An eventual goal for ncrypto is to completely abstract away
details of working directly with openssl in order to make it
easier to work with multiple different openssl/boringssl versions.
As part of that we want to move away from direct reliance on
specific openssl APIs in the runtime and instead go through
the ncrypto abstractions. Not only does this help other
runtimes trying to be compatible with Node.js, but it helps
Node.js also by reducing the complexity of the crypto code
in Node.js itself.

PR-URL: #57300
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

An eventual goal for ncrypto is to completely abstract away
details of working directly with openssl in order to make it
easier to work with multiple different openssl/boringssl versions.
As part of that we want to move away from direct reliance on
specific openssl APIs in the runtime and instead go through
the ncrypto abstractions. Not only does this help other
runtimes trying to be compatible with Node.js, but it helps
Node.js also by reducing the complexity of the crypto code
in Node.js itself.

PR-URL: #57300
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

An eventual goal for ncrypto is to completely abstract away
details of working directly with openssl in order to make it
easier to work with multiple different openssl/boringssl versions.
As part of that we want to move away from direct reliance on
specific openssl APIs in the runtime and instead go through
the ncrypto abstractions. Not only does this help other
runtimes trying to be compatible with Node.js, but it helps
Node.js also by reducing the complexity of the crypto code
in Node.js itself.

PR-URL: #57300
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

An eventual goal for ncrypto is to completely abstract away
details of working directly with openssl in order to make it
easier to work with multiple different openssl/boringssl versions.
As part of that we want to move away from direct reliance on
specific openssl APIs in the runtime and instead go through
the ncrypto abstractions. Not only does this help other
runtimes trying to be compatible with Node.js, but it helps
Node.js also by reducing the complexity of the crypto code
in Node.js itself.

PR-URL: #57300
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [node](https://nodejs.org) ([source](https://github.com/nodejs/node)) | minor | `23.10.0` -> `23.11.0` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>nodejs/node (node)</summary>

### [`v23.11.0`](https://github.com/nodejs/node/releases/tag/v23.11.0): 2025-04-01, Version 23.11.0 (Current), @&#8203;aduh95

[Compare Source](nodejs/node@v23.10.0...v23.11.0)

##### Notable Changes

-   \[[`64b086740a`](nodejs/node@64b086740a)] - **(SEMVER-MINOR)** **assert**: implement partial error comparison (Ruben Bridgewater) [#&#8203;57370](nodejs/node#57370)
-   \[[`053cef70e0`](nodejs/node@053cef70e0)] - **(SEMVER-MINOR)** **crypto**: add optional callback to `crypto.diffieHellman` (Filip Skokan) [#&#8203;57274](nodejs/node#57274)
-   \[[`f8aff90235`](nodejs/node@f8aff90235)] - **(SEMVER-MINOR)** **process**: add `execve` (Paolo Insogna) [#&#8203;56496](nodejs/node#56496)
-   \[[`4b04c92d7d`](nodejs/node@4b04c92d7d)] - **(SEMVER-MINOR)** **sqlite**: add `StatementSync.prototype.columns()` (Colin Ihrig) [#&#8203;57490](nodejs/node#57490)
-   \[[`1b8d1d3a3a`](nodejs/node@1b8d1d3a3a)] - **(SEMVER-MINOR)** **util**: expose diff function used by the assertion errors (Giovanni Bucci) [#&#8203;57462](nodejs/node#57462)

##### Commits

-   \[[`7b72396c8b`](nodejs/node@7b72396c8b)] - **assert**: improve partialDeepStrictEqual performance (Ruben Bridgewater) [#&#8203;57509](nodejs/node#57509)
-   \[[`64b086740a`](nodejs/node@64b086740a)] - **(SEMVER-MINOR)** **assert**: implement partial error comparison (Ruben Bridgewater) [#&#8203;57370](nodejs/node#57370)
-   \[[`f694d7de0e`](nodejs/node@f694d7de0e)] - **(SEMVER-MINOR)** **assert**: improve partialDeepStrictEqual (Ruben Bridgewater) [#&#8203;57370](nodejs/node#57370)
-   \[[`80d9d5653f`](nodejs/node@80d9d5653f)] - **(SEMVER-MINOR)** **assert,util**: improve performance (Ruben Bridgewater) [#&#8203;57370](nodejs/node#57370)
-   \[[`d52a71f832`](nodejs/node@d52a71f832)] - **(SEMVER-MINOR)** **benchmark**: adjust assert runtimes (Ruben Bridgewater) [#&#8203;57370](nodejs/node#57370)
-   \[[`7592cf4cd7`](nodejs/node@7592cf4cd7)] - **(SEMVER-MINOR)** **benchmark**: skip running some assert benchmarks by default (Ruben Bridgewater) [#&#8203;57370](nodejs/node#57370)
-   \[[`e4cc54a746`](nodejs/node@e4cc54a746)] - **(SEMVER-MINOR)** **benchmark**: add assert partialDeepStrictEqual benchmark (Ruben Bridgewater) [#&#8203;57370](nodejs/node#57370)
-   \[[`de48407011`](nodejs/node@de48407011)] - **build**: fix update-wpt workflow (Jonas) [#&#8203;57468](nodejs/node#57468)
-   \[[`52cd0954f9`](nodejs/node@52cd0954f9)] - **cli**: clarify --cpu-prof-name allowed values (Eugenio Ceschia) [#&#8203;57433](nodejs/node#57433)
-   \[[`7611fc14de`](nodejs/node@7611fc14de)] - **crypto**: fix output of privateDecrypt with zero-length data (Filip Skokan) [#&#8203;57575](nodejs/node#57575)
-   \[[`cc42ee8fc7`](nodejs/node@cc42ee8fc7)] - **crypto**: ensure expected JWK alg in SubtleCrypto.importKey RSA imports (Filip Skokan) [#&#8203;57450](nodejs/node#57450)
-   \[[`053cef70e0`](nodejs/node@053cef70e0)] - **(SEMVER-MINOR)** **crypto**: add optional callback to crypto.diffieHellman (Filip Skokan) [#&#8203;57274](nodejs/node#57274)
-   \[[`1f08864fd7`](nodejs/node@1f08864fd7)] - **debugger**: fix behavior of plain object exec in debugger repl (Dario Piotrowicz) [#&#8203;57498](nodejs/node#57498)
-   \[[`162b2828eb`](nodejs/node@162b2828eb)] - **deps**: update undici to 6.21.2 (Matteo Collina) [#&#8203;57442](nodejs/node#57442)
-   \[[`43bea6bb80`](nodejs/node@43bea6bb80)] - **deps**: V8: cherry-pick [`c172ffc`](nodejs/node@c172ffc5bf54) (Choongwoo Han) [#&#8203;57437](nodejs/node#57437)
-   \[[`99f93afb9d`](nodejs/node@99f93afb9d)] - **deps**: update ada to v3.2.1 (Yagiz Nizipli) [#&#8203;57429](nodejs/node#57429)
-   \[[`30e5658f12`](nodejs/node@30e5658f12)] - **deps**: update googletest to [`0bdccf4`](nodejs/node@0bdccf4) (Node.js GitHub Bot) [#&#8203;57380](nodejs/node#57380)
-   \[[`573467c070`](nodejs/node@573467c070)] - **deps**: update acorn to 8.14.1 (Node.js GitHub Bot) [#&#8203;57382](nodejs/node#57382)
-   \[[`affeaac0c7`](nodejs/node@affeaac0c7)] - **doc**: add gurgunday as triager (Gürgün Dayıoğlu) [#&#8203;57594](nodejs/node#57594)
-   \[[`4ed1a098f5`](nodejs/node@4ed1a098f5)] - **doc**: clarify behaviour of node-api adjust function (Michael Dawson) [#&#8203;57463](nodejs/node#57463)
-   \[[`921041b284`](nodejs/node@921041b284)] - **doc**: remove Corepack documentation (Antoine du Hamel) [#&#8203;57635](nodejs/node#57635)
-   \[[`99dbd8b391`](nodejs/node@99dbd8b391)] - **doc**: remove mention of `--require` not supporting ES modules (Huáng Jùnliàng) [#&#8203;57620](nodejs/node#57620)
-   \[[`8c76b2949e`](nodejs/node@8c76b2949e)] - **doc**: mention reports should align with Node.js CoC (Rafael Gonzaga) [#&#8203;57607](nodejs/node#57607)
-   \[[`ee1c78a7a3`](nodejs/node@ee1c78a7a3)] - **doc**: add section stating that very stale MRs should be closed (Dario Piotrowicz) [#&#8203;57541](nodejs/node#57541)
-   \[[`595e9e5ad6`](nodejs/node@595e9e5ad6)] - **doc**: add bjohansebas as triager (Sebastian Beltran) [#&#8203;57564](nodejs/node#57564)
-   \[[`3742d2a198`](nodejs/node@3742d2a198)] - **doc**: update support channels (Claudio W.) [#&#8203;57538](nodejs/node#57538)
-   \[[`717c44dead`](nodejs/node@717c44dead)] - **doc**: make stability labels more consistent (Antoine du Hamel) [#&#8203;57516](nodejs/node#57516)
-   \[[`b4576a6f57`](nodejs/node@b4576a6f57)] - **doc**: remove cryptoStream API reference (Jonas) [#&#8203;57579](nodejs/node#57579)
-   \[[`2c4f894036`](nodejs/node@2c4f894036)] - **doc**: module resolution pseudocode corrections (Marcel Laverdet) [#&#8203;57080](nodejs/node#57080)
-   \[[`c45894f90c`](nodejs/node@c45894f90c)] - **doc**: add history entry for DEP0190 in `child_process.md` (Antoine du Hamel) [#&#8203;57544](nodejs/node#57544)
-   \[[`c21068b696`](nodejs/node@c21068b696)] - **doc**: remove deprecated pattern in `child_process.md` (Antoine du Hamel) [#&#8203;57568](nodejs/node#57568)
-   \[[`87e0dda352`](nodejs/node@87e0dda352)] - **doc**: mark multiple experimental APIS as stable (James M Snell) [#&#8203;57510](nodejs/node#57510)
-   \[[`d637763e4e`](nodejs/node@d637763e4e)] - **doc**: remove mertcanaltin from Triagers (Mert Can Altin) [#&#8203;57531](nodejs/node#57531)
-   \[[`ee6025495d`](nodejs/node@ee6025495d)] - **doc**: recommend watching the collaborators repo in the onboarding doc (Darshan Sen) [#&#8203;57527](nodejs/node#57527)
-   \[[`706b64638b`](nodejs/node@706b64638b)] - **doc**: remove mention of visa fees from onboarding doc (Darshan Sen) [#&#8203;57526](nodejs/node#57526)
-   \[[`176d951bd0`](nodejs/node@176d951bd0)] - **doc**: deprecate passing `args` to `spawn` and `execFile` (Antoine du Hamel) [#&#8203;57389](nodejs/node#57389)
-   \[[`5c05ba119b`](nodejs/node@5c05ba119b)] - **doc**: remove some inconsistencies in `deprecations.md` (Antoine du Hamel) [#&#8203;57512](nodejs/node#57512)
-   \[[`9d5be4bb8c`](nodejs/node@9d5be4bb8c)] - **doc**: run license-builder (github-actions\[bot]) [#&#8203;57511](nodejs/node#57511)
-   \[[`273607edb4`](nodejs/node@273607edb4)] - **doc**: add new writing-docs contributing md (Dario Piotrowicz) [#&#8203;57502](nodejs/node#57502)
-   \[[`e28c723f24`](nodejs/node@e28c723f24)] - **doc**: add node.js streams references to Web Streams doc (Dario Piotrowicz) [#&#8203;57393](nodejs/node#57393)
-   \[[`47296492ba`](nodejs/node@47296492ba)] - **doc**: replace NOTEs that do not render properly (Colin Ihrig) [#&#8203;57484](nodejs/node#57484)
-   \[[`db9c37f792`](nodejs/node@db9c37f792)] - **doc**: prefer to sign commits under nodejs repository (Rafael Gonzaga) [#&#8203;57311](nodejs/node#57311)
-   \[[`e5e3987ae7`](nodejs/node@e5e3987ae7)] - **doc**: fixed the incorrect splitting of multiple words (letianpailove) [#&#8203;57454](nodejs/node#57454)
-   \[[`91a824e43b`](nodejs/node@91a824e43b)] - **doc**: add review guidelines for collaborator nominations (Antoine du Hamel) [#&#8203;57449](nodejs/node#57449)
-   \[[`2a5fcb2172`](nodejs/node@2a5fcb2172)] - **doc**: fix typo in `url.md` (Allon Murienik) [#&#8203;57467](nodejs/node#57467)
-   \[[`17ccf9282f`](nodejs/node@17ccf9282f)] - **doc**: add history info for --use-system-ca (Darshan Sen) [#&#8203;57432](nodejs/node#57432)
-   \[[`9adaaeb965`](nodejs/node@9adaaeb965)] - **doc**: remove typo YAML snippet from tls.getCACertificates doc (Darshan Sen) [#&#8203;57459](nodejs/node#57459)
-   \[[`ee4e855f8e`](nodejs/node@ee4e855f8e)] - **doc**: fix typo in sqlite.md (Tobias Nießen) [#&#8203;57473](nodejs/node#57473)
-   \[[`8cb3441443`](nodejs/node@8cb3441443)] - **doc**: explicit mention arbitrary code execution as a vuln (Rafael Gonzaga) [#&#8203;57426](nodejs/node#57426)
-   \[[`27f183ad03`](nodejs/node@27f183ad03)] - **doc**: update maintaining-openssl.md for openssl (Richard Lau) [#&#8203;57413](nodejs/node#57413)
-   \[[`ca67145d60`](nodejs/node@ca67145d60)] - **doc**: add missing `deprecated` badges in `fs.md` (Yukihiro Hasegawa) [#&#8203;57384](nodejs/node#57384)
-   \[[`3687390510`](nodejs/node@3687390510)] - **doc**: fix small typo in `process.md` (Felix Rieseberg) [#&#8203;57333](nodejs/node#57333)
-   \[[`097d9926e3`](nodejs/node@097d9926e3)] - **doc**: add note about sync nodejs-private branches (Rafael Gonzaga) [#&#8203;57404](nodejs/node#57404)
-   \[[`5006627969`](nodejs/node@5006627969)] - **fs**: apply exclude function to root path (Rich Trott) [#&#8203;57420](nodejs/node#57420)
-   \[[`0583c3db92`](nodejs/node@0583c3db92)] - **http**: coerce content-length to number (Marco Ippolito) [#&#8203;57458](nodejs/node#57458)
-   \[[`2a580b9332`](nodejs/node@2a580b9332)] - **lib**: add warning when binding inspector to public IP (Demian Parkhomenko) [#&#8203;55736](nodejs/node#55736)
-   \[[`fda56b9837`](nodejs/node@fda56b9837)] - **lib**: limit split function calls to prevent excessive array length (Gürgün Dayıoğlu) [#&#8203;57501](nodejs/node#57501)
-   \[[`d5a26f6525`](nodejs/node@d5a26f6525)] - **lib**: make getCallSites sourceMap option truly optional (James M Snell) [#&#8203;57388](nodejs/node#57388)
-   \[[`00a5b18043`](nodejs/node@00a5b18043)] - **meta**: add some clarification to the nomination process (James M Snell) [#&#8203;57503](nodejs/node#57503)
-   \[[`d0c96c463c`](nodejs/node@d0c96c463c)] - **meta**: remove collaborator self-nomination (Rich Trott) [#&#8203;57537](nodejs/node#57537)
-   \[[`a9a93f31ee`](nodejs/node@a9a93f31ee)] - **meta**: edit collaborator nomination process (Antoine du Hamel) [#&#8203;57483](nodejs/node#57483)
-   \[[`0ca362f5f2`](nodejs/node@0ca362f5f2)] - **meta**: move ovflowd to emeritus (Claudio W.) [#&#8203;57443](nodejs/node#57443)
-   \[[`f8aff90235`](nodejs/node@f8aff90235)] - **(SEMVER-MINOR)** **process**: add execve (Paolo Insogna) [#&#8203;56496](nodejs/node#56496)
-   \[[`e8d4a31d4b`](nodejs/node@e8d4a31d4b)] - **sqlite**: add support for unknown named parameters (Colin Ihrig) [#&#8203;57552](nodejs/node#57552)
-   \[[`5652da642d`](nodejs/node@5652da642d)] - **sqlite**: add DatabaseSync.prototype.isOpen (Colin Ihrig) [#&#8203;57522](nodejs/node#57522)
-   \[[`5c976f16cd`](nodejs/node@5c976f16cd)] - **sqlite**: add DatabaseSync.prototype\[Symbol.dispose]\() (Colin Ihrig) [#&#8203;57506](nodejs/node#57506)
-   \[[`4b04c92d7d`](nodejs/node@4b04c92d7d)] - **(SEMVER-MINOR)** **sqlite**: add StatementSync.prototype.columns() (Colin Ihrig) [#&#8203;57490](nodejs/node#57490)
-   \[[`7f5e31645c`](nodejs/node@7f5e31645c)] - **src**: ensure primordials are initialized exactly once (Chengzhong Wu) [#&#8203;57519](nodejs/node#57519)
-   \[[`9611980f58`](nodejs/node@9611980f58)] - **src**: improve error handling in multiple files (James M Snell) [#&#8203;57507](nodejs/node#57507)
-   \[[`3ddc5cd875`](nodejs/node@3ddc5cd875)] - **src**: cache urlpattern properties (JonasBa) [#&#8203;57465](nodejs/node#57465)
-   \[[`b9d9ee4da2`](nodejs/node@b9d9ee4da2)] - **src**: make minor cleanups in encoding_binding.cc (James M Snell) [#&#8203;57448](nodejs/node#57448)
-   \[[`f8acf2dd2a`](nodejs/node@f8acf2dd2a)] - **src**: make minor cleanups in compile_cache.cc (James M Snell) [#&#8203;57448](nodejs/node#57448)
-   \[[`6ee15c6509`](nodejs/node@6ee15c6509)] - **src**: define urlpattern components using a macro (JonasBa) [#&#8203;57452](nodejs/node#57452)
-   \[[`4ab3c1690a`](nodejs/node@4ab3c1690a)] - **src**: cleanup crypto more (James M Snell) [#&#8203;57323](nodejs/node#57323)
-   \[[`5be80b1748`](nodejs/node@5be80b1748)] - **src**: refine ncrypto more (James M Snell) [#&#8203;57300](nodejs/node#57300)
-   \[[`6a13319a6e`](nodejs/node@6a13319a6e)] - **src**: cleanup aliased_buffer.h (Mohammed Keyvanzadeh) [#&#8203;57395](nodejs/node#57395)
-   \[[`3cff7f80bb`](nodejs/node@3cff7f80bb)] - **src**: suggest --use-system-ca when a certificate error occurs (Aditi) [#&#8203;57362](nodejs/node#57362)
-   \[[`3d372ad9f3`](nodejs/node@3d372ad9f3)] - **test**: update WPT for urlpattern to [`6ceca69`](nodejs/node@6ceca69d26) (Node.js GitHub Bot) [#&#8203;57486](nodejs/node#57486)
-   \[[`481ea665af`](nodejs/node@481ea665af)] - **test**: add more number cases for buffer.indexOf (Meghan Denny) [#&#8203;57200](nodejs/node#57200)
-   \[[`27b01ed4e7`](nodejs/node@27b01ed4e7)] - **test**: update parallel/test-tls-dhe for OpenSSL 3.5 (Richard Lau) [#&#8203;57477](nodejs/node#57477)
-   \[[`8f7debcf41`](nodejs/node@8f7debcf41)] - **timers**: optimize timer functions with improved argument handling (Gürgün Dayıoğlu) [#&#8203;57072](nodejs/node#57072)
-   \[[`d4abd9d3fb`](nodejs/node@d4abd9d3fb)] - **timers**: remove unnecessary allocation of \_onTimeout (Gürgün Dayıoğlu) [#&#8203;57497](nodejs/node#57497)
-   \[[`f8f81c8ba2`](nodejs/node@f8f81c8ba2)] - **timers**: remove unused parameter from insertGuarded (Gürgün Dayıoğlu) [#&#8203;57251](nodejs/node#57251)
-   \[[`c4fdb27b51`](nodejs/node@c4fdb27b51)] - **tls**: remove unnecessary type check on normalize (Yagiz Nizipli) [#&#8203;57336](nodejs/node#57336)
-   \[[`ad5dcc5798`](nodejs/node@ad5dcc5798)] - **tools**: fix WPT update cron string (Antoine du Hamel) [#&#8203;57665](nodejs/node#57665)
-   \[[`7faa482588`](nodejs/node@7faa482588)] - **tools**: remove stalled label on unstalled issues and MRs (Rich Trott) [#&#8203;57630](nodejs/node#57630)
-   \[[`e3bb26da2b`](nodejs/node@e3bb26da2b)] - **tools**: update sccache to support GH cache changes (Michaël Zasso) [#&#8203;57573](nodejs/node#57573)
-   \[[`f0c9f505d9`](nodejs/node@f0c9f505d9)] - **tools**: bump [@&#8203;babel/helpers](https://github.com/babel/helpers) from 7.26.9 to 7.26.10 in /tools/eslint (dependabot\[bot]) [#&#8203;57444](nodejs/node#57444)
-   \[[`a40ff1f646`](nodejs/node@a40ff1f646)] - **url**: fix constructor error message for URLPattern (jakecastelli) [#&#8203;57482](nodejs/node#57482)
-   \[[`f36bee4b89`](nodejs/node@f36bee4b89)] - **util**: avoid run debug when enabled is false (fengmk2) [#&#8203;57494](nodejs/node#57494)
-   \[[`1b8d1d3a3a`](nodejs/node@1b8d1d3a3a)] - **(SEMVER-MINOR)** **util**: expose diff function used by the assertion errors (Giovanni Bucci) [#&#8203;57462](nodejs/node#57462)
-   \[[`1f7b08a317`](nodejs/node@1f7b08a317)] - **win,test**: disable test case failing with ClangCL (Stefan Stojanovic) [#&#8203;57397](nodejs/node#57397)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMzAuMiIsInVwZGF0ZWRJblZlciI6IjM5LjIzMC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->

An eventual goal for ncrypto is to completely abstract away
details of working directly with openssl in order to make it
easier to work with multiple different openssl/boringssl versions.
As part of that we want to move away from direct reliance on
specific openssl APIs in the runtime and instead go through
the ncrypto abstractions. Not only does this help other
runtimes trying to be compatible with Node.js, but it helps
Node.js also by reducing the complexity of the crypto code
in Node.js itself.

PR-URL: #57300
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

An eventual goal for ncrypto is to completely abstract away
details of working directly with openssl in order to make it
easier to work with multiple different openssl/boringssl versions.
As part of that we want to move away from direct reliance on
specific openssl APIs in the runtime and instead go through
the ncrypto abstractions. Not only does this help other
runtimes trying to be compatible with Node.js, but it helps
Node.js also by reducing the complexity of the crypto code
in Node.js itself.

PR-URL: #57300
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>