Update Node.js for January 2026 Security Release #249
Description
Summary
Node.js security releases are scheduled for January 7, 2026, affecting Node.js 20.x with multiple high-severity vulnerabilities. We need to update our Node.js version after the release.
Security Release Information
- Release Date: January 7, 2026 (Wednesday)
- Affected Version: Node.js 20.x
- Vulnerabilities:
- 3 High severity issues
- 1 Medium severity issue
- 1 Low severity issue
- Source: https://nodejs.org/en/blog/vulnerability/december-2025-security-releases
Current Status
- ✅ Local environment: Node.js 20.19.6 (latest)
- ✅ CI environment: Node.js 20.19.6 (via
.node-version) - ✅ Pre-release preparation: Complete
Action Items
After January 7, 2026 Release
- Check the new patched version number (expected: 20.19.7 or 20.20.0)
- Update Node.js version
volta install [email protected] echo "20.x.x" > .node-version npm install
- Run tests and verify build
npm test npm run build npm run package - Commit and push changes
git add .node-version git commit -m "chore: update Node.js to 20.x.x for security patch" git push - Verify CI pipeline passes with new version
Notes
- GitHub Actions
node20runtime will be automatically updated by GitHub (no action required) - Node.js 20.x is supported until April 2026