Proper tree-sitter 0.25 support

[ObserverOfTime]

This is an ongoing effort to update node-tree-sitter with the changes introduced in tree-sitter 0.25, and more:

• Track tree-sitter release branch
• Enable dependabot updates
• Use arm runners in CI
• Update Node versions
  • Drop tests on 18
  • Run tests on 24 & 25
• Enable trusted publishing
• Improve binding.gyp cflags
  • Add -fvisibility=hidden to the flags on Linux
  • Adapt std based on Node version
    • closes Install fails with Node v23, due to -std=c++17. #238
    • closes update bingind.gyp to compile with cpp20 #240
• Update the API to tree-sitter 0.25
  • closes Make a release with newer tree-sitter for ABI 15 support #244
  • closes The prebuild binaries are absent in version 0.25.0, which is a defect. #248
  • closes request publish new version #253
  • closes The prebuild binaries are missing for all architectures in NPM for v0.25.0 #256
  • closes Project Appears Unmaintained - Community Fork with Fixes Available #261
• Introduce QueryCursor class -> 0.26
• Improve errors, docs, types
  • closes Docs? #210
  • closes Fix helpful "Incompatible language version" error not showing #243
• Miscellaneous fixes
  • closes SyntaxNode .toJSON() does not behave as expected #246
  • closes Define type property on SyntaxNode subclasses with defineProperty #257
• Update dependencies
  • closes build(deps-dev): bump tmp from 0.2.3 to 0.2.4 #254
  • closes build(deps-dev): bump tar-fs from 2.1.1 to 2.1.4 #260
  • closes build(deps-dev): bump glob and node-gyp #263
  • closes build(deps): bump glob #264

[Abrifq]

Adapt std based on Node version

• closes Install fails with Node v23, due to -std=c++17. #238
• closes update bingind.gyp to compile with cpp20 #240

Hello!
I have made a PR about this part. Should I rebase it on your PR so you can merge it when you are free to review?

#240 already exists though?
Yeah, but I made it conditional via nodejs' config.gypi. This way if it needs another version bump, it should be easier.

[ObserverOfTime]

I already did that one.

[Abrifq]

I already did that one.

Ah ok, didn't notice. Have a nice day then!

[ObserverOfTime]

Basically ready. Just needs tests for the progress callbacks, which I'm too lazy to add.

The Language methods and the QueryCursor class will have to wait till the next release.

@amaanq @maxbrunsfeld

[KeqingMoe]

Thank you for your tireless efforts!

[wernst]

@WillLillis @ObserverOfTime just a heads up it looks like the latest publish of 0.25.1 failed

Appreciate you putting in the fix.

[WillLillis]

@WillLillis @ObserverOfTime just a heads up it looks like the latest publish of 0.25.1 failed

Appreciate you putting in the fix.

We're aware, working on resolving a token permission issue that broke the last publishing run.

[Abrifq]

@ WillLillis @ ObserverOfTime just a heads up it looks like the latest publish of 0.25.1 failed
Appreciate you putting in the fix.

We're aware, working on resolving a token permission issue that broke the last publishing run.

You can easily solve that via a short lived OIDC token generation, which happens automatically per run with Github Actions for supported platforms. (cough npm is supported cough)

See the part starting with "For the most secure deployment"
https://github.blog/changelog/2025-12-09-npm-classic-tokens-revoked-session-based-auth-and-cli-token-management-now-available/#if-you-were-still-using-npm-classic-tokens

I checked your publish workflow and looks like you only need to add the yaml file to the npm repo's trusted publisher settings.

Check https://docs.npmjs.com/trusted-publishers to learn more about it.

P.S: I have 2 suggestions for the publish workflow though:

1. Add provenance flag to npm publish even though it says you don't need it because it needs the flag for the first generation. Silly, I know.

2. Change from npm install to npm ci, if that will not break anything. Better defaults are almost always better, right?

       - name: Install dependencies
-        run: npm install
+        run: npm ci
 
       - name: Publish to NPM
-        run: npm publish
+        run: npm publish --provenance

[ObserverOfTime]

Actually this seems to be a GitHub cache bug since it used an older version of the workflow.

[Abrifq]

Actually this seems to be a GitHub cache bug since it used an older version of the workflow.

lol. lmao, even.

Anyway have a nice year everyone!