deps: update OpenSSL to 3.0.16 #57335

nodejs-github-bot · 2025-03-05T20:58:01Z

This is an automated update of OpenSSL to 3.0.16.

nodejs-github-bot · 2025-03-05T20:58:06Z

Review requested:

@nodejs/security-wg

nodejs-github-bot · 2025-03-05T21:24:09Z

CI: https://ci.nodejs.org/job/node-test-pull-request/65592/

lpinca

RSLGTM

jasnell · 2025-03-07T15:50:10Z

So I know, is this updating to the mainline OpenSSL or is this still the quictls fork?

richardlau · 2025-03-07T16:02:22Z

So I know, is this updating to the mainline OpenSSL or is this still the quictls fork?

Mainline OpenSSL. It is the result of running the GitHub OpenSSL update workflow after landing #57301.

jasnell · 2025-03-08T14:18:58Z

Note that the maintaining openssl doc will need to be updated also, as that still refers to the quictls fork. I've started locally trying to see how well openssl 3.5 builds. ~~So far I've run into one issue with comp.h.in not generating.~~ ... ok, yeah, as expected there are a number of updates that need to be made to the build files for 3.5 to build. Several new header templates to generate, other headers and impl files that have moved around.

panva · 2025-03-08T20:46:04Z

Note that the maintaining openssl doc will need to be updated also, as that still refers to the quictls fork. I've started locally trying to see how well openssl 3.5 builds. ~~So far I've run into one issue with comp.h.in not generating.~~ ... ok, yeah, as expected there are a number of updates that need to be made to the build files for 3.5 to build. Several new header templates to generate, other headers and impl files that have moved around.

Really? I've built and installed 3.5 from main and built/linked it to Node.js with 0 issues just a couple days ago. Warnings many, errors 0. macOS here, only ran tools/test.py -J crypto webcrypto tho

jasnell · 2025-03-08T20:50:21Z

Interesting. What process did you use for updating? I'm trying from master and it's just not building

panva · 2025-03-08T20:55:11Z

Interesting. What process did you use for updating? I'm trying from master and it's just not building

cloned openssl, configure, make, make install
in node ./configure --shared-openssl --shared-openssl-includes=/usr/local/include --shared-openssl-libpath=/usr/local/lib --node-builtin-modules-path $(pwd) --ninja and make

./node -p process.versions.openssl
3.5.0-dev

➜  node git:(main) tools/test.py -J crypto webcrypto 
[00:07|% 100|+ 135|-   0]: Done                                               

All tests passed.

panva · 2025-03-08T20:59:27Z

Granted first I tried just copying the openssl repo to deps but that has failed spectacularly.

jasnell · 2025-03-08T21:04:17Z

Ok yeah, I was going the "official" route with deps and that was... A big fail.

richardlau · 2025-03-10T01:31:10Z

Force pushed to remove the errant commit added by the failed https://github.com/nodejs/node/actions/runs/13742937148. It looks like the workflow doesn't handle the case when a pull request is already open properly.

nodejs-github-bot · 2025-03-10T02:38:12Z

Commit Queue failed

- Loading data for nodejs/node/pull/57335
✔  Done loading data for nodejs/node/pull/57335
----------------------------------- PR info ------------------------------------
Title      deps: update OpenSSL to 3.0.16 (#57335)
   ⚠  Could not retrieve the email or name of the PR author's from user's GitHub profile!
Branch     nodejs-github-bot:actions/tools-update-openssl -> nodejs:main
Labels     openssl, needs-ci, dependencies, commit-queue-rebase
Commits    2
 - deps: upgrade openssl sources to quictls/openssl-3.0.16
 - deps: update archs files for openssl-3.0.16
Committers 1
 - Node.js GitHub Bot <github-bot@iojs.org>
PR-URL: https://github.com/nodejs/node/pull/57335
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
------------------------------ Generated metadata ------------------------------
PR-URL: https://github.com/nodejs/node/pull/57335
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
--------------------------------------------------------------------------------
   ⚠  Something was pushed to the Pull Request branch since the last approving review.
   ℹ  This PR was created on Wed, 05 Mar 2025 20:58:01 GMT
   ✔  Approvals: 5
   ✔  - Richard Lau (@richardlau) (TSC): https://github.com/nodejs/node/pull/57335#pullrequestreview-2662624837
   ✔  - Rafael Gonzaga (@RafaelGSS) (TSC): https://github.com/nodejs/node/pull/57335#pullrequestreview-2662896273
   ✔  - Marco Ippolito (@marco-ippolito) (TSC): https://github.com/nodejs/node/pull/57335#pullrequestreview-2663643318
   ✔  - Filip Skokan (@panva): https://github.com/nodejs/node/pull/57335#pullrequestreview-2664017903
   ✔  - Luigi Pinca (@lpinca): https://github.com/nodejs/node/pull/57335#pullrequestreview-2666951771
   ✘  Last GitHub CI failed
   ℹ  Last Full PR CI on 2025-03-05T21:24:09Z: https://ci.nodejs.org/job/node-test-pull-request/65592/
- Querying data for job/node-test-pull-request/65592/
   ✔  Last Jenkins CI successful
--------------------------------------------------------------------------------
   ✔  Aborted `git node land` session in /home/runner/work/node/node/.ncu

https://github.com/nodejs/node/actions/runs/13755630211

PR-URL: #57335 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>

deps: upgrade openssl sources to quictls/openssl-3.0.16

d2931bd

nodejs-github-bot added dependencies Pull requests that update a dependency file. openssl Issues and PRs related to the OpenSSL dependency. labels Mar 5, 2025

nodejs-github-bot added the needs-ci PRs that need a full CI run. label Mar 5, 2025

deps: update archs files for openssl-3.0.16

0aa4e81

richardlau mentioned this pull request Mar 5, 2025

deps: upgrade to OpenSSL to 3.0.16 #57302

Closed

richardlau added the request-ci Add this label to start a Jenkins CI on a PR. label Mar 5, 2025

github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Mar 5, 2025

richardlau approved these changes Mar 5, 2025

View reviewed changes

RafaelGSS approved these changes Mar 6, 2025

View reviewed changes

marco-ippolito approved these changes Mar 6, 2025

View reviewed changes

panva approved these changes Mar 6, 2025

View reviewed changes

lpinca approved these changes Mar 7, 2025

View reviewed changes

richardlau force-pushed the actions/tools-update-openssl branch from 6c84d14 to 0aa4e81 Compare March 10, 2025 01:27

richardlau added commit-queue Add this label to land a pull request using GitHub Actions. commit-queue-rebase Add this label to allow the Commit Queue to land a PR in several commits. labels Mar 10, 2025

nodejs-github-bot added commit-queue-failed An error occurred while landing this pull request using GitHub Actions. and removed commit-queue Add this label to land a pull request using GitHub Actions. labels Mar 10, 2025

aduh95 mentioned this pull request Apr 11, 2025

2025-04-23, Version 22.15.0 'Jod' (LTS), @UlisesGascon prepared by @RafaelGSS #57840

Merged

marco-ippolito mentioned this pull request Aug 20, 2025

2025-08-28, Version 20.19.5 'Iron' (LTS) #59551

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

deps: update OpenSSL to 3.0.16 #57335

deps: update OpenSSL to 3.0.16 #57335

Uh oh!

nodejs-github-bot commented Mar 5, 2025

Uh oh!

nodejs-github-bot commented Mar 5, 2025

Uh oh!

nodejs-github-bot commented Mar 5, 2025

Uh oh!

lpinca left a comment

Uh oh!

jasnell commented Mar 7, 2025

Uh oh!

richardlau commented Mar 7, 2025 •

edited

Loading

Uh oh!

jasnell commented Mar 8, 2025 •

edited

Loading

Uh oh!

panva commented Mar 8, 2025 •

edited

Loading

Uh oh!

jasnell commented Mar 8, 2025

Uh oh!

panva commented Mar 8, 2025

Uh oh!

panva commented Mar 8, 2025

Uh oh!

jasnell commented Mar 8, 2025

Uh oh!

richardlau commented Mar 10, 2025

Uh oh!

nodejs-github-bot commented Mar 10, 2025

Uh oh!

Uh oh!

Uh oh!

deps: update OpenSSL to 3.0.16 #57335

deps: update OpenSSL to 3.0.16 #57335

Uh oh!

Conversation

nodejs-github-bot commented Mar 5, 2025

Uh oh!

nodejs-github-bot commented Mar 5, 2025

Uh oh!

nodejs-github-bot commented Mar 5, 2025

Uh oh!

lpinca left a comment

Choose a reason for hiding this comment

Uh oh!

jasnell commented Mar 7, 2025

Uh oh!

richardlau commented Mar 7, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

jasnell commented Mar 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

panva commented Mar 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

jasnell commented Mar 8, 2025

Uh oh!

panva commented Mar 8, 2025

Uh oh!

panva commented Mar 8, 2025

Uh oh!

jasnell commented Mar 8, 2025

Uh oh!

richardlau commented Mar 10, 2025

Uh oh!

nodejs-github-bot commented Mar 10, 2025

Uh oh!

Uh oh!

richardlau commented Mar 7, 2025 •

edited

Loading

jasnell commented Mar 8, 2025 •

edited

Loading

panva commented Mar 8, 2025 •

edited

Loading