nomyo-ai/nomyo-js
2
0
Fork 0
Code Issues 1 Pull requests 1 Projects Releases Packages Wiki Activity Actions

Update dependency node-gyp to v13 #28

Merged
alpha-nerd merged 2 commits from renovate/node-gyp-13.x into main 2026-06-26 14:58:55 +02:00
Conversation 4 Commits 2 Files changed 4 +52 -52
renovate-bot commented 2026-06-12 15:28:36 +02:00
Collaborator
Copy link

This PR contains the following updates:

Package Change Age Confidence
node-gyp ^12.0.0^13.0.0 age confidence

Release Notes

nodejs/node-gyp (node-gyp)

v13.0.0

Compare Source

⚠ BREAKING CHANGES
  • node-gyp now supports node ^22.22.2 || ^24.15.0 || >=26.0.0
Features
  • bump to new node engine range (b792b8e)
Bug Fixes
Core
Miscellaneous

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [node-gyp](https://github.com/nodejs/node-gyp) | [`^12.0.0` → `^13.0.0`](https://renovatebot.com/diffs/npm/node-gyp/12.4.0/13.0.0) | ![age](https://developer.mend.io/api/mc/badges/age/npm/node-gyp/13.0.0?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-gyp/12.4.0/13.0.0?slim=true) | --- ### Release Notes <details> <summary>nodejs/node-gyp (node-gyp)</summary> ### [`v13.0.0`](https://github.com/nodejs/node-gyp/blob/HEAD/CHANGELOG.md#1300-2026-06-10) [Compare Source](https://github.com/nodejs/node-gyp/compare/v12.4.0...v13.0.0) ##### ⚠ BREAKING CHANGES - `node-gyp` now supports node `^22.22.2 || ^24.15.0 || >=26.0.0` ##### Features - bump to new node engine range ([b792b8e](https://github.com/nodejs/node-gyp/commit/b792b8e321e6e56d46c32f4b9adb15e4085c3797)) ##### Bug Fixes - **ci:** update ruff-action version to v4.0.0 ([#&#8203;3324](https://github.com/nodejs/node-gyp/issues/3324)) ([f089669](https://github.com/nodejs/node-gyp/commit/f089669a4c95a3c8b7f435556b226fa66dcd94b7)) - disable LTO for addon builds on Windows ([#&#8203;3331](https://github.com/nodejs/node-gyp/issues/3331)) ([d30bb6e](https://github.com/nodejs/node-gyp/commit/d30bb6e6fdaf46374de9b9bfe1bf54f49337b052)) ##### Core - **deps:** bump actions/github-script from 8 to 9 ([#&#8203;3297](https://github.com/nodejs/node-gyp/issues/3297)) ([f6a5e45](https://github.com/nodejs/node-gyp/commit/f6a5e458e819f05ddfbba5cbd5589a7a1c80128e)) - **deps:** bump googleapis/release-please-action from 4 to 5 ([#&#8203;3307](https://github.com/nodejs/node-gyp/issues/3307)) ([b2cde80](https://github.com/nodejs/node-gyp/commit/b2cde802487f3b9efd726a1a1cb43650731f9958)) - nopt\@&#8203;10.0.0 ([327424a](https://github.com/nodejs/node-gyp/commit/327424ad630dd7007771b19f7b77691b2156a556)) - proc-log\@&#8203;7.0.0 ([f6c296b](https://github.com/nodejs/node-gyp/commit/f6c296b2952e23b7e690b7148c9dc32b25a26ee2)) - which\@&#8203;7.0.0 ([11a8b10](https://github.com/nodejs/node-gyp/commit/11a8b109f805f13129302508c219607167a8e9ea)) ##### Miscellaneous - add commit-lint ([#&#8203;3325](https://github.com/nodejs/node-gyp/issues/3325)) ([6fb6c11](https://github.com/nodejs/node-gyp/commit/6fb6c11eae1258eddd478956a20f0cb154dd4553)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNjguNSIsInVwZGF0ZWRJblZlciI6IjQzLjE2OC41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->
renovate-bot added the
dependencies
 label 2026-06-12 15:28:36 +02:00
renovate-bot added 1 commit 2026-06-12 15:28:37 +02:00
Update dependency node-gyp to v13
All checks were successful
NYX Security Scan / nyx-scan (pull_request) Successful in 6m3s
Details
88f189bced
alpha-nerd commented 2026-06-13 09:57:00 +02:00
Owner
Copy link

/oc investigate how the breaking changes of this package impact this app

/oc investigate how the breaking changes of this package impact this app
alpha-nerd commented 2026-06-13 10:02:02 +02:00
Owner
Copy link

The breaking change is significant. Here's the impact:

node-gyp v13 requires Node.js ^22.22.2 || ^24.15.0 || >=26.0.0

Your app's package.json at line 50 declares:

"engines": { "node": ">=14.17.0" }

This means your declared minimum Node.js version (14.17.0) is incompatible with node-gyp v13, which needs at least Node.js 22.22.2.

Impact:

  1. Build/install will fail on any Node.js < 22.22.2 — the node-gyp build command in native/ won't run, and node-gyp-build (the runtime loader) will fail to compile the native addon.

  2. The native addon (nomyo-nativenative/src/mlock.cc) provides mlock/munlock/secure-zero for memory security. Without a successful build, native/index.js falls back to null, and the JS layer degrades to pure-JS zeroing (less secure but still functional).

  3. Transitive deps (nopt@10.0.0, proc-log@7.0.0, which@7.0.0) are all updated to match the new Node.js requirements and should work fine.

Action needed: Update the engines.node field in package.json to ">=22.22.2" to align with node-gyp v13's minimum requirement.

opencode session  |  forgejo run

The breaking change is significant. Here's the impact: **`node-gyp` v13 requires Node.js `^22.22.2 || ^24.15.0 || >=26.0.0`** Your app's `package.json` at line 50 declares: ``` "engines": { "node": ">=14.17.0" } ``` This means **your declared minimum Node.js version (14.17.0) is incompatible** with `node-gyp` v13, which needs at least Node.js 22.22.2. **Impact:** 1. **Build/install will fail** on any Node.js < 22.22.2 — the `node-gyp build` command in `native/` won't run, and `node-gyp-build` (the runtime loader) will fail to compile the native addon. 2. **The native addon** (`nomyo-native` — `native/src/mlock.cc`) provides `mlock/munlock/secure-zero` for memory security. Without a successful build, `native/index.js` falls back to `null`, and the JS layer degrades to pure-JS zeroing (less secure but still functional). 3. **Transitive deps** (`nopt@10.0.0`, `proc-log@7.0.0`, `which@7.0.0`) are all updated to match the new Node.js requirements and should work fine. **Action needed:** Update the `engines.node` field in `package.json` to `">=22.22.2"` to align with `node-gyp` v13's minimum requirement. [opencode session](https://opencode.ai/s/thWofCuH)&nbsp;&nbsp;|&nbsp;&nbsp;[forgejo run](https://bitfreedom.net/code/nomyo-ai/nomyo-js/actions/runs/29)
alpha-nerd commented 2026-06-26 14:29:58 +02:00
Owner
Copy link

/oc update the required files to match min deps for a safe merge

/oc update the required files to match min deps for a safe merge
alpha-nerd commented 2026-06-26 14:34:46 +02:00
Owner
Copy link

Done. Updated 3 files to align with node-gyp v13's minimum Node.js requirement (>=22.22.2):

  • package.jsonengines.node: >=14.17.0>=22.22.2
  • package-lock.jsonengines.node: >=14.17.0>=22.22.2
  • README.md — Minimum: 14.17+22.22.2+, Recommended: 18 LTS22 LTS

opencode session  |  forgejo run

Done. Updated 3 files to align with `node-gyp` v13's minimum Node.js requirement (`>=22.22.2`): - `package.json` — `engines.node`: `>=14.17.0` → `>=22.22.2` - `package-lock.json` — `engines.node`: `>=14.17.0` → `>=22.22.2` - `README.md` — Minimum: `14.17+` → `22.22.2+`, Recommended: `18 LTS` → `22 LTS` [opencode session](https://opencode.ai/s/3OusBu1I)&nbsp;&nbsp;|&nbsp;&nbsp;[forgejo run](https://bitfreedom.net/code/nomyo-ai/nomyo-js/actions/runs/40)
alpha-nerd added 1 commit 2026-06-26 14:36:54 +02:00
Node.js min bumped to 22.22.2
All checks were successful
NYX Security Scan / nyx-scan (pull_request) Successful in 5m11s
Details
d3aa0e264c 
Co-authored-by: alpha-nerd <alpha-nerd@users.noreply.bitfreedom.net>
alpha-nerd merged commit b055df5b87 into main 2026-06-26 14:58:55 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
bug

Something isn't working

  
dependencies

Pull requests that update a dependency file

  
documentation

Improvements or additions to documentation

  
duplicate

This issue or pull request already exists

  
enhancement

New feature or request

  
good first issue

Good for newcomers

  
help wanted

Extra attention is needed

  
invalid

This doesn't seem right

  
javascript

Pull requests that update javascript code

  
question

Further information is requested

  
wontfix

This will not be worked on

  
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
renovate: stop-updating

cmd renovate to stop updating the pr

  
security

CVE warning

  
wontfix

This won't be fixed

No labels
bug
dependencies
documentation
duplicate
enhancement
good first issue
help wanted
invalid
javascript
question
wontfix
bug
duplicate
enhancement
help wanted
invalid
question
renovate: stop-updating
security
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: nomyo-ai/nomyo-js#28
No description provided.
Delete branch "renovate/node-gyp-13.x"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?