fix(deps): update node.js to v25.8.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
node (source)	25.7.0 → 25.8.0

---

Release Notes

nodejs/node (node)

v25.8.0: 2026-03-03, Version 25.8.0 (Current), @​richardlau

Compare Source

Notable Changes

• [e55eddea2a] - build, doc: use new api doc tooling (flakey5) #​57343
• [4c181e2277] - (SEMVER-MINOR) sqlite: add limits property to DatabaseSync (Mert Can Altin) #​61298
• [46ee1eddd7] - (SEMVER-MINOR) src: add C++ support for diagnostics channels (RafaelGSS) #​61869
• [9ddd1a9c27] - (SEMVER-MINOR) src,permission: add --permission-audit (RafaelGSS) #​61869
• [0d97ec4044] - (SEMVER-MINOR) test_runner: expose worker ID for concurrent test execution (Ali Hassan) #​61394

Commits

• [940b58c8c1] - buffer: optimize buffer.concat performance (Mert Can Altin) #​61721
• [0589b0e5a1] - build: fix GN for new merve dep (Shelley Vohr) #​61984
• [f3d3968dcd] - Revert "build: add temporal test on GHA windows" (Antoine du Hamel) #​61810
• [e55eddea2a] - build, doc: use new api doc tooling (flakey5) #​57343
• [b7715292f8] - child_process: add tracing channel for spawn (Marco) #​61836
• [a32a598748] - crypto: fix missing nullptr check on RSA_new() (ndossche) #​61888
• [dc384f95b3] - crypto: fix handling of null BUF_MEM* in ToV8Value() (Nora Dossche) #​61885
• [3337b095db] - crypto: fix potential null pointer dereference when BIO_meth_new() fails (Nora Dossche) #​61788
• [51ded81139] - deps: update undici to 7.22.0 (Node.js GitHub Bot) #​62035
• [8aa2fde931] - deps: update minimatch to 10.2.4 (Node.js GitHub Bot) #​62016
• [57dc092eaf] - deps: upgrade npm to 11.11.0 (npm team) #​61994
• [705bbd60a9] - deps: update simdjson to 4.3.1 (Node.js GitHub Bot) #​61930
• [4d411d72e5] - deps: update acorn-walk to 8.3.5 (Node.js GitHub Bot) #​61928
• [f53a32ab84] - deps: update acorn to 8.16.0 (Node.js GitHub Bot) #​61925
• [9b483fbb27] - deps: update minimatch to 10.2.2 (Node.js GitHub Bot) #​61830
• [4e54c103cb] - doc: separate in-types and out-types in SQLite conversion docs (René) #​62034
• [ca78ebbeaa] - doc: fix small logic error in DETECT_MODULE_SYNTAX (René) #​62025
• [e6b131f3fe] - doc: fix module.stripTypeScriptTypes indentation (René) #​61992
• [7508540e19] - doc: update DEP0040 (punycode) to application type deprecation (Mike McCready) #​61916
• [33a364cb62] - doc: explicitly mention Slack handle (Rafael Gonzaga) #​61986
• [46a61922bd] - doc: support toolchain Visual Studio 2022 & 2026 + Windows 11 SDK (Mike McCready) #​61864
• [dc12a257aa] - doc: rename invalid function parameter (René) #​61942
• [dafdc0a5b8] - http: validate headers in writeEarlyHints (Richard Clarke) #​61897
• [3c94b56fa6] - inspector: unwrap internal/debugger/inspect imports (René) #​61974
• [8a24c17648] - lib: improve argument handling in Blob constructor (Ms2ger) #​61980
• [21d4baf256] - meta: bump github/codeql-action from 4.32.0 to 4.32.4 (dependabot[bot]) #​61911
• [59a726a8e3] - meta: bump step-security/harden-runner from 2.14.1 to 2.14.2 (dependabot[bot]) #​61909
• [0072b7f991] - meta: bump actions/stale from 10.1.1 to 10.2.0 (dependabot[bot]) #​61908
• [999bf22f47] - repl: keep reference count for process.on('newListener') (Anna Henningsen) #​61895
• [4c181e2277] - (SEMVER-MINOR) sqlite: add limits property to DatabaseSync (Mert Can Altin) #​61298
• [aee2a18257] - src: fix flags argument offset in JSUdpWrap (Weixie Cui) #​61948
• [46ee1eddd7] - (SEMVER-MINOR) src: add C++ support for diagnostics channels (RafaelGSS) #​61869
• [9ddd1a9c27] - (SEMVER-MINOR) src,permission: add --permission-audit (RafaelGSS) #​61869
• [ea2df2a16f] - stream: fix pipeTo to defer writes per WHATWG spec (Matteo Collina) #​61800
• [aa0c7b09e0] - test: remove unnecessary process.exit calls from test files (Antoine du Hamel) #​62020
• [ad96a6578f] - test: skip test-url on --shared-ada builds (Antoine du Hamel) #​62019
• [7c72a31e4b] - test: skip strace test with shared openssl (Richard Lau) #​61987
• [604456c163] - test: avoid flaky debugger restart waits (Yuya Inoue) #​61773
• [4890d6bd43] - test_runner: run afterEach on runtime skip (Igor Shevelenkov) #​61525
• [fce2930110] - test_runner: expose expectFailure message (sangwook) #​61563
• [0d97ec4044] - (SEMVER-MINOR) test_runner: expose worker ID for concurrent test execution (Ali Hassan) #​61394
• [243e6b2009] - test_runner: replace native methods with primordials (Ayoub Mabrouk) #​61219
• [bf1ed7e647] - tls: forward keepAlive, keepAliveInitialDelay, noDelay to socket (Sergey Zelenov) #​62004
• [0f15079d94] - tools: remove custom logic for skipping test-strace-openat-openssl (Antoine du Hamel) #​62038
• [54a055a59d] - tools: bump minimatch from 3.1.2 to 3.1.3 in /tools/clang-format (dependabot[bot]) #​61977
• [a28744cb62] - tools: fix permissions for merve update script (Richard Lau) #​62023
• [31e7936354] - tools: revert tools GHA workflow to ubuntu-latest (Richard Lau) #​62024
• [0a96a16e1f] - tools: bump minimatch from 3.1.2 to 3.1.3 in /tools/eslint (dependabot[bot]) #​61976
• [f279233412] - tools: roll back to x86 runner on scorecard.yml (Antoine du Hamel) #​61944
• [192c0382f4] - util: add fast path to stripVTControlCharacters (Hiroki Osame) #​61833

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.