認証情報アクセス
Reads environment variables, dotenv files, npm tokens, and project config reachable to scripts.
brew / 承認ゲート
node のインストール経路、実行ファイル、メタデータ、AI エージェント向けセキュリティノートを確認します。
エージェント安全性
node executes JavaScript tooling that commonly reads project secrets and launches npm package workflows.
Reads environment variables, dotenv files, npm tokens, and project config reachable to scripts.
Can run deploy scripts, API clients, and arbitrary package scripts.
Can build and publish npm packages or generated application bundles.
Gate package publishing and lifecycle scripts; scan project secrets before agent runs.
Allow test/build commands after scanning; require approval for publish, install scripts, and deploy actions.
インストール
brew install nodelocal Homebrew formula metadata
sudo port install nodejs24MacPorts ports tree · lang/nodejs24/Portfile · ソース: api.github.com
sudo apk add nodejsAlpine Linux edge package indexes · nodejs · ソース: dl-cdn.alpinelinux.org
sudo apt install nodejsDebian stable package indexes · nodejs · ソース: deb.debian.org
sudo dnf install nodejs24Fedora Rawhide package metadata · nodejs24 · ソース: dl.fedoraproject.org
nix profile install nixpkgs#nodejsnixpkgs package indexes · nodejs · ソース: raw.githubusercontent.com
sudo pacman -S nodejsArch Linux sync databases · nodejs · ソース: geo.mirror.pkgbuild.com
sudo zypper install nodejs24openSUSE Tumbleweed package metadata · nodejs24 · ソース: download.opensuse.org
choco install nodejsChocolatey community package catalog · nodejs · ソース: community.chocolatey.org
scoop install main/nodejsScoop official bucket manifest trees · bucket/nodejs.json · ソース: api.github.com
winget install --id OpenJS.NodeJS -eWindows Package Manager source index · OpenJS.NodeJS · ソース: cdn.winget.microsoft.com
概要
Open-source, cross-platform JavaScript runtime environment
履歴
Node.js is the JavaScript runtime that made server-side and command-line JavaScript mainstream. The official Node.js about page describes it as an asynchronous event-driven runtime designed for scalable network applications, with HTTP as a first-class feature and an event loop hidden behind ordinary JavaScript program execution.
Ryan Dahl created Node.js around 2009 to run JavaScript outside the browser for network servers and other I/O-heavy programs. The runtime combined Google's V8 JavaScript engine with an event loop and low-level I/O APIs, giving web developers a single language across browser code, servers, tooling, and package scripts.
The early project was stewarded by Joyent, then hit a governance crisis in 2014 when prominent contributors forked it as io.js. The Node.js Foundation announced on 14 September 2015 that Node.js v4.0.0 combined the Node.js and io.js codebases under the foundation, added a long-term support plan, and moved the project to regular semver-based release lines.
The Node.js Foundation and JS Foundation announced their merger into the OpenJS Foundation on 12 March 2019. That put Node.js under the broader vendor-neutral JavaScript foundation that also houses projects such as Node-RED.
Node.js adoption grew because it solved several developer and operational needs at once: fast startup for scripts, non-blocking network servers, JSON-native APIs, a giant npm ecosystem, and one language for browser and server teams. The 2015 foundation announcement said Node.js was used by tens of thousands of organizations in more than 200 countries and had more than 2 million downloads per month.
Homebrew's `node` formula is the rolling mainstream macOS/Linux package for the latest Node major. The Formulae page lists aliases including `node.js`, `node@26`, `nodejs`, and `npm`, and reports 3,116,013 installs over 365 days with 2,515,719 installs on request. Within Homebrew, that makes it the high-volume default path for developers who want Node, npm, and npx without a separate version manager.
Homebrew users install the rolling formula with `brew install node`, then get `node`, `npm`, and `npx`. The formula is convenient for system-level CLI tools, local development, and build dependencies, while teams that need exact per-project versions often layer nvm, fnm, asdf, volta, nodenv, or Homebrew's versioned `node@` formulas on top of that ecosystem.
Package nerds care about Node's release train because C++ addons, ESM/CommonJS behavior, OpenSSL, V8, npm, Corepack, test runner behavior, and web-platform APIs can all change across majors. The official release page explains that major versions historically enter Current for six months, even-numbered releases become LTS, and production applications should use Active LTS or Maintenance LTS releases.
For package-manager data, `brew:node` is the anchor package. It is both a runtime and a build input for huge parts of the JavaScript, frontend, Electron, language-server, and CLI-tooling worlds. Its adoption stats often reflect not only developers explicitly wanting Node, but also downstream packages whose builds or runtime scripts need Node available.
承認ゲート
ローカルの承認ゲートシードには node 用のルールが 7 件含まれます。対象エントリポイント: corepack, node, npm, npx。重大度ラベル: 重大, 高, 中。カバレッジ: partial、レビュー日: 2026-05-21。
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
~/.npmrc%UserProfile%\.npmrcCredential-bearing paths to review before unattended agent runs.
~/.npmrc%UserProfile%\.npmrc実行可能ファイル
| コマンド | 種類 | 公開範囲 | メモ |
|---|---|---|---|
node | cli | グローバル実行可能ファイル | |
npm | cli | グローバル実行可能ファイル | |
npx | cli | グローバル実行可能ファイル |
鮮度
これらの信号は、ページ生成時期、パッケージマネージャの活動、上流リリース比較を分けて示します。バージョン遅れは、証拠 URL と比較可能なバージョンがある場合だけ警告されます。
インストールメタデータ
| パッケージキー | brew:node |
|---|---|
| バージョン | 26.5.0 |
| パッケージマネージャ | Homebrew |
| パッケージマネージャページ | https://formulae.brew.sh/formula/node |
| ホームページ | https://nodejs.org/ |
| リポジトリ | https://github.com/nodejs/node |
| 上流ドキュメント | https://nodejs.org/docs/latest/api |
| ライセンス | MIT |
| ソースアーカイブ | https://nodejs.org/dist/v26.5.0/node-v26.5.0.tar.xz |
| 最終更新 | 2026-07-08T22:59:49Z |
| Pulse | updated |
| 依存関係 | ada-url, brotli, c-ares, hdrhistogram_c, icu4c@78, libffi, libnghttp2, libnghttp3, libngtcp2, libuv, llhttp, merve, nbytes, openssl@3, simdjson, sqlite, uvwasi, zstd |
| ビルド依存関係 | pkgconf, python@3.14 |
| macOS 提供ライブラリ | python |
| Bottle | 利用可能 (対象 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | 定義済み |
| サービス | 宣言なし |
| 注意点 | Single Executable Application is disabled as it doesn't work with shared libnode. Temporal support is disabled as it doesn't work with shared ICU library. |
レジストリ情報
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | node |
| Aliases |
|
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
ソースデータベース一致
一致は外部パッケージマネージャインデックスから取得され、ローカルの Automic Vault パッケージリンクとは分けて表示されます。
nodejs 20.19.2+dfsg-1+deb13u2
evented I/O for V8 javascript - runtime executable
sudo apt install nodejsnodejs
nix profile install nixpkgs#nodejsnodejs 18.19.1+dfsg-6ubuntu5
evented I/O for V8 javascript - runtime executable
sudo apt install nodejsnodejs 24.16.0-r0
JavaScript runtime built on V8 engine - LTS version
sudo apk add nodejsnodejs24 24.15.0-1.fc45
JavaScript runtime
sudo dnf install nodejs24nodejs 26.2.0-1
Evented I/O for V8 javascript ("Current" release)
sudo pacman -S nodejsnodejs24 24.14.1-2.2
Evented I/O for V8 JavaScript
sudo zypper install nodejs24nodejs24
sudo port install nodejs24nodejs
choco install nodejsmain/nodejs
scoop install main/nodejsOpenJS.NodeJS
winget install --id OpenJS.NodeJS -enpm 9.2.0~ds1-3
package manager for Node.js
sudo apt install npmnpm 9.2.0~ds1-2
package manager for Node.js
sudo apt install npmnpm 11.12.1-r0
The package manager for JavaScript
sudo apk add npmnpm-bash-completion 11.12.1-r0
Bash completions for npm
sudo apk add npm-bash-completionnpm-doc 11.12.1-r0
The package manager for JavaScript (documentation)
sudo apk add npm-docソース経路
このページは scripts/generate-pkg-sqlite.py が生成した非公開のパッケージ SQLite アーティファクトから av-web によって提供されます。
View the package source record on GitHub.