Node.js is an open-source, cross-platform JavaScript runtime environment.
For information on using Node.js, see the Node.js website.
The Node.js project uses an open governance model. The OpenJS Foundation provides support for the project.
Contributors are expected to act in a collaborative manner to move the project forward. We encourage the constructive exchange of contrary opinions and compromise. The TSC reserves the right to limit or block contributors who repeatedly act in ways that discourage, exhaust, or otherwise negatively affect other participants.
This project has a Code of Conduct.
Looking for help? Check out the instructions for getting support.
Current and LTS releases follow semantic versioning. A member of the Release Team signs each Current and LTS release. For more information, see the Release README.
Binaries, installers, and source tarballs are available at https://nodejs.org/en/download/.
https://nodejs.org/download/release/
The latest directory is an alias for the latest Current release. The latest-codename directory is an alias for the latest release from an LTS line. For example, the latest-hydrogen directory contains the latest Hydrogen (Node.js 18) release.
https://nodejs.org/download/nightly/
Each directory and filename includes the version (e.g., v22.0.0), followed by the UTC date (e.g., 20240424 for April 24, 2024), and the short commit SHA of the HEAD of the release (e.g., ddd0a9e494). For instance, a full directory name might look like v22.0.0-nightly20240424ddd0a9e494.
Documentation for the latest Current release is at https://nodejs.org/api/. Version-specific documentation is available in each release directory in the docs subdirectory. Version-specific documentation is also at https://nodejs.org/download/docs/.
Download directories contain a SHASUMS256.txt file with SHA checksums for the files.
To download SHASUMS256.txt using curl:
curl -O https://nodejs.org/dist/vx.y.z/SHASUMS256.txt
To check that downloaded files match the checksum, use sha256sum:
sha256sum -c SHASUMS256.txt --ignore-missing
For Current and LTS, the GPG detached signature of SHASUMS256.txt is in SHASUMS256.txt.sig. You can use it with gpg to verify the integrity of SHASUMS256.txt. You will first need to import the GPG keys of individuals authorized to create releases.
See Release keys for commands to import active release keys.
Next, download the SHASUMS256.txt.sig for the release:
curl -O https://nodejs.org/dist/vx.y.z/SHASUMS256.txt.sig
Then use gpg --verify SHASUMS256.txt.sig SHASUMS256.txt to verify the file's signature.
See BUILDING.md for instructions on how to build Node.js from source and a list of supported platforms.
For information on reporting security vulnerabilities in Node.js, see SECURITY.md.
For information about the governance of the Node.js project, see GOVERNANCE.md.
TSC (Technical Steering Committee)Collaborators follow the Collaborator Guide in maintaining the Node.js project.
Triagers follow the Triage Guide when responding to new issues.
Primary GPG keys for Node.js Releasers (some Releasers sign with subkeys):
C0D6248439F1D5604AAFFB4021D900FFDB233756DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7CC68F5A3106FF448322E48ED27F5E38D5B0A215F8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C108F52B48DB57BB0CC439B2997B01419BD92F80AA363A499291CBBC940DD62E41F10027AF002F8B0To import the full set of trusted release keys (including subkeys possibly used to sign releases):
gpg --keyserver hkps://keys.openpgp.org --recv-keys C0D6248439F1D5604AAFFB4021D900FFDB233756 # Antoine du Hamel gpg --keyserver hkps://keys.openpgp.org --recv-keys DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 # Juan José Arboleda gpg --keyserver hkps://keys.openpgp.org --recv-keys CC68F5A3106FF448322E48ED27F5E38D5B0A215F # Marco Ippolito gpg --keyserver hkps://keys.openpgp.org --recv-keys 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 # Michaël Zasso gpg --keyserver hkps://keys.openpgp.org --recv-keys 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 # Rafael Gonzaga gpg --keyserver hkps://keys.openpgp.org --recv-keys C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C # Richard Lau gpg --keyserver hkps://keys.openpgp.org --recv-keys 108F52B48DB57BB0CC439B2997B01419BD92F80A # Ruy Adorno gpg --keyserver hkps://keys.openpgp.org --recv-keys A363A499291CBBC940DD62E41F10027AF002F8B0 # Ulises Gascón
See Verifying binaries for how to use these keys to verify a downloaded file.
Other keys used to sign some previous releases4ED778F539E3634C779C87C6D7062848A1AB005C141F07595B7B3FFE74309A937405533BE57C7D579554F04D7259F04124DE6B476D5A82AC7E37093B94AE36675C464D64BAFA68DD7434390BDBE9B9C51C050899334244A8AF75E53792EF661D867B9DFA 74F12602B6F1C4E913FAA37AD3A89613643B6201B9AE9905FFD7803F25714661B63B535A4C206CA977984A986EBC2AA786BC0F66B01FBB92821C587A93C7E9E91B49E432C2F75674B0A78B0A6C481CF656730D5401028683275BD23C23EFEFE93C4CFFFE71DCFD284A79C3B38668286BC97EC7A07EDE3FC1FD3A5288F042B6850C66B31F09FE44734EB7990E61FC681DFB92A079F1685E77973F295594EC4689114F43EE0176B71C7BC219DD50A3051F888C628DC4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8DD8F2338BAE7501E3DD5AC78C273792F7D83545DA48C2BEE680E841632CD4E44F07496B3EB3C1762B9E2F5981AA6E0CD28160D9FF13993A75599653C7937DFD2AB06298B2293C3187D33FF9D0246406DWhen possible, the commitment to take slots in the security release steward rotation is made by companies in order to ensure individuals who act as security stewards have the support and recognition from their employer to be able to prioritize security releases. Security release stewards manage security releases on a rotation basis as outlined in the security release process.
Node.js is available under the MIT License. Node.js also includes external libraries that are available under a variety of licenses. See LICENSE for the full license text.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4