fix(deps): update shared components packages

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@types/node (source)	22.8.2 → 22.19.17			devDependencies	minor
cors	2.8.5 → 2.8.6			dependencies	patch
express (source)	4.18.2 → 4.22.1			dependencies	minor
node	16.3.0 → 16.20.2			uses-with	minor
node	22.10.0-alpine → 22.22.2-alpine			final	minor
openapi-backend (source)	5.8.1 → 5.16.1			dependencies	minor
peter-evans/create-pull-request (changelog)	4320041 → 22a9089			action	digest
semver	7.3.8 → 7.7.4			devDependencies	minor
typescript (source)	5.0.2 → 5.9.3			devDependencies	minor
wait-on	8.0.0 → 8.0.5			devDependencies	patch
yargs (source)	17.7.1 → 17.7.2			dependencies	patch

---

Release Notes

expressjs/cors (cors)

v2.8.6

Compare Source

==================

• Improve documentation (API, context, examples...)
• Remove additional markdown files from tarball

expressjs/express (express)

v4.22.1

Compare Source

v4.22.0

Compare Source

v4.21.2

Compare Source

What's Changed

• Add funding field (v4) by @​bjohansebas in #​6065
• deps: path-to-regexp@​0.1.11 by @​blakeembrey in #​5956
• deps: bump path-to-regexp@​0.1.12 by @​jonchurch in #​6209
• Release: 4.21.2 by @​UlisesGascon in #​6094

Full Changelog: expressjs/express@4.21.1...4.21.2

v4.21.1

Compare Source

What's Changed

• Backport a fix for CVE-2024-47764 to the 4.x branch by @​joshbuker in #​6029
• Release: 4.21.1 by @​UlisesGascon in #​6031

Full Changelog: expressjs/express@4.21.0...4.21.1

v4.21.0

Compare Source

What's Changed

• Deprecate "back" magic string in redirects by @​blakeembrey in #​5935
• finalhandler@​1.3.1 by @​wesleytodd in #​5954
• fix(deps): serve-static@​1.16.2 by @​wesleytodd in #​5951
• Upgraded dependency qs to 6.13.0 to match qs in body-parser by @​agadzinski93 in #​5946

New Contributors

• @​agadzinski93 made their first contribution in #​5946

Full Changelog: expressjs/express@4.20.0...4.21.0

v4.20.0

Compare Source

==========

• deps: serve-static@​0.16.0
  • Remove link renderization in html while redirecting
• deps: send@​0.19.0
  • Remove link renderization in html while redirecting
• deps: body-parser@​0.6.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: path-to-regexp@​0.1.10
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie
  • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

v4.19.2

Compare Source

==========

• Improved fix for open redirect allow list bypass

v4.19.1

Compare Source

==========

• Allow passing non-strings to res.location with new encoding handling checks

v4.19.0

Compare Source

==========

• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@​0.6.0

v4.18.3

Compare Source

==========

• Fix routing requests without method
• deps: body-parser@​1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@​2.5.2
• deps: cookie@​0.6.0
  • Add partitioned option

actions/node-versions (node)

v16.20.2: 16.20.2

Compare Source

Node.js 16.20.2

v16.20.1: 16.20.1

Compare Source

Node.js 16.20.1

v16.20.0: 16.20.0

Compare Source

Node.js 16.20.0

v16.19.1: 16.19.1

Compare Source

Node.js 16.19.1

v16.19.0: 16.19.0

Compare Source

Node.js 16.19.0

v16.18.1: 16.18.1

Compare Source

Node.js 16.18.1

v16.18.0: 16.18.0

Compare Source

Node.js 16.18.0

v16.17.1: 16.17.1

Compare Source

Node.js 16.17.1

v16.17.0: 16.17.0

Compare Source

Node.js 16.17.0

v16.16.0: 16.16.0

Compare Source

Node.js 16.16.0

v16.15.1: 16.15.1

Compare Source

Node.js 16.15.1

v16.15.0: 16.15.0

Compare Source

Node.js 16.15.0

v16.14.2: 16.14.2

Compare Source

Node.js 16.14.2

v16.14.1: 16.14.1

Compare Source

Node.js 16.14.1

v16.14.0: 16.14.0

Compare Source

Node.js 16.14.0

v16.13.2: 16.13.2

Compare Source

Node.js 16.13.2

v16.13.1: 16.13.1

Compare Source

Node.js 16.13.1

v16.13.0: 16.13.0

Compare Source

Node.js 16.13.0

v16.12.0: 16.12.0

Compare Source

Node.js 16.12.0

v16.11.1: 16.11.1

Compare Source

Node.js 16.11.1

v16.11.0: 16.11.0

Compare Source

Node.js 16.11.0

v16.10.0: 16.10.0

Compare Source

Node.js 16.10.0

v16.9.1: 16.9.1

Compare Source

Node.js 16.9.1

v16.9.0: 16.9.0

Compare Source

Node.js 16.9.0

v16.8.0: 16.8.0

Compare Source

Node.js 16.8.0

v16.7.0: 16.7.0

Compare Source

Node.js 16.7.0

v16.6.2: 16.6.2

Compare Source

Node.js 16.6.2

v16.6.1: 16.6.1

Compare Source

Node.js 16.6.1

v16.6.0: 16.6.0

Compare Source

Node.js 16.6.0

v16.5.0: 16.5.0

Compare Source

Node.js 16.5.0

v16.4.2: 16.4.2

Compare Source

Node.js 16.4.2

v16.4.1: 16.4.1

Compare Source

Node.js 16.4.1

v16.4.0: 16.4.0

Compare Source

Node.js 16.4.0

nodejs/node (node)

v22.22.2: 2026-03-24, Version 22.22.2 'Jod' (LTS), @​RafaelGSS prepared by @​aduh95

Compare Source

This is a security release.

Notable Changes

• (CVE-2026-21637) wrap SNICallback invocation in try/catch (Matteo Collina) - High
• (CVE-2026-21710) use null prototype for headersDistinct/trailersDistinct (Matteo Collina) - High
• (CVE-2026-21713) use timing-safe comparison in Web Cryptography HMAC (Filip Skokan) - Medium
• (CVE-2026-21714) handle NGHTTP2_ERR_FLOW_CONTROL error code (RafaelGSS) - Medium
• (CVE-2026-21717) test array index hash collision (Joyee Cheung) - Medium
• (CVE-2026-21715) add permission check to realpath.native (RafaelGSS) - Low
• (CVE-2026-21716) include permission check on lib/fs/promises (RafaelGSS) - Low

Commits

• [6f14ee5101] - (CVE-2026-21717) build,test: test array index hash collision (Joyee Cheung) nodejs-private/node-private#809
• [52a52ef619] - (CVE-2026-21713) crypto: use timing-safe comparison in Web Cryptography HMAC (Filip Skokan) nodejs-private/node-private#822
• [30a3ab11e2] - (CVE-2026-21717) deps: V8: cherry-pick aac14dd (Joyee Cheung) nodejs-private/node-private#809
• [e3f4d6a42e] - (CVE-2026-21717) deps: V8: backport 1361b2a (Joyee Cheung) nodejs-private/node-private#809
• [7dc00fa5f4] - (CVE-2026-21717) deps: V8: backport 185f0fe (Joyee Cheung) nodejs-private/node-private#809
• [076acd052d] - (CVE-2026-21717) deps: V8: backport 0a8b1cd (snek) nodejs-private/node-private#809
• [963c60a951] - deps: V8: override depot_tools version (Richard Lau) #​62344
• [a688117d5d] - deps: upgrade npm to 10.9.7 (npm team) #​62330
• [859c8c761b] - deps: update undici to v6.24.1 (Matteo Collina) #​62285
• [d5ed384a2f] - deps: upgrade npm to 10.9.6 (npm team) #​62215
• [a2fe9fd81a] - (CVE-2026-21710) http: use null prototype for headersDistinct/trailersDistinct (Matteo Collina) nodejs-private/node-private#821
• [73deff77c1] - lib: backport _tls_common and _tls_wrap refactors (Dario Piotrowicz) #​57643
• [06fc3436f6] - (CVE-2026-21716) permission: include permission check on lib/fs/promises (RafaelGSS) nodejs-private/node-private#795
• [db48d9c675] - (CVE-2026-21715) permission: add permission check to realpath.native (RafaelGSS) nodejs-private/node-private#794
• [2a6105a63b] - (CVE-2026-21714) src: handle NGHTTP2_ERR_FLOW_CONTROL error code (RafaelGSS) nodejs-private/node-private#832
• [91b970886f] - (CVE-2026-21637) tls: wrap SNICallback invocation in try/catch (Matteo Collina) nodejs-private/node-private#819

v22.22.1: 2026-03-05, Version 22.22.1 'Jod' (LTS)

Compare Source

Notable Changes

• [7b93a65f27] - build: test on Python 3.14 (Christian Clauss) #​59983
• [6063d888fe] - cli: mark --heapsnapshot-near-heap-limit as stable (Joyee Cheung) #​60956
• [d950b151a2] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #​61419
• [4f42f8c428] - crypto: update root certificates to NSS 3.117 (Node.js GitHub Bot) #​60741
• [b6ebf2cd53] - doc: add avivkeller to collaborators (Aviv Keller) #​61115
• [35854f424d] - doc: add gurgunday to collaborators (Gürgün Dayıoğlu) #​61094
• [5c6a076e5d] - meta: add Renegade334 to collaborators (Renegade334) #​60714

Commits

• [5f773488c2] - assert: use a set instead of an array for faster lookup (Ruben Bridgewater) #​61076
• [feecbb0eab] - assert,util: fix deep comparison for sets and maps with mixed types (Ruben Bridgewater) #​61388
• [096095b127] - benchmark: add SQLite benchmarks (Guilherme Araújo) #​61401
• [b5fe481415] - benchmark: use boolean options in benchmark tests (SeokhunEom) #​60129
• [fa9faacacb] - benchmark: allow boolean option values (SeokhunEom) #​60129
• [ba8714ac21] - benchmark: fix incorrect base64 input in byteLength benchmark (semimikoh) #​60841
• [53596de876] - benchmark: use typescript for import cjs benchmark (Joyee Cheung) #​60663
• [e8930e9d7c] - benchmark: focus on import.meta intialization in import-meta benchmark (Joyee Cheung) #​60603
• [1155e412b1] - benchmark: add per-suite setup option (Joyee Cheung) #​60574
• [e01903d304] - benchmark: improve cpu.sh for safety and usability (Nam Yooseong) #​60162
• [623a405747] - benchmark: add benchmark for leaf source text modules (Joyee Cheung) #​60205
• [7f5e7b9f7f] - benchmark: add microbench on isInsideNodeModules (Chengzhong Wu) #​60991
• [db132b85a8] - bootstrap: initialize http proxy after user module loader setup (Joyee Cheung) #​58938
• [66aab9f987] - buffer: let Buffer.of use heap (Сковорода Никита Андреевич) #​60503
• [c3cf00c671] - buffer: speed up concat via TypedArray#set (Gürgün Dayıoğlu) #​60399
• [f6fad231e9] - build: skip sscache action on non-main branches (Joyee Cheung) #​61790
• [2145f91f6b] - build: update android-patches/trap-handler.h.patch (Mo Luo) #​60369
• [5b49759dd8] - build: update devcontainer.json to use paired nix env (Joyee Cheung) #​61414
• [24724cde40] - build: fix misplaced comma in ldflags (hqzing) #​61294
• [c57a19934e] - build: fix crate vendor file checksums on windows (Chengzhong Wu) #​61329
• [8659d7cd07] - build: fix inconsistent quoting in Makefile (Antoine du Hamel) #​60511
• [44f339b315] - build: remove temporal updater (Chengzhong Wu) #​61151
• [d60a6cebd5] - build: update test-wpt-report to use NODE instead of OUT_NODE (Filip Skokan) #​61024
• [34ccf187f5] - build: skip build-ci on actions with a separate test step (Chengzhong Wu) #​61073
• [7b19e101a2] - build: run embedtest with node_g when BUILDTYPE=Debug (Chengzhong Wu) #​60850
• [9408c4459f] - build: upgrade Python linter ruff, add rules ASYNC,PERF (Christian Clauss) #​59984
• [2166ec7f0f] - build: use call command when calling python configure (Jacob Nichols) #​60098
• [73ef70145d] - build: remove V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE defs (Joyee Cheung) #​60296
• [7b93a65f27] - build: test on Python 3.14 (Christian Clauss) #​59983
• [508ce6ec6c] - build, src: fix include paths for vtune files (Rahul) #​59999
• [c89d3cd570] - build,tools: fix addon build deadlock on errors (Vladimir Morozov) #​61321
• [40904a0591] - build,win: update WinGet configurations to Python 3.14 (Mike McCready) #​61431
• [6d6742e7db] - child_process: treat ipc length header as unsigned uint32 (Ryuhei Shima) #​61344
• [6063d888fe] - cli: mark --heapsnapshot-near-heap-limit as stable (Joyee Cheung) #​60956
• [3d324a0f88] - cluster: fix port reuse between cluster (Ryuhei Shima) #​60141
• [40a58709b4] - console: optimize single-string logging (Gürgün Dayıoğlu) #​60422
• [d950b151a2] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #​61419
• [4f42f8c428] - crypto: update root certificates to NSS 3.117 (Node.js GitHub Bot) #​60741
• [a87499ae25] - crypto: ensure documented RSA-PSS saltLength default is used (Filip Skokan) #​60662
• [8c65cc11e2] - crypto: update root certificates to NSS 3.116 (Node.js GitHub Bot) #​59956
• [91dc00a2c1] - debugger: fix event listener leak in the run command (Joyee Cheung) #​60464
• [0781bd3764] - deps: V8: backport 6a0a25a (Vivian Wang) #​61688
• [0cf1f9c3e9] - deps: update googletest to 8508785 (Node.js GitHub Bot) #​61417
• [521b4b1f07] - deps: update sqlite to 3.51.2 (Node.js GitHub Bot) #​61339
• [58b9d219a3] - deps: update icu to 78.2 (Node.js GitHub Bot) #​60523
• [cbc1e4306d] - deps: update zlib to 1.3.1-e00f703 (Node.js GitHub Bot) #​61135
• [db59c35ed8] - deps: update cjs-module-lexer to 2.2.0 (Node.js GitHub Bot) #​61271
• [c18518ee3c] - deps: update nbytes to 0.1.2 (Node.js GitHub Bot) #​61270
• [376df62d63] - deps: update timezone to 2025c (Node.js GitHub Bot) #​61138
• [993e905302] - deps: update simdjson to 4.2.4 (Node.js GitHub Bot) #​61056
• [b72fd2a5d3] - deps: update googletest to 065127f (Node.js GitHub Bot) #​61055
• [d765147405] - deps: update sqlite to 3.51.1 (Node.js GitHub Bot) #​60899
• [37abe2a7d2] - deps: update zlib to 1.3.1-63d7e16 (Node.js GitHub Bot) #​60898
• [97241fcb86] - deps: update sqlite to 3.51.0 (Node.js GitHub Bot) #​60614
• [3669c7b4f4] - deps: update simdjson to 4.2.2 (Node.js GitHub Bot) #​60740
• [9a056ec89c] - deps: update googletest to 1b96fa1 (Node.js GitHub Bot) #​60739
• [b5803b3ea0] - deps: update minimatch to 10.1.1 (Node.js GitHub Bot) #​60543
• [5bf99f3d46] - deps: update cjs-module-lexer to 2.1.1 (Node.js GitHub Bot) #​60646
• [801f187357] - deps: update simdjson to 4.2.1 (Node.js GitHub Bot) #​60644
• [03c16e5a4c] - deps: update simdjson to 4.1.0 (Node.js GitHub Bot) #​60542
• [2ebfc2ca56] - deps: update amaro to 1.1.5 (Node.js GitHub Bot) #​60541
• [d24ba4fed6] - deps: update simdjson to 4.0.7 (Node.js GitHub Bot) #​59883
• [9480a139bf] - deps: update googletest to 279f847 (Node.js GitHub Bot) #​60219
• [635e67379e] - deps: update archs files for openssl-3.5.5 (Node.js GitHub Bot) #​61547
• [c7b774047d] - deps: upgrade openssl sources to openssl-3.5.5 (Node.js GitHub Bot) #​61547
• [5b324d7d7f] - deps: update corepack to 0.34.6 (Node.js GitHub Bot) #​61510
• [eef8ba0667] - deps: update corepack to 0.34.5 (Node.js GitHub Bot) #​60842
• [490f7c7fb1] - deps: update corepack to 0.34.4 (Node.js GitHub Bot) #​60643
• [66903ea3b3] - deps: update corepack to 0.34.2 (Node.js GitHub Bot) #​60550
• [a2f0b69282] - deps: update corepack to 0.34.1 (Node.js GitHub Bot) #​60314
• [c8044a48a6] - deps: V8: backport 2e4c5cf (Michaël Zasso) #​60654
• [642f518198] - doc: supported toolchain with Visual Studio 2022 only (Mike McCready) #​61451
• [625f674487] - doc: move Security-Team from TSC to SECURITY (Rafael Gonzaga) #​61495
• [029e32f8ba] - doc: added requestOCSP option to tls.connect (ikeyan) #​61064
• [68e33dfa89] - doc: restore @​ChALkeR to collaborators (Сковорода Никита Андреевич) #​61553
• [e016770d62] - doc: update IBM/Red Hat volunteers with dedicated project time (Beth Griggs) #​61588
• [ec63954657] - doc: mention constructor comparison in assert.deepStrictEqual (Hamza Kargin) #​60253
• [c8e1563a98] - doc: add CVE delay mention (Rafael Gonzaga) #​61465
• [4b00cf2b54] - doc: include OpenJSF handle for security stewards (Rafael Gonzaga) #​61454
• [4b73bf5bc8] - doc: clarify process.argv[1] behavior for -e/--eval (Jeevankumar S) #​61366
• [d3151df4b3] - doc: remove Windows Dev Home instructions from BUILDING (Mike McCready) #​61434
• [2323462e35] - doc: clarify TypedArray properties on Buffer (Roman Reiss) #​61355
• [6c5478c8b2] - doc: note resume build should not be done on node-test-commit (Stewart X Addison) #​61373
• [ba4a043103] - doc: refine WebAssembly error documentation (sangwook) #​61382
• [cd315ea589] - doc: add deprecation history for url.parse (Eng Zer Jun) #​61389
• [42db0c392d] - doc: add marco and rafael in last sec release (Marco Ippolito) #​61383
• [4c3b680fc7] - doc: packages: example of private import switch to internal (coderaiser) #​61343
• [684d15e421] - doc: add esm and cjs examples to node:v8 (Alfredo González) #​61328
• [c3f9c7a7d9] - doc: added 'secure' event to tls.TLSSocket (ikeyan) #​61066
• [aa9acad5ca] - doc: restore @​watilde to collaborators (Daijiro Wachi) #​61350
• [9cafec084e] - doc: run license-builder (github-actions[bot]) #​61348
• [cdb12ccbc6] - doc: document ALPNCallback option for TLSSocket constructor (ikeyan) #​61331
• [461c5e65c5] - doc: update MDN links (Livia Medeiros) #​61062
• [dde45baeab] - doc: add documentation for process.traceProcessWarnings (Alireza Ebrahimkhani) #​53641
• [59a7aeec92] - doc: fix filename typo (Hardanish Singh) #​61297
• [9a0a40d1ed] - doc: fix typos and grammar in BUILDING.md & onboarding.md (Hardanish Singh) #​61267
• [dca7005f9d] - doc: mention --newVersion release script (Rafael Gonzaga) #​61255
• [c0dc8ddf85] - doc: correct typo in api contributing doc (Mike McCready) #​61260
• [066af38fe1] - doc: add PR-URL requirement for security backports (Rafael Gonzaga) #​61256
• [71dd46bd0c] - doc: add reusePort error behavior to net module (mag123c) #​61250
• [f6abe3ba33] - doc: note corepack package removal in distribution doc (Mike McCready) #​61207
• [9059d49d8c] - doc: fix tls.connect() timeout documentation (Azad Gupta) #​61079
• [e7b34b76b0] - doc: missing passed, error and passed properties on TestContext (Xavier Stouder) #​61185
• [9ae2dcfbb6] - doc: clarify threat model for application-level API exposure (Rafael Gonzaga) #​61184
• [9902331a7c] - doc: correct options for net.Socket class and socket.connect (Xavier Stouder) #​61179
• [a80122d2fe] - doc: document error event on readline InterfaceConstructor (Xavier Stouder) #​61170
• [38d73c9cfa] - doc: add a smooth scrolling effect to the sidebar (btea) #​59007
• [95c51fa984] - doc: correct invalid collaborator profile (JJ) #​61091
• [f5a044763c] - doc: exclude compile-time flag features from security policy (Matteo Collina) #​61109
• [b6ebf2cd53] - doc: add @​avivkeller to collaborators (Aviv Keller) #​61115
• [35854f424d] - doc: add gurgunday to collaborators (Gürgün Dayıoğlu) #​61094
• [4932322c29] - doc: add File modes cross-references in fs methods (Mohit Raj Saxena) #​60286
• [c84904e047] - doc: add missing zstd to mjs example of zlib (Deokjin Kim) #​60915
• [e615b9e2f2] - doc: clarify fileURLToPath security considerations (Rafael Gonzaga) #​60887
• [99e384e6d4] - doc: replace column with columnNumber in example of util.getCallSites (Deokjin Kim) #​60881
• [9351bb4d02] - doc: correct spelling in BUILDING.md (Rich Trott) #​60875
• [e1f6e7fc4d] - doc: update debuglog examples to use 'foo-bar' instead of 'foo' (xiaoyao) #​60867
• [ccbb2d7300] - doc: fix typos in changelogs (Rich Trott) #​60855
• [1cb2fe8b35] - doc: mark module.register as active development (Chengzhong Wu) #​60849
• [ceeb4968a6] - doc: add fullName property to SuiteContext (PaulyBearCoding) #​60762
• [56155909dd] - doc: keep sidebar module visible when navigating docs (Botato) #​60410
• [6b637763d5] - doc: correct concurrency wording in test() documentation (Azad Gupta) #​60773
• [7183e8ffa1] - doc: clarify that CQ only picks up PRs targeting main (René) #​60731
• [d5d94303be] - doc: clarify license section and add contributor note (KaleruMadhu) #​60590
• [e0210c8f53] - doc: correct tls ALPNProtocols types (René) #​60143
• [eff87b498a] - doc: remove mention of SMS 2FA (Antoine du Hamel) #​60707
• [e77ef94a51] - doc: domain.add() does not accept timer objects (René) #​60675
• [4fe19c95ea] - doc: update Collaborators list to reflect hybrist handle change (Antoine du Hamel) #​60650
• [eece59b6ce] - doc: fix linter issues (Antoine du Hamel) #​60636
• [6e17e596e4] - doc: correct values/references for buffer.kMaxLength (René) #​60305
• [ac327ae9a7] - doc: recommend events.once to manage 'close' event (Dan Fabulich) #​60017
• [d9b149ea42] - doc: highlight module loading difference between import and require (Ajay A) #​59815
• [f6d62cb22c] - doc: fix typo in process.unref documentation (우혁) #​59698
• [6d5078b196] - doc: add some entries to glossary.md (Mohataseem Khan) #​59277
• [b0a5820dea] - doc: improve agent.createConnection docs for http and https agents (JaeHo Jang) #​58205
• [b5db02fe67] - doc: fix pseudo code in modules.md (chirsz) #​57677
• [e9b912d481] - doc: add missing variable in code snippet (Koushil Mankali) #​55478
• [44c06c7812] - doc: add missing word in single-executable-applications.md (Konstantin Tsabolov) #​53864
• [482b43f160] - doc: fix typo in http.md (Michael Solomon) #​59354
• [cd323bc718] - doc: update devcontainer.json and add documentation (Joyee Cheung) #​60472
• [c7c70f3a16] - doc: add haramj as triager (Haram Jeong) #​60348
• [04b8c4d14e] - doc: clarify require(esm) description (dynst) #​60520
• [de382dc832] - doc: instantiate resolver object (Donghoon Nam) #​60476
• [b6845ce460] - doc: clarify --use-system-ca support status (Joyee Cheung) #​60340
• [0894dae9bc] - doc: add missing CAA type to dns.resolveAny() & dnsPromises.resolveAny() (Jimmy Leung) [#​58899](https://redirect.github.com/nodejs

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.