --- /dev/null +++ b/doc/shared_array_buffer.md @@ -0,0 +1,65 @@ +# SharedArrayBuffer + +Class `Napi::SharedArrayBuffer` inherits from class [`Napi::Object`][]. + +The `Napi::SharedArrayBuffer` class corresponds to the +[JavaScript `SharedArrayBuffer`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/SharedArrayBuffer) +class. + +**NOTE**: The support for `Napi::SharedArrayBuffer` is only available when using +`NAPI_EXPERIMENTAL` and building against Node.js headers that support this +feature. + +## Methods + +### New + +Allocates a new `Napi::SharedArrayBuffer` instance with a given length. + +```cpp +static Napi::SharedArrayBuffer Napi::SharedArrayBuffer::New(napi_env env, size_t byteLength); +``` + +- `[in] env`: The environment in which to create the `Napi::SharedArrayBuffer` + instance. +- `[in] byteLength`: The length to be allocated, in bytes. + +Returns a new `Napi::SharedArrayBuffer` instance. + +### Constructor + +Initializes an empty instance of the `Napi::SharedArrayBuffer` class. + +```cpp +Napi::SharedArrayBuffer::SharedArrayBuffer(); +``` + +### Constructor + +Initializes a wrapper instance of an existing `Napi::SharedArrayBuffer` object. + +```cpp +Napi::SharedArrayBuffer::SharedArrayBuffer(napi_env env, napi_value value); +``` + +- `[in] env`: The environment in which to create the `Napi::SharedArrayBuffer` + instance. +- `[in] value`: The `Napi::SharedArrayBuffer` reference to wrap. + +### ByteLength + +```cpp +size_t Napi::SharedArrayBuffer::ByteLength() const; +``` + +Returns the length of the wrapped data, in bytes. + +### Data + +```cpp +void* Napi::SharedArrayBuffer::Data() const; +``` + +Returns a pointer the wrapped data. + +[`Napi::Object`]: ./object.md diff --git a/doc/value.md b/doc/value.md index f19532fa5..f61a36ecf 100644 --- a/doc/value.md +++ b/doc/value.md @@ -268,6 +268,19 @@ bool Napi::Value::IsPromise() const; Returns `true` if the underlying value is a JavaScript `Napi::Promise` or `false` otherwise. +### IsSharedArrayBuffer + +```cpp +bool Napi::Value::IsSharedArrayBuffer() const; +``` + +Returns `true` if the underlying value is a JavaScript +`Napi::IsSharedArrayBuffer` or `false` otherwise. + +**NOTE**: The support for `Napi::SharedArrayBuffer` is only available when using +`NAPI_EXPERIMENTAL` and building against Node.js headers that support this +feature. + ### IsString ```cpp diff --git a/napi-inl.h b/napi-inl.h index 54651c1b5..94574fcc1 100644 --- a/napi-inl.h +++ b/napi-inl.h @@ -934,6 +934,19 @@ inline bool Value::IsExternal() const { return Type() == napi_external; } +#ifdef NODE_API_EXPERIMENTAL_HAS_SHAREDARRAYBUFFER +inline bool Value::IsSharedArrayBuffer() const { + if (IsEmpty()) { + return false; + } + + bool result; + napi_status status = node_api_is_sharedarraybuffer(_env, _value, &result); + NAPI_THROW_IF_FAILED(_env, status, false); + return result; +} +#endif + template inline T Value::As() const { #ifdef NODE_ADDON_API_ENABLE_TYPE_CHECK_ON_AS @@ -2068,6 +2081,55 @@ inline uint32_t Array::Length() const { return result; } +#ifdef NODE_API_EXPERIMENTAL_HAS_SHAREDARRAYBUFFER +//////////////////////////////////////////////////////////////////////////////// +// SharedArrayBuffer class +//////////////////////////////////////////////////////////////////////////////// + +inline SharedArrayBuffer::SharedArrayBuffer() : Object() {} + +inline SharedArrayBuffer::SharedArrayBuffer(napi_env env, napi_value value) + : Object(env, value) {} + +inline void SharedArrayBuffer::CheckCast(napi_env env, napi_value value) { + NAPI_CHECK(value != nullptr, "SharedArrayBuffer::CheckCast", "empty value"); + + bool result; + napi_status status = node_api_is_sharedarraybuffer(env, value, &result); + NAPI_CHECK(status == napi_ok, + "SharedArrayBuffer::CheckCast", + "node_api_is_sharedarraybuffer failed"); + NAPI_CHECK( + result, "SharedArrayBuffer::CheckCast", "value is not sharedarraybuffer"); +} + +inline SharedArrayBuffer SharedArrayBuffer::New(napi_env env, + size_t byteLength) { + napi_value value; + void* data; + napi_status status = + node_api_create_sharedarraybuffer(env, byteLength, &data, &value); + NAPI_THROW_IF_FAILED(env, status, SharedArrayBuffer()); + + return SharedArrayBuffer(env, value); +} + +inline void* SharedArrayBuffer::Data() { + void* data; + napi_status status = napi_get_arraybuffer_info(_env, _value, &data, nullptr); + NAPI_THROW_IF_FAILED(_env, status, nullptr); + return data; +} + +inline size_t SharedArrayBuffer::ByteLength() { + size_t length; + napi_status status = + napi_get_arraybuffer_info(_env, _value, nullptr, &length); + NAPI_THROW_IF_FAILED(_env, status, 0); + return length; +} +#endif // NODE_API_EXPERIMENTAL_HAS_SHAREDARRAYBUFFER + //////////////////////////////////////////////////////////////////////////////// // ArrayBuffer class //////////////////////////////////////////////////////////////////////////////// diff --git a/napi.h b/napi.h index ba0e13416..013a9114d 100644 --- a/napi.h +++ b/napi.h @@ -543,6 +543,9 @@ class Value { bool IsDataView() const; ///< Tests if a value is a JavaScript data view. bool IsBuffer() const; ///< Tests if a value is a Node buffer. bool IsExternal() const; ///< Tests if a value is a pointer to external data. +#ifdef NODE_API_EXPERIMENTAL_HAS_SHAREDARRAYBUFFER + bool IsSharedArrayBuffer() const; +#endif /// Casts to another type of `Napi::Value`, when the actual type is known or /// assumed. @@ -1202,6 +1205,21 @@ class Object::iterator { }; #endif // NODE_ADDON_API_CPP_EXCEPTIONS +#ifdef NODE_API_EXPERIMENTAL_HAS_SHAREDARRAYBUFFER +class SharedArrayBuffer : public Object { + public: + SharedArrayBuffer(); + SharedArrayBuffer(napi_env env, napi_value value); + + static SharedArrayBuffer New(napi_env env, size_t byteLength); + + static void CheckCast(napi_env env, napi_value value); + + void* Data(); + size_t ByteLength(); +}; +#endif + /// A JavaScript array buffer value. class ArrayBuffer : public Object { public: diff --git a/test/binding.cc b/test/binding.cc index 9e5aaaaa6..fa651cc13 100644 --- a/test/binding.cc +++ b/test/binding.cc @@ -64,6 +64,7 @@ Object InitTypedThreadSafeFunctionSum(Env env); Object InitTypedThreadSafeFunctionUnref(Env env); Object InitTypedThreadSafeFunction(Env env); #endif +Object InitSharedArrayBuffer(Env env); Object InitSymbol(Env env); Object InitTypedArray(Env env); Object InitGlobalObject(Env env); @@ -140,6 +141,7 @@ Object Init(Env env, Object exports) { exports.Set("promise", InitPromise(env)); exports.Set("run_script", InitRunScript(env)); exports.Set("symbol", InitSymbol(env)); + exports.Set("sharedarraybuffer", InitSharedArrayBuffer(env)); #if (NAPI_VERSION > 3) exports.Set("threadsafe_function_ctx", InitThreadSafeFunctionCtx(env)); exports.Set("threadsafe_function_exception", @@ -194,6 +196,12 @@ Object Init(Env env, Object exports) { "isExperimental", Napi::Boolean::New(env, NAPI_VERSION == NAPI_VERSION_EXPERIMENTAL)); +#ifdef NODE_API_EXPERIMENTAL_HAS_SHAREDARRAYBUFFER + exports.Set("hasSharedArrayBuffer", Napi::Boolean::New(env, true)); +#else + exports.Set("hasSharedArrayBuffer", Napi::Boolean::New(env, false)); +#endif + return exports; } diff --git a/test/binding.gyp b/test/binding.gyp index 8ee391fb9..9ff334b64 100644 --- a/test/binding.gyp +++ b/test/binding.gyp @@ -54,6 +54,7 @@ 'object/subscript_operator.cc', 'promise.cc', 'run_script.cc', + 'shared_array_buffer.cc', 'symbol.cc', 'threadsafe_function/threadsafe_function_ctx.cc', 'threadsafe_function/threadsafe_function_exception.cc', diff --git a/test/shared_array_buffer.cc b/test/shared_array_buffer.cc new file mode 100644 index 000000000..57f66495a --- /dev/null +++ b/test/shared_array_buffer.cc @@ -0,0 +1,104 @@ +#include "napi.h" + +using namespace Napi; + +namespace { + +#ifdef NODE_API_EXPERIMENTAL_HAS_SHAREDARRAYBUFFER +Value TestIsSharedArrayBuffer(const CallbackInfo& info) { + if (info.Length() < 1) { + Error::New(info.Env(), "Wrong number of arguments") + .ThrowAsJavaScriptException(); + return Value(); + } + + return Boolean::New(info.Env(), info[0].IsSharedArrayBuffer()); +} + +Value TestCreateSharedArrayBuffer(const CallbackInfo& info) { + if (info.Length() < 1) { + Error::New(info.Env(), "Wrong number of arguments") + .ThrowAsJavaScriptException(); + return Value(); + } else if (!info[0].IsNumber()) { + Error::New(info.Env(), + "Wrong type of arguments. Expects a number as first argument.") + .ThrowAsJavaScriptException(); + return Value(); + } + + auto byte_length = info[0].As().Uint32Value(); + if (byte_length == 0) { + Error::New(info.Env(), + "Invalid byte length. Expects a non-negative integer.") + .ThrowAsJavaScriptException(); + return Value(); + } + + return SharedArrayBuffer::New(info.Env(), byte_length); +} + +Value TestGetSharedArrayBufferInfo(const CallbackInfo& info) { + if (info.Length() < 1) { + Error::New(info.Env(), "Wrong number of arguments") + .ThrowAsJavaScriptException(); + return Value(); + } else if (!info[0].IsSharedArrayBuffer()) { + Error::New(info.Env(), + "Wrong type of arguments. Expects a SharedArrayBuffer as first " + "argument.") + .ThrowAsJavaScriptException(); + return Value(); + } + + auto byte_length = info[0].As().ByteLength(); + + return Number::New(info.Env(), byte_length); +} + +Value TestSharedArrayBufferData(const CallbackInfo& info) { + if (info.Length() < 1) { + Error::New(info.Env(), "Wrong number of arguments") + .ThrowAsJavaScriptException(); + return Value(); + } else if (!info[0].IsSharedArrayBuffer()) { + Error::New(info.Env(), + "Wrong type of arguments. Expects a SharedArrayBuffer as first " + "argument.") + .ThrowAsJavaScriptException(); + return Value(); + } + + auto byte_length = info[0].As().ByteLength(); + void* data = info[0].As().Data(); + + if (byte_length > 0 && data != nullptr) { + uint8_t* bytes = static_cast(data); + for (size_t i = 0; i < byte_length; i++) { + bytes[i] = i % 256; + } + + return Boolean::New(info.Env(), true); + } + + return Boolean::New(info.Env(), false); +} +#endif +} // end anonymous namespace + +Object InitSharedArrayBuffer(Env env) { + Object exports = Object::New(env); + +#ifdef NODE_API_EXPERIMENTAL_HAS_SHAREDARRAYBUFFER + exports["testIsSharedArrayBuffer"] = + Function::New(env, TestIsSharedArrayBuffer); + exports["testCreateSharedArrayBuffer"] = + Function::New(env, TestCreateSharedArrayBuffer); + exports["testGetSharedArrayBufferInfo"] = + Function::New(env, TestGetSharedArrayBufferInfo); + exports["testSharedArrayBufferData"] = + Function::New(env, TestSharedArrayBufferData); +#endif + + return exports; +} diff --git a/test/shared_array_buffer.js b/test/shared_array_buffer.js new file mode 100644 index 000000000..018021ace --- /dev/null +++ b/test/shared_array_buffer.js @@ -0,0 +1,55 @@ +'use strict'; + +const assert = require('assert'); + +module.exports = require('./common').runTest(test); + +let skippedMessageShown = false; + +function test ({ hasSharedArrayBuffer, sharedarraybuffer }) { + if (!hasSharedArrayBuffer) { + if (!skippedMessageShown) { + console.log(' >Skipped (no SharedArrayBuffer support)'); + skippedMessageShown = true; + } + return; + } + + { + const sab = new SharedArrayBuffer(16); + const ab = new ArrayBuffer(16); + const obj = {}; + const arr = []; + + assert.strictEqual(sharedarraybuffer.testIsSharedArrayBuffer(sab), true); + assert.strictEqual(sharedarraybuffer.testIsSharedArrayBuffer(ab), false); + assert.strictEqual(sharedarraybuffer.testIsSharedArrayBuffer(obj), false); + assert.strictEqual(sharedarraybuffer.testIsSharedArrayBuffer(arr), false); + assert.strictEqual(sharedarraybuffer.testIsSharedArrayBuffer(null), false); + assert.strictEqual(sharedarraybuffer.testIsSharedArrayBuffer(undefined), false); + } + + { + const sab = sharedarraybuffer.testCreateSharedArrayBuffer(16); + assert(sab instanceof SharedArrayBuffer); + assert.strictEqual(sab.byteLength, 16); + } + + { + const sab = new SharedArrayBuffer(32); + const byteLength = sharedarraybuffer.testGetSharedArrayBufferInfo(sab); + assert.strictEqual(byteLength, 32); + } + + { + const sab = new SharedArrayBuffer(8); + const result = sharedarraybuffer.testSharedArrayBufferData(sab); + assert.strictEqual(result, true); + + // Check if data was written correctly + const view = new Uint8Array(sab); + for (let i = 0; i < 8; i++) { + assert.strictEqual(view[i], i % 256); + } + } +} diff --git a/test/value_type_cast.cc b/test/value_type_cast.cc index 9a140d281..dfc03b38b 100644 --- a/test/value_type_cast.cc +++ b/test/value_type_cast.cc @@ -27,6 +27,11 @@ namespace { #define V(Type) \ void TypeCast##Type(const CallbackInfo& info) { USE(info[0].As()); } TYPE_CAST_TYPES(V) + +#ifdef NODE_API_EXPERIMENTAL_HAS_SHAREDARRAYBUFFER +V(SharedArrayBuffer) +#endif + #undef V void TypeCastBuffer(const CallbackInfo& info) { @@ -47,6 +52,11 @@ Object InitValueTypeCast(Env env, Object exports) { #define V(Type) exports["typeCast" #Type] = Function::New(env, TypeCast##Type); TYPE_CAST_TYPES(V) + +#ifdef NODE_API_EXPERIMENTAL_HAS_SHAREDARRAYBUFFER + V(SharedArrayBuffer) +#endif + #undef V exports["typeCastBuffer"] = Function::New(env, TypeCastBuffer); diff --git a/test/value_type_cast.js b/test/value_type_cast.js index cdebd4e03..274dd278b 100644 --- a/test/value_type_cast.js +++ b/test/value_type_cast.js @@ -42,7 +42,7 @@ function test (buildType) { }, typeCastArrayBuffer: { positiveValues: [new ArrayBuffer(0)], - negativeValues: [new Uint8Array(1), {}, [], null, undefined] + negativeValues: [new Uint8Array(1), new SharedArrayBuffer(0), {}, [], null, undefined] }, typeCastTypedArray: { positiveValues: [new Uint8Array(0)], @@ -77,6 +77,13 @@ function test (buildType) { } }; + if ('typeCastSharedArrayBuffer' in binding) { + testTable.typeCastSharedArrayBuffer = { + positiveValues: [new SharedArrayBuffer(0)], + negativeValues: [new Uint8Array(1), new ArrayBuffer(0), {}, [], null, undefined] + }; + } + if (process.argv[2] === 'child') { child(binding, testTable, process.argv[3], process.argv[4], parseInt(process.argv[5])); return; From 46673f403adf799cc73419427dd3cf166badff22 Mon Sep 17 00:00:00 2001 From: Matt Hargett Date: Fri, 5 Dec 2025 07:12:38 -0800 Subject: [PATCH 08/11] feat: silence a legitimate vfptr sanitizer warning that is on by default in Android NDK 29 (#1692) --- napi-inl.h | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/napi-inl.h b/napi-inl.h index 94574fcc1..0f1717ecd 100644 --- a/napi-inl.h +++ b/napi-inl.h @@ -21,6 +21,12 @@ #include #include +#if defined(__clang__) || defined(__GNUC__) +#define NAPI_NO_SANITIZE_VPTR __attribute__((no_sanitize("vptr"))) +#else +#define NAPI_NO_SANITIZE_VPTR +#endif + namespace Napi { #ifdef NAPI_CPP_CUSTOM_NAMESPACE @@ -4779,7 +4785,8 @@ inline napi_value InstanceWrap::WrappedMethod( //////////////////////////////////////////////////////////////////////////////// template -inline ObjectWrap::ObjectWrap(const Napi::CallbackInfo& callbackInfo) { +inline NAPI_NO_SANITIZE_VPTR ObjectWrap::ObjectWrap( + const Napi::CallbackInfo& callbackInfo) { napi_env env = callbackInfo.Env(); napi_value wrapper = callbackInfo.This(); napi_status status; @@ -4793,7 +4800,7 @@ inline ObjectWrap::ObjectWrap(const Napi::CallbackInfo& callbackInfo) { } template -inline ObjectWrap::~ObjectWrap() { +inline NAPI_NO_SANITIZE_VPTR ObjectWrap::~ObjectWrap() { // If the JS object still exists at this point, remove the finalizer added // through `napi_wrap()`. if (!IsEmpty() && !_finalized) { @@ -4806,8 +4813,12 @@ inline ObjectWrap::~ObjectWrap() { } } +// with RTTI turned on, modern compilers check to see if virtual function +// pointers are stripped of RTTI by void casts. this is intrinsic to how Unwrap +// works, so we inject a compiler pragma to turn off that check just for the +// affected methods. this compiler check is on by default in Android NDK 29. template -inline T* ObjectWrap::Unwrap(Object wrapper) { +inline NAPI_NO_SANITIZE_VPTR T* ObjectWrap::Unwrap(Object wrapper) { void* unwrapped; napi_status status = napi_unwrap(wrapper.Env(), wrapper, &unwrapped); NAPI_THROW_IF_FAILED(wrapper.Env(), status, nullptr); @@ -7092,4 +7103,6 @@ inline void BasicEnv::PostFinalizer(FinalizerType finalizeCallback, } // namespace Napi +#undef NAPI_NO_SANITIZE_VPTR + #endif // SRC_NAPI_INL_H_ From 67b6479e70cd05d932ee5d79ee975bec3fdadeef Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Jan 2026 03:54:22 +0800 Subject: [PATCH 09/11] chore(deps): bump the all group across 1 directory with 10 updates (#1698) Bumps the all group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.13.1` | `2.14.0` | | [actions/checkout](https://github.com/actions/checkout) | `5.0.0` | `6.0.1` | | [actions/setup-python](https://github.com/actions/setup-python) | `6.0.0` | `6.1.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `6.0.0` | `6.1.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.30.9` | `4.31.8` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.1` | `5.5.2` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.1` | `4.8.2` | | [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4.3.0` | `4.4.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `6.0.0` | | [actions/stale](https://github.com/actions/stale) | `10.1.0` | `10.1.1` | Updates `step-security/harden-runner` from 2.13.1 to 2.14.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a...20cf305ff2072d973412fa9b1e3a4f227bda3c76) Updates `actions/checkout` from 5.0.0 to 6.0.1 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/08c6903cd8c0fde910a37f88322edcfb5dd907a8...8e8c483db84b4bee98b60c0593521ed34d9990e8) Updates `actions/setup-python` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/e797f83bcb11b83ae66e0230d6156d7c80228e7c...83679a892e2d95755f2dac6acb0bfd1e9ac5d548) Updates `actions/setup-node` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/2028fbc5c25fe9cf00d9f06a71cc4710d4507903...395ad3262231945c25e8478fd5baf05154b1d79f) Updates `github/codeql-action` from 4.30.9 to 4.31.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/16140ae1a102900babc80a33c44059580f687047...1b168cd39490f61582a9beae412bb7057a6b2c4e) Updates `codecov/codecov-action` from 5.5.1 to 5.5.2 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/5a1091511ad55cbe89839c7260b706298ca349f7...671740ac38dd9b0130fbe1cec585b89eea48d3de) Updates `actions/dependency-review-action` from 4.8.1 to 4.8.2 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/40c09b7dc99638e5ddb0bfd91c1673effc064d8a...3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261) Updates `googleapis/release-please-action` from 4.3.0 to 4.4.0 - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/release-please-action/compare/c2a5a2bd6a758a0937f1ddb1e8950609867ed15c...16a9c90856f42705d54a6fda1823352bdc62cf38) Updates `actions/upload-artifact` from 4.6.2 to 6.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/ea165f8d65b6e75b540449e92b4886f43607fa02...b7c566a772e6b6bfb58ed0dc250532a479d7789f) Updates `actions/stale` from 10.1.0 to 10.1.1 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/5f858e3efba33a5ca4407a664cc011ad407f2008...997185467fa4f803885201cee163a9f38240193d) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/setup-python dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/setup-node dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github/codeql-action dependency-version: 4.31.8 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: codecov/codecov-action dependency-version: 5.5.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/dependency-review-action dependency-version: 4.8.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: googleapis/release-please-action dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/upload-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/stale dependency-version: 10.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci-win.yml | 8 ++++---- .github/workflows/ci.yml | 8 ++++---- .github/workflows/codeql.yml | 10 +++++----- .github/workflows/coverage-linux.yml | 10 +++++----- .github/workflows/dependency-review.yml | 6 +++--- .github/workflows/linter.yml | 6 +++--- .github/workflows/node-api-headers.yml | 8 ++++---- .github/workflows/release-please.yml | 10 +++++----- .github/workflows/scorecards.yml | 8 ++++---- .github/workflows/stale.yml | 4 ++-- 10 files changed, 39 insertions(+), 39 deletions(-) diff --git a/.github/workflows/ci-win.yml b/.github/workflows/ci-win.yml index a0fdf43c9..7bde494c0 100644 --- a/.github/workflows/ci-win.yml +++ b/.github/workflows/ci-win.yml @@ -36,17 +36,17 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: ${{ matrix.node-version }} architecture: ${{ matrix.architecture }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3e4ef234c..7122b564a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,17 +34,17 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: ${{ matrix.node-version }} - name: Check Node.js installation diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2baa07c34..5c66d7ed0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,16 +41,16 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 + uses: github/codeql-action/init@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -70,7 +70,7 @@ jobs: - name: Use Node.js v18.x if: matrix.language == 'cpp' - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: 18.x @@ -80,6 +80,6 @@ jobs: npx node-gyp rebuild -C test - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 + uses: github/codeql-action/analyze@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/coverage-linux.yml b/.github/workflows/coverage-linux.yml index 4f7632036..2f1a772f3 100644 --- a/.github/workflows/coverage-linux.yml +++ b/.github/workflows/coverage-linux.yml @@ -35,19 +35,19 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: ${{ env.NODE_VERSION }} - name: Environment Information @@ -63,6 +63,6 @@ jobs: run: | npm run report-coverage-xml - name: Upload - uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 + uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2 with: directory: ./coverage-xml diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index f1e538c90..6cf8974bd 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,11 +17,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: 'Checkout Repository' - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: 'Dependency Review' - uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1 + uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2 diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index c1e56a1ea..67e4d9945 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -16,16 +16,16 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - run: git branch -a - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: ${{ matrix.node-version }} - run: npm install diff --git a/.github/workflows/node-api-headers.yml b/.github/workflows/node-api-headers.yml index 4f5ecf7b9..ce7fe267c 100644 --- a/.github/workflows/node-api-headers.yml +++ b/.github/workflows/node-api-headers.yml @@ -30,17 +30,17 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: ${{ matrix.node-version }} - name: Check Node.js installation diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 21c77105a..48a608467 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -20,11 +20,11 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - - uses: googleapis/release-please-action@c2a5a2bd6a758a0937f1ddb1e8950609867ed15c # v4.3.0 + - uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0 id: release with: config-file: release-please-config.json @@ -39,12 +39,12 @@ jobs: id-token: write steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: 24 # npm >= 11.5.1 registry-url: 'https://registry.npmjs.org' diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index c401deb65..c92107a30 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -31,12 +31,12 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: "Checkout code" - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -63,7 +63,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: SARIF file path: results.sarif @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 + uses: github/codeql-action/upload-sarif@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 with: sarif_file: results.sarif diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 5d6302d14..d1fbf2dbc 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,11 +14,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: 'This issue is stale because it has been open many days with no activity. It will be closed soon unless the stale label is removed or a comment is made.' From 86a05243fd161dccc156b7cebfce8348e39de71a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Jan 2026 10:54:12 -0500 Subject: [PATCH 10/11] chore(deps): bump the all group across 1 directory with 4 updates (#1701) Bumps the all group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/setup-python](https://github.com/actions/setup-python), [actions/setup-node](https://github.com/actions/setup-node) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd) Updates `actions/setup-python` from 6.1.0 to 6.2.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/83679a892e2d95755f2dac6acb0bfd1e9ac5d548...a309ff8b426b58ec0e2a45f0f869d46889d02405) Updates `actions/setup-node` from 6.1.0 to 6.2.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/395ad3262231945c25e8478fd5baf05154b1d79f...6044e13b5dc448c55e2357c09f80417699197238) Updates `github/codeql-action` from 4.31.8 to 4.31.11 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/1b168cd39490f61582a9beae412bb7057a6b2c4e...19b2f06db2b6f5108140aeb04014ef02b648f789) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/setup-python dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/setup-node dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github/codeql-action dependency-version: 4.31.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci-win.yml | 6 +++--- .github/workflows/ci.yml | 6 +++--- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/coverage-linux.yml | 6 +++--- .github/workflows/dependency-review.yml | 2 +- .github/workflows/linter.yml | 4 ++-- .github/workflows/node-api-headers.yml | 6 +++--- .github/workflows/release-please.yml | 4 ++-- .github/workflows/scorecards.yml | 4 ++-- 9 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/ci-win.yml b/.github/workflows/ci-win.yml index 7bde494c0..fe07ff638 100644 --- a/.github/workflows/ci-win.yml +++ b/.github/workflows/ci-win.yml @@ -40,13 +40,13 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: ${{ matrix.node-version }} architecture: ${{ matrix.architecture }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7122b564a..590240c4a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,13 +38,13 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: ${{ matrix.node-version }} - name: Check Node.js installation diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5c66d7ed0..9a394e247 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,11 +46,11 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 + uses: github/codeql-action/init@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -70,7 +70,7 @@ jobs: - name: Use Node.js v18.x if: matrix.language == 'cpp' - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: 18.x @@ -80,6 +80,6 @@ jobs: npx node-gyp rebuild -C test - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 + uses: github/codeql-action/analyze@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/coverage-linux.yml b/.github/workflows/coverage-linux.yml index 2f1a772f3..a108a3031 100644 --- a/.github/workflows/coverage-linux.yml +++ b/.github/workflows/coverage-linux.yml @@ -39,15 +39,15 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: ${{ env.NODE_VERSION }} - name: Environment Information diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 6cf8974bd..60895a3ba 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -22,6 +22,6 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: 'Checkout Repository' - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: 'Dependency Review' uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2 diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 67e4d9945..145e7e6f0 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -20,12 +20,12 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - run: git branch -a - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: ${{ matrix.node-version }} - run: npm install diff --git a/.github/workflows/node-api-headers.yml b/.github/workflows/node-api-headers.yml index ce7fe267c..1ae5a963f 100644 --- a/.github/workflows/node-api-headers.yml +++ b/.github/workflows/node-api-headers.yml @@ -34,13 +34,13 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ env.PYTHON_VERSION }} - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: ${{ matrix.node-version }} - name: Check Node.js installation diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 48a608467..adc44c2b8 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -43,8 +43,8 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: 24 # npm >= 11.5.1 registry-url: 'https://registry.npmjs.org' diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index c92107a30..f1c51695f 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -36,7 +36,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: "Checkout code" - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 + uses: github/codeql-action/upload-sarif@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 with: sarif_file: results.sarif From fe0c48e008eefd01c76aa927f872a963f3c2181a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 2 Feb 2026 10:10:34 -0500 Subject: [PATCH 11/11] chore: release v8.6.0 (#1696) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .release-please-manifest.json | 2 +- CHANGELOG.md | 8 ++++++++ README.md | 2 +- package.json | 2 +- 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 56b4dffb5..c1579bf95 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "8.5.0" + ".": "8.6.0" } diff --git a/CHANGELOG.md b/CHANGELOG.md index 634e3544b..0fd7b3f87 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # node-addon-api Changelog +## [8.6.0](https://github.com/nodejs/node-addon-api/compare/v8.5.0...v8.6.0) (2026-01-30) + + +### Features + +* add SharedArrayBuffer ([#1688](https://github.com/nodejs/node-addon-api/issues/1688)) ([220bee2](https://github.com/nodejs/node-addon-api/commit/220bee244fae2e36405bf2bda33cb3985a846912)) +* silence a legitimate vfptr sanitizer warning that is on by default in Android NDK 29 ([#1692](https://github.com/nodejs/node-addon-api/issues/1692)) ([46673f4](https://github.com/nodejs/node-addon-api/commit/46673f403adf799cc73419427dd3cf166badff22)) + ## [8.5.0](https://github.com/nodejs/node-addon-api/compare/v8.4.0...v8.5.0) (2025-07-04) diff --git a/README.md b/README.md index 89a36ef28..39df5a975 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ and exception handling semantics with low overhead. API references are available in the [doc](doc/README.md) directory. -## Current version: 8.5.0 +## Current version: 8.6.0 (See [CHANGELOG.md](CHANGELOG.md) for complete Changelog) diff --git a/package.json b/package.json index f04d661fa..b9393c6cf 100644 --- a/package.json +++ b/package.json @@ -472,7 +472,7 @@ "lint:fix": "eslint --fix && node tools/clang-format --fix" }, "pre-commit": "lint", - "version": "8.5.0", + "version": "8.6.0", "support": true, "engines": { "node": "^18 || ^20 || >= 21"