Credential-Zugriff
Reads environment variables, dotenv files, npm tokens, and project config reachable to scripts.
brew / Approval Gates
Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für node in AI-Agent-Workflows.
Agent-Sicherheit
node executes JavaScript tooling that commonly reads project secrets and launches npm package workflows.
Reads environment variables, dotenv files, npm tokens, and project config reachable to scripts.
Can run deploy scripts, API clients, and arbitrary package scripts.
Can build and publish npm packages or generated application bundles.
Gate package publishing and lifecycle scripts; scan project secrets before agent runs.
Allow test/build commands after scanning; require approval for publish, install scripts, and deploy actions.
Installation
brew install nodelocal Homebrew formula metadata
sudo port install nodejs24MacPorts ports tree · lang/nodejs24/Portfile · Quelle: api.github.com
sudo apk add nodejsAlpine Linux edge package indexes · nodejs · Quelle: dl-cdn.alpinelinux.org
sudo apt install nodejsDebian stable package indexes · nodejs · Quelle: deb.debian.org
sudo dnf install nodejs24Fedora Rawhide package metadata · nodejs24 · Quelle: dl.fedoraproject.org
nix profile install nixpkgs#nodejsnixpkgs package indexes · nodejs · Quelle: raw.githubusercontent.com
sudo pacman -S nodejsArch Linux sync databases · nodejs · Quelle: geo.mirror.pkgbuild.com
sudo zypper install nodejs24openSUSE Tumbleweed package metadata · nodejs24 · Quelle: download.opensuse.org
choco install nodejsChocolatey community package catalog · nodejs · Quelle: community.chocolatey.org
scoop install main/nodejsScoop official bucket manifest trees · bucket/nodejs.json · Quelle: api.github.com
winget install --id OpenJS.NodeJS -eWindows Package Manager source index · OpenJS.NodeJS · Quelle: cdn.winget.microsoft.com
Überblick
Open-source, cross-platform JavaScript runtime environment
Verlauf
Node.js is the JavaScript runtime that made server-side and command-line JavaScript mainstream. The official Node.js about page describes it as an asynchronous event-driven runtime designed for scalable network applications, with HTTP as a first-class feature and an event loop hidden behind ordinary JavaScript program execution.
Ryan Dahl created Node.js around 2009 to run JavaScript outside the browser for network servers and other I/O-heavy programs. The runtime combined Google's V8 JavaScript engine with an event loop and low-level I/O APIs, giving web developers a single language across browser code, servers, tooling, and package scripts.
The early project was stewarded by Joyent, then hit a governance crisis in 2014 when prominent contributors forked it as io.js. The Node.js Foundation announced on 14 September 2015 that Node.js v4.0.0 combined the Node.js and io.js codebases under the foundation, added a long-term support plan, and moved the project to regular semver-based release lines.
The Node.js Foundation and JS Foundation announced their merger into the OpenJS Foundation on 12 March 2019. That put Node.js under the broader vendor-neutral JavaScript foundation that also houses projects such as Node-RED.
Node.js adoption grew because it solved several developer and operational needs at once: fast startup for scripts, non-blocking network servers, JSON-native APIs, a giant npm ecosystem, and one language for browser and server teams. The 2015 foundation announcement said Node.js was used by tens of thousands of organizations in more than 200 countries and had more than 2 million downloads per month.
Homebrew's `node` formula is the rolling mainstream macOS/Linux package for the latest Node major. The Formulae page lists aliases including `node.js`, `node@26`, `nodejs`, and `npm`, and reports 3,116,013 installs over 365 days with 2,515,719 installs on request. Within Homebrew, that makes it the high-volume default path for developers who want Node, npm, and npx without a separate version manager.
Homebrew users install the rolling formula with `brew install node`, then get `node`, `npm`, and `npx`. The formula is convenient for system-level CLI tools, local development, and build dependencies, while teams that need exact per-project versions often layer nvm, fnm, asdf, volta, nodenv, or Homebrew's versioned `node@` formulas on top of that ecosystem.
Package nerds care about Node's release train because C++ addons, ESM/CommonJS behavior, OpenSSL, V8, npm, Corepack, test runner behavior, and web-platform APIs can all change across majors. The official release page explains that major versions historically enter Current for six months, even-numbered releases become LTS, and production applications should use Active LTS or Maintenance LTS releases.
For package-manager data, `brew:node` is the anchor package. It is both a runtime and a build input for huge parts of the JavaScript, frontend, Electron, language-server, and CLI-tooling worlds. Its adoption stats often reflect not only developers explicitly wanting Node, but also downstream packages whose builds or runtime scripts need Node available.
Approval Gates
Der lokale Approval-Gate-Seed enthält 7 Regeln für node. Abgedeckte Einstiegspunkte: corepack, node, npm, npx. Schweregrade: kritisch, hoch, mittel. Abdeckung: partial, geprüft am 2026-05-21.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
~/.npmrc%UserProfile%\.npmrcCredential-bearing paths to review before unattended agent runs.
~/.npmrc%UserProfile%\.npmrcExecutables
| Befehl | Art | Sichtbarkeit | Hinweis |
|---|---|---|---|
node | cli | globales Executable | |
npm | cli | globales Executable | |
npx | cli | globales Executable |
Aktualität
Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.
Installationsmetadaten
| Paketschlüssel | brew:node |
|---|---|
| Version | 26.5.0 |
| Paketmanager | Homebrew |
| Paketmanager-Seite | https://formulae.brew.sh/formula/node |
| Homepage | https://nodejs.org/ |
| Repository | https://github.com/nodejs/node |
| Upstream-Dokumentation | https://nodejs.org/docs/latest/api |
| Lizenz | MIT |
| Quellarchiv | https://nodejs.org/dist/v26.5.0/node-v26.5.0.tar.xz |
| Zuletzt aktualisiert | 2026-07-08T22:59:49Z |
| Pulse | updated |
| Abhängigkeiten | ada-url, brotli, c-ares, hdrhistogram_c, icu4c@78, libffi, libnghttp2, libnghttp3, libngtcp2, libuv, llhttp, merve, nbytes, openssl@3, simdjson, sqlite, uvwasi, zstd |
| Build-Abhängigkeiten | pkgconf, python@3.14 |
| Von macOS bereitgestellte Bibliotheken | python |
| Bottle | verfügbar (auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | definiert |
| Dienst | keiner deklariert |
| Einschränkungen | Single Executable Application is disabled as it doesn't work with shared libnode. Temporal support is disabled as it doesn't work with shared ICU library. |
Registry-Fakten
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | node |
| Aliases |
|
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
Source-Datenbank-Treffer
Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.
nodejs 20.19.2+dfsg-1+deb13u2
evented I/O for V8 javascript - runtime executable
sudo apt install nodejsnodejs
nix profile install nixpkgs#nodejsnodejs 18.19.1+dfsg-6ubuntu5
evented I/O for V8 javascript - runtime executable
sudo apt install nodejsnodejs 24.16.0-r0
JavaScript runtime built on V8 engine - LTS version
sudo apk add nodejsnodejs24 24.15.0-1.fc45
JavaScript runtime
sudo dnf install nodejs24nodejs 26.2.0-1
Evented I/O for V8 javascript ("Current" release)
sudo pacman -S nodejsnodejs24 24.14.1-2.2
Evented I/O for V8 JavaScript
sudo zypper install nodejs24nodejs24
sudo port install nodejs24nodejs
choco install nodejsmain/nodejs
scoop install main/nodejsOpenJS.NodeJS
winget install --id OpenJS.NodeJS -enpm 9.2.0~ds1-3
package manager for Node.js
sudo apt install npmnpm 9.2.0~ds1-2
package manager for Node.js
sudo apt install npmnpm 11.12.1-r0
The package manager for JavaScript
sudo apk add npmnpm-bash-completion 11.12.1-r0
Bash completions for npm
sudo apk add npm-bash-completionnpm-doc 11.12.1-r0
The package manager for JavaScript (documentation)
sudo apk add npm-docQuellspur
Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.
View the package source record on GitHub.