doc: highlight difference in module loading between ESM and CommonJS

Author: Ajay-2005

.github/workflows/build-tarball.yml

@@ -52,14 +52,16 @@ jobs:
       - name: Make tarball
         run: |
           export DISTTYPE=nightly
-          export DATESTRING=$(date "+%Y-%m-%d")
+          export DATESTRING=`date "+%Y-%m-%d"`
           export COMMIT=$(git rev-parse --short=10 "$GITHUB_SHA")
-          ./configure && make tar -j4 SKIP_XZ=1
+          ./configure && make tar -j8 SKIP_XZ=1
+          mkdir tarballs
+          mv *.tar.gz tarballs
       - name: Upload tarball artifact
         uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4.6.2
         with:
           name: tarballs
-          path: '*.tar.gz'
+          path: tarballs
           compression-level: 0
   test-tarball-linux:
     needs: build-tarball
@@ -95,9 +97,21 @@ jobs:
           path: tarballs
       - name: Extract tarball
         run: |
-          tar xzf tarballs/*.tar.gz -C "$RUNNER_TEMP"
-          echo "TAR_DIR=$RUNNER_TEMP/$(basename tarballs/*.tar.gz .tar.gz)" >> "$GITHUB_ENV"
+          tar xzf tarballs/*.tar.gz -C $RUNNER_TEMP
+          echo "TAR_DIR=$RUNNER_TEMP/`basename tarballs/*.tar.gz .tar.gz`" >> $GITHUB_ENV
       - name: Build
-        run: make -C "$TAR_DIR" build-ci -j4 V=1
+        run: |
+          make -C "$TAR_DIR" build-ci -j4 V=1
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
+        with:
+          persist-credentials: false
+          sparse-checkout: |
+            tools/eslint
+            tools/eslint-rules
+      - name: Move directories needed for testing
+        run: |
+          mv tools/eslint "$TAR_DIR/tools"
+          mv tools/eslint-rules "$TAR_DIR/tools"
       - name: Test
-        run: make -C "$TAR_DIR" run-ci -j4 V=1 TEST_CI_ARGS="-p dots --measure-flakiness 9"
+        run: |
+          make -C "$TAR_DIR" run-ci -j4 V=1 TEST_CI_ARGS="-p dots --measure-flakiness 9"

.github/workflows/test-internet.yml

@@ -43,7 +43,7 @@ permissions:
 
 jobs:
   test-internet:
-    if: github.event_name == 'schedule' && github.repository == 'nodejs/node' || github.event.pull_request.draft == false
+    if: github.repository == 'nodejs/node' || github.event_name != 'schedule'
     runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0

CHANGELOG.md

@@ -39,8 +39,7 @@ release.
 </tr>
 <tr>
   <td valign="top">
-<b><a href="doc/changelogs/CHANGELOG_V24.md#24.8.0">24.8.0</a></b><br/>
-<a href="doc/changelogs/CHANGELOG_V24.md#24.7.0">24.7.0</a><br/>
+<b><a href="doc/changelogs/CHANGELOG_V24.md#24.7.0">24.7.0</a></b><br/>
 <a href="doc/changelogs/CHANGELOG_V24.md#24.6.0">24.6.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V24.md#24.5.0">24.5.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V24.md#24.4.1">24.4.1</a><br/>

Makefile

@@ -1213,8 +1213,6 @@ $(TARBALL): release-only doc-only
 	$(RM) -r $(TARNAME)/.editorconfig
 	$(RM) -r $(TARNAME)/.git*
 	$(RM) -r $(TARNAME)/.mailmap
-	$(RM) -r $(TARNAME)/deps/corepack
-	$(RM) $(TARNAME)/test/parallel/test-corepack-version.js
 	$(RM) -r $(TARNAME)/deps/openssl/openssl/demos
 	$(RM) -r $(TARNAME)/deps/openssl/openssl/doc
 	$(RM) -r $(TARNAME)/deps/openssl/openssl/test
@@ -1229,7 +1227,6 @@ $(TARBALL): release-only doc-only
 	$(RM) -r $(TARNAME)/tools/cpplint.py
 	$(RM) -r $(TARNAME)/tools/eslint
 	$(RM) -r $(TARNAME)/tools/eslint-rules
-	$(RM) -r $(TARNAME)/test/parallel/test-eslint-*
 	$(RM) -r $(TARNAME)/tools/license-builder.sh
 	$(RM) -r $(TARNAME)/tools/eslint/node_modules
 	$(RM) -r $(TARNAME)/tools/osx-*

SECURITY.md

@@ -15,13 +15,6 @@ you informed of the progress being made towards a fix and full announcement,
 and may ask for additional information or guidance surrounding the reported
 issue.
 
-If you do not receive an acknowledgement of your report within 6 business
-days, or if you cannot find a private security contact for the project, you
-may escalate to the OpenJS Foundation CNA at `security@lists.openjsf.org`.
-
-If the project acknowledges your report but does not provide any further
-response or engagement within 14 days, escalation is also appropriate.
-
 ### Node.js bug bounty program
 
 The Node.js project engages in an official bug bounty program for security

benchmark/cluster/echo.js

@@ -8,7 +8,7 @@ if (cluster.isPrimary) {
     payload: ['string', 'object'],
     sendsPerBroadcast: [1, 10],
     serialization: ['json', 'advanced'],
-    n: [1e3],
+    n: [1e5],
   });
 
   function main({

benchmark/dgram/multi-buffer.js

@@ -5,18 +5,18 @@ const common = require('../common.js');
 const dgram = require('dgram');
 const PORT = common.PORT;
 
-// `n` is the number of send requests to queue up each time.
+// `num` is the number of send requests to queue up each time.
 // Keep it reasonably high (>10) otherwise you're benchmarking the speed of
 // event loop cycles more than anything else.
 const bench = common.createBenchmark(main, {
-  len: [64, 512, 1024],
-  n: [100],
-  chunks: [1, 8],
+  len: [64, 256, 1024],
+  num: [100],
+  chunks: [1, 2, 4, 8],
   type: ['send', 'recv'],
   dur: [5],
 });
 
-function main({ dur, len, n, type, chunks }) {
+function main({ dur, len, num, type, chunks }) {
   const chunk = [];
   for (let i = 0; i < chunks; i++) {
     chunk.push(Buffer.allocUnsafe(Math.round(len / chunks)));
@@ -26,11 +26,11 @@ function main({ dur, len, n, type, chunks }) {
   const socket = dgram.createSocket('udp4');
 
   function onsend() {
-    if (sent++ % n === 0) {
+    if (sent++ % num === 0) {
       // The setImmediate() is necessary to have event loop progress on OSes
       // that only perform synchronous I/O on nonblocking UDP sockets.
       setImmediate(() => {
-        for (let i = 0; i < n; i++) {
+        for (let i = 0; i < num; i++) {
           socket.send(chunk, PORT, '127.0.0.1', onsend);
         }
       });

benchmark/zlib/crc32.js

@@ -8,9 +8,7 @@
 #include <openssl/rand.h>
 #include <openssl/x509v3.h>
 #include <algorithm>
-#include <array>
 #include <cstring>
-#include <string_view>
 #if OPENSSL_VERSION_MAJOR >= 3
 #include <openssl/core_names.h>
 #include <openssl/params.h>
@@ -1096,29 +1094,6 @@ BIOPointer X509View::getValidTo() const {
   return bio;
 }
 
-std::optional<std::string_view> X509View::getSignatureAlgorithm() const {
-  if (cert_ == nullptr) return std::nullopt;
-  int nid = X509_get_signature_nid(cert_);
-  if (nid == NID_undef) return std::nullopt;
-  const char* ln = OBJ_nid2ln(nid);
-  if (ln == nullptr) return std::nullopt;
-  return std::string_view(ln);
-}
-
-std::optional<std::string> X509View::getSignatureAlgorithmOID() const {
-  if (cert_ == nullptr) return std::nullopt;
-  const X509_ALGOR* alg = nullptr;
-  X509_get0_signature(nullptr, &alg, cert_);
-  if (alg == nullptr) return std::nullopt;
-  const ASN1_OBJECT* obj = nullptr;
-  X509_ALGOR_get0(&obj, nullptr, nullptr, alg);
-  if (obj == nullptr) return std::nullopt;
-  std::array<char, 128> buf{};
-  int len = OBJ_obj2txt(buf.data(), buf.size(), obj, 1);
-  if (len < 0 || static_cast<size_t>(len) >= buf.size()) return std::nullopt;
-  return std::string(buf.data(), static_cast<size_t>(len));
-}
-
 int64_t X509View::getValidToTime() const {
 #ifdef OPENSSL_IS_BORINGSSL
   // Boringssl does not implement ASN1_TIME_to_tm in a public way,

deps/ncrypto/ncrypto.cc

@@ -1191,8 +1191,6 @@ class X509View final {
   BIOPointer getInfoAccess() const;
   BIOPointer getValidFrom() const;
   BIOPointer getValidTo() const;
-  std::optional<std::string_view> getSignatureAlgorithm() const;
-  std::optional<std::string> getSignatureAlgorithmOID() const;
   int64_t getValidFromTime() const;
   int64_t getValidToTime() const;
   DataPointer getSerialNumber() const;