Automic VaultAutomic Vault

brew / Approval Gates

node mit Homebrew, apk, chocolatey, apt, dnf, MacPorts, Nix, pacman, scoop, winget, zypper installieren

Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für node in AI-Agent-Workflows.

Agent-Sicherheit

Antwort zur Agent-Sicherheit

node executes JavaScript tooling that commonly reads project secrets and launches npm package workflows.

Credential-Zugriff

Reads environment variables, dotenv files, npm tokens, and project config reachable to scripts.

Änderungen an Remote-Zustand

Can run deploy scripts, API clients, and arbitrary package scripts.

Publish-/Artefakt-Risiko

Can build and publish npm packages or generated application bundles.

Empfohlene Kontrolle

Gate package publishing and lifecycle scripts; scan project secrets before agent runs.

Hinweise für Agent-Nutzung

Allow test/build commands after scanning; require approval for publish, install scripts, and deploy actions.

Installation

Weitere Installationsbefehle

macOS

Homebrewverifiziert · 100%
brew install node

local Homebrew formula metadata

MacPortsverifiziert · 94%
sudo port install nodejs24

MacPorts ports tree · lang/nodejs24/Portfile · Quelle: api.github.com

Linux

Alpine Linux apkverifiziert · 92%
sudo apk add nodejs

Alpine Linux edge package indexes · nodejs · Quelle: dl-cdn.alpinelinux.org

Debian aptverifiziert · 92%
sudo apt install nodejs

Debian stable package indexes · nodejs · Quelle: deb.debian.org

Fedora dnfverifiziert · 92%
sudo dnf install nodejs24

Fedora Rawhide package metadata · nodejs24 · Quelle: dl.fedoraproject.org

Nixverifiziert · 92%
nix profile install nixpkgs#nodejs

nixpkgs package indexes · nodejs · Quelle: raw.githubusercontent.com

Arch Linux pacmanverifiziert · 92%
sudo pacman -S nodejs

Arch Linux sync databases · nodejs · Quelle: geo.mirror.pkgbuild.com

openSUSE zypperverifiziert · 92%
sudo zypper install nodejs24

openSUSE Tumbleweed package metadata · nodejs24 · Quelle: download.opensuse.org

Windows

Chocolateyverifiziert · 92%
choco install nodejs

Chocolatey community package catalog · nodejs · Quelle: community.chocolatey.org

Scoopverifiziert · 92%
scoop install main/nodejs

Scoop official bucket manifest trees · bucket/nodejs.json · Quelle: api.github.com

Windows Package Managerverifiziert · 92%
winget install --id OpenJS.NodeJS -e

Windows Package Manager source index · OpenJS.NodeJS · Quelle: cdn.winget.microsoft.com

Überblick

Paketzusammenfassung

Open-source, cross-platform JavaScript runtime environment

Befehle und Aliase

  • node
  • npm
  • npx

Verlauf

Projektgeschichte und Nutzung

Node.js is the JavaScript runtime that made server-side and command-line JavaScript mainstream. The official Node.js about page describes it as an asynchronous event-driven runtime designed for scalable network applications, with HTTP as a first-class feature and an event loop hidden behind ordinary JavaScript program execution.

Projektgeschichte

Ryan Dahl created Node.js around 2009 to run JavaScript outside the browser for network servers and other I/O-heavy programs. The runtime combined Google's V8 JavaScript engine with an event loop and low-level I/O APIs, giving web developers a single language across browser code, servers, tooling, and package scripts.

The early project was stewarded by Joyent, then hit a governance crisis in 2014 when prominent contributors forked it as io.js. The Node.js Foundation announced on 14 September 2015 that Node.js v4.0.0 combined the Node.js and io.js codebases under the foundation, added a long-term support plan, and moved the project to regular semver-based release lines.

The Node.js Foundation and JS Foundation announced their merger into the OpenJS Foundation on 12 March 2019. That put Node.js under the broader vendor-neutral JavaScript foundation that also houses projects such as Node-RED.

Adoptionsgeschichte

Node.js adoption grew because it solved several developer and operational needs at once: fast startup for scripts, non-blocking network servers, JSON-native APIs, a giant npm ecosystem, and one language for browser and server teams. The 2015 foundation announcement said Node.js was used by tens of thousands of organizations in more than 200 countries and had more than 2 million downloads per month.

Homebrew's `node` formula is the rolling mainstream macOS/Linux package for the latest Node major. The Formulae page lists aliases including `node.js`, `node@26`, `nodejs`, and `npm`, and reports 3,116,013 installs over 365 days with 2,515,719 installs on request. Within Homebrew, that makes it the high-volume default path for developers who want Node, npm, and npx without a separate version manager.

Wie es verwendet wird

Homebrew users install the rolling formula with `brew install node`, then get `node`, `npm`, and `npx`. The formula is convenient for system-level CLI tools, local development, and build dependencies, while teams that need exact per-project versions often layer nvm, fnm, asdf, volta, nodenv, or Homebrew's versioned `node@` formulas on top of that ecosystem.

Package nerds care about Node's release train because C++ addons, ESM/CommonJS behavior, OpenSSL, V8, npm, Corepack, test runner behavior, and web-platform APIs can all change across majors. The official release page explains that major versions historically enter Current for six months, even-numbered releases become LTS, and production applications should use Active LTS or Maintenance LTS releases.

Warum Paket-Nerds sich dafür interessieren

For package-manager data, `brew:node` is the anchor package. It is both a runtime and a build input for huge parts of the JavaScript, frontend, Electron, language-server, and CLI-tooling worlds. Its adoption stats often reflect not only developers explicitly wanting Node, but also downstream packages whose builds or runtime scripts need Node available.

Zeitleiste

  • 2009: Ryan Dahl creates Node.js and presents the early runtime publicly.
  • 2014: io.js fork forms during the Node.js governance dispute.
  • 2015-09-14: Node.js v4.0.0 reunifies Node.js and io.js under the Node.js Foundation and introduces the modern LTS direction.
  • 2019-03-12: Node.js Foundation and JS Foundation announce the OpenJS Foundation merger.
  • 2026: Homebrew's rolling `node` formula tracks Node 26.x and lists node@24, node@22, node@20, and node@18 as adjacent versioned formulas.

Related projects

  • npm
  • npx
  • Corepack
  • V8
  • libuv
  • OpenJS Foundation
  • io.js

Approval Gates

Metadaten für menschliche Prüfung riskanter Befehle

Der lokale Approval-Gate-Seed enthält 7 Regeln für node. Abgedeckte Einstiegspunkte: corepack, node, npm, npx. Schweregrade: kritisch, hoch, mittel. Abdeckung: partial, geprüft am 2026-05-21.

Beispiele für gated Aktionen

  • Execute inline JavaScript supplied on the command line.
  • Load custom import hooks or require hooks before executing code.
  • Publish a package to the npm registry.
  • Install npm packages into a global executable location.
  • Remove package versions from the npm registry.
  • Download and execute a package by name.
  • Download and activate a package-manager shim.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
~/.npmrc
Windows
%UserProfile%\.npmrc

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
~/.npmrc
Windows
%UserProfile%\.npmrc

Executables

Installierte Executables

BefehlArtSichtbarkeitHinweis
nodecliglobales Executable
npmcliglobales Executable
npxcliglobales Executable

Aktualität

Version und Aktualität

Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.

Seite generiert2026-07-10
Manager-Version26.5.0
Manager aktualisiert2026-07-08
lokale DatenOK
Upstreamnot checked
neueste erkannte Versionnicht erkannt

https://nodejs.org/

  • InfoRelease/tag comparison is only available for GitHub repositories.https://nodejs.org/none Konfidenz

Installationsmetadaten

Paketmetadaten

Paketschlüsselbrew:node
Version26.5.0
PaketmanagerHomebrew
Paketmanager-Seitehttps://formulae.brew.sh/formula/node
Homepagehttps://nodejs.org/
Repositoryhttps://github.com/nodejs/node
Upstream-Dokumentationhttps://nodejs.org/docs/latest/api
LizenzMIT
Quellarchivhttps://nodejs.org/dist/v26.5.0/node-v26.5.0.tar.xz
Zuletzt aktualisiert2026-07-08T22:59:49Z
Pulseupdated
Abhängigkeitenada-url, brotli, c-ares, hdrhistogram_c, icu4c@78, libffi, libnghttp2, libnghttp3, libngtcp2, libuv, llhttp, merve, nbytes, openssl@3, simdjson, sqlite, uvwasi, zstd
Build-Abhängigkeitenpkgconf, python@3.14
Von macOS bereitgestellte Bibliothekenpython
Bottleverfügbar (auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installdefiniert
Dienstkeiner deklariert
EinschränkungenSingle Executable Application is disabled as it doesn't work with shared libnode. Temporal support is disabled as it doesn't work with shared ICU library.

Registry-Fakten

Details aus der Quelldatenbank

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namenode
Aliases
  • node.js
  • node@26
  • nodejs
  • npm
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

Source-Datenbank-Treffer

Andere Paketmanager-Einträge

Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.

Debian apt95%

nodejs 20.19.2+dfsg-1+deb13u2

evented I/O for V8 javascript - runtime executable

https://nodejs.org/

sudo apt install nodejs
  • Section: web
  • Architecture: amd64
  • 3 Abhängigkeiten
  • 1 stellt bereit
  • 3 optionale Abhängigkeiten
  • normalized package name match
  • Abgeglichen nach: Node
Debian stable package indexes · deb.debian.org · Debian stable package indexes: nodejs from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Nix95%

nodejs

nix profile install nixpkgs#nodejs
  • normalized package name match
  • Abgeglichen nach: Node
nixpkgs package indexes · raw.githubusercontent.com · nixpkgs package indexes: nodejs from https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/top-level/all-packages.nix
Ubuntu apt95%

nodejs 18.19.1+dfsg-6ubuntu5

evented I/O for V8 javascript - runtime executable

https://nodejs.org/

sudo apt install nodejs
  • Section: universe/web
  • Architecture: amd64
  • 2 Abhängigkeiten
  • 1 stellt bereit
  • 3 optionale Abhängigkeiten
  • normalized package name match
  • Abgeglichen nach: Node
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: nodejs from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
apk95%

nodejs 24.16.0-r0

JavaScript runtime built on V8 engine - LTS version

https://nodejs.org/

sudo apk add nodejs
  • License: MIT
  • Architecture: x86_64
  • Source Package: nodejs
  • 1 Abhängigkeiten
  • 1 stellt bereit
  • normalized package name match
  • Abgeglichen nach: Node
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: nodejs from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
dnf95%

nodejs24 24.15.0-1.fc45

JavaScript runtime

https://nodejs.org

sudo dnf install nodejs24
  • License: Apache-2.0 AND Artistic-2.0 AND BSD-2-Clause AND BSD-3-Clause AND BlueOak-1.0.0 AND CC-BY-3.0 AND CC0-1.0 AND ISC AND MIT
  • Category: Unspecified
  • Architecture: x86_64
  • Source Package: nodejs24
  • 6 Abhängigkeiten
  • 4 stellt bereit
  • normalized package name match
  • Abgeglichen nach: Node
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: nodejs24 from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst
pacman95%

nodejs 26.2.0-1

Evented I/O for V8 javascript ("Current" release)

https://nodejs.org/

sudo pacman -S nodejs
  • License: MIT
  • Architecture: x86_64
  • 13 Abhängigkeiten
  • 1 optionale Abhängigkeiten
  • normalized package name match
  • Abgeglichen nach: Node
Arch Linux sync databases · geo.mirror.pkgbuild.com · Arch Linux sync databases: nodejs from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz
zypper95%

nodejs24 24.14.1-2.2

Evented I/O for V8 JavaScript

https://nodejs.org

sudo zypper install nodejs24
  • License: MIT
  • Category: Development/Languages/NodeJS
  • Architecture: x86_64
  • Source Package: nodejs24
  • 18 Abhängigkeiten
  • 3 stellt bereit
  • normalized package name match
  • Abgeglichen nach: Node
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: nodejs24 from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
MacPorts95%

nodejs24

sudo port install nodejs24
  • normalized package name match
  • Abgeglichen nach: Node
MacPorts ports tree · api.github.com · MacPorts ports tree: lang/nodejs24/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1
Chocolatey95%

nodejs

choco install nodejs
  • normalized package name match
  • Abgeglichen nach: Node
Chocolatey community package catalog · community.chocolatey.org · Chocolatey community package catalog: nodejs from http://community.chocolatey.org/api/v2/Packages?$filter=IsLatestVersion&$select=Id&$top=1000&$skiptoken='11','nexus-repository'
Scoop95%

main/nodejs

scoop install main/nodejs
  • normalized package name match
  • Abgeglichen nach: Node
Scoop official bucket manifest trees · api.github.com · Scoop official bucket manifest trees: bucket/nodejs.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1
winget95%

OpenJS.NodeJS

winget install --id OpenJS.NodeJS -e
  • normalized package name match
  • Abgeglichen nach: Node
Windows Package Manager source index · cdn.winget.microsoft.com · Windows Package Manager source index: OpenJS.NodeJS from https://cdn.winget.microsoft.com/cache/source.msix
Debian apt92%

npm 9.2.0~ds1-3

package manager for Node.js

https://docs.npmjs.com/

sudo apt install npm
  • Section: web
  • Architecture: all
  • 32 Abhängigkeiten
  • 32 stellt bereit
  • 3 optionale Abhängigkeiten
  • installed executable or alias match
  • Abgeglichen nach: npm
Debian stable package indexes · deb.debian.org · Debian stable package indexes: npm from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Ubuntu apt92%

npm 9.2.0~ds1-2

package manager for Node.js

https://docs.npmjs.com/

sudo apt install npm
  • Section: universe/web
  • Architecture: all
  • 32 Abhängigkeiten
  • 32 stellt bereit
  • 3 optionale Abhängigkeiten
  • installed executable or alias match
  • Abgeglichen nach: npm
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: npm from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
apk92%

npm 11.12.1-r0

The package manager for JavaScript

https://www.npmjs.com/

sudo apk add npm
  • License: Artistic-2.0
  • Architecture: x86_64
  • Source Package: npm
  • 1 Abhängigkeiten
  • 1 stellt bereit
  • installed executable or alias match
  • Abgeglichen nach: npm
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: npm from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk92%

npm-bash-completion 11.12.1-r0

Bash completions for npm

https://www.npmjs.com/

sudo apk add npm-bash-completion
  • License: Artistic-2.0
  • Architecture: x86_64
  • Source Package: npm
  • installed executable or alias match
  • Abgeglichen nach: npm
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: npm-bash-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk92%

npm-doc 11.12.1-r0

The package manager for JavaScript (documentation)

https://www.npmjs.com/

sudo apk add npm-doc
  • License: Artistic-2.0
  • Architecture: x86_64
  • Source Package: npm
  • installed executable or alias match
  • Abgeglichen nach: npm
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: npm-doc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

Quellspur

Aus Repository-Daten generiert

Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.

Verwendete Quellen

  • Geiger risk classifier
  • Nucleus package database
  • approval-gate seed metadata
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated agent safety answer
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment