chore: bump node to v16.10.0 (main) (#31094)

Co-authored-by: Shelley Vohr <[email protected]>

DEPS

@@ -17,7 +17,7 @@ vars = {
   'chromium_version':
     '95.0.4629.0',
   'node_version':
-    'v16.9.1',
+    'v16.10.0',
   'nan_version':
     # The following commit hash of NAN is v2.14.2 with *only* changes to the
     # test suite. This should be updated to a specific tag when one becomes

patches/node/.patches

@@ -24,5 +24,4 @@ fix_account_for_debugger_agent_race_condition.patch
 add_should_read_node_options_from_env_option_to_disable_node_options.patch
 repl_fix_crash_when_sharedarraybuffer_disabled.patch
 fix_readbarrier_undefined_symbol_error_on_woa_arm64.patch
-fix_-wunreachable-code-return.patch
 fix_crash_creating_private_key_with_unsupported_algorithm.patch

patches/node/add_should_read_node_options_from_env_option_to_disable_node_options.patch

@@ -21,7 +21,7 @@ index 1cc7da1ce15f43905ce607adcc1a23ed9d92948a..16af6aec3791df1363682f1ed024c522
                           Isolate* isolate,
                           const std::vector<std::string>& args,
 diff --git a/src/env.h b/src/env.h
-index b38a69fc06a189569524df767dbbbe5c1985aa20..6b22cc4aaaf59d309d1bcebfbb3710ceeafd13e6 100644
+index d31512ae37fba212a20cf306be46f7dfadeabd6a..8286ea06cc5c4e836921b06b37cf19d4508f4832 100644
 --- a/src/env.h
 +++ b/src/env.h
 @@ -1145,6 +1145,8 @@ class Environment : public MemoryRetainer {
@@ -34,7 +34,7 @@ index b38a69fc06a189569524df767dbbbe5c1985aa20..6b22cc4aaaf59d309d1bcebfbb3710ce
    inline std::vector<double>* destroy_async_id_list();
  
 diff --git a/src/node.cc b/src/node.cc
-index 6302bb925339d709a54151a8fc8b58f1a2253881..48a9eedfaf6350fc05fb104a1f44e85b75878f9a 100644
+index 788e61645a281197cb3a1f3acbae427ddae1ab23..5afd3541d52d275d55067ddb1c11a585214eff41 100644
 --- a/src/node.cc
 +++ b/src/node.cc
 @@ -882,7 +882,7 @@ int InitializeNodeWithArgs(std::vector<std::string>* argv,
@@ -47,10 +47,10 @@ index 6302bb925339d709a54151a8fc8b58f1a2253881..48a9eedfaf6350fc05fb104a1f44e85b
          ParseNodeOptionsEnvVar(node_options, errors);
  
 diff --git a/src/node_worker.cc b/src/node_worker.cc
-index 3e3cb67d9e8c8b1ea867ff31d96a81709b47cc8d..679282e688258314fcd594bab7fd711cac2c9e48 100644
+index 16b7be36f284311f38583fa1df28a2945560b524..62a7dae080fad7e18863968dee22dbe4b461ab82 100644
 --- a/src/node_worker.cc
 +++ b/src/node_worker.cc
-@@ -457,6 +457,7 @@ void Worker::New(const FunctionCallbackInfo<Value>& args) {
+@@ -467,6 +467,7 @@ void Worker::New(const FunctionCallbackInfo<Value>& args) {
      });
  
  #ifndef NODE_WITHOUT_NODE_OPTIONS
@@ -58,7 +58,7 @@ index 3e3cb67d9e8c8b1ea867ff31d96a81709b47cc8d..679282e688258314fcd594bab7fd711c
      MaybeLocal<String> maybe_node_opts =
          env_vars->Get(isolate, OneByteString(isolate, "NODE_OPTIONS"));
      Local<String> node_opts;
-@@ -487,6 +488,7 @@ void Worker::New(const FunctionCallbackInfo<Value>& args) {
+@@ -497,6 +498,7 @@ void Worker::New(const FunctionCallbackInfo<Value>& args) {
          return;
        }
      }

patches/node/build_add_gn_build_files.patch

@@ -1781,7 +1781,7 @@ index 0000000000000000000000000000000000000000..d1d6b51e8c0c5bc6a5d09e217eb30483
 +  args = rebase_path(inputs + outputs, root_build_dir)
 +}
 diff --git a/src/node_version.h b/src/node_version.h
-index 48b8d9f22fb98d0733630eaea3194d746fba8a2f..a7a12564e4dd9320959d07fb4ab1527f942cf115 100644
+index a572d9b95853730a29a67349b46d47d6180586f3..888a95f93411a9168b75751e0af12c74fc5f0ba9 100644
 --- a/src/node_version.h
 +++ b/src/node_version.h
 @@ -89,7 +89,10 @@

patches/node/chore_add_context_to_context_aware_module_prevention.patch

@@ -8,7 +8,7 @@ modules from being used in the renderer process. This should be upstreamed as
 a customizable error message.
 
 diff --git a/src/node_binding.cc b/src/node_binding.cc
-index 8b8389ae53608afedc9cc0ad2a6c8461b7aa893e..e79ddab7d73c6297ef1dc74b2a0ce469bf49e37c 100644
+index e323f76261f2028ef58da74066f9112d8a5a8df2..02d8566caffb86d05645fb602ca7b5c6b8c71aa9 100644
 --- a/src/node_binding.cc
 +++ b/src/node_binding.cc
 @@ -4,6 +4,7 @@
@@ -19,7 +19,7 @@ index 8b8389ae53608afedc9cc0ad2a6c8461b7aa893e..e79ddab7d73c6297ef1dc74b2a0ce469
  #include "util.h"
  
  #include <string>
-@@ -466,7 +467,12 @@ void DLOpen(const FunctionCallbackInfo<Value>& args) {
+@@ -472,7 +473,12 @@ void DLOpen(const FunctionCallbackInfo<Value>& args) {
        if (mp->nm_context_register_func == nullptr) {
          if (env->force_context_aware()) {
            dlib->Close();

patches/node/chore_allow_the_node_entrypoint_to_be_a_builtin_module.patch

@@ -8,10 +8,10 @@ they use themselves as the entry point. We should try to upstream some form
 of this.
 
 diff --git a/lib/internal/bootstrap/pre_execution.js b/lib/internal/bootstrap/pre_execution.js
-index 076eb528af016b9143985685bc6d1e7c14fa80e6..40370102a2f0b6e692761626653c232a77810fbc 100644
+index 9d2799c3c9ac3b216c2289ae4e037dd228844d23..5b31df1207d4417a6f9b784574e3779650ba21d2 100644
 --- a/lib/internal/bootstrap/pre_execution.js
 +++ b/lib/internal/bootstrap/pre_execution.js
-@@ -104,10 +104,12 @@ function patchProcessObject(expandArgv1) {
+@@ -105,10 +105,12 @@ function patchProcessObject(expandArgv1) {
    if (expandArgv1 && process.argv[1] &&
        !StringPrototypeStartsWith(process.argv[1], '-')) {
      // Expand process.argv[1] into a full path.

patches/node/enable_31_bit_smis_on_64bit_arch_and_ptr_compression.patch

@@ -8,7 +8,7 @@ node modules will have different (wrong) ideas about how v8 structs are laid
 out in memory on 64-bit machines, and will summarily fail to work.
 
 diff --git a/common.gypi b/common.gypi
-index 75fc36bc3c0eee65a6bb00ec31c79aabf3bb7dde..82722da38f0027626e204dd7a33f7bc5e070059d 100644
+index c222ed20be858544d454c59192889132eaa9e1ee..4f352dea639cc9ab8913b915d35df4edf4fb6a06 100644
 --- a/common.gypi
 +++ b/common.gypi
 @@ -64,7 +64,7 @@

patches/node/expose_get_builtin_module_function.patch

@@ -9,10 +9,10 @@ modules to sandboxed renderers.
 TODO(codebytere): remove and replace with a public facing API.
 
 diff --git a/src/node_binding.cc b/src/node_binding.cc
-index 3c9776e655d0e458cdd3ab7c3adafff7de339cc5..8b8389ae53608afedc9cc0ad2a6c8461b7aa893e 100644
+index 050c5dff0ad5fc0692e348741b820762d40bd498..e323f76261f2028ef58da74066f9112d8a5a8df2 100644
 --- a/src/node_binding.cc
 +++ b/src/node_binding.cc
-@@ -608,6 +608,10 @@ void GetInternalBinding(const FunctionCallbackInfo<Value>& args) {
+@@ -614,6 +614,10 @@ void GetInternalBinding(const FunctionCallbackInfo<Value>& args) {
    args.GetReturnValue().Set(exports);
  }
  

patches/node/feat_add_flags_for_low-level_hooks_and_exceptions.patch

@@ -24,7 +24,7 @@ Environment on the V8 context of blink, so no new V8 context is created.
 As a result, a renderer process may have multiple Node Environments in it.
 
 diff --git a/src/node.cc b/src/node.cc
-index 3ee25ebbd67a01d607456e5158c98ca2fdea396b..6302bb925339d709a54151a8fc8b58f1a2253881 100644
+index acf4f0fac03c0ba655d55bc832a37a816ac26a33..788e61645a281197cb3a1f3acbae427ddae1ab23 100644
 --- a/src/node.cc
 +++ b/src/node.cc
 @@ -139,6 +139,8 @@ using v8::Undefined;
@@ -67,7 +67,7 @@ index 3ee25ebbd67a01d607456e5158c98ca2fdea396b..6302bb925339d709a54151a8fc8b58f1
    std::string tz;
    if (credentials::SafeGetenv("TZ", &tz) && !tz.empty()) {
 diff --git a/src/node.h b/src/node.h
-index 049163bf27cc7c1d6433b65becab0d7761491f09..09cb7a317cc46e88e5d214996dc87dc6e8730b1a 100644
+index 1f9afa558d0c8b7950a0f5862017e09a08118ec1..45de72bd94cf669ac2badf89d23164cb7022a5b3 100644
 --- a/src/node.h
 +++ b/src/node.h
 @@ -213,6 +213,8 @@ namespace node {

patches/node/feat_initialize_asar_support.patch

@@ -6,10 +6,10 @@ Subject: feat: initialize asar support
 This patch initializes asar support in Node.js.
 
 diff --git a/lib/internal/bootstrap/pre_execution.js b/lib/internal/bootstrap/pre_execution.js
-index 0906b35edc5ff38fb7730eba9cebcc0e472fe56c..076eb528af016b9143985685bc6d1e7c14fa80e6 100644
+index a4c73cba5481b3005474742483a554c93358c4e1..9d2799c3c9ac3b216c2289ae4e037dd228844d23 100644
 --- a/lib/internal/bootstrap/pre_execution.js
 +++ b/lib/internal/bootstrap/pre_execution.js
-@@ -76,6 +76,7 @@ function prepareMainThreadExecution(expandArgv1 = false) {
+@@ -77,6 +77,7 @@ function prepareMainThreadExecution(expandArgv1 = false) {
    assert(!CJSLoader.hasLoadedAnyUserCJSModule);
    loadPreloadModules();
    initializeFrozenIntrinsics();
@@ -17,7 +17,7 @@ index 0906b35edc5ff38fb7730eba9cebcc0e472fe56c..076eb528af016b9143985685bc6d1e7c
  }
  
  function patchProcessObject(expandArgv1) {
-@@ -482,6 +483,10 @@ function loadPreloadModules() {
+@@ -485,6 +486,10 @@ function loadPreloadModules() {
    }
  }
  

patches/node/fix_-wunreachable-code-return.patch

@@ -1,33 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: deepak1556 <[email protected]>
-Date: Fri, 20 Aug 2021 22:41:11 -0700
-Subject: fix: -Wunreachable-code-return
-
-Should be upstreamed.
-
-Upstreamed in https://github.com/nodejs/node/pull/40034.
-
-diff --git a/src/inspector_agent.cc b/src/inspector_agent.cc
-index 612ce2b78b41badccbbce0616dffd86de042738f..c4a3322c6d972fc2052af75b79389c522924d9c5 100644
---- a/src/inspector_agent.cc
-+++ b/src/inspector_agent.cc
-@@ -87,7 +87,6 @@ inline void* StartIoThreadMain(void* unused) {
-     if (agent != nullptr)
-       agent->RequestIoThreadStart();
-   }
--  return nullptr;
- }
- 
- static int StartDebugSignalHandler() {
-diff --git a/src/node_url.cc b/src/node_url.cc
-index d7549e3bc05562d67bdef5aebf1fefa550b72eb6..d78cb7a3e1ceb075bd532e823a915b18f5a52afd 100644
---- a/src/node_url.cc
-+++ b/src/node_url.cc
-@@ -600,7 +600,6 @@ std::string URLHost::ToString() const {
-     case HostType::H_DOMAIN:
-     case HostType::H_OPAQUE:
-       return value_.domain_or_opaque;
--      break;
-     case HostType::H_IPV4: {
-       dest.reserve(15);
-       uint32_t value = value_.ipv4;

patches/node/fix_add_default_values_for_variables_in_common_gypi.patch

@@ -7,7 +7,7 @@ common.gypi is a file that's included in the node header bundle, despite
 the fact that we do not build node with gyp.
 
 diff --git a/common.gypi b/common.gypi
-index 013f24b107408f757f4bdb950be519f61bc5358b..75fc36bc3c0eee65a6bb00ec31c79aabf3bb7dde 100644
+index 7bc2b3abf470193640b40824ffb17891088cabfb..c222ed20be858544d454c59192889132eaa9e1ee 100644
 --- a/common.gypi
 +++ b/common.gypi
 @@ -81,6 +81,23 @@

patches/node/fix_add_v8_enable_reverse_jsargs_defines_in_common_gypi.patch

@@ -6,7 +6,7 @@ Subject: fix: add v8_enable_reverse_jsargs defines in common.gypi
 This can be removed once node upgrades V8 and inevitably has to do this exact same thing.  Also hi node people if you are looking at this.
 
 diff --git a/common.gypi b/common.gypi
-index 82722da38f0027626e204dd7a33f7bc5e070059d..f330d4e92a585d7d72e8322cebb5606fe7220e8c 100644
+index 4f352dea639cc9ab8913b915d35df4edf4fb6a06..63c7d2b1da5f1c83f02f856e0d14198bfed6787e 100644
 --- a/common.gypi
 +++ b/common.gypi
 @@ -65,6 +65,7 @@
@@ -25,7 +25,7 @@ index 82722da38f0027626e204dd7a33f7bc5e070059d..f330d4e92a585d7d72e8322cebb5606f
      ##### end V8 defaults #####
  
      # When building native modules using 'npm install' with the system npm,
-@@ -384,6 +386,9 @@
+@@ -385,6 +387,9 @@
        ['v8_enable_pointer_compression == 1 or v8_enable_31bit_smis_on_64bit_arch == 1', {
          'defines': ['V8_31BIT_SMIS_ON_64BIT_ARCH'],
        }],

patches/node/fix_allow_preventing_initializeinspector_in_env.patch

@@ -36,11 +36,11 @@ index 523d252e08974a10f9a53fb46d3345669cec3380..5bf19a0dda42849159d954181058897c
  #endif
  
 diff --git a/src/env-inl.h b/src/env-inl.h
-index 061897d95d8b5f61968c59260e609d7be724b88f..7c7ee3207089bf3e51db646a367bdd6deba18628 100644
+index 2b000ed9ace5f73bfe0e8cab3e83ce94804f9c55..a1690712c457534d70db777cb722537913f86a0e 100644
 --- a/src/env-inl.h
 +++ b/src/env-inl.h
-@@ -881,6 +881,10 @@ inline bool Environment::hide_console_windows() const {
-   return flags_ & EnvironmentFlags::kHideConsoleWindows;
+@@ -891,6 +891,10 @@ inline bool Environment::no_global_search_paths() const {
+          !options_->global_search_paths;
  }
  
 +inline bool Environment::should_initialize_inspector() const {
@@ -51,31 +51,31 @@ index 061897d95d8b5f61968c59260e609d7be724b88f..7c7ee3207089bf3e51db646a367bdd6d
    return emit_filehandle_warning_;
  }
 diff --git a/src/env.h b/src/env.h
-index 4fd5be8e15029b65d61982aa32eba2cd27957fce..b38a69fc06a189569524df767dbbbe5c1985aa20 100644
+index f055e6b45013d9f8c039c662981bfd54f08266f6..d31512ae37fba212a20cf306be46f7dfadeabd6a 100644
 --- a/src/env.h
 +++ b/src/env.h
-@@ -1202,6 +1202,7 @@ class Environment : public MemoryRetainer {
-   inline bool owns_inspector() const;
+@@ -1204,6 +1204,7 @@ class Environment : public MemoryRetainer {
    inline bool tracks_unmanaged_fds() const;
    inline bool hide_console_windows() const;
+   inline bool no_global_search_paths() const;
 +  inline bool should_initialize_inspector() const;
    inline uint64_t thread_id() const;
    inline worker::Worker* worker_context() const;
    Environment* worker_parent_env() const;
 diff --git a/src/node.h b/src/node.h
-index b7f3e97873ef90b635e0648639f1a287a0bd88fa..48e378079f6d05e7cc1141a8875450b125028789 100644
+index 364f789fbcbec8e3234961294698d8e69b04a310..85b5ac6a5a5cb5e4388a92a1d07c9afe17140a8c 100644
 --- a/src/node.h
 +++ b/src/node.h
-@@ -409,7 +409,11 @@ enum Flags : uint64_t {
-   // Set this flag to force hiding console windows when spawning child
-   // processes. This is usually used when embedding Node.js in GUI programs on
-   // Windows.
--  kHideConsoleWindows = 1 << 5
-+  kHideConsoleWindows = 1 << 5,
+@@ -420,7 +420,11 @@ enum Flags : uint64_t {
+   // $HOME/.node_modules and $NODE_PATH. This is used by standalone apps that
+   // do not expect to have their behaviors changed because of globally
+   // installed modules.
+-  kNoGlobalSearchPaths = 1 << 7
++  kNoGlobalSearchPaths = 1 << 7,
 +  // Controls whether or not the Environment should call InitializeInspector.
 +  // This control is needed by embedders who may not want to initialize the V8
 +  // inspector in situations where it already exists.
-+  kNoInitializeInspector = 1 << 6
++  kNoInitializeInspector = 1 << 8
  };
  }  // namespace EnvironmentFlags
  

patches/node/fix_crash_creating_private_key_with_unsupported_algorithm.patch

@@ -19,10 +19,10 @@ JavaScript level and throwing an error if the function returns false.
 This patch will be upstreamed in some form.
 
 diff --git a/lib/internal/crypto/keys.js b/lib/internal/crypto/keys.js
-index 4d5545ab1aae1ad392ac1fea878b887f4a8736c4..bde806e71a7b299ec2855de8e78c3e9ab449f508 100644
+index ce053fbb4b800a67adcd5642a6ef09f8f2a21ce6..1b0e4b8791cf422bba331b242cd7df29b18c9da8 100644
 --- a/lib/internal/crypto/keys.js
 +++ b/lib/internal/crypto/keys.js
-@@ -437,15 +437,19 @@ function getKeyObjectHandleFromJwk(key, ctx) {
+@@ -436,15 +436,19 @@ function getKeyObjectHandleFromJwk(key, ctx) {
  
      const handle = new KeyObjectHandle();
      if (isPublic) {

patches/node/fix_crypto_tests_to_run_with_bssl.patch

@@ -508,306 +508,6 @@ index af2146982c7a3bf7bd7527f44e4b17a3b605026e..f6b91f675cfea367c608892dee078b56
  
    // Non-XOF hash functions should accept valid outputLength options as well.
    assert.strictEqual(crypto.createHash('sha224', { outputLength: 28 })
-diff --git a/test/parallel/test-crypto-key-objects.js b/test/parallel/test-crypto-key-objects.js
-index c2c47a9ce72f124c78f2743cf88ccd96d714fa1b..fcdbad0262fa1dd8a7858f255d0e5e45a470f72a 100644
---- a/test/parallel/test-crypto-key-objects.js
-+++ b/test/parallel/test-crypto-key-objects.js
-@@ -307,11 +307,11 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
-   }, common.hasOpenSSL3 ? {
-     message: 'error:1E08010C:DECODER routines::unsupported',
-   } : {
--    message: 'error:0909006C:PEM routines:get_name:no start line',
--    code: 'ERR_OSSL_PEM_NO_START_LINE',
--    reason: 'no start line',
--    library: 'PEM routines',
--    function: 'get_name',
-+    message: /error:2007E073:BIO routines:BIO_new_mem_buf:null parameter|error:0900006e:PEM routines:OPENSSL_internal:NO_START_LINE/,
-+    code: /ERR_OSSL_BIO_NULL_PARAMETER|ERR_OSSL_PEM_NO_START_LINE/,
-+    reason: /null parameter|NO_START_LINE/,
-+    library: /BIO routines|PEM routines/,
-+    function: /BIO_new_mem_buf|OPENSSL_internal/,
-   });
- 
-   // This should not abort either: https://github.com/nodejs/node/issues/29904
-@@ -334,8 +334,8 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
-     message: /error:1E08010C:DECODER routines::unsupported/,
-     library: 'DECODER routines'
-   } : {
--    message: /asn1 encoding/,
--    library: 'asn1 encoding routines'
-+    message: /asn1 encoding|DECODE_ERROR/,
-+    library: /asn1 encoding routines|public key routines/
-   });
- }
- 
-@@ -349,6 +349,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
-       d: 'wVK6M3SMhQh3NK-7GRrSV-BVWQx1FO5pW8hhQeu_NdA',
-       kty: 'OKP'
-     } },
-+/*
-   { private: fixtures.readKey('ed448_private.pem', 'ascii'),
-     public: fixtures.readKey('ed448_public.pem', 'ascii'),
-     keyType: 'ed448',
-@@ -380,6 +381,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
-          'S0jlSYJk',
-       kty: 'OKP'
-     } },
-+*/
- ].forEach((info) => {
-   const keyType = info.keyType;
- 
-@@ -421,7 +423,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
-     }
-   }
- });
--
-+/*
- [
-   { private: fixtures.readKey('ec_p256_private.pem', 'ascii'),
-     public: fixtures.readKey('ec_p256_public.pem', 'ascii'),
-@@ -514,7 +516,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
-     }
-   }
- });
--
-+*/
- {
-   // Reading an encrypted key without a passphrase should fail.
-   assert.throws(() => createPrivateKey(privateDsa), common.hasOpenSSL3 ? {
-@@ -546,7 +548,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
-   }), {
-     message: common.hasOpenSSL3 ?
-       'error:1E08010C:DECODER routines::unsupported' :
--      /bad decrypt/
-+      /bad decrypt|error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT/
-   });
- 
-   const publicKey = createPublicKey(publicDsa);
-@@ -569,7 +571,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
-     () => privateKey.export({ format: 'jwk' }),
-     { code: 'ERR_CRYPTO_JWK_UNSUPPORTED_KEY_TYPE' });
- }
--
-+/*
- {
-   // Test RSA-PSS.
-   {
-@@ -767,7 +769,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
-     }
-   }
- }
--
-+*/
- {
-   // Exporting an encrypted private key requires a cipher
-   const privateKey = createPrivateKey(privatePem);
-diff --git a/test/parallel/test-crypto-keygen.js b/test/parallel/test-crypto-keygen.js
-index 09d43317426e712f60d4eba380cd4e044e3f3cf8..43c274b96fbb1c4d8398e2d32b625da21e85d6a6 100644
---- a/test/parallel/test-crypto-keygen.js
-+++ b/test/parallel/test-crypto-keygen.js
-@@ -297,6 +297,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-   }));
- }
- 
-+/*
- {
-   // Test RSA-PSS.
-   generateKeyPair('rsa-pss', {
-@@ -345,7 +346,9 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-     testSignVerify(publicKey, privateKey);
-   }));
- }
-+*/
- 
-+/*
- {
-   // 'rsa-pss' should not add a RSASSA-PSS-params sequence by default.
-   // Regression test for: https://github.com/nodejs/node/issues/39936
-@@ -368,7 +371,9 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-     assert.strictEqual(spki[3], 11, spki.toString('hex'));
-   }));
- }
-+*/
- 
-+/*
- {
-   const privateKeyEncoding = {
-     type: 'pkcs8',
-@@ -417,6 +422,9 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-     });
-   }));
- }
-+*/
-+
-+/*
- {
-   // Test async DSA key object generation.
-   generateKeyPair('dsa', {
-@@ -438,7 +446,9 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-     });
-   }));
- }
-+*/
- 
-+/*
- {
-   // Test async elliptic curve key generation, e.g. for ECDSA, with a SEC1
-   // private key.
-@@ -552,8 +562,10 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-     testSignVerify(publicKey, { key: privateKey, passphrase: 'secret' });
-   }));
- }
-+*/
- 
- {
-+  /*
-   // Test async elliptic curve key generation, e.g. for ECDSA, with an encrypted
-   // private key.
-   generateKeyPair('ec', {
-@@ -590,9 +602,11 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-       passphrase: 'top secret'
-     });
-   }));
-+  */
- 
-   // Test async elliptic curve key generation, e.g. for ECDSA, with an encrypted
-   // private key with paramEncoding explicit.
-+  /*
-   generateKeyPair('ec', {
-     namedCurve: 'P-256',
-     paramEncoding: 'explicit',
-@@ -627,15 +641,16 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-       passphrase: 'top secret'
-     });
-   }));
-+  */
- 
-   // Test async elliptic curve key generation with 'jwk' encoding
-   [
--    ['ec', ['P-384', 'P-256', 'P-521', 'secp256k1']],
-+  ['ec', ['P-384', 'P-256', 'P-521', /*'secp256k1'*/]],
-     ['rsa'],
-     ['ed25519'],
--    ['ed448'],
-+    // ['ed448'],
-     ['x25519'],
--    ['x448'],
-+    // ['x448'],
-   ].forEach((types) => {
-     const [type, options] = types;
-     switch (type) {
-@@ -738,6 +753,8 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-     message: "The property 'options.paramEncoding' is invalid. " +
-       "Received 'otherEncoding'"
-   });
-+
-+  /*
-   assert.throws(() => generateKeyPairSync('dsa', {
-     modulusLength: 4096,
-     publicKeyEncoding: {
-@@ -751,6 +768,8 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-     code: 'ERR_CRYPTO_JWK_UNSUPPORTED_KEY_TYPE',
-     message: 'Unsupported JWK Key Type.'
-   });
-+  */
-+
-   assert.throws(() => generateKeyPairSync('ec', {
-     namedCurve: 'secp224r1',
-     publicKeyEncoding: {
-@@ -1089,6 +1108,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-   }
- }
- 
-+/*
- // Test DSA parameters.
- {
-   // Test invalid modulus lengths.
-@@ -1116,6 +1136,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-     });
-   }
- }
-+*/
- 
- // Test EC parameters.
- {
-@@ -1160,13 +1181,13 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-   }));
- 
-   generateKeyPair('ec', {
--    namedCurve: 'secp256k1',
-+    namedCurve: 'secp521r1',
-   }, common.mustSucceed((publicKey, privateKey) => {
-     assert.deepStrictEqual(publicKey.asymmetricKeyDetails, {
--      namedCurve: 'secp256k1'
-+      namedCurve: 'secp521r1'
-     });
-     assert.deepStrictEqual(privateKey.asymmetricKeyDetails, {
--      namedCurve: 'secp256k1'
-+      namedCurve: 'secp521r1'
-     });
-   }));
- }
-@@ -1174,7 +1195,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
- // Test EdDSA key generation.
- {
-   if (!/^1\.1\.0/.test(process.versions.openssl)) {
--    ['ed25519', 'ed448', 'x25519', 'x448'].forEach((keyType) => {
-+    ['ed25519'/*, 'ed448', 'x25519', 'x448'*/].forEach((keyType) => {
-       generateKeyPair(keyType, common.mustSucceed((publicKey, privateKey) => {
-         assert.strictEqual(publicKey.type, 'public');
-         assert.strictEqual(publicKey.asymmetricKeyType, keyType);
-@@ -1188,6 +1209,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-   }
- }
- 
-+/*
- // Test classic Diffie-Hellman key generation.
- {
-   generateKeyPair('dh', {
-@@ -1300,6 +1322,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
-     });
-   }
- }
-+*/
- 
- // Test invalid key encoding types.
- {
-@@ -1500,6 +1523,7 @@ if (!common.hasOpenSSL3) {
-     }, common.mustSucceed((publicKey, privateKey) => {
-       assert.strictEqual(publicKey.type, 'public');
- 
-+      /*
-       for (const passphrase of ['', Buffer.alloc(0)]) {
-         const privateKeyObject = createPrivateKey({
-           passphrase,
-@@ -1507,6 +1531,7 @@ if (!common.hasOpenSSL3) {
-         });
-         assert.strictEqual(privateKeyObject.asymmetricKeyType, 'rsa');
-       }
-+      */
- 
-       // Encrypting with an empty passphrase is not the same as not encrypting
-       // the key, and not specifying a passphrase should fail when decoding it.
-diff --git a/test/parallel/test-crypto-padding-aes256.js b/test/parallel/test-crypto-padding-aes256.js
-index 14d853bdfd0a5dcc5bdb6e00cb20fdbeaabd2aff..3ae6fc47d4c6a8296a2c3c70daf464fad886a88d 100644
---- a/test/parallel/test-crypto-padding-aes256.js
-+++ b/test/parallel/test-crypto-padding-aes256.js
-@@ -32,13 +32,13 @@ const key = Buffer.from('0123456789abcdef0123456789abcdef' +
-                         '0123456789abcdef0123456789abcdef', 'hex');
- 
- function encrypt(val, pad) {
--  const c = crypto.createCipheriv('aes256', key, iv);
-+  const c = crypto.createCipheriv('aes-256-cbc', key, iv);
-   c.setAutoPadding(pad);
-   return c.update(val, 'utf8', 'latin1') + c.final('latin1');
- }
- 
- function decrypt(val, pad) {
--  const c = crypto.createDecipheriv('aes256', key, iv);
-+  const c = crypto.createDecipheriv('aes-256-cbc', key, iv);
-   c.setAutoPadding(pad);
-   return c.update(val, 'latin1', 'utf8') + c.final('utf8');
- }
 diff --git a/test/parallel/test-crypto-padding.js b/test/parallel/test-crypto-padding.js
 index f1f14b472997e76bb4100edb1c6cf4fc24d1074d..5057e3f9bc5bb78aceffa5e79530f8ceed84e6f7 100644
 --- a/test/parallel/test-crypto-padding.js
@@ -1260,10 +960,10 @@ index 151eebd36c9765df086a020ba42920b2442b1b77..efe97ff2499cba909ac5500d827364fa
  }
  
 diff --git a/test/parallel/test-webcrypto-export-import-rsa.js b/test/parallel/test-webcrypto-export-import-rsa.js
-index 04cf6388fc739d3eab0a8d47857590c7a9b84342..d111e697db652b98dd8a9eb7869b1a98ba6bca79 100644
+index ab7aa77394ac9989514b7a184900092bd6753996..b0104ac45867a923a8c651e01e8c6975a62f7c61 100644
 --- a/test/parallel/test-webcrypto-export-import-rsa.js
 +++ b/test/parallel/test-webcrypto-export-import-rsa.js
-@@ -480,6 +480,7 @@ const testVectors = [
+@@ -481,6 +481,7 @@ const testVectors = [
    await Promise.all(variations);
  })().then(common.mustCall());
  
@@ -1271,11 +971,14 @@ index 04cf6388fc739d3eab0a8d47857590c7a9b84342..d111e697db652b98dd8a9eb7869b1a98
  {
    const publicPem = fixtures.readKey('rsa_pss_public_2048.pem', 'ascii');
    const privatePem = fixtures.readKey('rsa_pss_private_2048.pem', 'ascii');
-@@ -521,3 +522,4 @@ const testVectors = [
+@@ -522,6 +523,7 @@ const testVectors = [
      assert.strictEqual(jwk.alg, 'PS256');
    })().then(common.mustCall());
  }
 +*/
+ 
+ {
+   const ecPublic = crypto.createPublicKey(
 diff --git a/test/parallel/test-webcrypto-wrap-unwrap.js b/test/parallel/test-webcrypto-wrap-unwrap.js
 index 1094845c73e14313860ad476fb7baba2a11b5af4..51972b4b34b191ac59145889dbf2da5c0d407dbe 100644
 --- a/test/parallel/test-webcrypto-wrap-unwrap.js

patches/node/fix_expose_tracing_agent_and_use_tracing_tracingcontroller_instead.patch

@@ -22,7 +22,7 @@ index 0fb750c5abbe00740f2095ec397c823e26666199..523d252e08974a10f9a53fb46d334566
      int thread_pool_size,
      node::tracing::TracingController* tracing_controller) {
 diff --git a/src/node.h b/src/node.h
-index 09cb7a317cc46e88e5d214996dc87dc6e8730b1a..b7f3e97873ef90b635e0648639f1a287a0bd88fa 100644
+index 45de72bd94cf669ac2badf89d23164cb7022a5b3..364f789fbcbec8e3234961294698d8e69b04a310 100644
 --- a/src/node.h
 +++ b/src/node.h
 @@ -118,6 +118,7 @@ namespace node {
@@ -33,7 +33,7 @@ index 09cb7a317cc46e88e5d214996dc87dc6e8730b1a..b7f3e97873ef90b635e0648639f1a287
  class TracingController;
  
  }
-@@ -488,6 +489,8 @@ NODE_EXTERN v8::MaybeLocal<v8::Value> PrepareStackTraceCallback(
+@@ -499,6 +500,8 @@ NODE_EXTERN v8::MaybeLocal<v8::Value> PrepareStackTraceCallback(
  NODE_EXTERN MultiIsolatePlatform* GetMultiIsolatePlatform(Environment* env);
  NODE_EXTERN MultiIsolatePlatform* GetMultiIsolatePlatform(IsolateData* env);
  

patches/node/fix_handle_boringssl_and_openssl_incompatibilities.patch

@@ -222,10 +222,10 @@ index 7cb4513f9ad0eaadd055b169520ae1e5073b7e2d..50a6663966cdb147a702df21240fa449
      THROW_ERR_CRYPTO_OPERATION_FAILED(env, "could not generate prime");
      return Nothing<bool>();
 diff --git a/src/crypto/crypto_rsa.cc b/src/crypto/crypto_rsa.cc
-index 1bbf9a1753e4e2d82c55c4187489c22867d1d9bb..585af1674e129dc4d1c918d29fe9915bac8b4163 100644
+index d2307c33f5de8733b1343225a3fe6a700d1f51e4..fd31caa1355cd7be98992411b9cda2dbb500f211 100644
 --- a/src/crypto/crypto_rsa.cc
 +++ b/src/crypto/crypto_rsa.cc
-@@ -566,7 +566,7 @@ Maybe<bool> GetRsaKeyDetail(
+@@ -580,7 +580,7 @@ Maybe<bool> GetRsaKeyDetail(
      // In that case, RSA_get0_pss_params does not return nullptr but all fields
      // of the returned RSA_PSS_PARAMS will be set to nullptr.
  
@@ -234,7 +234,7 @@ index 1bbf9a1753e4e2d82c55c4187489c22867d1d9bb..585af1674e129dc4d1c918d29fe9915b
      if (params != nullptr) {
        int hash_nid = NID_sha1;
        int mgf_nid = NID_mgf1;
-@@ -607,10 +607,11 @@ Maybe<bool> GetRsaKeyDetail(
+@@ -621,10 +621,11 @@ Maybe<bool> GetRsaKeyDetail(
        }
  
        if (params->saltLength != nullptr) {
@@ -251,7 +251,7 @@ index 1bbf9a1753e4e2d82c55c4187489c22867d1d9bb..585af1674e129dc4d1c918d29fe9915b
  
        if (target
 diff --git a/src/crypto/crypto_util.cc b/src/crypto/crypto_util.cc
-index f18304cd655842e999a39659315c4eb3ce1c0c6e..1aed0e7e88460cea63950f71dac502829d662cff 100644
+index 7e0c8ba3eb60db88af8ba75e41e593dab86d2714..5c528c810256872c76dc7ba5a673d28652c405e1 100644
 --- a/src/crypto/crypto_util.cc
 +++ b/src/crypto/crypto_util.cc
 @@ -491,24 +491,14 @@ Maybe<bool> Decorate(Environment* env, Local<Object> obj,

patches/node/src_allow_embedders_to_provide_a_custom_pageallocator_to.patch

@@ -40,7 +40,7 @@ index 5bf19a0dda42849159d954181058897c45d280fd..03078ff3869fcd17101f1cdaf77f725d
  
  MaybeLocal<Object> GetPerContextExports(Local<Context> context) {
 diff --git a/src/node.h b/src/node.h
-index 48e378079f6d05e7cc1141a8875450b125028789..22e095804bca9d73d22707169c5aff2b13994344 100644
+index 85b5ac6a5a5cb5e4388a92a1d07c9afe17140a8c..4201c0d0460b032721ef42a26d79c38a9ee20c24 100644
 --- a/src/node.h
 +++ b/src/node.h
 @@ -313,7 +313,8 @@ class NODE_EXTERN MultiIsolatePlatform : public v8::Platform {
@@ -53,7 +53,7 @@ index 48e378079f6d05e7cc1141a8875450b125028789..22e095804bca9d73d22707169c5aff2b
  };
  
  enum IsolateSettingsFlags {
-@@ -498,7 +499,8 @@ NODE_EXTERN node::tracing::Agent* CreateAgent();
+@@ -509,7 +510,8 @@ NODE_EXTERN node::tracing::Agent* CreateAgent();
  NODE_DEPRECATED("Use MultiIsolatePlatform::Create() instead",
      NODE_EXTERN MultiIsolatePlatform* CreatePlatform(
          int thread_pool_size,

script/node-disabled-tests.json

@@ -21,6 +21,10 @@
   "parallel/test-crypto-engine",
   "parallel/test-crypto-fips",
   "parallel/test-crypto-hkdf.js",
+  "parallel/test-crypto-keygen",
+  "parallel/test-crypto-keygen-deprecation",
+  "parallel/test-crypto-key-objects",
+  "parallel/test-crypto-padding-aes256",
   "parallel/test-crypto-secure-heap",
   "parallel/test-fs-utimes-y2K38",
   "parallel/test-http2-clean-output",