bump Node.js to 20.19.5 to address CVE-2025-27209

t.manninger · Thomas Manninger · commit 6742071de168 · 2025-11-05T11:07:53.000+01:00
Signed-off-by: Thomas Manninger &lt;t.manninger@ixopay.com&gt;
diff --git a/.node-version b/.node-version
@@ -1 +1 @@
-20.18.3
+20.19.5
diff --git a/.nvmrc b/.nvmrc
@@ -1 +1 @@
-20.18.3
+20.19.5
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-ARG NODE_VERSION=20.18.3
+ARG NODE_VERSION=20.19.5
 FROM node:${NODE_VERSION} AS base
 
 ENV HOME '.'
diff --git a/TESTING.md b/TESTING.md
@@ -44,7 +44,7 @@ Additionally there are a few more types of tests and checks:
 # Requirements
 
 - Install the latest NodeJS, [NPM](https://www.npmjs.com/get-npm) and [Yarn](https://classic.yarnpkg.com/en/docs/install/#mac-stable)
-  - `nvm install v20.18.3`
+  - `nvm install v20.19.5`
   - `npm install -g yarn`
 
 # Test guidelines
diff --git a/changelogs/fragments/10862.yml b/changelogs/fragments/10862.yml
@@ -0,0 +1,2 @@
+fix:
+- Bumping nodejs to 20.19.5 ([#10862](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/10862))

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-ARG NODE_VERSION=20.18.3`
	`1`	`+ARG NODE_VERSION=20.19.5`
`2`	`2`	`FROM node:${NODE_VERSION} AS base`
`3`	`3`
`4`	`4`	`ENV HOME '.'`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+fix:`
	`2`	`+- Bumping nodejs to 20.19.5 ([#10862](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/10862))`