Added new release key for signing future Node.js releases.
Backend changelog updates
Runtime, databases, API services, queues, and backend operations. Follow release notes, breaking changes, security patches, pricing updates, and community reactions from this channel.
Use this Backend changelog channel to compare product release notes, discover risky migrations, and build a weekly digest for the tools in this stack.
Products in this channel
Latest Backend changelog updates
Introduced numerous new APIs and enhancements: caller‑supplied readFile buffers, synchronous dgram connect/bind, TCP KEEPINTVL/KEEPCNT in net.setKeepAlive, TLS certificateCompression option, HTTP idle‑socket cleanup, loader package maps,...
Updated crypto subsystem: new root certificates (NSS 3.123.1), added TurboSHAKE, KangarooTwelve, ML‑KEM and other algorithms, hardened WebCrypto checks and unified key import handling.
Fixed unexpected behavior introduced by the prior security release (22.23.0).
Fixed multiple high‑severity security bugs in TLS, crypto, HTTP/2, DNS, and permission handling (e.g., hostname normalization, WebCrypto output length guard, SNI case‑sensitivity)
Strengthened TLS and DNS security: hostname normalization for server identity, case‑sensitive SNI fix, rejecting hostnames with embedded NUL bytes, and binding reusable sessions to authenticated hosts.
TLS hardening: normalize hostnames for server identity, fix case‑sensitive SNI matching, and bind reusable sessions to authenticated hosts
Critical bug fixes across Redis core and modules: resolves start failures on AArch64, memory accounting errors, Lua debugger copy issues, and XREADGROUP consumer inconsistencies.