Automic VaultAutomic Vault

brew / portes d'approbation

Installer node avec Homebrew, apk, chocolatey, apt, dnf, MacPorts, Nix, pacman, scoop, winget, zypper

Consultez les chemins d'installation, exécutables, métadonnées et notes de sécurité de node pour les workflows d'agents IA.

sécurité des agents

Réponse sur la sécurité des agents

node executes JavaScript tooling that commonly reads project secrets and launches npm package workflows.

Accès aux identifiants

Reads environment variables, dotenv files, npm tokens, and project config reachable to scripts.

Modification distante

Can run deploy scripts, API clients, and arbitrary package scripts.

Risque de publication ou d'artéfact

Can build and publish npm packages or generated application bundles.

Contrôle recommandé

Gate package publishing and lifecycle scripts; scan project secrets before agent runs.

Conseils d'utilisation par les agents

Allow test/build commands after scanning; require approval for publish, install scripts, and deploy actions.

installation

Commandes d'installation supplémentaires

macOS

Homebrewvérifié · 100%
brew install node

local Homebrew formula metadata

MacPortsvérifié · 94%
sudo port install nodejs24

MacPorts ports tree · lang/nodejs24/Portfile · Source: api.github.com

Linux

Alpine Linux apkvérifié · 92%
sudo apk add nodejs

Alpine Linux edge package indexes · nodejs · Source: dl-cdn.alpinelinux.org

Debian aptvérifié · 92%
sudo apt install nodejs

Debian stable package indexes · nodejs · Source: deb.debian.org

Fedora dnfvérifié · 92%
sudo dnf install nodejs24

Fedora Rawhide package metadata · nodejs24 · Source: dl.fedoraproject.org

Nixvérifié · 92%
nix profile install nixpkgs#nodejs

nixpkgs package indexes · nodejs · Source: raw.githubusercontent.com

Arch Linux pacmanvérifié · 92%
sudo pacman -S nodejs

Arch Linux sync databases · nodejs · Source: geo.mirror.pkgbuild.com

openSUSE zyppervérifié · 92%
sudo zypper install nodejs24

openSUSE Tumbleweed package metadata · nodejs24 · Source: download.opensuse.org

Windows

Chocolateyvérifié · 92%
choco install nodejs

Chocolatey community package catalog · nodejs · Source: community.chocolatey.org

Scoopvérifié · 92%
scoop install main/nodejs

Scoop official bucket manifest trees · bucket/nodejs.json · Source: api.github.com

Windows Package Managervérifié · 92%
winget install --id OpenJS.NodeJS -e

Windows Package Manager source index · OpenJS.NodeJS · Source: cdn.winget.microsoft.com

aperçu

Résumé du paquet

Open-source, cross-platform JavaScript runtime environment

Commandes et alias

  • node
  • npm
  • npx

historique

Historique du projet et usages

Node.js is the JavaScript runtime that made server-side and command-line JavaScript mainstream. The official Node.js about page describes it as an asynchronous event-driven runtime designed for scalable network applications, with HTTP as a first-class feature and an event loop hidden behind ordinary JavaScript program execution.

Historique du projet

Ryan Dahl created Node.js around 2009 to run JavaScript outside the browser for network servers and other I/O-heavy programs. The runtime combined Google's V8 JavaScript engine with an event loop and low-level I/O APIs, giving web developers a single language across browser code, servers, tooling, and package scripts.

The early project was stewarded by Joyent, then hit a governance crisis in 2014 when prominent contributors forked it as io.js. The Node.js Foundation announced on 14 September 2015 that Node.js v4.0.0 combined the Node.js and io.js codebases under the foundation, added a long-term support plan, and moved the project to regular semver-based release lines.

The Node.js Foundation and JS Foundation announced their merger into the OpenJS Foundation on 12 March 2019. That put Node.js under the broader vendor-neutral JavaScript foundation that also houses projects such as Node-RED.

Historique d'adoption

Node.js adoption grew because it solved several developer and operational needs at once: fast startup for scripts, non-blocking network servers, JSON-native APIs, a giant npm ecosystem, and one language for browser and server teams. The 2015 foundation announcement said Node.js was used by tens of thousands of organizations in more than 200 countries and had more than 2 million downloads per month.

Homebrew's `node` formula is the rolling mainstream macOS/Linux package for the latest Node major. The Formulae page lists aliases including `node.js`, `node@26`, `nodejs`, and `npm`, and reports 3,116,013 installs over 365 days with 2,515,719 installs on request. Within Homebrew, that makes it the high-volume default path for developers who want Node, npm, and npx without a separate version manager.

Modes d'utilisation

Homebrew users install the rolling formula with `brew install node`, then get `node`, `npm`, and `npx`. The formula is convenient for system-level CLI tools, local development, and build dependencies, while teams that need exact per-project versions often layer nvm, fnm, asdf, volta, nodenv, or Homebrew's versioned `node@` formulas on top of that ecosystem.

Package nerds care about Node's release train because C++ addons, ESM/CommonJS behavior, OpenSSL, V8, npm, Corepack, test runner behavior, and web-platform APIs can all change across majors. The official release page explains that major versions historically enter Current for six months, even-numbered releases become LTS, and production applications should use Active LTS or Maintenance LTS releases.

Pourquoi les passionnés de paquets s'y intéressent

For package-manager data, `brew:node` is the anchor package. It is both a runtime and a build input for huge parts of the JavaScript, frontend, Electron, language-server, and CLI-tooling worlds. Its adoption stats often reflect not only developers explicitly wanting Node, but also downstream packages whose builds or runtime scripts need Node available.

Chronologie

  • 2009: Ryan Dahl creates Node.js and presents the early runtime publicly.
  • 2014: io.js fork forms during the Node.js governance dispute.
  • 2015-09-14: Node.js v4.0.0 reunifies Node.js and io.js under the Node.js Foundation and introduces the modern LTS direction.
  • 2019-03-12: Node.js Foundation and JS Foundation announce the OpenJS Foundation merger.
  • 2026: Homebrew's rolling `node` formula tracks Node 26.x and lists node@24, node@22, node@20, and node@18 as adjacent versioned formulas.

Related projects

  • npm
  • npx
  • Corepack
  • V8
  • libuv
  • OpenJS Foundation
  • io.js

portes d'approbation

Métadonnées de revue humaine pour commandes risquées

La graine locale de portes d'approbation contient 7 règles pour node. Points d'entrée couverts : corepack, node, npm, npx. Niveaux de sévérité : critique, élevé, moyen. Couverture : partial, revu le 2026-05-21.

Exemples d'actions contrôlées

  • Execute inline JavaScript supplied on the command line.
  • Load custom import hooks or require hooks before executing code.
  • Publish a package to the npm registry.
  • Install npm packages into a global executable location.
  • Remove package versions from the npm registry.
  • Download and execute a package by name.
  • Download and activate a package-manager shim.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
~/.npmrc
Windows
%UserProfile%\.npmrc

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
~/.npmrc
Windows
%UserProfile%\.npmrc

exécutables

Exécutables installés

CommandeTypeExpositionNote
nodecliexécutable global
npmcliexécutable global
npxcliexécutable global

fraîcheur

Version et fraîcheur

Ces signaux séparent l'âge de génération de la page, l'activité du gestionnaire de paquets et la comparaison avec les versions amont. Un retard de version n'est signalé que lorsqu'une URL de preuve et des versions comparables sont présentes.

page générée2026-07-10
version du gestionnaire26.5.0
gestionnaire mis à jour2026-07-08
données localesOK
amontnot checked
dernière version détectéenon détecté

https://nodejs.org/

  • infoRelease/tag comparison is only available for GitHub repositories.https://nodejs.org/confiance none

métadonnées d'installation

Métadonnées du paquet

Clé du paquetbrew:node
Version26.5.0
Gestionnaire de paquetsHomebrew
Page du gestionnaire de paquetshttps://formulae.brew.sh/formula/node
Page d'accueilhttps://nodejs.org/
Dépôthttps://github.com/nodejs/node
Docs amonthttps://nodejs.org/docs/latest/api
LicenceMIT
Archive sourcehttps://nodejs.org/dist/v26.5.0/node-v26.5.0.tar.xz
Dernière mise à jour2026-07-08T22:59:49Z
Pulseupdated
Dépendancesada-url, brotli, c-ares, hdrhistogram_c, icu4c@78, libffi, libnghttp2, libnghttp3, libngtcp2, libuv, llhttp, merve, nbytes, openssl@3, simdjson, sqlite, uvwasi, zstd
Dépendances de compilationpkgconf, python@3.14
Bibliothèques fournies par macOSpython
Bouteilledisponible (sur arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
post-install Homebrewdéfini
Serviceaucun déclaré
PrécautionsSingle Executable Application is disabled as it doesn't work with shared libnode. Temporal support is disabled as it doesn't work with shared ICU library.

faits du registre

Détails de la base source

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namenode
Aliases
  • node.js
  • node@26
  • nodejs
  • npm
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

correspondances dans les bases sources

Autres enregistrements de gestionnaires de paquets

Les correspondances proviennent d’index externes de gestionnaires de paquets et restent séparées des liens de paquets Automic Vault locaux.

Debian apt95%

nodejs 20.19.2+dfsg-1+deb13u2

evented I/O for V8 javascript - runtime executable

https://nodejs.org/

sudo apt install nodejs
  • Section: web
  • Architecture: amd64
  • 3 Dépendances
  • 1 fournit
  • 3 dépendances optionnelles
  • normalized package name match
  • Correspondance par : Node
Debian stable package indexes · deb.debian.org · Debian stable package indexes: nodejs from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Nix95%

nodejs

nix profile install nixpkgs#nodejs
  • normalized package name match
  • Correspondance par : Node
nixpkgs package indexes · raw.githubusercontent.com · nixpkgs package indexes: nodejs from https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/top-level/all-packages.nix
Ubuntu apt95%

nodejs 18.19.1+dfsg-6ubuntu5

evented I/O for V8 javascript - runtime executable

https://nodejs.org/

sudo apt install nodejs
  • Section: universe/web
  • Architecture: amd64
  • 2 Dépendances
  • 1 fournit
  • 3 dépendances optionnelles
  • normalized package name match
  • Correspondance par : Node
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: nodejs from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
apk95%

nodejs 24.16.0-r0

JavaScript runtime built on V8 engine - LTS version

https://nodejs.org/

sudo apk add nodejs
  • License: MIT
  • Architecture: x86_64
  • Source Package: nodejs
  • 1 Dépendances
  • 1 fournit
  • normalized package name match
  • Correspondance par : Node
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: nodejs from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
dnf95%

nodejs24 24.15.0-1.fc45

JavaScript runtime

https://nodejs.org

sudo dnf install nodejs24
  • License: Apache-2.0 AND Artistic-2.0 AND BSD-2-Clause AND BSD-3-Clause AND BlueOak-1.0.0 AND CC-BY-3.0 AND CC0-1.0 AND ISC AND MIT
  • Category: Unspecified
  • Architecture: x86_64
  • Source Package: nodejs24
  • 6 Dépendances
  • 4 fournit
  • normalized package name match
  • Correspondance par : Node
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: nodejs24 from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst
pacman95%

nodejs 26.2.0-1

Evented I/O for V8 javascript ("Current" release)

https://nodejs.org/

sudo pacman -S nodejs
  • License: MIT
  • Architecture: x86_64
  • 13 Dépendances
  • 1 dépendances optionnelles
  • normalized package name match
  • Correspondance par : Node
Arch Linux sync databases · geo.mirror.pkgbuild.com · Arch Linux sync databases: nodejs from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz
zypper95%

nodejs24 24.14.1-2.2

Evented I/O for V8 JavaScript

https://nodejs.org

sudo zypper install nodejs24
  • License: MIT
  • Category: Development/Languages/NodeJS
  • Architecture: x86_64
  • Source Package: nodejs24
  • 18 Dépendances
  • 3 fournit
  • normalized package name match
  • Correspondance par : Node
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: nodejs24 from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
MacPorts95%

nodejs24

sudo port install nodejs24
  • normalized package name match
  • Correspondance par : Node
MacPorts ports tree · api.github.com · MacPorts ports tree: lang/nodejs24/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1
Chocolatey95%

nodejs

choco install nodejs
  • normalized package name match
  • Correspondance par : Node
Chocolatey community package catalog · community.chocolatey.org · Chocolatey community package catalog: nodejs from http://community.chocolatey.org/api/v2/Packages?$filter=IsLatestVersion&$select=Id&$top=1000&$skiptoken='11','nexus-repository'
Scoop95%

main/nodejs

scoop install main/nodejs
  • normalized package name match
  • Correspondance par : Node
Scoop official bucket manifest trees · api.github.com · Scoop official bucket manifest trees: bucket/nodejs.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1
winget95%

OpenJS.NodeJS

winget install --id OpenJS.NodeJS -e
  • normalized package name match
  • Correspondance par : Node
Windows Package Manager source index · cdn.winget.microsoft.com · Windows Package Manager source index: OpenJS.NodeJS from https://cdn.winget.microsoft.com/cache/source.msix
Debian apt92%

npm 9.2.0~ds1-3

package manager for Node.js

https://docs.npmjs.com/

sudo apt install npm
  • Section: web
  • Architecture: all
  • 32 Dépendances
  • 32 fournit
  • 3 dépendances optionnelles
  • installed executable or alias match
  • Correspondance par : npm
Debian stable package indexes · deb.debian.org · Debian stable package indexes: npm from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Ubuntu apt92%

npm 9.2.0~ds1-2

package manager for Node.js

https://docs.npmjs.com/

sudo apt install npm
  • Section: universe/web
  • Architecture: all
  • 32 Dépendances
  • 32 fournit
  • 3 dépendances optionnelles
  • installed executable or alias match
  • Correspondance par : npm
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: npm from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
apk92%

npm 11.12.1-r0

The package manager for JavaScript

https://www.npmjs.com/

sudo apk add npm
  • License: Artistic-2.0
  • Architecture: x86_64
  • Source Package: npm
  • 1 Dépendances
  • 1 fournit
  • installed executable or alias match
  • Correspondance par : npm
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: npm from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk92%

npm-bash-completion 11.12.1-r0

Bash completions for npm

https://www.npmjs.com/

sudo apk add npm-bash-completion
  • License: Artistic-2.0
  • Architecture: x86_64
  • Source Package: npm
  • installed executable or alias match
  • Correspondance par : npm
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: npm-bash-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk92%

npm-doc 11.12.1-r0

The package manager for JavaScript (documentation)

https://www.npmjs.com/

sudo apk add npm-doc
  • License: Artistic-2.0
  • Architecture: x86_64
  • Source Package: npm
  • installed executable or alias match
  • Correspondance par : npm
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: npm-doc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

piste source

Généré depuis les données du dépôt

Cette page est servie par av-web depuis l'artéfact SQLite privé des paquets généré par scripts/generate-pkg-sqlite.py.

Sources utilisées

  • Geiger risk classifier
  • Nucleus package database
  • approval-gate seed metadata
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated agent safety answer
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment