Node.js Driver release notes for 2025¶

New features and updates¶

• None.

Bug fixes¶

• Fixed an issue with using the Google Cloud Platform (GCP) XML API when useVirtualUrl=true.

• Fixed a permission check for .toml configuration files.

• Fixed unhandled resources after creating a connection to prevent the process from terminating when using external browser authentication.

• Fixed an issue with oauthEnableSingleUseRefreshTokens in the authorization code flow.

New features and updates¶

• None.

Bug fixes¶

• Fixed a TypeScript error that was introduced in version 2.1.1.

Private Preview (PrPr) features¶

Added support for Workload Identity Federation in the AWS, Azure, GCP, and Kubernetes platforms.

Disclaimer:

• This feature can only be accessed by setting the SF_ENABLE_EXPERIMENTAL_AUTHENTICATION environment variable to true.

• You should use this feature only with non-production data.

• This PrPr feature is not covered by Support. However, the Product and Engineering teams are available during the PrPr phase.

• Please contact your account team for participation and documentation.

New features and updates¶

• Removed token caching for Client Credentials authentication.

Bug fixes¶

• Corrected an issue where Util.getProxyFromEnv incorrectly assumed HTTPS, causing HTTP_PROXY values to be ignored for HTTP traffic (port 80).

• Improved extractQueryStatus to handle cases where getQueryResponse returns a null response, preventing occasional breaks.

• Added ErrorCode to the core instance.

Additional notes¶

• This release introduces TypeScript for development. The npm package contains compiled JavaScript code that contains no anticipated breaking changes for driver users.

New features and updates¶

• Added support for OAuth 2.0 Authorization Code Flow and OAuth 2.0 Client Credentials Flow.

  • For OAuth 2.0 Authorization Code Flow:

    • Added the oauthClientId, oauthClientSecret, oauthAuthorizationUrl, oauthTokenRequestUrl, and oauthScope parameters.

    • Added the OAUTH_AUTHORIZATION_CODE parameter for the parameter authenticator.

  • For OAuth 2.0 Client Credentials Flow:

    • Added the oauthClientId, oauthClientSecret, oauthTokenRequestUrl, and oauthScope parameters.

    • Added the OAUTH_CLIENT_CREDENTIALS parameter for the parameter authenticator.

• Added support for virtual-style domains.

Bug fixes¶

• None

Private Preview (PrPr) features¶

• Implemented support for Programmatic Access Tokens authentication.

Disclaimer:

• These features can only be accessed by setting SF_ENABLE_EXPERIMENTAL_AUTHENTICATION environment variable to true.

• You should use these features only with non-production data.

• These PrPr features are not covered by Support. However, the Product and Engineering teams are available during the PrPr phase.

• Please contact your account team for participation and documentation.

New features and updates¶

• Upgraded axios to version 1.8.2+.

Bug fixes¶

• Fixed a Time-of-check Time-of-use (TOCTOU) race condition when checking access to the Easy Logging configuration file. For more information, see CVE-2025-46328.

• Fixed OCSP response cache entries not being refreshed properly.

New features and updates¶

• None

Bug fixes¶

• Fixed an issue with promise rejection for file upload errors.

New features and updates¶

• Added support for regional Google Cloud Storage endpoints.

• Added support for endpoints without protocols for GCS.

• Updated the following dependencies:

  • azure/storage-blob to version 12.26.x,

  • aws-sdk/client-s3 to version 3.726.0,

  • smithy/node-http-handler to version 4.0.1

Bug fixes¶

• Fixed the verification of the token caching file permissions and its owner when authentication is set to EXTERNALBROWSER or USERNAME_PASSWORD_MFA. For more information, see CVE-2025-24791.

• Fixed the FileAndStageBindStatement type in the typings file.

• Fixed an issue with aborting requests and inconsistent request methods in HttpClient.

• Fixed an issue with the proxy configuration settings used for sending requests to a GCS bucket.