Merge branch 'nodejs:main' into test/cwd-agnostic-snapshots

Author: monam2

LICENSE

@@ -899,6 +899,32 @@ The externally maintained libraries used by Node.js are:
     written prior permission.  M.I.T. makes no representations about the
     suitability of this software for any purpose.  It is provided "as is"
     without express or implied warranty.
+
+    ----------------------------------------------------------------------
+
+    File: sorttable.js (only for ICU4J)
+
+    The MIT Licence, for code from kryogenix.org
+
+    Code downloaded from the Browser Experiments section of kryogenix.org is
+    licenced under the so-called MIT licence. The licence is below.
+
+    Copyright (c) 1997-date Stuart Langridge
+
+    Permission is hereby granted, free of charge, to any person obtaining a
+    copy of this software and associated documentation files (the "Software"),
+    to deal in the Software without restriction, including without limitation
+    the rights to use, copy, modify, merge, publish, distribute, sublicense,
+    and/or sell copies of the Software, and to permit persons to whom the
+    Software is furnished to do so, subject to the following conditions:
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
   """
 
 - libuv, located at deps/uv, is licensed as follows:

README.md

@@ -453,6 +453,8 @@ For information about the governance of the Node.js project, see
   **Vladimir Morozov** <<vmorozov@microsoft.com>> (he/him)
 * [VoltrexKeyva](https://github.com/VoltrexKeyva) -
   **Mohammed Keyvanzadeh** <<mohammadkeyvanzade94@gmail.com>> (he/him)
+* [watilde](https://github.com/watilde) -
+  **Daijiro Wachi** <<daijiro.wachi@gmail.com>> (he/him)
 * [zcbenz](https://github.com/zcbenz) -
   **Cheng Zhao** <<zcbenz@gmail.com>> (he/him)
 * [ZYSzys](https://github.com/ZYSzys) -
@@ -717,8 +719,6 @@ For information about the governance of the Node.js project, see
   **Vladimir Kurchatkin** <<vladimir.kurchatkin@gmail.com>>
 * [vsemozhetbyt](https://github.com/vsemozhetbyt) -
   **Vse Mozhet Byt** <<vsemozhetbyt@gmail.com>> (he/him)
-* [watilde](https://github.com/watilde) -
-  **Daijiro Wachi** <<daijiro.wachi@gmail.com>> (he/him)
 * [watson](https://github.com/watson) -
   **Thomas Watson** <<w@tson.dk>>
 * [whitlockjc](https://github.com/whitlockjc) -

doc/changelogs/CHANGELOG_V20.md

@@ -89,17 +89,11 @@ This is a security release.
 
 ### Notable Changes
 
-lib:
-
 * (CVE-2025-55132) disable futimes when permission model is enabled (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/802>
 * (CVE-2025-59465) add TLSSocket default error handler (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/797>
-  lib,permission:
 * (CVE-2025-55130) require full read and write to symlink APIs (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/760>
-  src:
 * (CVE-2025-59466) rethrow stack overflow exceptions in async\_hooks (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/773>
-  src,lib:
 * (CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) <https://github.com/nodejs-private/node-private/pull/759>
-  tls:
 * (CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/796>
 
 ### Commits

doc/changelogs/CHANGELOG_V22.md

@@ -79,17 +79,11 @@ This is a security release.
 
 ### Notable Changes
 
-lib:
-
 * (CVE-2025-59465) add TLSSocket default error handler
 * (CVE-2025-55132) disable futimes when permission model is enabled
-  lib,permission:
 * (CVE-2025-55130) require full read and write to symlink APIs
-  src:
 * (CVE-2025-59466) rethrow stack overflow exceptions in async\_hooks
-  src,lib:
 * (CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle
-  tls:
 * (CVE-2026-21637) route callback exceptions through error handlers
 
 ### Commits

doc/changelogs/CHANGELOG_V24.md

@@ -68,17 +68,11 @@ This is a security release.
 
 ### Notable Changes
 
-lib:
-
 * (CVE-2025-59465) add TLSSocket default error handler (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/797>
 * (CVE-2025-55132) disable futimes when permission model is enabled (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/748>
-  lib,permission:
 * (CVE-2025-55130) require full read and write to symlink APIs (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/760>
-  src:
 * (CVE-2025-59466) rethrow stack overflow exceptions in async\_hooks (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/773>
-  src,lib:
 * (CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) <https://github.com/nodejs-private/node-private/pull/759>
-  tls:
 * (CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/796>
 
 ### Commits

doc/changelogs/CHANGELOG_V25.md

@@ -52,18 +52,12 @@ This is a security release.
 
 ### Notable Changes
 
-lib:
-
 * (CVE-2025-59465) add TLSSocket default error handler (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/750>
-  permission:
 * (CVE-2026-21636) add network check on pipe\_wrap connect (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/784>
 * (CVE-2025-55130) require full read and write to symlink APIs (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/760>
 * (CVE-2025-55132) disable futimes when permission model is enabled (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/748>
-  src:
 * (CVE-2025-59466) rethrow stack overflow exceptions in async\_hooks (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/773>
-  src,lib:
 * (CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) <https://github.com/nodejs-private/node-private/pull/759>
-  tls:
 * (CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/790>
 
 ### Commits

lib/internal/cluster/primary.js

@@ -271,8 +271,12 @@ function queryServer(worker, message) {
     return;
 
   const key = `${message.address}:${message.port}:${message.addressType}:` +
-              `${message.fd}:${message.index}`;
-  let handle = handles.get(key);
+              `${message.fd}` + (message.port === 0 ? `:${message.index}` : '');
+  const cachedHandle = handles.get(key);
+  let handle;
+  if (cachedHandle && !cachedHandle.has(worker)) {
+    handle = cachedHandle;
+  }
 
   if (handle === undefined) {
     let address = message.address;
@@ -298,25 +302,30 @@ function queryServer(worker, message) {
       handle = new RoundRobinHandle(key, address, message);
     }
 
-    handles.set(key, handle);
+    if (!cachedHandle) {
+      handles.set(key, handle);
+    }
   }
 
   handle.data ||= message.data;
 
   // Set custom server data
-  handle.add(worker, (errno, reply, handle) => {
+  handle.add(worker, (errno, reply, serverHandle) => {
+    if (!errno) {
+      handles.set(key, handle);  // Update in case it was replaced.
+    }
     const { data } = handles.get(key);
-
-    if (errno)
-      handles.delete(key);  // Gives other workers a chance to retry.
+    if (!cachedHandle && errno) {
+      handles.delete(key);
+    }
 
     send(worker, {
       errno,
       key,
       ack: message.seq,
       data,
       ...reply,
-    }, handle);
+    }, serverHandle);
   });
 }
 

lib/internal/cluster/round_robin_handle.js

@@ -137,3 +137,7 @@ RoundRobinHandle.prototype.handoff = function(worker) {
     this.handoff(worker);
   });
 };
+
+RoundRobinHandle.prototype.has = function(worker) {
+  return this.all.has(worker.id);
+};

lib/internal/cluster/shared_handle.js

@@ -47,3 +47,7 @@ SharedHandle.prototype.remove = function(worker) {
   this.handle = null;
   return true;
 };
+
+SharedHandle.prototype.has = function(worker) {
+  return this.workers.has(worker.id);
+};

test/sequential/test-cluster-port-reuse-between-workers.js

@@ -0,0 +1,93 @@
+'use strict';
+
+const common = require('../common');
+const cluster = require('cluster');
+const assert = require('assert');
+
+const acts = {
+  WORKER1_SERVER1_CLOSED: { cmd: 'WORKER1_SERVER1_CLOSED' },
+  WORKER2_SERVER1_STARTED: { cmd: 'WORKER2_SERVER1_STARTED' },
+  WORKER1_SERVER2_CLOSED: { cmd: 'WORKER1_SERVER2_CLOSED' },
+};
+
+if (cluster.isMaster) {
+  const currentHost = '::';
+  const worker1 = cluster.fork({
+    WORKER_ID: 'worker1',
+    HOST: currentHost,
+  });
+  let worker2;
+  worker1.on('error', common.mustNotCall());
+  worker1.on('message', onMessage);
+
+  function createWorker2() {
+    worker2 = cluster.fork({
+      WORKER_ID: 'worker2',
+      HOST: currentHost,
+    });
+    worker2.on('error', common.mustNotCall());
+    worker2.on('message', onMessage);
+  }
+
+  function onMessage(msg) {
+    switch (msg.cmd) {
+      case acts.WORKER1_SERVER1_CLOSED.cmd:
+        createWorker2();
+        break;
+      case acts.WORKER2_SERVER1_STARTED.cmd:
+        worker1.send(acts.WORKER2_SERVER1_STARTED);
+        break;
+      case acts.WORKER1_SERVER2_CLOSED.cmd:
+        worker1.kill();
+        worker2.kill();
+        break;
+      default:
+        assert.fail(`Unexpected message ${msg.cmd}`);
+    }
+  }
+} else {
+  const WORKER_ID = process.env.WORKER_ID;
+  function createServer() {
+    return new Promise((resolve, reject) => {
+      const net = require('net');
+      const PORT = 8000;
+      const server = net
+        .createServer((socket) => {
+          socket.end(
+            `Handled by worker ${process.env.WORKER_ID} (${process.pid})\n`
+          );
+        })
+        .on('error', (e) => {
+          reject(e);
+        });
+
+      server.listen(
+        {
+          port: PORT,
+          host: process.env.HOST,
+        },
+        () => resolve(server)
+      );
+    });
+  }
+  (async () => {
+    const server1 = await createServer();
+    if (WORKER_ID === 'worker2') {
+      process.send(acts.WORKER2_SERVER1_STARTED);
+    } else {
+      await createServer().catch(common.mustCall());
+      await new Promise((r) => server1.close(r));
+      process.send(acts.WORKER1_SERVER1_CLOSED);
+
+      process.on('message', async (msg) => {
+        if (msg.cmd === acts.WORKER2_SERVER1_STARTED.cmd) {
+          const server2 = await createServer();
+          await new Promise((r) => server2.close(r));
+          process.send(acts.WORKER1_SERVER2_CLOSED);
+        } else {
+          assert.fail(`Unexpected message ${msg.cmd}`);
+        }
+      });
+    }
+  })().then(common.mustCall());
+}