Node.js v24.7.0 has been officially released, featuring several important updates focused on enhancing security and functionality. Among these updates, the integration of post-quantum cryptography standards aims to safeguard applications against future quantum computing threats. This includes the introduction of ML-KEM and ML-DSA algorithms within the `node:crypto` module, as well as their support in the Web Cryptography API (WICG). The update also includes an upgrade of root certificates to NSS 3.114, which involves both the addition of new certificates and the removal of outdated ones.
1. Post-Quantum Cryptography in `node:crypto`:
- Support for NIST's post-quantum cryptography standards.
- New methods: `crypto.encapsulate()` and `crypto.decapsulate()` for ML-KEM; `crypto.sign()` and `crypto.verify()` for ML-DSA.
2. Web Cryptography API Enhancements:
- New algorithms and methods added, including AES-OCB, ChaCha20-Poly1305, ML-DSA, ML-KEM, SHA-3, and others.
3. Single Executable Applications:
- Extended support for Node.js execution arguments in single executable applications, allowing for enhanced configurability through JSON configuration fields.
4. Root Certificates Updated:
- Newly added certificates (e.g., TrustAsia TLS ECC Root CA) and several removals (e.g., GlobalSign Root CA).
5. Additional Improvements:
- New methods such as `argon2()` and `argon2Sync()` for hashing.
- HTTP/2 stream enhancements, including support for raw header arrays.
- Brotli compression added to CompressionStream and DecompressionStream.
Key Updates:
1. Post-Quantum Cryptography in `node:crypto`:
- Support for NIST's post-quantum cryptography standards.
- New methods: `crypto.encapsulate()` and `crypto.decapsulate()` for ML-KEM; `crypto.sign()` and `crypto.verify()` for ML-DSA.
2. Web Cryptography API Enhancements:
- New algorithms and methods added, including AES-OCB, ChaCha20-Poly1305, ML-DSA, ML-KEM, SHA-3, and others.
3. Single Executable Applications:
- Extended support for Node.js execution arguments in single executable applications, allowing for enhanced configurability through JSON configuration fields.
4. Root Certificates Updated:
- Newly added certificates (e.g., TrustAsia TLS ECC Root CA) and several removals (e.g., GlobalSign Root CA).
5. Additional Improvements:
- New methods such as `argon2()` and `argon2Sync()` for hashing.
- HTTP/2 stream enhancements, including support for raw header arrays.
- Brotli compression added to CompressionStream and DecompressionStream.
Future Directions:
The Node.js team plans to continue to expand the capabilities of cryptographic functions and APIs, focusing on maintaining security in an evolving technological landscape. Future releases are expected to introduce more post-quantum algorithms and enhancements to existing features, ensuring developers have the tools necessary to build secure applications.Conclusion:
Node.js v24.7.0 represents a significant step forward in addressing contemporary security challenges and improving application performance. Developers are encouraged to explore the new features and incorporate them into their projects to stay ahead in a rapidly changing environmentNode.js v24.7.0 (Current) released
The Node.js project has released Node.js v24.7.0 with significant updates, including the addition of post-quantum cryptography standards for future-proofing against quantum computing threats. These updates include new ways to use the ML-KEM and ML-DSA algorithms in the crypto module and support for them in the Web Cryptography API (WICG). Additionally, root certificates have been updated to NSS 3.114, and several other notable changes have been made, such as adding support for raw header arrays in HTTP/2 streams and Brotli compression.
