chore(deps): update node.js to v20.20.1

[Octobob]

This PR contains the following updates:

Package	Type	Update	Change
node (source)	engines	minor	20.19.6 → 20.20.1

---

Release Notes

nodejs/node (node)

v20.20.1: 2026-03-05, Version 20.20.1 'Iron' (LTS), @​marco-ippolito

Compare Source

Notable Changes

• [91a66e671c] - build: test on Python 3.14 (Christian Clauss) #​59983
• [f66056054b] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #​61419
• [80feacaddb] - crypto: update root certificates to NSS 3.117 (Node.js GitHub Bot) #​60741

Commits

• [6f580d5399] - assert: fix deepEqual always return true on URL (Xuguang Mei) #​50853
• [91a66e671c] - build: test on Python 3.14 (Christian Clauss) #​59983
• [cc4f7af6f3] - build: skip sscache action on non-main branches (Joyee Cheung) #​61790
• [f66056054b] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #​61419
• [80feacaddb] - crypto: update root certificates to NSS 3.117 (Node.js GitHub Bot) #​60741
• [fa88cc07e2] - crypto: ensure documented RSA-PSS saltLength default is used (Filip Skokan) #​60662
• [88b2eec88a] - deps: update minimatch to 10.2.2 (Node.js GitHub Bot) #​61830
• [5c053264f1] - deps: V8: backport 6a0a25a (Vivian Wang) #​61687
• [4a398699d0] - deps: update googletest to 5a9c3f9 (Node.js GitHub Bot) #​61731
• [4fa43adf15] - deps: update googletest to 56efe39 (Node.js GitHub Bot) #​61605
• [1a855d490c] - deps: update googletest to 8508785 (Node.js GitHub Bot) #​61417
• [d8a9359826] - deps: update icu to 78.2 (Node.js GitHub Bot) #​60523
• [e79cd3a0bb] - deps: update acorn-walk to 8.3.5 (Node.js GitHub Bot) #​61928
• [0707ade464] - deps: update acorn to 8.16.0 (Node.js GitHub Bot) #​61925
• [dc5a3cddef] - deps: update llhttp to 9.3.1 (Node.js GitHub Bot) #​61827
• [46043b94c7] - deps: update zlib to 1.3.1-e00f703 (Node.js GitHub Bot) #​61135
• [6be15a596e] - deps: update cjs-module-lexer to 2.2.0 (Node.js GitHub Bot) #​61271
• [10881404cd] - deps: update timezone to 2025c (Node.js GitHub Bot) #​61138
• [1594a78c85] - deps: update googletest to 065127f (Node.js GitHub Bot) #​61055
• [7fa2ee1933] - deps: update zlib to 1.3.1-63d7e16 (Node.js GitHub Bot) #​60898
• [09259532ef] - deps: update googletest to 1b96fa1 (Node.js GitHub Bot) #​60739
• [aa8bdb6886] - deps: update cjs-module-lexer to 2.1.1 (Node.js GitHub Bot) #​60646
• [cc849fde27] - deps: update googletest to 279f847 (Node.js GitHub Bot) #​60219
• [a99ba553a2] - deps: update googletest to 50b8600 (Node.js GitHub Bot) #​59955
• [6349a79f5f] - deps: update googletest to 7e17b15 (Node.js GitHub Bot) #​59131
• [8ba759f1a0] - deps: update googletest to 35b75a2 (Node.js GitHub Bot) #​58710
• [927d906850] - deps: update googletest to e9092b1 (Node.js GitHub Bot) #​58565
• [bf8919f5c2] - deps: update googletest to 0bdccf4 (Node.js GitHub Bot) #​57380
• [ae6231dac0] - deps: update googletest to e235eb3 (Node.js GitHub Bot) #​56873
• [0561c62e85] - deps: update minimatch to 10.1.2 (Node.js GitHub Bot) #​61732
• [f0ef221b0d] - deps: update minimatch to 10.1.1 (Node.js GitHub Bot) #​60543
• [15bd0da404] - deps: update archs files for openssl (Antoine du Hamel) #​61912
• [04d439323f] - deps: upgrade openssl sources to openssl-3.0.19 (Antoine du Hamel) #​61912
• [2ea16d3bd6] - deps: update corepack to 0.34.6 (Node.js GitHub Bot) #​61510
• [622f973d1c] - deps: update corepack to 0.34.5 (Node.js GitHub Bot) #​60842
• [2cd265d8b9] - deps: update corepack to 0.34.4 (Node.js GitHub Bot) #​60643
• [65e839687b] - deps: update corepack to 0.34.2 (Node.js GitHub Bot) #​60550
• [2dc99d2771] - dns: fix Windows SRV ECONNREFUSED by adjusting c-ares fallback detection (notvivek12) #​61453
• [2c7b84b1d8] - doc: fix typo in http.md (Michael Solomon) #​59354
• [a84b42667c] - doc: fix grammar in global dispatcher usage (Eng Zer Jun) #​59344
• [ffd0ada45f] - doc: fix typo in test/common/README.md (Yoo) #​59180
• [b4d9d006e7] - doc: fix broken sentence in URL.parse (Superchupu) #​59164
• [45e9971d9c] - doc: fix typo in writing-test.md (SeokHun) #​59123
• [e9fd10b5d6] - doc: fix fetch subsections in globals.md (Antoine du Hamel) #​58933
• [3715dd1c2b] - doc: fix wrong RFC number in http2 (Deokjin Kim) #​58753
• [098c017eac] - doc: punctuation fix for Node-API versioning clarification (Jiacai Liu) #​58599
• [545bf434e1] - doc: fix typo of file http.md, outgoingMessage.setTimeout section (yusheng chen) #​58188
• [b3d6683e7b] - doc: support toolchain with Visual Studio 2019 & 2022 only (Mike McCready) #​61450
• [8fdde5d110] - doc: fix v20 changelog after security release (Marco Ippolito) #​61371
• [31d04599be] - http: fix keep-alive not timing out after post-request empty line (Shima Ryuhei) #​58178
• [5ec7d1eba0] - http2: validate initialWindowSize per HTTP/2 spec (Matteo Collina) #​61402
• [5c091d5a96] - meta: persist sccache daemon until end of build workflows (René) #​61639
• [183353aba0] - path,win: fix bug in resolve and normalize (Hüseyin Açacak) #​55623
• [dbe9e5091b] - src: fix flags argument offset in JSUdpWrap (Weixie Cui) #​61948
• [4106bfc775] - test: mark stringbytes-external-max flaky on AIX (Stewart X Addison) #​60995
• [de51937306] - test: mark stringbytes-external-exceed-max tests as flaky on AIX (Joyee Cheung) #​60565
• [368b221be3] - test: fix flaky test-performance-eventloopdelay (Matteo Collina) #​61629
• [e134912a33] - test: fix flaky test-worker-message-port-transfer-filehandle test (Alex Yang) #​59158
• [5630170d3e] - test: account for truthy signal in flaky async_hooks tests (Darshan Sen) #​58478
• [1e5363bb63] - test: mark test-http2-debug as flaky on LinuxONE (Richard Lau) #​58494
• [662998787a] - test: set test-fs-cp as flaky (Stefan Stojanovic) #​56799
• [0807127339] - test: mark test-esm-loader-hooks-inspect-wait flaky (Richard Lau) #​56803
• [6320cd0721] - test: skip strace test with shared openssl (Richard Lau) #​61987
• [83b9f8ee02] - tools: make nodedownload module compatible with Python 3.14 (Lumír 'Frenzy' Balhar) #​58752
• [6cf9b5786e] - tools: enforce removal of lts-watch-* labels on release proposals (Antoine du Hamel) #​61672
• [cd4161499c] - tools: use ubuntu-slim runner in meta GitHub Actions (Tierney Cyren) #​61663
• [6dc2a99a0d] - tools: validate release commit diff as part of lint-release-proposal (Antoine du Hamel) #​61440
• [5014f22332] - tools: add read permission to workflows that read contents (Antoine du Hamel) #​58255
• [6c3ad2a5a3] - tools: switch to ARM runners on GHA jobs (Antoine du Hamel) #​61903
• [1abada9c34] - tools: avoid building twice in coverage jobs (Antoine du Hamel) #​61899
• [f260e40127] - tools: use ubuntu-slim runner in GHA (Antoine du Hamel) #​61759
• [64beca5e01] - tools: use ubuntu-slim runner in GHA (Antoine du Hamel) #​61734

v20.20.0: 2026-01-13, Version 20.20.0 'Iron' (LTS), @​marco-ippolito

Compare Source

This is a security release.

Notable Changes

lib:

• (CVE-2025-55132) disable futimes when permission model is enabled (RafaelGSS) nodejs-private/node-private#802
• (CVE-2025-59465) add TLSSocket default error handler (RafaelGSS) nodejs-private/node-private#797
  lib,permission:
• (CVE-2025-55130) require full read and write to symlink APIs (RafaelGSS) nodejs-private/node-private#760
  src:
• (CVE-2025-59466) rethrow stack overflow exceptions in async_hooks (Matteo Collina) nodejs-private/node-private#773
  src,lib:
• (CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) nodejs-private/node-private#759
  tls:
• (CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) nodejs-private/node-private#796

Commits

• [8f9ba3f623] - deps: update c-ares to v1.34.6 (Node.js GitHub Bot) #​60997
• [97fc9b0eb7] - deps: update undici to 6.23.0 (Matteo Collina) nodejs-private/node-private#792
• [14fbbb510c] - (CVE-2025-55132) lib: disable futimes when permission model is enabled (RafaelGSS) nodejs-private/node-private#802
• [1febc48d5b] - (CVE-2025-59465) lib: add TLSSocket default error handler (RafaelGSS) nodejs-private/node-private#797
• [494f62dc23] - (CVE-2025-55130) lib,permission: require full read and write to symlink APIs (RafaelGSS) nodejs-private/node-private#760
• [d7a5c587c0] - (CVE-2025-59466) src: rethrow stack overflow exceptions in async_hooks (Matteo Collina) nodejs-private/node-private#773
• [51f4de4b4a] - (CVE-2025-55131) src,lib: refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) nodejs-private/node-private#759
• [85f73e7057] - (CVE-2026-21637) tls: route callback exceptions through error handlers (Matteo Collina) nodejs-private/node-private#796

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.