- TLS hardening: normalize hostnames for server identity, fix case‑sensitive SNI matching, and bind reusable sessions to authenticated hosts
- Security fixes across core modules: guard WebCrypto cipher output length, reject hostnames with embedded NUL bytes, limit HTTP/2 originSet size, and redact proxy credentials in tunnel errors
- Dependency updates: nghttp2 to 1.69.0, OpenSSL to 3.5.7, llhttp to 9.4.2, and Undici to 6.27.0
2026-06-18, Version 22.23.0 'Jod' (LTS), @aduh95
Official Node.js changelog summary with source attribution, release tags, and community reactions.
Track this Node.js release note alongside related changelog updates, risky changes, and weekly digest signals from the developer community.
Verify the original release note
Every summary should remain traceable to the original changelog or release source.
More Node.js changelog updates
Introduced numerous new APIs and enhancements: caller‑supplied readFile buffers, synchronous dgram connect/bind, TCP KEEPINTVL/KEEPCNT in net.setKeepAlive, TLS certificateCompression option, HTTP idle‑socket cleanup, loader package maps,...
Community impact
Community ratings: 0 Useful, 0 Noise, 0 Risky, 0 Broke, 0 Try.