chore(deps): update node.js to v18.16.1

[plural-renovate]

This PR contains the following updates:

Package	Type	Update	Change
node	engines	patch	18.16.0 -> 18.16.1

---

Release Notes

nodejs/node (node)

v18.16.1: 2023-06-20, Version 18.16.1 'Hydrogen' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

• CVE-2023-30581: mainModule.__proto__ Bypass Experimental Policy Mechanism (High)
• CVE-2023-30585: Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium)
• CVE-2023-30588: Process interuption due to invalid Public Key information in x509 certificates (Medium)
• CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR (Medium)
• CVE-2023-30590: DiffieHellman does not generate keys after setting a private key (Medium)
• OpenSSL Security Releases
  • OpenSSL security advisory 28th March.
  • OpenSSL security advisory 20th April.
  • OpenSSL security advisory 30th May
• c-ares vulnerabilities:
  • GHSA-9g78-jv2r-p7vc
  • GHSA-8r8p-23f3-64c2
  • GHSA-54xr-f67r-4pc4
  • GHSA-x6mf-cxr9-8q6v

More detailed information on each of the vulnerabilities can be found in June 2023 Security Releases blog post.

Commits

• [bf3e2c8928] - crypto: handle cert with invalid SPKI gracefully (Tobias Nießen) nodejs-private/node-private#393
• [70f9449072] - deps: set CARES_RANDOM_FILE for c-ares (Richard Lau) #​48156
• [35d4efb57b] - deps: update c-ares to 1.19.1 (RafaelGSS) #​48115
• [392dfedc77] - deps: update archs files for openssl-3.0.9-quic1 (Node.js GitHub Bot) #​48402
• [46cd5fe38b] - deps: upgrade openssl sources to quictls/openssl-3.0.9-quic1 (Node.js GitHub Bot) #​48402
• [7e3d2d85c2] - doc,test: clarify behavior of DH generateKeys (Tobias Nießen) nodejs-private/node-private#426
• [4ff6ba050a] - http: disable request smuggling via rempty headers (Paolo Insogna) nodejs-private/node-private#428
• [ab269129a6] - msi: do not create AppData\Roaming\npm (Tobias Nießen) nodejs-private/node-private#408
• [925e8f5619] - policy: handle mainModule.__proto__ bypass (RafaelGSS) nodejs-private/node-private#416
• [d6fae8e47e] - test: allow SIGBUS in signal-handler abort test (Michaël Zasso) #​47851

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[plural-renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: yarn.lock

/usr/local/bin/yarn: line 4: .: filename argument required
.: usage: . filename [arguments]
/opt/containerbase/tools/corepack/0.28.2/node_modules/corepack/dist/lib/corepack.cjs:23025
  const isURL = URL.canParse(range);
                    ^

TypeError: URL.canParse is not a function
    at parseSpec (/opt/containerbase/tools/corepack/0.28.2/node_modules/corepack/dist/lib/corepack.cjs:23025:21)
    at loadSpec (/opt/containerbase/tools/corepack/0.28.2/node_modules/corepack/dist/lib/corepack.cjs:23088:11)
    at async Engine.findProjectSpec (/opt/containerbase/tools/corepack/0.28.2/node_modules/corepack/dist/lib/corepack.cjs:23262:22)
    at async Engine.executePackageManagerRequest (/opt/containerbase/tools/corepack/0.28.2/node_modules/corepack/dist/lib/corepack.cjs:23314:24)
    at async Object.runMain (/opt/containerbase/tools/corepack/0.28.2/node_modules/corepack/dist/lib/corepack.cjs:24007:5)

Node.js v18.16.1