An alias of ok.

Indicates the failure of an assertion. All errors thrown by the `node:assert` module will be instances of the `AssertionError` class.

**Strict assertion mode** An alias of deepStrictEqual. **Legacy assertion mode** > Stability: 3 - Legacy: Use deepStrictEqual instead. Tests for deep equality between the `actual` and `expected` parameters. Consider using deepStrictEqual instead. deepEqual can have surprising results. _Deep equality_ means that the enumerable "own" properties of child objects are also recursively evaluated by the following rules.

Tests for deep equality between the `actual` and `expected` parameters. "Deep" equality means that the enumerable "own" properties of child objects are recursively evaluated also by the following rules.

Expects the `string` input not to match the regular expression. ```js import assert from 'node:assert/strict'; assert.doesNotMatch('I will fail', /fail/); // AssertionError [ERR_ASSERTION]: The input was expected to not match the ... assert.doesNotMatch(123, /pass/); // AssertionError [ERR_ASSERTION]: The "string" argument must be of type string. assert.doesNotMatch('I will pass', /different/); // OK ``` If the values do match, or if the `string` argument is of another type than `string`, an `AssertionError` is thrown with a `message` property set equal to the value of the `message` parameter. If the `message` parameter is undefined, a default error message is assigned. If the `message` parameter is an instance of an [Error](https://nodejs.org/docs/latest-v22.x/api/errors.html#class-error) then it will be thrown instead of the `AssertionError`.

Awaits the `asyncFn` promise or, if `asyncFn` is a function, immediately calls the function and awaits the returned promise to complete. It will then check that the promise is not rejected. If `asyncFn` is a function and it throws an error synchronously, `assert.doesNotReject()` will return a rejected `Promise` with that error. If the function does not return a promise, `assert.doesNotReject()` will return a rejected `Promise` with an [ERR_INVALID_RETURN_VALUE](https://nodejs.org/docs/latest-v22.x/api/errors.html#err_invalid_return_value) error. In both cases the error handler is skipped. Using `assert.doesNotReject()` is actually not useful because there is little benefit in catching a rejection and then rejecting it again. Instead, consider adding a comment next to the specific code path that should not reject and keep error messages as expressive as possible. If specified, `error` can be a [`Class`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Classes), [`RegExp`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions), or a validation function. See throws for more details. Besides the async nature to await the completion behaves identically to doesNotThrow. ```js import assert from 'node:assert/strict'; await assert.doesNotReject( async () => { throw new TypeError('Wrong value'); }, SyntaxError, ); ``` ```js import assert from 'node:assert/strict'; assert.doesNotReject(Promise.reject(new TypeError('Wrong value'))) .then(() => { // ... }); ```

Asserts that the function `fn` does not throw an error. Using `assert.doesNotThrow()` is actually not useful because there is no benefit in catching an error and then rethrowing it. Instead, consider adding a comment next to the specific code path that should not throw and keep error messages as expressive as possible. When `assert.doesNotThrow()` is called, it will immediately call the `fn` function. If an error is thrown and it is the same type as that specified by the `error` parameter, then an `AssertionError` is thrown. If the error is of a different type, or if the `error` parameter is undefined, the error is propagated back to the caller. If specified, `error` can be a [`Class`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Classes), [`RegExp`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions), or a validation function. See throws for more details. The following, for instance, will throw the `TypeError` because there is no matching error type in the assertion: ```js import assert from 'node:assert/strict'; assert.doesNotThrow( () => { throw new TypeError('Wrong value'); }, SyntaxError, ); ``` However, the following will result in an `AssertionError` with the message 'Got unwanted exception...': ```js import assert from 'node:assert/strict'; assert.doesNotThrow( () => { throw new TypeError('Wrong value'); }, TypeError, ); ``` If an `AssertionError` is thrown and a value is provided for the `message` parameter, the value of `message` will be appended to the `AssertionError` message: ```js import assert from 'node:assert/strict'; assert.doesNotThrow( () => { throw new TypeError('Wrong value'); }, /Wrong value/, 'Whoops', ); // Throws: AssertionError: Got unwanted exception: Whoops ```

**Strict assertion mode** An alias of strictEqual. **Legacy assertion mode** > Stability: 3 - Legacy: Use strictEqual instead. Tests shallow, coercive equality between the `actual` and `expected` parameters using the [`==` operator](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Equality). `NaN` is specially handled and treated as being identical if both sides are `NaN`. ```js import assert from 'node:assert'; assert.equal(1, 1); // OK, 1 == 1 assert.equal(1, '1'); // OK, 1 == '1' assert.equal(NaN, NaN); // OK assert.equal(1, 2); // AssertionError: 1 == 2 assert.equal({ a: { b: 1 } }, { a: { b: 1 } }); // AssertionError: { a: { b: 1 } } == { a: { b: 1 } } ``` If the values are not equal, an `AssertionError` is thrown with a `message` property set equal to the value of the `message` parameter. If the `message` parameter is undefined, a default error message is assigned. If the `message` parameter is an instance of an `Error` then it will be thrown instead of the `AssertionError`.

Throws an `AssertionError` with the provided error message or a default error message. If the `message` parameter is an instance of an `Error` then it will be thrown instead of the `AssertionError`. ```js import assert from 'node:assert/strict'; assert.fail(); // AssertionError [ERR_ASSERTION]: Failed assert.fail('boom'); // AssertionError [ERR_ASSERTION]: boom assert.fail(new TypeError('need array')); // TypeError: need array ``` Using `assert.fail()` with more than two arguments is possible but deprecated. See below for further details.

Throws `value` if `value` is not `undefined` or `null`. This is useful when testing the `error` argument in callbacks. The stack trace contains all frames from the error passed to `ifError()` including the potential new frames for `ifError()` itself. ```js import assert from 'node:assert/strict'; assert.ifError(null); // OK assert.ifError(0); // AssertionError [ERR_ASSERTION]: ifError got unwanted exception: 0 assert.ifError('error'); // AssertionError [ERR_ASSERTION]: ifError got unwanted exception: 'error' assert.ifError(new Error()); // AssertionError [ERR_ASSERTION]: ifError got unwanted exception: Error // Create some random error frames. let err; (function errorFrame() { err = new Error('test error'); })(); (function ifErrorFrame() { assert.ifError(err); })(); // AssertionError [ERR_ASSERTION]: ifError got unwanted exception: test error // at ifErrorFrame // at errorFrame ```

Expects the `string` input to match the regular expression. ```js import assert from 'node:assert/strict'; assert.match('I will fail', /pass/); // AssertionError [ERR_ASSERTION]: The input did not match the regular ... assert.match(123, /pass/); // AssertionError [ERR_ASSERTION]: The "string" argument must be of type string. assert.match('I will pass', /pass/); // OK ``` If the values do not match, or if the `string` argument is of another type than `string`, an `AssertionError` is thrown with a `message` property set equal to the value of the `message` parameter. If the `message` parameter is undefined, a default error message is assigned. If the `message` parameter is an instance of an [Error](https://nodejs.org/docs/latest-v22.x/api/errors.html#class-error) then it will be thrown instead of the `AssertionError`.

**Strict assertion mode** An alias of notDeepStrictEqual. **Legacy assertion mode** > Stability: 3 - Legacy: Use notDeepStrictEqual instead. Tests for any deep inequality. Opposite of deepEqual. ```js import assert from 'node:assert'; const obj1 = { a: { b: 1, }, }; const obj2 = { a: { b: 2, }, }; const obj3 = { a: { b: 1, }, }; const obj4 = { __proto__: obj1 }; assert.notDeepEqual(obj1, obj1); // AssertionError: { a: { b: 1 } } notDeepEqual { a: { b: 1 } } assert.notDeepEqual(obj1, obj2); // OK assert.notDeepEqual(obj1, obj3); // AssertionError: { a: { b: 1 } } notDeepEqual { a: { b: 1 } } assert.notDeepEqual(obj1, obj4); // OK ``` If the values are deeply equal, an `AssertionError` is thrown with a `message` property set equal to the value of the `message` parameter. If the `message` parameter is undefined, a default error message is assigned. If the `message` parameter is an instance of an `Error` then it will be thrown instead of the `AssertionError`.

Tests for deep strict inequality. Opposite of deepStrictEqual. ```js import assert from 'node:assert/strict'; assert.notDeepStrictEqual({ a: 1 }, { a: '1' }); // OK ``` If the values are deeply and strictly equal, an `AssertionError` is thrown with a `message` property set equal to the value of the `message` parameter. If the `message` parameter is undefined, a default error message is assigned. If the `message` parameter is an instance of an `Error` then it will be thrown instead of the `AssertionError`.

**Strict assertion mode** An alias of notStrictEqual. **Legacy assertion mode** > Stability: 3 - Legacy: Use notStrictEqual instead. Tests shallow, coercive inequality with the [`!=` operator](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Inequality). `NaN` is specially handled and treated as being identical if both sides are `NaN`. ```js import assert from 'node:assert'; assert.notEqual(1, 2); // OK assert.notEqual(1, 1); // AssertionError: 1 != 1 assert.notEqual(1, '1'); // AssertionError: 1 != '1' ``` If the values are equal, an `AssertionError` is thrown with a `message` property set equal to the value of the `message` parameter. If the `message` parameter is undefined, a default error message is assigned. If the `message` parameter is an instance of an `Error` then it will be thrown instead of the `AssertionError`.

Tests strict inequality between the `actual` and `expected` parameters as determined by [`Object.is()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/is). ```js import assert from 'node:assert/strict'; assert.notStrictEqual(1, 2); // OK assert.notStrictEqual(1, 1); // AssertionError [ERR_ASSERTION]: Expected "actual" to be strictly unequal to: // // 1 assert.notStrictEqual(1, '1'); // OK ``` If the values are strictly equal, an `AssertionError` is thrown with a `message` property set equal to the value of the `message` parameter. If the `message` parameter is undefined, a default error message is assigned. If the `message` parameter is an instance of an `Error` then it will be thrown instead of the `AssertionError`.

Tests if `value` is truthy. It is equivalent to `assert.equal(!!value, true, message)`. If `value` is not truthy, an `AssertionError` is thrown with a `message` property set equal to the value of the `message` parameter. If the `message` parameter is `undefined`, a default error message is assigned. If the `message` parameter is an instance of an `Error` then it will be thrown instead of the `AssertionError`. If no arguments are passed in at all `message` will be set to the string:`` 'No value argument passed to `assert.ok()`' ``. Be aware that in the `repl` the error message will be different to the one thrown in a file! See below for further details. ```js import assert from 'node:assert/strict'; assert.ok(true); // OK assert.ok(1); // OK assert.ok(); // AssertionError: No value argument passed to `assert.ok()` assert.ok(false, 'it\'s false'); // AssertionError: it's false // In the repl: assert.ok(typeof 123 === 'string'); // AssertionError: false == true // In a file (e.g. test.js): assert.ok(typeof 123 === 'string'); // AssertionError: The expression evaluated to a falsy value: // // assert.ok(typeof 123 === 'string') assert.ok(false); // AssertionError: The expression evaluated to a falsy value: // // assert.ok(false) assert.ok(0); // AssertionError: The expression evaluated to a falsy value: // // assert.ok(0) ``` ```js import assert from 'node:assert/strict'; // Using `assert()` works the same: assert(0); // AssertionError: The expression evaluated to a falsy value: // // assert(0) ```

Awaits the `asyncFn` promise or, if `asyncFn` is a function, immediately calls the function and awaits the returned promise to complete. It will then check that the promise is rejected. If `asyncFn` is a function and it throws an error synchronously, `assert.rejects()` will return a rejected `Promise` with that error. If the function does not return a promise, `assert.rejects()` will return a rejected `Promise` with an [ERR_INVALID_RETURN_VALUE](https://nodejs.org/docs/latest-v22.x/api/errors.html#err_invalid_return_value) error. In both cases the error handler is skipped. Besides the async nature to await the completion behaves identically to throws. If specified, `error` can be a [`Class`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Classes), [`RegExp`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions), a validation function, an object where each property will be tested for, or an instance of error where each property will be tested for including the non-enumerable `message` and `name` properties. If specified, `message` will be the message provided by the `AssertionError` if the `asyncFn` fails to reject. ```js import assert from 'node:assert/strict'; await assert.rejects( async () => { throw new TypeError('Wrong value'); }, { name: 'TypeError', message: 'Wrong value', }, ); ``` ```js import assert from 'node:assert/strict'; await assert.rejects( async () => { throw new TypeError('Wrong value'); }, (err) => { assert.strictEqual(err.name, 'TypeError'); assert.strictEqual(err.message, 'Wrong value'); return true; }, ); ``` ```js import assert from 'node:assert/strict'; assert.rejects( Promise.reject(new Error('Wrong value')), Error, ).then(() => { // ... }); ``` `error` cannot be a string. If a string is provided as the second argument, then `error` is assumed to be omitted and the string will be used for `message` instead. This can lead to easy-to-miss mistakes. Please read the example in throws carefully if using a string as the second argument gets considered.

In strict assertion mode, non-strict methods behave like their corresponding strict methods. For example, deepEqual will behave like deepStrictEqual. In strict assertion mode, error messages for objects display a diff. In legacy assertion mode, error messages for objects display the objects, often truncated. To use strict assertion mode: ```js import { strict as assert } from 'node:assert';COPY import assert from 'node:assert/strict'; ``` Example error diff: ```js import { strict as assert } from 'node:assert'; assert.deepEqual([[[1, 2, 3]], 4, 5], [[[1, 2, '3']], 4, 5]); // AssertionError: Expected inputs to be strictly deep-equal: // + actual - expected ... Lines skipped // // [ // [ // ... // 2, // + 3 // - '3' // ], // ... // 5 // ] ``` To deactivate the colors, use the `NO_COLOR` or `NODE_DISABLE_COLORS` environment variables. This will also deactivate the colors in the REPL. For more on color support in terminal environments, read the tty `getColorDepth()` documentation.

Tests strict equality between the `actual` and `expected` parameters as determined by [`Object.is()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/is). ```js import assert from 'node:assert/strict'; assert.strictEqual(1, 2); // AssertionError [ERR_ASSERTION]: Expected inputs to be strictly equal: // // 1 !== 2 assert.strictEqual(1, 1); // OK assert.strictEqual('Hello foobar', 'Hello World!'); // AssertionError [ERR_ASSERTION]: Expected inputs to be strictly equal: // + actual - expected // // + 'Hello foobar' // - 'Hello World!' // ^ const apples = 1; const oranges = 2; assert.strictEqual(apples, oranges, `apples ${apples} !== oranges ${oranges}`); // AssertionError [ERR_ASSERTION]: apples 1 !== oranges 2 assert.strictEqual(1, '1', new TypeError('Inputs are not identical')); // TypeError: Inputs are not identical ``` If the values are not strictly equal, an `AssertionError` is thrown with a `message` property set equal to the value of the `message` parameter. If the `message` parameter is undefined, a default error message is assigned. If the `message` parameter is an instance of an `Error` then it will be thrown instead of the `AssertionError`.

Expects the function `fn` to throw an error. If specified, `error` can be a [`Class`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Classes), [`RegExp`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions), a validation function, a validation object where each property will be tested for strict deep equality, or an instance of error where each property will be tested for strict deep equality including the non-enumerable `message` and `name` properties. When using an object, it is also possible to use a regular expression, when validating against a string property. See below for examples. If specified, `message` will be appended to the message provided by the `AssertionError` if the `fn` call fails to throw or in case the error validation fails. Custom validation object/error instance: ```js import assert from 'node:assert/strict'; const err = new TypeError('Wrong value'); err.code = 404; err.foo = 'bar'; err.info = { nested: true, baz: 'text', }; err.reg = /abc/i; assert.throws( () => { throw err; }, { name: 'TypeError', message: 'Wrong value', info: { nested: true, baz: 'text', }, // Only properties on the validation object will be tested for. // Using nested objects requires all properties to be present. Otherwise // the validation is going to fail. }, ); // Using regular expressions to validate error properties: assert.throws( () => { throw err; }, { // The `name` and `message` properties are strings and using regular // expressions on those will match against the string. If they fail, an // error is thrown. name: /^TypeError$/, message: /Wrong/, foo: 'bar', info: { nested: true, // It is not possible to use regular expressions for nested properties! baz: 'text', }, // The `reg` property contains a regular expression and only if the // validation object contains an identical regular expression, it is going // to pass. reg: /abc/i, }, ); // Fails due to the different `message` and `name` properties: assert.throws( () => { const otherErr = new Error('Not found'); // Copy all enumerable properties from `err` to `otherErr`. for (const [key, value] of Object.entries(err)) { otherErr[key] = value; } throw otherErr; }, // The error's `message` and `name` properties will also be checked when using // an error as validation object. err, ); ``` Validate instanceof using constructor: ```js import assert from 'node:assert/strict'; assert.throws( () => { throw new Error('Wrong value'); }, Error, ); ``` Validate error message using [`RegExp`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions): Using a regular expression runs `.toString` on the error object, and will therefore also include the error name. ```js import assert from 'node:assert/strict'; assert.throws( () => { throw new Error('Wrong value'); }, /^Error: Wrong value$/, ); ``` Custom error validation: The function must return `true` to indicate all internal validations passed. It will otherwise fail with an `AssertionError`. ```js import assert from 'node:assert/strict'; assert.throws( () => { throw new Error('Wrong value'); }, (err) => { assert(err instanceof Error); assert(/value/.test(err)); // Avoid returning anything from validation functions besides `true`. // Otherwise, it's not clear what part of the validation failed. Instead, // throw an error about the specific validation that failed (as done in this // example) and add as much helpful debugging information to that error as // possible. return true; }, 'unexpected error', ); ``` `error` cannot be a string. If a string is provided as the second argument, then `error` is assumed to be omitted and the string will be used for `message` instead. This can lead to easy-to-miss mistakes. Using the same message as the thrown error message is going to result in an `ERR_AMBIGUOUS_ARGUMENT` error. Please read the example below carefully if using a string as the second argument gets considered: ```js import assert from 'node:assert/strict'; function throwingFirst() { throw new Error('First'); } function throwingSecond() { throw new Error('Second'); } function notThrowing() {} // The second argument is a string and the input function threw an Error. // The first case will not throw as it does not match for the error message // thrown by the input function! assert.throws(throwingFirst, 'Second'); // In the next example the message has no benefit over the message from the // error and since it is not clear if the user intended to actually match // against the error message, Node.js throws an `ERR_AMBIGUOUS_ARGUMENT` error. assert.throws(throwingSecond, 'Second'); // TypeError [ERR_AMBIGUOUS_ARGUMENT] // The string is only used (as message) in case the function does not throw: assert.throws(notThrowing, 'Second'); // AssertionError [ERR_ASSERTION]: Missing expected exception: Second // If it was intended to match for the error message do this instead: // It does not throw because the error messages match. assert.throws(throwingSecond, /Second$/); // If the error message does not match, an AssertionError is thrown. assert.throws(throwingFirst, /Second$/); // AssertionError [ERR_ASSERTION] ``` Due to the confusing error-prone notation, avoid a string as the second argument.

This feature is deprecated and will be removed in a future version. Please consider using alternatives such as the `mock` helper function.

This class creates stores that stay coherent through asynchronous operations. While you can create your own implementation on top of the `node:async_hooks` module, `AsyncLocalStorage` should be preferred as it is a performant and memory safe implementation that involves significant optimizations that are non-obvious to implement. The following example uses `AsyncLocalStorage` to build a simple logger that assigns IDs to incoming HTTP requests and includes them in messages logged within each request. ```js import http from 'node:http'; import { AsyncLocalStorage } from 'node:async_hooks'; const asyncLocalStorage = new AsyncLocalStorage(); function logWithId(msg) { const id = asyncLocalStorage.getStore(); console.log(`${id !== undefined ? id : '-'}:`, msg); } let idSeq = 0; http.createServer((req, res) => { asyncLocalStorage.run(idSeq++, () => { logWithId('start'); // Imagine any chain of async operations here setImmediate(() => { logWithId('finish'); res.end(); }); }); }).listen(8080); http.get('http://localhost:8080'); http.get('http://localhost:8080'); // Prints: // 0: start // 1: start // 0: finish // 1: finish ``` Each instance of `AsyncLocalStorage` maintains an independent storage context. Multiple instances can safely exist simultaneously without risk of interfering with each other's data.

> [!WARNING] Deno compatibility > The AsyncResource implementation is a non-functional stub. The class `AsyncResource` is designed to be extended by the embedder's async resources. Using this, users can easily trigger the lifetime events of their own resources. The `init` hook will trigger when an `AsyncResource` is instantiated. The following is an overview of the `AsyncResource` API. ```js import { AsyncResource, executionAsyncId } from 'node:async_hooks'; // AsyncResource() is meant to be extended. Instantiating a // new AsyncResource() also triggers init. If triggerAsyncId is omitted then // async_hook.executionAsyncId() is used. const asyncResource = new AsyncResource( type, { triggerAsyncId: executionAsyncId(), requireManualDestroy: false }, ); // Run a function in the execution context of the resource. This will // * establish the context of the resource // * trigger the AsyncHooks before callbacks // * call the provided function `fn` with the supplied arguments // * trigger the AsyncHooks after callbacks // * restore the original execution context asyncResource.runInAsyncScope(fn, thisArg, ...args); // Call AsyncHooks destroy callbacks. asyncResource.emitDestroy(); // Return the unique ID assigned to the AsyncResource instance. asyncResource.asyncId(); // Return the trigger ID for the AsyncResource instance. asyncResource.triggerAsyncId(); ```

> [!WARNING] Deno compatibility > The createHook implementation is a non-functional stub. Registers functions to be called for different lifetime events of each async operation. The callbacks `init()`/`before()`/`after()`/`destroy()` are called for the respective asynchronous event during a resource's lifetime. All callbacks are optional. For example, if only resource cleanup needs to be tracked, then only the `destroy` callback needs to be passed. The specifics of all functions that can be passed to `callbacks` is in the `Hook Callbacks` section. ```js import { createHook } from 'node:async_hooks'; const asyncHook = createHook({ init(asyncId, type, triggerAsyncId, resource) { }, destroy(asyncId) { }, }); ``` The callbacks will be inherited via the prototype chain: ```js class MyAsyncCallbacks { init(asyncId, type, triggerAsyncId, resource) { } destroy(asyncId) {} } class MyAddedCallbacks extends MyAsyncCallbacks { before(asyncId) { } after(asyncId) { } } const asyncHook = async_hooks.createHook(new MyAddedCallbacks()); ``` Because promises are asynchronous resources whose lifecycle is tracked via the async hooks mechanism, the `init()`, `before()`, `after()`, and`destroy()` callbacks _must not_ be async functions that return promises.

> [!WARNING] Deno compatibility > The executionAsyncId implementation is a non-functional stub. ```js import { executionAsyncId } from 'node:async_hooks'; import fs from 'node:fs'; console.log(executionAsyncId()); // 1 - bootstrap const path = '.'; fs.open(path, 'r', (err, fd) => { console.log(executionAsyncId()); // 6 - open() }); ``` The ID returned from `executionAsyncId()` is related to execution timing, not causality (which is covered by `triggerAsyncId()`): ```js const server = net.createServer((conn) => { // Returns the ID of the server, not of the new connection, because the // callback runs in the execution scope of the server's MakeCallback(). async_hooks.executionAsyncId(); }).listen(port, () => { // Returns the ID of a TickObject (process.nextTick()) because all // callbacks passed to .listen() are wrapped in a nextTick(). async_hooks.executionAsyncId(); }); ``` Promise contexts may not get precise `executionAsyncIds` by default. See the section on [promise execution tracking](https://nodejs.org/docs/latest-v22.x/api/async_hooks.html#promise-execution-tracking).

Resource objects returned by `executionAsyncResource()` are most often internal Node.js handle objects with undocumented APIs. Using any functions or properties on the object is likely to crash your application and should be avoided. Using `executionAsyncResource()` in the top-level execution context will return an empty object as there is no handle or request object to use, but having an object representing the top-level can be helpful. ```js import { open } from 'node:fs'; import { executionAsyncId, executionAsyncResource } from 'node:async_hooks'; console.log(executionAsyncId(), executionAsyncResource()); // 1 {} open(new URL(import.meta.url), 'r', (err, fd) => { console.log(executionAsyncId(), executionAsyncResource()); // 7 FSReqWrap }); ``` This can be used to implement continuation local storage without the use of a tracking `Map` to store the metadata: ```js import { createServer } from 'node:http'; import { executionAsyncId, executionAsyncResource, createHook, } from 'node:async_hooks'; const sym = Symbol('state'); // Private symbol to avoid pollution createHook({ init(asyncId, type, triggerAsyncId, resource) { const cr = executionAsyncResource(); if (cr) { resource[sym] = cr[sym]; } }, }).enable(); const server = createServer((req, res) => { executionAsyncResource()[sym] = { state: req.url }; setTimeout(function() { res.end(JSON.stringify(executionAsyncResource()[sym])); }, 100); }).listen(3000); ```

```js const server = net.createServer((conn) => { // The resource that caused (or triggered) this callback to be called // was that of the new connection. Thus the return value of triggerAsyncId() // is the asyncId of "conn". async_hooks.triggerAsyncId(); }).listen(port, () => { // Even though all callbacks passed to .listen() are wrapped in a nextTick() // the callback itself exists because the call to the server's .listen() // was made. So the return value would be the ID of the server. async_hooks.triggerAsyncId(); }); ``` Promise contexts may not get valid `triggerAsyncId`s by default. See the section on [promise execution tracking](https://nodejs.org/docs/latest-v22.x/api/async_hooks.html#promise-execution-tracking).

Decodes a string of Base64-encoded data into bytes, and encodes those bytes into a string using Latin-1 (ISO-8859-1). The `data` may be any JavaScript-value that can be coerced into a string. **This function is only provided for compatibility with legacy web platform APIs** **and should never be used in new code, because they use strings to represent** **binary data and predate the introduction of typed arrays in JavaScript.** **For code running using Node.js APIs, converting between base64-encoded strings** **and binary data should be performed using `Buffer.from(str, 'base64')` and `buf.toString('base64')`.**

A [`Blob`](https://developer.mozilla.org/en-US/docs/Web/API/Blob) encapsulates immutable, raw data that can be safely shared across multiple worker threads.

Decodes a string into bytes using Latin-1 (ISO-8859), and encodes those bytes into a string using Base64. The `data` may be any JavaScript-value that can be coerced into a string. **This function is only provided for compatibility with legacy web platform APIs** **and should never be used in new code, because they use strings to represent** **binary data and predate the introduction of typed arrays in JavaScript.** **For code running using Node.js APIs, converting between base64-encoded strings** **and binary data should be performed using `Buffer.from(str, 'base64')` and `buf.toString('base64')`.**

Raw data is stored in instances of the Buffer class. A Buffer is similar to an array of integers but corresponds to a raw memory allocation outside the V8 heap. A Buffer cannot be resized. Valid string encodings: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'base64url'|'binary'(deprecated)|'hex'

A [`File`](https://developer.mozilla.org/en-US/docs/Web/API/File) provides information about files.

This function returns `true` if `input` contains only valid ASCII-encoded data, including the case in which `input` is empty. Throws if the `input` is a detached array buffer.

This function returns `true` if `input` contains only valid UTF-8-encoded data, including the case in which `input` is empty. Throws if the `input` is a detached array buffer.

Resolves a `'blob:nodedata:...'` an associated `Blob` object registered using a prior call to `URL.createObjectURL()`.

Re-encodes the given `Buffer` or `Uint8Array` instance from one character encoding to another. Returns a new `Buffer` instance. Throws if the `fromEnc` or `toEnc` specify invalid character encodings or if conversion from `fromEnc` to `toEnc` is not permitted. Encodings supported by `buffer.transcode()` are: `'ascii'`, `'utf8'`, `'utf16le'`, `'ucs2'`, `'latin1'`, and `'binary'`. The transcoding process will use substitution characters if a given byte sequence cannot be adequately represented in the target encoding. For instance: ```js import { Buffer, transcode } from 'node:buffer'; const newBuf = transcode(Buffer.from('€'), 'utf8', 'ascii'); console.log(newBuf.toString('ascii')); // Prints: '?' ``` Because the Euro (`€`) sign is not representable in US-ASCII, it is replaced with `?` in the transcoded `Buffer`.

Instances of the `ChildProcess` represent spawned child processes. Instances of `ChildProcess` are not intended to be created directly. Rather, use the [spawn](././node__child_process.d.ts/~/spawn), [exec](././node__child_process.d.ts/~/exec),[execFile](././node__child_process.d.ts/~/execFile), or [fork](././node__child_process.d.ts/~/fork) methods to create instances of `ChildProcess`.

Spawns a shell then executes the `command` within that shell, buffering any generated output. The `command` string passed to the exec function is processed directly by the shell and special characters (vary based on [shell](https://en.wikipedia.org/wiki/List_of_command-line_interpreters)) need to be dealt with accordingly: ```js import { exec } from 'node:child_process'; exec('"/path/to/test file/test.sh" arg1 arg2'); // Double quotes are used so that the space in the path is not interpreted as // a delimiter of multiple arguments. exec('echo "The \\$HOME variable is $HOME"'); // The $HOME variable is escaped in the first instance, but not in the second. ``` **Never pass unsanitized user input to this function. Any input containing shell** **metacharacters may be used to trigger arbitrary command execution.** If a `callback` function is provided, it is called with the arguments `(error, stdout, stderr)`. On success, `error` will be `null`. On error, `error` will be an instance of `Error`. The `error.code` property will be the exit code of the process. By convention, any exit code other than `0` indicates an error. `error.signal` will be the signal that terminated the process. The `stdout` and `stderr` arguments passed to the callback will contain the stdout and stderr output of the child process. By default, Node.js will decode the output as UTF-8 and pass strings to the callback. The `encoding` option can be used to specify the character encoding used to decode the stdout and stderr output. If `encoding` is `'buffer'`, or an unrecognized character encoding, `Buffer` objects will be passed to the callback instead. ```js import { exec } from 'node:child_process'; exec('cat *.js missing_file | wc -l', (error, stdout, stderr) => { if (error) { console.error(`exec error: ${error}`); return; } console.log(`stdout: ${stdout}`); console.error(`stderr: ${stderr}`); }); ``` If `timeout` is greater than `0`, the parent will send the signal identified by the `killSignal` property (the default is `'SIGTERM'`) if the child runs longer than `timeout` milliseconds. Unlike the [`exec(3)`](http://man7.org/linux/man-pages/man3/exec.3.html) POSIX system call, `child_process.exec()` does not replace the existing process and uses a shell to execute the command. If this method is invoked as its `util.promisify()` ed version, it returns a `Promise` for an `Object` with `stdout` and `stderr` properties. The returned `ChildProcess` instance is attached to the `Promise` as a `child` property. In case of an error (including any error resulting in an exit code other than 0), a rejected promise is returned, with the same `error` object given in the callback, but with two additional properties `stdout` and `stderr`. ```js import util from 'node:util'; import child_process from 'node:child_process'; const exec = util.promisify(child_process.exec); async function lsExample() { const { stdout, stderr } = await exec('ls'); console.log('stdout:', stdout); console.error('stderr:', stderr); } lsExample(); ``` If the `signal` option is enabled, calling `.abort()` on the corresponding `AbortController` is similar to calling `.kill()` on the child process except the error passed to the callback will be an `AbortError`: ```js import { exec } from 'node:child_process'; const controller = new AbortController(); const { signal } = controller; const child = exec('grep ssh', { signal }, (error) => { console.error(error); // an AbortError }); controller.abort(); ```

The `child_process.execFile()` function is similar to [exec](././node__child_process.d.ts/~/exec) except that it does not spawn a shell by default. Rather, the specified executable `file` is spawned directly as a new process making it slightly more efficient than [exec](././node__child_process.d.ts/~/exec). The same options as [exec](././node__child_process.d.ts/~/exec) are supported. Since a shell is not spawned, behaviors such as I/O redirection and file globbing are not supported. ```js import { execFile } from 'node:child_process'; const child = execFile('node', ['--version'], (error, stdout, stderr) => { if (error) { throw error; } console.log(stdout); }); ``` The `stdout` and `stderr` arguments passed to the callback will contain the stdout and stderr output of the child process. By default, Node.js will decode the output as UTF-8 and pass strings to the callback. The `encoding` option can be used to specify the character encoding used to decode the stdout and stderr output. If `encoding` is `'buffer'`, or an unrecognized character encoding, `Buffer` objects will be passed to the callback instead. If this method is invoked as its `util.promisify()` ed version, it returns a `Promise` for an `Object` with `stdout` and `stderr` properties. The returned `ChildProcess` instance is attached to the `Promise` as a `child` property. In case of an error (including any error resulting in an exit code other than 0), a rejected promise is returned, with the same `error` object given in the callback, but with two additional properties `stdout` and `stderr`. ```js import util from 'node:util'; import child_process from 'node:child_process'; const execFile = util.promisify(child_process.execFile); async function getVersion() { const { stdout } = await execFile('node', ['--version']); console.log(stdout); } getVersion(); ``` **If the `shell` option is enabled, do not pass unsanitized user input to this** **function. Any input containing shell metacharacters may be used to trigger** **arbitrary command execution.** If the `signal` option is enabled, calling `.abort()` on the corresponding `AbortController` is similar to calling `.kill()` on the child process except the error passed to the callback will be an `AbortError`: ```js import { execFile } from 'node:child_process'; const controller = new AbortController(); const { signal } = controller; const child = execFile('node', ['--version'], { signal }, (error) => { console.error(error); // an AbortError }); controller.abort(); ```

The `child_process.execFileSync()` method is generally identical to [execFile](././node__child_process.d.ts/~/execFile) with the exception that the method will not return until the child process has fully closed. When a timeout has been encountered and `killSignal` is sent, the method won't return until the process has completely exited. If the child process intercepts and handles the `SIGTERM` signal and does not exit, the parent process will still wait until the child process has exited. If the process times out or has a non-zero exit code, this method will throw an `Error` that will include the full result of the underlying [spawnSync](././node__child_process.d.ts/~/spawnSync). **If the `shell` option is enabled, do not pass unsanitized user input to this** **function. Any input containing shell metacharacters may be used to trigger** **arbitrary command execution.**

The `child_process.execSync()` method is generally identical to [exec](././node__child_process.d.ts/~/exec) with the exception that the method will not return until the child process has fully closed. When a timeout has been encountered and `killSignal` is sent, the method won't return until the process has completely exited. If the child process intercepts and handles the `SIGTERM` signal and doesn't exit, the parent process will wait until the child process has exited. If the process times out or has a non-zero exit code, this method will throw. The `Error` object will contain the entire result from [spawnSync](././node__child_process.d.ts/~/spawnSync). **Never pass unsanitized user input to this function. Any input containing shell** **metacharacters may be used to trigger arbitrary command execution.**

The `child_process.fork()` method is a special case of [spawn](././node__child_process.d.ts/~/spawn) used specifically to spawn new Node.js processes. Like [spawn](././node__child_process.d.ts/~/spawn), a `ChildProcess` object is returned. The returned `ChildProcess` will have an additional communication channel built-in that allows messages to be passed back and forth between the parent and child. See `subprocess.send()` for details. Keep in mind that spawned Node.js child processes are independent of the parent with exception of the IPC communication channel that is established between the two. Each process has its own memory, with their own V8 instances. Because of the additional resource allocations required, spawning a large number of child Node.js processes is not recommended. By default, `child_process.fork()` will spawn new Node.js instances using the `process.execPath` of the parent process. The `execPath` property in the `options` object allows for an alternative execution path to be used. Node.js processes launched with a custom `execPath` will communicate with the parent process using the file descriptor (fd) identified using the environment variable `NODE_CHANNEL_FD` on the child process. Unlike the [`fork(2)`](http://man7.org/linux/man-pages/man2/fork.2.html) POSIX system call, `child_process.fork()` does not clone the current process. The `shell` option available in [spawn](././node__child_process.d.ts/~/spawn) is not supported by `child_process.fork()` and will be ignored if set. If the `signal` option is enabled, calling `.abort()` on the corresponding `AbortController` is similar to calling `.kill()` on the child process except the error passed to the callback will be an `AbortError`: ```js if (process.argv[2] === 'child') { setTimeout(() => { console.log(`Hello from ${process.argv[2]}!`); }, 1_000); } else { import { fork } from 'node:child_process'; const controller = new AbortController(); const { signal } = controller; const child = fork(__filename, ['child'], { signal }); child.on('error', (err) => { // This will be called with err being an AbortError if the controller aborts }); controller.abort(); // Stops the child process } ```

The `child_process.spawn()` method spawns a new process using the given `command`, with command-line arguments in `args`. If omitted, `args` defaults to an empty array. **If the `shell` option is enabled, do not pass unsanitized user input to this** **function. Any input containing shell metacharacters may be used to trigger** **arbitrary command execution.** A third argument may be used to specify additional options, with these defaults: ```js const defaults = { cwd: undefined, env: process.env, }; ``` Use `cwd` to specify the working directory from which the process is spawned. If not given, the default is to inherit the current working directory. If given, but the path does not exist, the child process emits an `ENOENT` error and exits immediately. `ENOENT` is also emitted when the command does not exist. Use `env` to specify environment variables that will be visible to the new process, the default is `process.env`. `undefined` values in `env` will be ignored. Example of running `ls -lh /usr`, capturing `stdout`, `stderr`, and the exit code: ```js import { spawn } from 'node:child_process'; const ls = spawn('ls', ['-lh', '/usr']); ls.stdout.on('data', (data) => { console.log(`stdout: ${data}`); }); ls.stderr.on('data', (data) => { console.error(`stderr: ${data}`); }); ls.on('close', (code) => { console.log(`child process exited with code ${code}`); }); ``` Example: A very elaborate way to run `ps ax | grep ssh` ```js import { spawn } from 'node:child_process'; const ps = spawn('ps', ['ax']); const grep = spawn('grep', ['ssh']); ps.stdout.on('data', (data) => { grep.stdin.write(data); }); ps.stderr.on('data', (data) => { console.error(`ps stderr: ${data}`); }); ps.on('close', (code) => { if (code !== 0) { console.log(`ps process exited with code ${code}`); } grep.stdin.end(); }); grep.stdout.on('data', (data) => { console.log(data.toString()); }); grep.stderr.on('data', (data) => { console.error(`grep stderr: ${data}`); }); grep.on('close', (code) => { if (code !== 0) { console.log(`grep process exited with code ${code}`); } }); ``` Example of checking for failed `spawn`: ```js import { spawn } from 'node:child_process'; const subprocess = spawn('bad_command'); subprocess.on('error', (err) => { console.error('Failed to start subprocess.'); }); ``` Certain platforms (macOS, Linux) will use the value of `argv[0]` for the process title while others (Windows, SunOS) will use `command`. Node.js overwrites `argv[0]` with `process.execPath` on startup, so `process.argv[0]` in a Node.js child process will not match the `argv0` parameter passed to `spawn` from the parent. Retrieve it with the `process.argv0` property instead. If the `signal` option is enabled, calling `.abort()` on the corresponding `AbortController` is similar to calling `.kill()` on the child process except the error passed to the callback will be an `AbortError`: ```js import { spawn } from 'node:child_process'; const controller = new AbortController(); const { signal } = controller; const grep = spawn('grep', ['ssh'], { signal }); grep.on('error', (err) => { // This will be called with err being an AbortError if the controller aborts }); controller.abort(); // Stops the child process ```

The `child_process.spawnSync()` method is generally identical to [spawn](././node__child_process.d.ts/~/spawn) with the exception that the function will not return until the child process has fully closed. When a timeout has been encountered and `killSignal` is sent, the method won't return until the process has completely exited. If the process intercepts and handles the `SIGTERM` signal and doesn't exit, the parent process will wait until the child process has exited. **If the `shell` option is enabled, do not pass unsanitized user input to this** **function. Any input containing shell metacharacters may be used to trigger** **arbitrary command execution.**

> [!WARNING] Deno compatibility > This symbol is a non-functional stub.

> [!WARNING] Deno compatibility > This symbol is a non-functional stub.

> [!WARNING] Deno compatibility > This symbol is a non-functional stub.

> [!WARNING] Deno compatibility > This symbol is a non-functional stub.

> [!WARNING] Deno compatibility > This symbol is a non-functional stub. A `Worker` object contains all public information and method about a worker. In the primary it can be obtained using `cluster.workers`. In a worker it can be obtained using `cluster.worker`.

The `console` module provides a simple debugging console that is similar to the JavaScript console mechanism provided by web browsers. The module exports two specific components: * A `Console` class with methods such as `console.log()`, `console.error()` and `console.warn()` that can be used to write to any Node.js stream. * A global `console` instance configured to write to [`process.stdout`](https://nodejs.org/docs/latest-v22.x/api/process.html#processstdout) and [`process.stderr`](https://nodejs.org/docs/latest-v22.x/api/process.html#processstderr). The global `console` can be used without importing the `node:console` module. _**Warning**_: The global console object's methods are neither consistently synchronous like the browser APIs they resemble, nor are they consistently asynchronous like all other Node.js streams. See the [`note on process I/O`](https://nodejs.org/docs/latest-v22.x/api/process.html#a-note-on-process-io) for more information. Example using the global `console`: ```js console.log('hello world'); // Prints: hello world, to stdout console.log('hello %s', 'world'); // Prints: hello world, to stdout console.error(new Error('Whoops, something bad happened')); // Prints error message and stack trace to stderr: // Error: Whoops, something bad happened // at [eval]:5:15 // at Script.runInThisContext (node:vm:132:18) // at Object.runInThisContext (node:vm:309:38) // at node:internal/process/execution:77:19 // at [eval]-wrapper:6:22 // at evalScript (node:internal/process/execution:76:60) // at node:internal/main/eval_string:23:3 const name = 'Will Robinson'; console.warn(`Danger ${name}! Danger!`); // Prints: Danger Will Robinson! Danger!, to stderr ``` Example using the `Console` class: ```js const out = getStreamSomehow(); const err = getStreamSomehow(); const myConsole = new console.Console(out, err); myConsole.log('hello world'); // Prints: hello world, to out myConsole.log('hello %s', 'world'); // Prints: hello world, to out myConsole.error(new Error('Whoops, something bad happened')); // Prints: [Error: Whoops, something bad happened], to err const name = 'Will Robinson'; myConsole.warn(`Danger ${name}! Danger!`); // Prints: Danger Will Robinson! Danger!, to err ```

> [!WARNING] Deno compatibility > The methods are non-functional stubs. SPKAC is a Certificate Signing Request mechanism originally implemented by Netscape and was specified formally as part of HTML5's `keygen` element. `` is deprecated since [HTML 5.2](https://www.w3.org/TR/html52/changes.html#features-removed) and new projects should not use this element anymore. The `node:crypto` module provides the `Certificate` class for working with SPKAC data. The most common usage is handling output generated by the HTML5 `` element. Node.js uses [OpenSSL's SPKAC implementation](https://www.openssl.org/docs/man3.0/man1/openssl-spkac.html) internally.

Checks the primality of the `candidate`.

Checks the primality of the `candidate`.

Instances of the `Cipher` class are used to encrypt data. The class can be used in one of two ways: * As a `stream` that is both readable and writable, where plain unencrypted data is written to produce encrypted data on the readable side, or * Using the `cipher.update()` and `cipher.final()` methods to produce the encrypted data. The [createCipheriv](././node__crypto.d.ts/~/createCipheriv) method is used to create `Cipher` instances. `Cipher` objects are not to be created directly using the `new` keyword. Example: Using `Cipher` objects as streams: ```js const { scrypt, randomFill, createCipheriv, } = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; // First, we'll generate the key. The key length is dependent on the algorithm. // In this case for aes192, it is 24 bytes (192 bits). scrypt(password, 'salt', 24, (err, key) => { if (err) throw err; // Then, we'll generate a random initialization vector randomFill(new Uint8Array(16), (err, iv) => { if (err) throw err; // Once we have the key and iv, we can create and use the cipher... const cipher = createCipheriv(algorithm, key, iv); let encrypted = ''; cipher.setEncoding('hex'); cipher.on('data', (chunk) => encrypted += chunk); cipher.on('end', () => console.log(encrypted)); cipher.write('some clear text data'); cipher.end(); }); }); ``` Example: Using `Cipher` and piped streams: ```js import { createReadStream, createWriteStream, } from 'node:fs'; import { pipeline, } from 'node:stream'; const { scrypt, randomFill, createCipheriv, } = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; // First, we'll generate the key. The key length is dependent on the algorithm. // In this case for aes192, it is 24 bytes (192 bits). scrypt(password, 'salt', 24, (err, key) => { if (err) throw err; // Then, we'll generate a random initialization vector randomFill(new Uint8Array(16), (err, iv) => { if (err) throw err; const cipher = createCipheriv(algorithm, key, iv); const input = createReadStream('test.js'); const output = createWriteStream('test.enc'); pipeline(input, cipher, output, (err) => { if (err) throw err; }); }); }); ``` Example: Using the `cipher.update()` and `cipher.final()` methods: ```js const { scrypt, randomFill, createCipheriv, } = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; // First, we'll generate the key. The key length is dependent on the algorithm. // In this case for aes192, it is 24 bytes (192 bits). scrypt(password, 'salt', 24, (err, key) => { if (err) throw err; // Then, we'll generate a random initialization vector randomFill(new Uint8Array(16), (err, iv) => { if (err) throw err; const cipher = createCipheriv(algorithm, key, iv); let encrypted = cipher.update('some clear text data', 'utf8', 'hex'); encrypted += cipher.final('hex'); console.log(encrypted); }); }); ```

Specifies the active default cipher list used by the current Node.js process (colon-separated values).

Specifies the built-in default cipher list used by Node.js (colon-separated values).

Causes the salt length for RSA_PKCS1_PSS_PADDING to be determined automatically when verifying a signature.

Sets the salt length for RSA_PKCS1_PSS_PADDING to the digest size when signing or verifying.

Sets the salt length for RSA_PKCS1_PSS_PADDING to the maximum permissible value when signing data.

Applies multiple bug workarounds within OpenSSL. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html for detail.

Instructs OpenSSL to allow a non-[EC]DHE-based key exchange mode for TLS v1.3

Allows legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html.

Attempts to use the server's preferences instead of the client's when selecting a cipher. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_options.html.

Instructs OpenSSL to use Cisco's version identifier of DTLS_BAD_VER.

Instructs OpenSSL to turn on cookie exchange.

Instructs OpenSSL to add server-hello extension from an early version of the cryptopro draft.

Instructs OpenSSL to disable a SSL 3.0/TLS 1.0 vulnerability workaround added in OpenSSL 0.9.6d.

Allows initial connection to servers that do not support RI.

Instructs OpenSSL to disable support for SSL/TLS compression.

Instructs OpenSSL to disable encrypt-then-MAC.

Instructs OpenSSL to disable renegotiation.

Instructs OpenSSL to always start a new session when performing renegotiation.

Instructs OpenSSL to turn off SSL v2

Instructs OpenSSL to turn off SSL v3

Instructs OpenSSL to disable use of RFC4507bis tickets.

Instructs OpenSSL to turn off TLS v1

Instructs OpenSSL to turn off TLS v1.1

Instructs OpenSSL to turn off TLS v1.2

Instructs OpenSSL to turn off TLS v1.3

Instructs OpenSSL server to prioritize ChaCha20-Poly1305 when the client does. This option has no effect if `SSL_OP_CIPHER_SERVER_PREFERENCE` is not enabled.

Instructs OpenSSL to disable version rollback attack detection.

Creates and returns a `Cipher` object, with the given `algorithm`, `key` and initialization vector (`iv`). The `options` argument controls stream behavior and is optional except when a cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the`authTagLength` option is required and specifies the length of the authentication tag in bytes, see `CCM mode`. In GCM mode, the `authTagLength`option is not required but can be used to set the length of the authentication tag that will be returned by `getAuthTag()` and defaults to 16 bytes. For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes. The `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On recent OpenSSL releases, `openssl list -cipher-algorithms` will display the available cipher algorithms. The `key` is the raw key used by the `algorithm` and `iv` is an [initialization vector](https://en.wikipedia.org/wiki/Initialization_vector). Both arguments must be `'utf8'` encoded strings,`Buffers`, `TypedArray`, or `DataView`s. The `key` may optionally be a `KeyObject` of type `secret`. If the cipher does not need an initialization vector, `iv` may be `null`. When passing strings for `key` or `iv`, please consider `caveats when using strings as inputs to cryptographic APIs`. Initialization vectors should be unpredictable and unique; ideally, they will be cryptographically random. They do not have to be secret: IVs are typically just added to ciphertext messages unencrypted. It may sound contradictory that something has to be unpredictable and unique, but does not have to be secret; remember that an attacker must not be able to predict ahead of time what a given IV will be.

Creates and returns a `Decipher` object that uses the given `algorithm`, `key` and initialization vector (`iv`). The `options` argument controls stream behavior and is optional except when a cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the `authTagLength` option is required and specifies the length of the authentication tag in bytes, see `CCM mode`. In GCM mode, the `authTagLength` option is not required but can be used to restrict accepted authentication tags to those with the specified length. For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes. The `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On recent OpenSSL releases, `openssl list -cipher-algorithms` will display the available cipher algorithms. The `key` is the raw key used by the `algorithm` and `iv` is an [initialization vector](https://en.wikipedia.org/wiki/Initialization_vector). Both arguments must be `'utf8'` encoded strings,`Buffers`, `TypedArray`, or `DataView`s. The `key` may optionally be a `KeyObject` of type `secret`. If the cipher does not need an initialization vector, `iv` may be `null`. When passing strings for `key` or `iv`, please consider `caveats when using strings as inputs to cryptographic APIs`. Initialization vectors should be unpredictable and unique; ideally, they will be cryptographically random. They do not have to be secret: IVs are typically just added to ciphertext messages unencrypted. It may sound contradictory that something has to be unpredictable and unique, but does not have to be secret; remember that an attacker must not be able to predict ahead of time what a given IV will be.

Creates a `DiffieHellman` key exchange object using the supplied `prime` and an optional specific `generator`. The `generator` argument can be a number, string, or `Buffer`. If `generator` is not specified, the value `2` is used. If `primeEncoding` is specified, `prime` is expected to be a string; otherwise a `Buffer`, `TypedArray`, or `DataView` is expected. If `generatorEncoding` is specified, `generator` is expected to be a string; otherwise a number, `Buffer`, `TypedArray`, or `DataView` is expected.

An alias for [getDiffieHellman](././node__crypto.d.ts/~/getDiffieHellman)

Creates an Elliptic Curve Diffie-Hellman (`ECDH`) key exchange object using a predefined curve specified by the `curveName` string. Use [getCurves](././node__crypto.d.ts/~/getCurves) to obtain a list of available curve names. On recent OpenSSL releases, `openssl ecparam -list_curves` will also display the name and description of each available elliptic curve.

Creates and returns a `Hash` object that can be used to generate hash digests using the given `algorithm`. Optional `options` argument controls stream behavior. For XOF hash functions such as `'shake256'`, the `outputLength` option can be used to specify the desired output length in bytes. The `algorithm` is dependent on the available algorithms supported by the version of OpenSSL on the platform. Examples are `'sha256'`, `'sha512'`, etc. On recent releases of OpenSSL, `openssl list -digest-algorithms` will display the available digest algorithms. Example: generating the sha256 sum of a file ```js import { createReadStream, } from 'node:fs'; import { argv } from 'node:process'; const { createHash, } = await import('node:crypto'); const filename = argv[2]; const hash = createHash('sha256'); const input = createReadStream(filename); input.on('readable', () => { // Only one element is going to be produced by the // hash stream. const data = input.read(); if (data) hash.update(data); else { console.log(`${hash.digest('hex')} ${filename}`); } }); ```

Creates and returns an `Hmac` object that uses the given `algorithm` and `key`. Optional `options` argument controls stream behavior. The `algorithm` is dependent on the available algorithms supported by the version of OpenSSL on the platform. Examples are `'sha256'`, `'sha512'`, etc. On recent releases of OpenSSL, `openssl list -digest-algorithms` will display the available digest algorithms. The `key` is the HMAC key used to generate the cryptographic HMAC hash. If it is a `KeyObject`, its type must be `secret`. If it is a string, please consider `caveats when using strings as inputs to cryptographic APIs`. If it was obtained from a cryptographically secure source of entropy, such as [randomBytes](././node__crypto.d.ts/~/randomBytes) or [generateKey](././node__crypto.d.ts/~/generateKey), its length should not exceed the block size of `algorithm` (e.g., 512 bits for SHA-256). Example: generating the sha256 HMAC of a file ```js import { createReadStream, } from 'node:fs'; import { argv } from 'node:process'; const { createHmac, } = await import('node:crypto'); const filename = argv[2]; const hmac = createHmac('sha256', 'a secret'); const input = createReadStream(filename); input.on('readable', () => { // Only one element is going to be produced by the // hash stream. const data = input.read(); if (data) hmac.update(data); else { console.log(`${hmac.digest('hex')} ${filename}`); } }); ```

Creates and returns a new key object containing a private key. If `key` is a string or `Buffer`, `format` is assumed to be `'pem'`; otherwise, `key` must be an object with the properties described above. If the private key is encrypted, a `passphrase` must be specified. The length of the passphrase is limited to 1024 bytes.

Creates and returns a new key object containing a public key. If `key` is a string or `Buffer`, `format` is assumed to be `'pem'`; if `key` is a `KeyObject` with type `'private'`, the public key is derived from the given private key; otherwise, `key` must be an object with the properties described above. If the format is `'pem'`, the `'key'` may also be an X.509 certificate. Because public keys can be derived from private keys, a private key may be passed instead of a public key. In that case, this function behaves as if [createPrivateKey](././node__crypto.d.ts/~/createPrivateKey) had been called, except that the type of the returned `KeyObject` will be `'public'` and that the private key cannot be extracted from the returned `KeyObject`. Similarly, if a `KeyObject` with type `'private'` is given, a new `KeyObject` with type `'public'` will be returned and it will be impossible to extract the private key from the returned object.

Creates and returns a new key object containing a secret key for symmetric encryption or `Hmac`.

Creates and returns a `Sign` object that uses the given `algorithm`. Use [getHashes](././node__crypto.d.ts/~/getHashes) to obtain the names of the available digest algorithms. Optional `options` argument controls the `stream.Writable` behavior. In some cases, a `Sign` instance can be created using the name of a signature algorithm, such as `'RSA-SHA256'`, instead of a digest algorithm. This will use the corresponding digest algorithm. This does not work for all signature algorithms, such as `'ecdsa-with-SHA256'`, so it is best to always use digest algorithm names.

Creates and returns a `Verify` object that uses the given algorithm. Use [getHashes](././node__crypto.d.ts/~/getHashes) to obtain an array of names of the available signing algorithms. Optional `options` argument controls the `stream.Writable` behavior. In some cases, a `Verify` instance can be created using the name of a signature algorithm, such as `'RSA-SHA256'`, instead of a digest algorithm. This will use the corresponding digest algorithm. This does not work for all signature algorithms, such as `'ecdsa-with-SHA256'`, so it is best to always use digest algorithm names.

Instances of the `Decipher` class are used to decrypt data. The class can be used in one of two ways: * As a `stream` that is both readable and writable, where plain encrypted data is written to produce unencrypted data on the readable side, or * Using the `decipher.update()` and `decipher.final()` methods to produce the unencrypted data. The [createDecipheriv](././node__crypto.d.ts/~/createDecipheriv) method is used to create `Decipher` instances. `Decipher` objects are not to be created directly using the `new` keyword. Example: Using `Decipher` objects as streams: ```js import { Buffer } from 'node:buffer'; const { scryptSync, createDecipheriv, } = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; // Key length is dependent on the algorithm. In this case for aes192, it is // 24 bytes (192 bits). // Use the async `crypto.scrypt()` instead. const key = scryptSync(password, 'salt', 24); // The IV is usually passed along with the ciphertext. const iv = Buffer.alloc(16, 0); // Initialization vector. const decipher = createDecipheriv(algorithm, key, iv); let decrypted = ''; decipher.on('readable', () => { let chunk; while (null !== (chunk = decipher.read())) { decrypted += chunk.toString('utf8'); } }); decipher.on('end', () => { console.log(decrypted); // Prints: some clear text data }); // Encrypted with same algorithm, key and iv. const encrypted = 'e5f79c5915c02171eec6b212d5520d44480993d7d622a7c4c2da32f6efda0ffa'; decipher.write(encrypted, 'hex'); decipher.end(); ``` Example: Using `Decipher` and piped streams: ```js import { createReadStream, createWriteStream, } from 'node:fs'; import { Buffer } from 'node:buffer'; const { scryptSync, createDecipheriv, } = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; // Use the async `crypto.scrypt()` instead. const key = scryptSync(password, 'salt', 24); // The IV is usually passed along with the ciphertext. const iv = Buffer.alloc(16, 0); // Initialization vector. const decipher = createDecipheriv(algorithm, key, iv); const input = createReadStream('test.enc'); const output = createWriteStream('test.js'); input.pipe(decipher).pipe(output); ``` Example: Using the `decipher.update()` and `decipher.final()` methods: ```js import { Buffer } from 'node:buffer'; const { scryptSync, createDecipheriv, } = await import('node:crypto'); const algorithm = 'aes-192-cbc'; const password = 'Password used to generate key'; // Use the async `crypto.scrypt()` instead. const key = scryptSync(password, 'salt', 24); // The IV is usually passed along with the ciphertext. const iv = Buffer.alloc(16, 0); // Initialization vector. const decipher = createDecipheriv(algorithm, key, iv); // Encrypted using same algorithm, key and iv. const encrypted = 'e5f79c5915c02171eec6b212d5520d44480993d7d622a7c4c2da32f6efda0ffa'; let decrypted = decipher.update(encrypted, 'hex', 'utf8'); decrypted += decipher.final('utf8'); console.log(decrypted); // Prints: some clear text data ```

The `DiffieHellman` class is a utility for creating Diffie-Hellman key exchanges. Instances of the `DiffieHellman` class can be created using the [createDiffieHellman](././node__crypto.d.ts/~/createDiffieHellman) function. ```js import assert from 'node:assert'; const { createDiffieHellman, } = await import('node:crypto'); // Generate Alice's keys... const alice = createDiffieHellman(2048); const aliceKey = alice.generateKeys(); // Generate Bob's keys... const bob = createDiffieHellman(alice.getPrime(), alice.getGenerator()); const bobKey = bob.generateKeys(); // Exchange and generate the secret... const aliceSecret = alice.computeSecret(bobKey); const bobSecret = bob.computeSecret(aliceKey); // OK assert.strictEqual(aliceSecret.toString('hex'), bobSecret.toString('hex')); ```

Computes the Diffie-Hellman secret based on a `privateKey` and a `publicKey`. Both keys must have the same `asymmetricKeyType`, which must be one of `'dh'` (for Diffie-Hellman), `'ec'` (for ECDH), `'x448'`, or `'x25519'` (for ECDH-ES).

> [!WARNING] Deno compatibility > The `convertKey` method is a non-functional sub. The `ECDH` class is a utility for creating Elliptic Curve Diffie-Hellman (ECDH) key exchanges. Instances of the `ECDH` class can be created using the [createECDH](././node__crypto.d.ts/~/createECDH) function. ```js import assert from 'node:assert'; const { createECDH, } = await import('node:crypto'); // Generate Alice's keys... const alice = createECDH('secp521r1'); const aliceKey = alice.generateKeys(); // Generate Bob's keys... const bob = createECDH('secp521r1'); const bobKey = bob.generateKeys(); // Exchange and generate the secret... const aliceSecret = alice.computeSecret(bobKey); const bobSecret = bob.computeSecret(aliceKey); assert.strictEqual(aliceSecret.toString('hex'), bobSecret.toString('hex')); // OK ```

Asynchronously generates a new random secret key of the given `length`. The `type` will determine which validations will be performed on the `length`. ```js const { generateKey, } = await import('node:crypto'); generateKey('hmac', { length: 512 }, (err, key) => { if (err) throw err; console.log(key.export().toString('hex')); // 46e..........620 }); ``` The size of a generated HMAC key should not exceed the block size of the underlying hash function. See [createHmac](././node__crypto.d.ts/~/createHmac) for more information.

> [!WARNING] Deno compatibility > The `x448` option is not supported. Generates a new asymmetric key pair of the given `type`. RSA, RSA-PSS, DSA, EC, Ed25519, Ed448, X25519, X448, and DH are currently supported. If a `publicKeyEncoding` or `privateKeyEncoding` was specified, this function behaves as if `keyObject.export()` had been called on its result. Otherwise, the respective part of the key is returned as a `KeyObject`. It is recommended to encode public keys as `'spki'` and private keys as `'pkcs8'` with encryption for long-term storage: ```js const { generateKeyPair, } = await import('node:crypto'); generateKeyPair('rsa', { modulusLength: 4096, publicKeyEncoding: { type: 'spki', format: 'pem', }, privateKeyEncoding: { type: 'pkcs8', format: 'pem', cipher: 'aes-256-cbc', passphrase: 'top secret', }, }, (err, publicKey, privateKey) => { // Handle errors and use the generated key pair. }); ``` On completion, `callback` will be called with `err` set to `undefined` and `publicKey` / `privateKey` representing the generated key pair. If this method is invoked as its `util.promisify()` ed version, it returns a `Promise` for an `Object` with `publicKey` and `privateKey` properties.

Generates a new asymmetric key pair of the given `type`. RSA, RSA-PSS, DSA, EC, Ed25519, Ed448, X25519, X448, and DH are currently supported. If a `publicKeyEncoding` or `privateKeyEncoding` was specified, this function behaves as if `keyObject.export()` had been called on its result. Otherwise, the respective part of the key is returned as a `KeyObject`. When encoding public keys, it is recommended to use `'spki'`. When encoding private keys, it is recommended to use `'pkcs8'` with a strong passphrase, and to keep the passphrase confidential. ```js const { generateKeyPairSync, } = await import('node:crypto'); const { publicKey, privateKey, } = generateKeyPairSync('rsa', { modulusLength: 4096, publicKeyEncoding: { type: 'spki', format: 'pem', }, privateKeyEncoding: { type: 'pkcs8', format: 'pem', cipher: 'aes-256-cbc', passphrase: 'top secret', }, }); ``` The return value `{ publicKey, privateKey }` represents the generated key pair. When PEM encoding was selected, the respective key will be a string, otherwise it will be a buffer containing the data encoded as DER.

Synchronously generates a new random secret key of the given `length`. The `type` will determine which validations will be performed on the `length`. ```js const { generateKeySync, } = await import('node:crypto'); const key = generateKeySync('hmac', { length: 512 }); console.log(key.export().toString('hex')); // e89..........41e ``` The size of a generated HMAC key should not exceed the block size of the underlying hash function. See [createHmac](././node__crypto.d.ts/~/createHmac) for more information.

> [!WARNING] Deno compatibility > The `safe`, `add` and `rem` option is not supported. Generates a pseudorandom prime of `size` bits. If `options.safe` is `true`, the prime will be a safe prime -- that is, `(prime - 1) / 2` will also be a prime. The `options.add` and `options.rem` parameters can be used to enforce additional requirements, e.g., for Diffie-Hellman: * If `options.add` and `options.rem` are both set, the prime will satisfy the condition that `prime % add = rem`. * If only `options.add` is set and `options.safe` is not `true`, the prime will satisfy the condition that `prime % add = 1`. * If only `options.add` is set and `options.safe` is set to `true`, the prime will instead satisfy the condition that `prime % add = 3`. This is necessary because `prime % add = 1` for `options.add > 2` would contradict the condition enforced by `options.safe`. * `options.rem` is ignored if `options.add` is not given. Both `options.add` and `options.rem` must be encoded as big-endian sequences if given as an `ArrayBuffer`, `SharedArrayBuffer`, `TypedArray`, `Buffer`, or `DataView`. By default, the prime is encoded as a big-endian sequence of octets in an [ArrayBuffer](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer). If the `bigint` option is `true`, then a [bigint](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/BigInt) is provided.

Generates a pseudorandom prime of `size` bits. If `options.safe` is `true`, the prime will be a safe prime -- that is, `(prime - 1) / 2` will also be a prime. The `options.add` and `options.rem` parameters can be used to enforce additional requirements, e.g., for Diffie-Hellman: * If `options.add` and `options.rem` are both set, the prime will satisfy the condition that `prime % add = rem`. * If only `options.add` is set and `options.safe` is not `true`, the prime will satisfy the condition that `prime % add = 1`. * If only `options.add` is set and `options.safe` is set to `true`, the prime will instead satisfy the condition that `prime % add = 3`. This is necessary because `prime % add = 1` for `options.add > 2` would contradict the condition enforced by `options.safe`. * `options.rem` is ignored if `options.add` is not given. Both `options.add` and `options.rem` must be encoded as big-endian sequences if given as an `ArrayBuffer`, `SharedArrayBuffer`, `TypedArray`, `Buffer`, or `DataView`. By default, the prime is encoded as a big-endian sequence of octets in an [ArrayBuffer](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer). If the `bigint` option is `true`, then a [bigint](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/BigInt) is provided.

Returns information about a given cipher. Some ciphers accept variable length keys and initialization vectors. By default, the `crypto.getCipherInfo()` method will return the default values for these ciphers. To test if a given key length or iv length is acceptable for given cipher, use the `keyLength` and `ivLength` options. If the given values are unacceptable, `undefined` will be returned.

```js const { getCiphers, } = await import('node:crypto'); console.log(getCiphers()); // ['aes-128-cbc', 'aes-128-ccm', ...] ```

```js const { getCurves, } = await import('node:crypto'); console.log(getCurves()); // ['Oakley-EC2N-3', 'Oakley-EC2N-4', ...] ```

Creates a predefined `DiffieHellmanGroup` key exchange object. The supported groups are listed in the documentation for `DiffieHellmanGroup`. The returned object mimics the interface of objects created by [createDiffieHellman](././node__crypto.d.ts/~/createDiffieHellman), but will not allow changing the keys (with `diffieHellman.setPublicKey()`, for example). The advantage of using this method is that the parties do not have to generate nor exchange a group modulus beforehand, saving both processor and communication time. Example (obtaining a shared secret): ```js const { getDiffieHellman, } = await import('node:crypto'); const alice = getDiffieHellman('modp14'); const bob = getDiffieHellman('modp14'); alice.generateKeys(); bob.generateKeys(); const aliceSecret = alice.computeSecret(bob.getPublicKey(), null, 'hex'); const bobSecret = bob.computeSecret(alice.getPublicKey(), null, 'hex'); // aliceSecret and bobSecret should be the same console.log(aliceSecret === bobSecret); ```

```js const { getHashes, } = await import('node:crypto'); console.log(getHashes()); // ['DSA', 'DSA-SHA', 'DSA-SHA1', ...] ```

A convenient alias for webcrypto.getRandomValues. This implementation is not compliant with the Web Crypto spec, to write web-compatible code use webcrypto.getRandomValues instead.

The `Hash` class is a utility for creating hash digests of data. It can be used in one of two ways: * As a `stream` that is both readable and writable, where data is written to produce a computed hash digest on the readable side, or * Using the `hash.update()` and `hash.digest()` methods to produce the computed hash. The [createHash](././node__crypto.d.ts/~/createHash) method is used to create `Hash` instances. `Hash`objects are not to be created directly using the `new` keyword. Example: Using `Hash` objects as streams: ```js const { createHash, } = await import('node:crypto'); const hash = createHash('sha256'); hash.on('readable', () => { // Only one element is going to be produced by the // hash stream. const data = hash.read(); if (data) { console.log(data.toString('hex')); // Prints: // 6a2da20943931e9834fc12cfe5bb47bbd9ae43489a30726962b576f4e3993e50 } }); hash.write('some data to hash'); hash.end(); ``` Example: Using `Hash` and piped streams: ```js import { createReadStream } from 'node:fs'; import { stdout } from 'node:process'; const { createHash } = await import('node:crypto'); const hash = createHash('sha256'); const input = createReadStream('test.js'); input.pipe(hash).setEncoding('hex').pipe(stdout); ``` Example: Using the `hash.update()` and `hash.digest()` methods: ```js const { createHash, } = await import('node:crypto'); const hash = createHash('sha256'); hash.update('some data to hash'); console.log(hash.digest('hex')); // Prints: // 6a2da20943931e9834fc12cfe5bb47bbd9ae43489a30726962b576f4e3993e50 ```

A utility for creating one-shot hash digests of data. It can be faster than the object-based `crypto.createHash()` when hashing a smaller amount of data (<= 5MB) that's readily available. If the data can be big or if it is streamed, it's still recommended to use `crypto.createHash()` instead. The `algorithm` is dependent on the available algorithms supported by the version of OpenSSL on the platform. Examples are `'sha256'`, `'sha512'`, etc. On recent releases of OpenSSL, `openssl list -digest-algorithms` will display the available digest algorithms. Example: ```js import crypto from 'node:crypto'; import { Buffer } from 'node:buffer'; // Hashing a string and return the result as a hex-encoded string. const string = 'Node.js'; // 10b3493287f831e81a438811a1ffba01f8cec4b7 console.log(crypto.hash('sha1', string)); // Encode a base64-encoded string into a Buffer, hash it and return // the result as a buffer. const base64 = 'Tm9kZS5qcw=='; // console.log(crypto.hash('sha1', Buffer.from(base64, 'base64'), 'buffer')); ```

HKDF is a simple key derivation function defined in RFC 5869\. The given `ikm`, `salt` and `info` are used with the `digest` to derive a key of `keylen` bytes. The supplied `callback` function is called with two arguments: `err` and `derivedKey`. If an errors occurs while deriving the key, `err` will be set; otherwise `err` will be `null`. The successfully generated `derivedKey` will be passed to the callback as an [ArrayBuffer](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer). An error will be thrown if any of the input arguments specify invalid values or types. ```js import { Buffer } from 'node:buffer'; const { hkdf, } = await import('node:crypto'); hkdf('sha512', 'key', 'salt', 'info', 64, (err, derivedKey) => { if (err) throw err; console.log(Buffer.from(derivedKey).toString('hex')); // '24156e2...5391653' }); ```

Provides a synchronous HKDF key derivation function as defined in RFC 5869\. The given `ikm`, `salt` and `info` are used with the `digest` to derive a key of `keylen` bytes. The successfully generated `derivedKey` will be returned as an [ArrayBuffer](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer). An error will be thrown if any of the input arguments specify invalid values or types, or if the derived key cannot be generated. ```js import { Buffer } from 'node:buffer'; const { hkdfSync, } = await import('node:crypto'); const derivedKey = hkdfSync('sha512', 'key', 'salt', 'info', 64); console.log(Buffer.from(derivedKey).toString('hex')); // '24156e2...5391653' ```

> [!WARNING] Deno compatibility > The following are non-functional stubs: > - from > - symmetricKeySize > - equals > - export > Node.js uses a `KeyObject` class to represent a symmetric or asymmetric key, and each kind of key exposes different functions. The [createSecretKey](././node__crypto.d.ts/~/createSecretKey), [createPublicKey](././node__crypto.d.ts/~/createPublicKey) and [createPrivateKey](././node__crypto.d.ts/~/createPrivateKey) methods are used to create `KeyObject`instances. `KeyObject` objects are not to be created directly using the `new`keyword. Most applications should consider using the new `KeyObject` API instead of passing keys as strings or `Buffer`s due to improved security features. `KeyObject` instances can be passed to other threads via `postMessage()`. The receiver obtains a cloned `KeyObject`, and the `KeyObject` does not need to be listed in the `transferList` argument.

Provides an asynchronous Password-Based Key Derivation Function 2 (PBKDF2) implementation. A selected HMAC digest algorithm specified by `digest` is applied to derive a key of the requested byte length (`keylen`) from the `password`, `salt` and `iterations`. The supplied `callback` function is called with two arguments: `err` and `derivedKey`. If an error occurs while deriving the key, `err` will be set; otherwise `err` will be `null`. By default, the successfully generated `derivedKey` will be passed to the callback as a `Buffer`. An error will be thrown if any of the input arguments specify invalid values or types. The `iterations` argument must be a number set as high as possible. The higher the number of iterations, the more secure the derived key will be, but will take a longer amount of time to complete. The `salt` should be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See [NIST SP 800-132](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf) for details. When passing strings for `password` or `salt`, please consider `caveats when using strings as inputs to cryptographic APIs`. ```js const { pbkdf2, } = await import('node:crypto'); pbkdf2('secret', 'salt', 100000, 64, 'sha512', (err, derivedKey) => { if (err) throw err; console.log(derivedKey.toString('hex')); // '3745e48...08d59ae' }); ``` An array of supported digest functions can be retrieved using [getHashes](././node__crypto.d.ts/~/getHashes). This API uses libuv's threadpool, which can have surprising and negative performance implications for some applications; see the `UV_THREADPOOL_SIZE` documentation for more information.

Provides a synchronous Password-Based Key Derivation Function 2 (PBKDF2) implementation. A selected HMAC digest algorithm specified by `digest` is applied to derive a key of the requested byte length (`keylen`) from the `password`, `salt` and `iterations`. If an error occurs an `Error` will be thrown, otherwise the derived key will be returned as a `Buffer`. The `iterations` argument must be a number set as high as possible. The higher the number of iterations, the more secure the derived key will be, but will take a longer amount of time to complete. The `salt` should be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See [NIST SP 800-132](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf) for details. When passing strings for `password` or `salt`, please consider `caveats when using strings as inputs to cryptographic APIs`. ```js const { pbkdf2Sync, } = await import('node:crypto'); const key = pbkdf2Sync('secret', 'salt', 100000, 64, 'sha512'); console.log(key.toString('hex')); // '3745e48...08d59ae' ``` An array of supported digest functions can be retrieved using [getHashes](././node__crypto.d.ts/~/getHashes).

Decrypts `buffer` with `privateKey`. `buffer` was previously encrypted using the corresponding public key, for example using [publicEncrypt](././node__crypto.d.ts/~/publicEncrypt). If `privateKey` is not a `KeyObject`, this function behaves as if `privateKey` had been passed to [createPrivateKey](././node__crypto.d.ts/~/createPrivateKey). If it is an object, the `padding` property can be passed. Otherwise, this function uses `RSA_PKCS1_OAEP_PADDING`.

Encrypts `buffer` with `privateKey`. The returned data can be decrypted using the corresponding public key, for example using [publicDecrypt](././node__crypto.d.ts/~/publicDecrypt). If `privateKey` is not a `KeyObject`, this function behaves as if `privateKey` had been passed to [createPrivateKey](././node__crypto.d.ts/~/createPrivateKey). If it is an object, the `padding` property can be passed. Otherwise, this function uses `RSA_PKCS1_PADDING`.

> [!WARNING] Deno compatibility > This symbol is a non-functional stub. Decrypts `buffer` with `key`.`buffer` was previously encrypted using the corresponding private key, for example using [privateEncrypt](././node__crypto.d.ts/~/privateEncrypt). If `key` is not a `KeyObject`, this function behaves as if `key` had been passed to [createPublicKey](././node__crypto.d.ts/~/createPublicKey). If it is an object, the `padding` property can be passed. Otherwise, this function uses `RSA_PKCS1_PADDING`. Because RSA public keys can be derived from private keys, a private key may be passed instead of a public key.

Encrypts the content of `buffer` with `key` and returns a new `Buffer` with encrypted content. The returned data can be decrypted using the corresponding private key, for example using [privateDecrypt](././node__crypto.d.ts/~/privateDecrypt). If `key` is not a `KeyObject`, this function behaves as if `key` had been passed to [createPublicKey](././node__crypto.d.ts/~/createPublicKey). If it is an object, the `padding` property can be passed. Otherwise, this function uses `RSA_PKCS1_OAEP_PADDING`. Because RSA public keys can be derived from private keys, a private key may be passed instead of a public key.

Generates cryptographically strong pseudorandom data. The `size` argument is a number indicating the number of bytes to generate. If a `callback` function is provided, the bytes are generated asynchronously and the `callback` function is invoked with two arguments: `err` and `buf`. If an error occurs, `err` will be an `Error` object; otherwise it is `null`. The `buf` argument is a `Buffer` containing the generated bytes. ```js // Asynchronous const { randomBytes, } = await import('node:crypto'); randomBytes(256, (err, buf) => { if (err) throw err; console.log(`${buf.length} bytes of random data: ${buf.toString('hex')}`); }); ``` If the `callback` function is not provided, the random bytes are generated synchronously and returned as a `Buffer`. An error will be thrown if there is a problem generating the bytes. ```js // Synchronous const { randomBytes, } = await import('node:crypto'); const buf = randomBytes(256); console.log( `${buf.length} bytes of random data: ${buf.toString('hex')}`); ``` The `crypto.randomBytes()` method will not complete until there is sufficient entropy available. This should normally never take longer than a few milliseconds. The only time when generating the random bytes may conceivably block for a longer period of time is right after boot, when the whole system is still low on entropy. This API uses libuv's threadpool, which can have surprising and negative performance implications for some applications; see the `UV_THREADPOOL_SIZE` documentation for more information. The asynchronous version of `crypto.randomBytes()` is carried out in a single threadpool request. To minimize threadpool task length variation, partition large `randomBytes` requests when doing so as part of fulfilling a client request.

This function is similar to [randomBytes](././node__crypto.d.ts/~/randomBytes) but requires the first argument to be a `Buffer` that will be filled. It also requires that a callback is passed in. If the `callback` function is not provided, an error will be thrown. ```js import { Buffer } from 'node:buffer'; const { randomFill } = await import('node:crypto'); const buf = Buffer.alloc(10); randomFill(buf, (err, buf) => { if (err) throw err; console.log(buf.toString('hex')); }); randomFill(buf, 5, (err, buf) => { if (err) throw err; console.log(buf.toString('hex')); }); // The above is equivalent to the following: randomFill(buf, 5, 5, (err, buf) => { if (err) throw err; console.log(buf.toString('hex')); }); ``` Any `ArrayBuffer`, `TypedArray`, or `DataView` instance may be passed as `buffer`. While this includes instances of `Float32Array` and `Float64Array`, this function should not be used to generate random floating-point numbers. The result may contain `+Infinity`, `-Infinity`, and `NaN`, and even if the array contains finite numbers only, they are not drawn from a uniform random distribution and have no meaningful lower or upper bounds. ```js import { Buffer } from 'node:buffer'; const { randomFill } = await import('node:crypto'); const a = new Uint32Array(10); randomFill(a, (err, buf) => { if (err) throw err; console.log(Buffer.from(buf.buffer, buf.byteOffset, buf.byteLength) .toString('hex')); }); const b = new DataView(new ArrayBuffer(10)); randomFill(b, (err, buf) => { if (err) throw err; console.log(Buffer.from(buf.buffer, buf.byteOffset, buf.byteLength) .toString('hex')); }); const c = new ArrayBuffer(10); randomFill(c, (err, buf) => { if (err) throw err; console.log(Buffer.from(buf).toString('hex')); }); ``` This API uses libuv's threadpool, which can have surprising and negative performance implications for some applications; see the `UV_THREADPOOL_SIZE` documentation for more information. The asynchronous version of `crypto.randomFill()` is carried out in a single threadpool request. To minimize threadpool task length variation, partition large `randomFill` requests when doing so as part of fulfilling a client request.

Synchronous version of [randomFill](././node__crypto.d.ts/~/randomFill). ```js import { Buffer } from 'node:buffer'; const { randomFillSync } = await import('node:crypto'); const buf = Buffer.alloc(10); console.log(randomFillSync(buf).toString('hex')); randomFillSync(buf, 5); console.log(buf.toString('hex')); // The above is equivalent to the following: randomFillSync(buf, 5, 5); console.log(buf.toString('hex')); ``` Any `ArrayBuffer`, `TypedArray` or `DataView` instance may be passed as`buffer`. ```js import { Buffer } from 'node:buffer'; const { randomFillSync } = await import('node:crypto'); const a = new Uint32Array(10); console.log(Buffer.from(randomFillSync(a).buffer, a.byteOffset, a.byteLength).toString('hex')); const b = new DataView(new ArrayBuffer(10)); console.log(Buffer.from(randomFillSync(b).buffer, b.byteOffset, b.byteLength).toString('hex')); const c = new ArrayBuffer(10); console.log(Buffer.from(randomFillSync(c)).toString('hex')); ```

Return a random integer `n` such that `min <= n < max`. This implementation avoids [modulo bias](https://en.wikipedia.org/wiki/Fisher%E2%80%93Yates_shuffle#Modulo_bias). The range (`max - min`) must be less than 2**48. `min` and `max` must be [safe integers](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/isSafeInteger). If the `callback` function is not provided, the random integer is generated synchronously. ```js // Asynchronous const { randomInt, } = await import('node:crypto'); randomInt(3, (err, n) => { if (err) throw err; console.log(`Random number chosen from (0, 1, 2): ${n}`); }); ``` ```js // Synchronous const { randomInt, } = await import('node:crypto'); const n = randomInt(3); console.log(`Random number chosen from (0, 1, 2): ${n}`); ``` ```js // With `min` argument const { randomInt, } = await import('node:crypto'); const n = randomInt(1, 7); console.log(`The dice rolled: ${n}`); ```

Generates a random [RFC 4122](https://www.rfc-editor.org/rfc/rfc4122.txt) version 4 UUID. The UUID is generated using a cryptographic pseudorandom number generator.

Provides an asynchronous [scrypt](https://en.wikipedia.org/wiki/Scrypt) implementation. Scrypt is a password-based key derivation function that is designed to be expensive computationally and memory-wise in order to make brute-force attacks unrewarding. The `salt` should be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See [NIST SP 800-132](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf) for details. When passing strings for `password` or `salt`, please consider `caveats when using strings as inputs to cryptographic APIs`. The `callback` function is called with two arguments: `err` and `derivedKey`. `err` is an exception object when key derivation fails, otherwise `err` is `null`. `derivedKey` is passed to the callback as a `Buffer`. An exception is thrown when any of the input arguments specify invalid values or types. ```js const { scrypt, } = await import('node:crypto'); // Using the factory defaults. scrypt('password', 'salt', 64, (err, derivedKey) => { if (err) throw err; console.log(derivedKey.toString('hex')); // '3745e48...08d59ae' }); // Using a custom N parameter. Must be a power of two. scrypt('password', 'salt', 64, { N: 1024 }, (err, derivedKey) => { if (err) throw err; console.log(derivedKey.toString('hex')); // '3745e48...aa39b34' }); ```

Provides a synchronous [scrypt](https://en.wikipedia.org/wiki/Scrypt) implementation. Scrypt is a password-based key derivation function that is designed to be expensive computationally and memory-wise in order to make brute-force attacks unrewarding. The `salt` should be as unique as possible. It is recommended that a salt is random and at least 16 bytes long. See [NIST SP 800-132](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf) for details. When passing strings for `password` or `salt`, please consider `caveats when using strings as inputs to cryptographic APIs`. An exception is thrown when key derivation fails, otherwise the derived key is returned as a `Buffer`. An exception is thrown when any of the input arguments specify invalid values or types. ```js const { scryptSync, } = await import('node:crypto'); // Using the factory defaults. const key1 = scryptSync('password', 'salt', 64); console.log(key1.toString('hex')); // '3745e48...08d59ae' // Using a custom N parameter. Must be a power of two. const key2 = scryptSync('password', 'salt', 64, { N: 1024 }); console.log(key2.toString('hex')); // '3745e48...aa39b34' ```

> [!WARNING] Deno compatibility > This symbol is a non-functional stub.

> [!WARNING] Deno compatibility > This symbol is a non-functional stub. Load and set the `engine` for some or all OpenSSL functions (selected by flags). `engine` could be either an id or a path to the engine's shared library. The optional `flags` argument uses `ENGINE_METHOD_ALL` by default. The `flags` is a bit field taking one of or a mix of the following flags (defined in `crypto.constants`): * `crypto.constants.ENGINE_METHOD_RSA` * `crypto.constants.ENGINE_METHOD_DSA` * `crypto.constants.ENGINE_METHOD_DH` * `crypto.constants.ENGINE_METHOD_RAND` * `crypto.constants.ENGINE_METHOD_EC` * `crypto.constants.ENGINE_METHOD_CIPHERS` * `crypto.constants.ENGINE_METHOD_DIGESTS` * `crypto.constants.ENGINE_METHOD_PKEY_METHS` * `crypto.constants.ENGINE_METHOD_PKEY_ASN1_METHS` * `crypto.constants.ENGINE_METHOD_ALL` * `crypto.constants.ENGINE_METHOD_NONE`

Enables the FIPS compliant crypto provider in a FIPS-enabled Node.js build. Throws an error if FIPS mode is not available.

> [!WARNING] Deno compatibility > The `sign` and `verify` methods are not supported with non BinaryLike input. The `Sign` class is a utility for generating signatures. It can be used in one of two ways: * As a writable `stream`, where data to be signed is written and the `sign.sign()` method is used to generate and return the signature, or * Using the `sign.update()` and `sign.sign()` methods to produce the signature. The [createSign](././node__crypto.d.ts/~/createSign) method is used to create `Sign` instances. The argument is the string name of the hash function to use. `Sign` objects are not to be created directly using the `new` keyword. Example: Using `Sign` and `Verify` objects as streams: ```js const { generateKeyPairSync, createSign, createVerify, } = await import('node:crypto'); const { privateKey, publicKey } = generateKeyPairSync('ec', { namedCurve: 'sect239k1', }); const sign = createSign('SHA256'); sign.write('some data to sign'); sign.end(); const signature = sign.sign(privateKey, 'hex'); const verify = createVerify('SHA256'); verify.write('some data to sign'); verify.end(); console.log(verify.verify(publicKey, signature, 'hex')); // Prints: true ``` Example: Using the `sign.update()` and `verify.update()` methods: ```js const { generateKeyPairSync, createSign, createVerify, } = await import('node:crypto'); const { privateKey, publicKey } = generateKeyPairSync('rsa', { modulusLength: 2048, }); const sign = createSign('SHA256'); sign.update('some data to sign'); sign.end(); const signature = sign.sign(privateKey); const verify = createVerify('SHA256'); verify.update('some data to sign'); verify.end(); console.log(verify.verify(publicKey, signature)); // Prints: true ```

Calculates and returns the signature for `data` using the given private key and algorithm. If `algorithm` is `null` or `undefined`, then the algorithm is dependent upon the key type (especially Ed25519 and Ed448). If `key` is not a `KeyObject`, this function behaves as if `key` had been passed to [createPrivateKey](././node__crypto.d.ts/~/createPrivateKey). If it is an object, the following additional properties can be passed: If the `callback` function is provided this function uses libuv's threadpool.

A convenient alias for `crypto.webcrypto.subtle`.

This function compares the underlying bytes that represent the given `ArrayBuffer`, `TypedArray`, or `DataView` instances using a constant-time algorithm. This function does not leak timing information that would allow an attacker to guess one of the values. This is suitable for comparing HMAC digests or secret values like authentication cookies or [capability urls](https://www.w3.org/TR/capability-urls/). `a` and `b` must both be `Buffer`s, `TypedArray`s, or `DataView`s, and they must have the same byte length. An error is thrown if `a` and `b` have different byte lengths. If at least one of `a` and `b` is a `TypedArray` with more than one byte per entry, such as `Uint16Array`, the result will be computed using the platform byte order. **When both of the inputs are `Float32Array`s or `Float64Array`s, this function might return unexpected results due to IEEE 754** **encoding of floating-point numbers. In particular, neither `x === y` nor `Object.is(x, y)` implies that the byte representations of two floating-point** **numbers `x` and `y` are equal.** Use of `crypto.timingSafeEqual` does not guarantee that the _surrounding_ code is timing-safe. Care should be taken to ensure that the surrounding code does not introduce timing vulnerabilities.

The `Verify` class is a utility for verifying signatures. It can be used in one of two ways: * As a writable `stream` where written data is used to validate against the supplied signature, or * Using the `verify.update()` and `verify.verify()` methods to verify the signature. The [createVerify](././node__crypto.d.ts/~/createVerify) method is used to create `Verify` instances. `Verify` objects are not to be created directly using the `new` keyword. See `Sign` for examples.

Verifies the given signature for `data` using the given key and algorithm. If `algorithm` is `null` or `undefined`, then the algorithm is dependent upon the key type (especially Ed25519 and Ed448). If `key` is not a `KeyObject`, this function behaves as if `key` had been passed to [createPublicKey](././node__crypto.d.ts/~/createPublicKey). If it is an object, the following additional properties can be passed: The `signature` argument is the previously calculated signature for the `data`. Because public keys can be derived from private keys, a private key or a public key may be passed for `key`. If the `callback` function is provided this function uses libuv's threadpool.

Importing the `webcrypto` object (`import { webcrypto } from 'node:crypto'`) gives an instance of the `Crypto` class. `Crypto` is a singleton that provides access to the remainder of the crypto API.

The `CryptoKeyPair` is a simple dictionary object with `publicKey` and `privateKey` properties, representing an asymmetric key pair.

Encapsulates an X509 certificate and provides read-only access to its information. ```js const { X509Certificate } = await import('node:crypto'); const x509 = new X509Certificate('{... pem encoded cert ...}'); console.log(x509.subject); ```

The `Hmac` class is a utility for creating cryptographic HMAC digests. It can be used in one of two ways: * As a `stream` that is both readable and writable, where data is written to produce a computed HMAC digest on the readable side, or * Using the `hmac.update()` and `hmac.digest()` methods to produce the computed HMAC digest. The [createHmac](././node__crypto.d.ts/~/createHmac) method is used to create `Hmac` instances. `Hmac`objects are not to be created directly using the `new` keyword. Example: Using `Hmac` objects as streams: ```js const { createHmac, } = await import('node:crypto'); const hmac = createHmac('sha256', 'a secret'); hmac.on('readable', () => { // Only one element is going to be produced by the // hash stream. const data = hmac.read(); if (data) { console.log(data.toString('hex')); // Prints: // 7fd04df92f636fd450bc841c9418e5825c17f33ad9c87c518115a45971f7f77e } }); hmac.write('some data to hash'); hmac.end(); ``` Example: Using `Hmac` and piped streams: ```js import { createReadStream } from 'node:fs'; import { stdout } from 'node:process'; const { createHmac, } = await import('node:crypto'); const hmac = createHmac('sha256', 'a secret'); const input = createReadStream('test.js'); input.pipe(hmac).pipe(stdout); ``` Example: Using the `hmac.update()` and `hmac.digest()` methods: ```js const { createHmac, } = await import('node:crypto'); const hmac = createHmac('sha256', 'a secret'); hmac.update('some data to hash'); console.log(hmac.digest('hex')); // Prints: // 7fd04df92f636fd450bc841c9418e5825c17f33ad9c87c518115a45971f7f77e ```

Creates a `dgram.Socket` object. Once the socket is created, calling `socket.bind()` will instruct the socket to begin listening for datagram messages. When `address` and `port` are not passed to `socket.bind()` the method will bind the socket to the "all interfaces" address on a random port (it does the right thing for both `udp4` and `udp6` sockets). The bound address and port can be retrieved using `socket.address().address` and `socket.address().port`. If the `signal` option is enabled, calling `.abort()` on the corresponding `AbortController` is similar to calling `.close()` on the socket: ```js const controller = new AbortController(); const { signal } = controller; const server = dgram.createSocket({ type: 'udp4', signal }); server.on('message', (msg, rinfo) => { console.log(`server got: ${msg} from ${rinfo.address}:${rinfo.port}`); }); // Later, when you want to close the server. controller.abort(); ```

> [!WARNING] Deno compatibility > The following methods are non-functional stubs: > - addMembership > - addSourceSpecificMembership > - dropMembership > - dropSourceSpecificMembership > - setBroadcast > - setMulticastInterface > - setMulticastLoopback > - setMulticastTtl > - setTtl > Encapsulates the datagram functionality. New instances of `dgram.Socket` are created using [createSocket](././node__dgram.d.ts/~/createSocket). The `new` keyword is not to be used to create `dgram.Socket` instances.

The class `Channel` represents an individual named channel within the data pipeline. It is used to track subscribers and to publish messages when there are subscribers present. It exists as a separate object to avoid channel lookups at publish time, enabling very fast publish speeds and allowing for heavy use while incurring very minimal cost. Channels are created with [channel](././node__diagnostics_channel.d.ts/~/channel), constructing a channel directly with `new Channel(name)` is not supported.

This is the primary entry-point for anyone wanting to publish to a named channel. It produces a channel object which is optimized to reduce overhead at publish time as much as possible. ```js import diagnostics_channel from 'node:diagnostics_channel'; const channel = diagnostics_channel.channel('my-channel'); ```

Check if there are active subscribers to the named channel. This is helpful if the message you want to send might be expensive to prepare. This API is optional but helpful when trying to publish messages from very performance-sensitive code. ```js import diagnostics_channel from 'node:diagnostics_channel'; if (diagnostics_channel.hasSubscribers('my-channel')) { // There are subscribers, prepare and publish message } ```

Register a message handler to subscribe to this channel. This message handler will be run synchronously whenever a message is published to the channel. Any errors thrown in the message handler will trigger an `'uncaughtException'`. ```js import diagnostics_channel from 'node:diagnostics_channel'; diagnostics_channel.subscribe('my-channel', (message, name) => { // Received data }); ```

The class `TracingChannel` is a collection of `TracingChannel Channels` which together express a single traceable action. It is used to formalize and simplify the process of producing events for tracing application flow. [tracingChannel](././node__diagnostics_channel.d.ts/~/tracingChannel) is used to construct a `TracingChannel`. As with `Channel` it is recommended to create and reuse a single `TracingChannel` at the top-level of the file rather than creating them dynamically.

Creates a `TracingChannel` wrapper for the given `TracingChannel Channels`. If a name is given, the corresponding tracing channels will be created in the form of `tracing:${name}:${eventType}` where `eventType` corresponds to the types of `TracingChannel Channels`. ```js import diagnostics_channel from 'node:diagnostics_channel'; const channelsByName = diagnostics_channel.tracingChannel('my-channel'); // or... const channelsByCollection = diagnostics_channel.tracingChannel({ start: diagnostics_channel.channel('tracing:my-channel:start'), end: diagnostics_channel.channel('tracing:my-channel:end'), asyncStart: diagnostics_channel.channel('tracing:my-channel:asyncStart'), asyncEnd: diagnostics_channel.channel('tracing:my-channel:asyncEnd'), error: diagnostics_channel.channel('tracing:my-channel:error'), }); ```

Remove a message handler previously registered to this channel with [subscribe](././node__diagnostics_channel.d.ts/~/subscribe). ```js import diagnostics_channel from 'node:diagnostics_channel'; function onMessage(message, name) { // Received data } diagnostics_channel.subscribe('my-channel', onMessage); diagnostics_channel.unsubscribe('my-channel', onMessage); ```

Get the default value for `verbatim` in [lookup](././node__dns--promises.d.ts/~/lookup) and [dnsPromises.lookup()](https://nodejs.org/docs/latest-v20.x/api/dns.html#dnspromiseslookuphostname-options). The value could be: * `ipv4first`: for `verbatim` defaulting to `false`. * `verbatim`: for `verbatim` defaulting to `true`.

Returns an array of IP address strings, formatted according to [RFC 5952](https://tools.ietf.org/html/rfc5952#section-6), that are currently configured for DNS resolution. A string will include a port section if a custom port is used. ```js [ '4.4.4.4', '2001:4860:4860::8888', '4.4.4.4:1053', '[2001:4860:4860::8888]:1053', ] ```

Resolves a host name (e.g. `'nodejs.org'`) into the first found A (IPv4) or AAAA (IPv6) record. All `option` properties are optional. If `options` is an integer, then it must be `4` or `6` – if `options` is not provided, then IPv4 and IPv6 addresses are both returned if found. With the `all` option set to `true`, the `Promise` is resolved with `addresses` being an array of objects with the properties `address` and `family`. On error, the `Promise` is rejected with an [`Error`](https://nodejs.org/docs/latest-v20.x/api/errors.html#class-error) object, where `err.code` is the error code. Keep in mind that `err.code` will be set to `'ENOTFOUND'` not only when the host name does not exist but also when the lookup fails in other ways such as no available file descriptors. [`dnsPromises.lookup()`](https://nodejs.org/docs/latest-v20.x/api/dns.html#dnspromiseslookuphostname-options) does not necessarily have anything to do with the DNS protocol. The implementation uses an operating system facility that can associate names with addresses and vice versa. This implementation can have subtle but important consequences on the behavior of any Node.js program. Please take some time to consult the [Implementation considerations section](https://nodejs.org/docs/latest-v20.x/api/dns.html#implementation-considerations) before using `dnsPromises.lookup()`. Example usage: ```js import dns from 'node:dns'; const dnsPromises = dns.promises; const options = { family: 6, hints: dns.ADDRCONFIG | dns.V4MAPPED, }; dnsPromises.lookup('example.com', options).then((result) => { console.log('address: %j family: IPv%s', result.address, result.family); // address: "2606:2800:220:1:248:1893:25c8:1946" family: IPv6 }); // When options.all is true, the result will be an Array. options.all = true; dnsPromises.lookup('example.com', options).then((result) => { console.log('addresses: %j', result); // addresses: [{"address":"2606:2800:220:1:248:1893:25c8:1946","family":6}] }); ```

Resolves the given `address` and `port` into a host name and service using the operating system's underlying `getnameinfo` implementation. If `address` is not a valid IP address, a `TypeError` will be thrown. The `port` will be coerced to a number. If it is not a legal port, a `TypeError` will be thrown. On error, the `Promise` is rejected with an [`Error`](https://nodejs.org/docs/latest-v20.x/api/errors.html#class-error) object, where `err.code` is the error code. ```js import dnsPromises from 'node:dns'; dnsPromises.lookupService('127.0.0.1', 22).then((result) => { console.log(result.hostname, result.service); // Prints: localhost ssh }); ```

Uses the DNS protocol to resolve a host name (e.g. `'nodejs.org'`) into an array of the resource records. When successful, the `Promise` is resolved with an array of resource records. The type and structure of individual results vary based on `rrtype`: On error, the `Promise` is rejected with an [`Error`](https://nodejs.org/docs/latest-v20.x/api/errors.html#class-error) object, where `err.code` is one of the [DNS error codes](https://nodejs.org/docs/latest-v20.x/api/dns.html#error-codes).

Uses the DNS protocol to resolve IPv4 addresses (`A` records) for the `hostname`. On success, the `Promise` is resolved with an array of IPv4 addresses (e.g. `['74.125.79.104', '74.125.79.105', '74.125.79.106']`).

Uses the DNS protocol to resolve IPv6 addresses (`AAAA` records) for the `hostname`. On success, the `Promise` is resolved with an array of IPv6 addresses.

Uses the DNS protocol to resolve all records (also known as `ANY` or `*` query). On success, the `Promise` is resolved with an array containing various types of records. Each object has a property `type` that indicates the type of the current record. And depending on the `type`, additional properties will be present on the object: Here is an example of the result object: ```js [ { type: 'A', address: '127.0.0.1', ttl: 299 }, { type: 'CNAME', value: 'example.com' }, { type: 'MX', exchange: 'alt4.aspmx.l.example.com', priority: 50 }, { type: 'NS', value: 'ns1.example.com' }, { type: 'TXT', entries: [ 'v=spf1 include:_spf.example.com ~all' ] }, { type: 'SOA', nsname: 'ns1.example.com', hostmaster: 'admin.example.com', serial: 156696742, refresh: 900, retry: 900, expire: 1800, minttl: 60 } ] ```

Uses the DNS protocol to resolve `CAA` records for the `hostname`. On success, the `Promise` is resolved with an array of objects containing available certification authority authorization records available for the `hostname` (e.g. `[{critical: 0, iodef: 'mailto:pki@example.com'},{critical: 128, issue: 'pki.example.com'}]`).

Uses the DNS protocol to resolve `CNAME` records for the `hostname`. On success, the `Promise` is resolved with an array of canonical name records available for the `hostname` (e.g. `['bar.example.com']`).

Uses the DNS protocol to resolve mail exchange records (`MX` records) for the `hostname`. On success, the `Promise` is resolved with an array of objects containing both a `priority` and `exchange` property (e.g.`[{priority: 10, exchange: 'mx.example.com'}, ...]`).

Uses the DNS protocol to resolve regular expression-based records (`NAPTR` records) for the `hostname`. On success, the `Promise` is resolved with an array of objects with the following properties: * `flags` * `service` * `regexp` * `replacement` * `order` * `preference` ```js { flags: 's', service: 'SIP+D2U', regexp: '', replacement: '_sip._udp.example.com', order: 30, preference: 100 } ```

Uses the DNS protocol to resolve name server records (`NS` records) for the `hostname`. On success, the `Promise` is resolved with an array of name server records available for `hostname` (e.g.`['ns1.example.com', 'ns2.example.com']`).

Uses the DNS protocol to resolve pointer records (`PTR` records) for the `hostname`. On success, the `Promise` is resolved with an array of strings containing the reply records.

An independent resolver for DNS requests. Creating a new resolver uses the default server settings. Setting the servers used for a resolver using [`resolver.setServers()`](https://nodejs.org/docs/latest-v20.x/api/dns.html#dnspromisessetserversservers) does not affect other resolvers: ```js import { promises } from 'node:dns'; const resolver = new promises.Resolver(); resolver.setServers(['4.4.4.4']); // This request will use the server at 4.4.4.4, independent of global settings. resolver.resolve4('example.org').then((addresses) => { // ... }); // Alternatively, the same code can be written using async-await style. (async function() { const addresses = await resolver.resolve4('example.org'); })(); ``` The following methods from the `dnsPromises` API are available: * `resolver.getServers()` * `resolver.resolve()` * `resolver.resolve4()` * `resolver.resolve6()` * `resolver.resolveAny()` * `resolver.resolveCaa()` * `resolver.resolveCname()` * `resolver.resolveMx()` * `resolver.resolveNaptr()` * `resolver.resolveNs()` * `resolver.resolvePtr()` * `resolver.resolveSoa()` * `resolver.resolveSrv()` * `resolver.resolveTxt()` * `resolver.reverse()` * `resolver.setServers()`

Uses the DNS protocol to resolve a start of authority record (`SOA` record) for the `hostname`. On success, the `Promise` is resolved with an object with the following properties: * `nsname` * `hostmaster` * `serial` * `refresh` * `retry` * `expire` * `minttl` ```js { nsname: 'ns.example.com', hostmaster: 'root.example.com', serial: 2013101809, refresh: 10000, retry: 2400, expire: 604800, minttl: 3600 } ```

Uses the DNS protocol to resolve service records (`SRV` records) for the `hostname`. On success, the `Promise` is resolved with an array of objects with the following properties: * `priority` * `weight` * `port` * `name` ```js { priority: 10, weight: 5, port: 21223, name: 'service.example.com' } ```

Uses the DNS protocol to resolve text queries (`TXT` records) for the `hostname`. On success, the `Promise` is resolved with a two-dimensional array of the text records available for `hostname` (e.g.`[ ['v=spf1 ip4:0.0.0.0 ', '~all' ] ]`). Each sub-array contains TXT chunks of one record. Depending on the use case, these could be either joined together or treated separately.

Performs a reverse DNS query that resolves an IPv4 or IPv6 address to an array of host names. On error, the `Promise` is rejected with an [`Error`](https://nodejs.org/docs/latest-v20.x/api/errors.html#class-error) object, where `err.code` is one of the [DNS error codes](https://nodejs.org/docs/latest-v20.x/api/dns.html#error-codes).

Set the default value of `order` in `dns.lookup()` and `[lookup](././node__dns--promises.d.ts/~/lookup)`. The value could be: * `ipv4first`: sets default `order` to `ipv4first`. * `ipv6first`: sets default `order` to `ipv6first`. * `verbatim`: sets default `order` to `verbatim`. The default is `verbatim` and [dnsPromises.setDefaultResultOrder()](https://nodejs.org/docs/latest-v20.x/api/dns.html#dnspromisessetdefaultresultorderorder) have higher priority than [`--dns-result-order`](https://nodejs.org/docs/latest-v20.x/api/cli.html#--dns-result-orderorder). When using [worker threads](https://nodejs.org/docs/latest-v20.x/api/worker_threads.html), [`dnsPromises.setDefaultResultOrder()`](https://nodejs.org/docs/latest-v20.x/api/dns.html#dnspromisessetdefaultresultorderorder) from the main thread won't affect the default dns orders in workers.

Sets the IP address and port of servers to be used when performing DNS resolution. The `servers` argument is an array of [RFC 5952](https://tools.ietf.org/html/rfc5952#section-6) formatted addresses. If the port is the IANA default DNS port (53) it can be omitted. ```js dnsPromises.setServers([ '4.4.4.4', '[2001:4860:4860::8888]', '4.4.4.4:1053', '[2001:4860:4860::8888]:1053', ]); ``` An error will be thrown if an invalid address is provided. The `dnsPromises.setServers()` method must not be called while a DNS query is in progress. This method works much like [resolve.conf](https://man7.org/linux/man-pages/man5/resolv.conf.5.html). That is, if attempting to resolve with the first server provided results in a `NOTFOUND` error, the `resolve()` method will _not_ attempt to resolve with subsequent servers provided. Fallback DNS servers will only be used if the earlier ones time out or result in some other error.

Limits returned address types to the types of non-loopback addresses configured on the system. For example, IPv4 addresses are only returned if the current system has at least one IPv4 address configured.

If `dns.V4MAPPED` is specified, return resolved IPv6 addresses as well as IPv4 mapped IPv6 addresses.

Get the default value for `order` in [lookup](././node__dns.d.ts/~/lookup) and [`dnsPromises.lookup()`](https://nodejs.org/docs/latest-v22.x/api/dns.html#dnspromiseslookuphostname-options). The value could be: * `ipv4first`: for `order` defaulting to `ipv4first`. * `ipv6first`: for `order` defaulting to `ipv6first`. * `verbatim`: for `order` defaulting to `verbatim`.

Returns an array of IP address strings, formatted according to [RFC 5952](https://tools.ietf.org/html/rfc5952#section-6), that are currently configured for DNS resolution. A string will include a port section if a custom port is used. ```js [ '4.4.4.4', '2001:4860:4860::8888', '4.4.4.4:1053', '[2001:4860:4860::8888]:1053', ] ```

Resolves a host name (e.g. `'nodejs.org'`) into the first found A (IPv4) or AAAA (IPv6) record. All `option` properties are optional. If `options` is an integer, then it must be `4` or `6` – if `options` is `0` or not provided, then IPv4 and IPv6 addresses are both returned if found. With the `all` option set to `true`, the arguments for `callback` change to `(err, addresses)`, with `addresses` being an array of objects with the properties `address` and `family`. On error, `err` is an `Error` object, where `err.code` is the error code. Keep in mind that `err.code` will be set to `'ENOTFOUND'` not only when the host name does not exist but also when the lookup fails in other ways such as no available file descriptors. `dns.lookup()` does not necessarily have anything to do with the DNS protocol. The implementation uses an operating system facility that can associate names with addresses and vice versa. This implementation can have subtle but important consequences on the behavior of any Node.js program. Please take some time to consult the [Implementation considerations section](https://nodejs.org/docs/latest-v22.x/api/dns.html#implementation-considerations) before using `dns.lookup()`. Example usage: ```js import dns from 'node:dns'; const options = { family: 6, hints: dns.ADDRCONFIG | dns.V4MAPPED, }; dns.lookup('example.com', options, (err, address, family) => console.log('address: %j family: IPv%s', address, family)); // address: "2606:2800:220:1:248:1893:25c8:1946" family: IPv6 // When options.all is true, the result will be an Array. options.all = true; dns.lookup('example.com', options, (err, addresses) => console.log('addresses: %j', addresses)); // addresses: [{"address":"2606:2800:220:1:248:1893:25c8:1946","family":6}] ``` If this method is invoked as its [util.promisify()](https://nodejs.org/docs/latest-v22.x/api/util.html#utilpromisifyoriginal) ed version, and `all` is not set to `true`, it returns a `Promise` for an `Object` with `address` and `family` properties.

Resolves the given `address` and `port` into a host name and service using the operating system's underlying `getnameinfo` implementation. If `address` is not a valid IP address, a `TypeError` will be thrown. The `port` will be coerced to a number. If it is not a legal port, a `TypeError` will be thrown. On an error, `err` is an [`Error`](https://nodejs.org/docs/latest-v22.x/api/errors.html#class-error) object, where `err.code` is the error code. ```js import dns from 'node:dns'; dns.lookupService('127.0.0.1', 22, (err, hostname, service) => { console.log(hostname, service); // Prints: localhost ssh }); ``` If this method is invoked as its [util.promisify()](https://nodejs.org/docs/latest-v22.x/api/util.html#utilpromisifyoriginal) ed version, it returns a `Promise` for an `Object` with `hostname` and `service` properties.

The `dns.promises` API provides an alternative set of asynchronous DNS methods that return `Promise` objects rather than using callbacks. The API is accessible via `import { promises as dnsPromises } from 'node:dns'` or `import dnsPromises from 'node:dns/promises'`.

Get the default value for `verbatim` in [lookup](././node__dns.d.ts/~/lookup) and [dnsPromises.lookup()](https://nodejs.org/docs/latest-v20.x/api/dns.html#dnspromiseslookuphostname-options). The value could be: * `ipv4first`: for `verbatim` defaulting to `false`. * `verbatim`: for `verbatim` defaulting to `true`.

Returns an array of IP address strings, formatted according to [RFC 5952](https://tools.ietf.org/html/rfc5952#section-6), that are currently configured for DNS resolution. A string will include a port section if a custom port is used. ```js [ '4.4.4.4', '2001:4860:4860::8888', '4.4.4.4:1053', '[2001:4860:4860::8888]:1053', ] ```

Resolves a host name (e.g. `'nodejs.org'`) into the first found A (IPv4) or AAAA (IPv6) record. All `option` properties are optional. If `options` is an integer, then it must be `4` or `6` – if `options` is not provided, then IPv4 and IPv6 addresses are both returned if found. With the `all` option set to `true`, the `Promise` is resolved with `addresses` being an array of objects with the properties `address` and `family`. On error, the `Promise` is rejected with an [`Error`](https://nodejs.org/docs/latest-v20.x/api/errors.html#class-error) object, where `err.code` is the error code. Keep in mind that `err.code` will be set to `'ENOTFOUND'` not only when the host name does not exist but also when the lookup fails in other ways such as no available file descriptors. [`dnsPromises.lookup()`](https://nodejs.org/docs/latest-v20.x/api/dns.html#dnspromiseslookuphostname-options) does not necessarily have anything to do with the DNS protocol. The implementation uses an operating system facility that can associate names with addresses and vice versa. This implementation can have subtle but important consequences on the behavior of any Node.js program. Please take some time to consult the [Implementation considerations section](https://nodejs.org/docs/latest-v20.x/api/dns.html#implementation-considerations) before using `dnsPromises.lookup()`. Example usage: ```js import dns from 'node:dns'; const dnsPromises = dns.promises; const options = { family: 6, hints: dns.ADDRCONFIG | dns.V4MAPPED, }; dnsPromises.lookup('example.com', options).then((result) => { console.log('address: %j family: IPv%s', result.address, result.family); // address: "2606:2800:220:1:248:1893:25c8:1946" family: IPv6 }); // When options.all is true, the result will be an Array. options.all = true; dnsPromises.lookup('example.com', options).then((result) => { console.log('addresses: %j', result); // addresses: [{"address":"2606:2800:220:1:248:1893:25c8:1946","family":6}] }); ```

Resolves the given `address` and `port` into a host name and service using the operating system's underlying `getnameinfo` implementation. If `address` is not a valid IP address, a `TypeError` will be thrown. The `port` will be coerced to a number. If it is not a legal port, a `TypeError` will be thrown. On error, the `Promise` is rejected with an [`Error`](https://nodejs.org/docs/latest-v20.x/api/errors.html#class-error) object, where `err.code` is the error code. ```js import dnsPromises from 'node:dns'; dnsPromises.lookupService('127.0.0.1', 22).then((result) => { console.log(result.hostname, result.service); // Prints: localhost ssh }); ```

Uses the DNS protocol to resolve a host name (e.g. `'nodejs.org'`) into an array of the resource records. When successful, the `Promise` is resolved with an array of resource records. The type and structure of individual results vary based on `rrtype`: On error, the `Promise` is rejected with an [`Error`](https://nodejs.org/docs/latest-v20.x/api/errors.html#class-error) object, where `err.code` is one of the [DNS error codes](https://nodejs.org/docs/latest-v20.x/api/dns.html#error-codes).

Uses the DNS protocol to resolve IPv4 addresses (`A` records) for the `hostname`. On success, the `Promise` is resolved with an array of IPv4 addresses (e.g. `['74.125.79.104', '74.125.79.105', '74.125.79.106']`).

Uses the DNS protocol to resolve IPv6 addresses (`AAAA` records) for the `hostname`. On success, the `Promise` is resolved with an array of IPv6 addresses.

Uses the DNS protocol to resolve all records (also known as `ANY` or `*` query). On success, the `Promise` is resolved with an array containing various types of records. Each object has a property `type` that indicates the type of the current record. And depending on the `type`, additional properties will be present on the object: Here is an example of the result object: ```js [ { type: 'A', address: '127.0.0.1', ttl: 299 }, { type: 'CNAME', value: 'example.com' }, { type: 'MX', exchange: 'alt4.aspmx.l.example.com', priority: 50 }, { type: 'NS', value: 'ns1.example.com' }, { type: 'TXT', entries: [ 'v=spf1 include:_spf.example.com ~all' ] }, { type: 'SOA', nsname: 'ns1.example.com', hostmaster: 'admin.example.com', serial: 156696742, refresh: 900, retry: 900, expire: 1800, minttl: 60 } ] ```

Uses the DNS protocol to resolve `CAA` records for the `hostname`. On success, the `Promise` is resolved with an array of objects containing available certification authority authorization records available for the `hostname` (e.g. `[{critical: 0, iodef: 'mailto:pki@example.com'},{critical: 128, issue: 'pki.example.com'}]`).

Uses the DNS protocol to resolve `CNAME` records for the `hostname`. On success, the `Promise` is resolved with an array of canonical name records available for the `hostname` (e.g. `['bar.example.com']`).

Uses the DNS protocol to resolve mail exchange records (`MX` records) for the `hostname`. On success, the `Promise` is resolved with an array of objects containing both a `priority` and `exchange` property (e.g.`[{priority: 10, exchange: 'mx.example.com'}, ...]`).

Uses the DNS protocol to resolve regular expression-based records (`NAPTR` records) for the `hostname`. On success, the `Promise` is resolved with an array of objects with the following properties: * `flags` * `service` * `regexp` * `replacement` * `order` * `preference` ```js { flags: 's', service: 'SIP+D2U', regexp: '', replacement: '_sip._udp.example.com', order: 30, preference: 100 } ```

Uses the DNS protocol to resolve name server records (`NS` records) for the `hostname`. On success, the `Promise` is resolved with an array of name server records available for `hostname` (e.g.`['ns1.example.com', 'ns2.example.com']`).

Uses the DNS protocol to resolve pointer records (`PTR` records) for the `hostname`. On success, the `Promise` is resolved with an array of strings containing the reply records.

An independent resolver for DNS requests. Creating a new resolver uses the default server settings. Setting the servers used for a resolver using [`resolver.setServers()`](https://nodejs.org/docs/latest-v20.x/api/dns.html#dnspromisessetserversservers) does not affect other resolvers: ```js import { promises } from 'node:dns'; const resolver = new promises.Resolver(); resolver.setServers(['4.4.4.4']); // This request will use the server at 4.4.4.4, independent of global settings. resolver.resolve4('example.org').then((addresses) => { // ... }); // Alternatively, the same code can be written using async-await style. (async function() { const addresses = await resolver.resolve4('example.org'); })(); ``` The following methods from the `dnsPromises` API are available: * `resolver.getServers()` * `resolver.resolve()` * `resolver.resolve4()` * `resolver.resolve6()` * `resolver.resolveAny()` * `resolver.resolveCaa()` * `resolver.resolveCname()` * `resolver.resolveMx()` * `resolver.resolveNaptr()` * `resolver.resolveNs()` * `resolver.resolvePtr()` * `resolver.resolveSoa()` * `resolver.resolveSrv()` * `resolver.resolveTxt()` * `resolver.reverse()` * `resolver.setServers()`

Uses the DNS protocol to resolve a start of authority record (`SOA` record) for the `hostname`. On success, the `Promise` is resolved with an object with the following properties: * `nsname` * `hostmaster` * `serial` * `refresh` * `retry` * `expire` * `minttl` ```js { nsname: 'ns.example.com', hostmaster: 'root.example.com', serial: 2013101809, refresh: 10000, retry: 2400, expire: 604800, minttl: 3600 } ```

Uses the DNS protocol to resolve service records (`SRV` records) for the `hostname`. On success, the `Promise` is resolved with an array of objects with the following properties: * `priority` * `weight` * `port` * `name` ```js { priority: 10, weight: 5, port: 21223, name: 'service.example.com' } ```

Uses the DNS protocol to resolve text queries (`TXT` records) for the `hostname`. On success, the `Promise` is resolved with a two-dimensional array of the text records available for `hostname` (e.g.`[ ['v=spf1 ip4:0.0.0.0 ', '~all' ] ]`). Each sub-array contains TXT chunks of one record. Depending on the use case, these could be either joined together or treated separately.

Performs a reverse DNS query that resolves an IPv4 or IPv6 address to an array of host names. On error, the `Promise` is rejected with an [`Error`](https://nodejs.org/docs/latest-v20.x/api/errors.html#class-error) object, where `err.code` is one of the [DNS error codes](https://nodejs.org/docs/latest-v20.x/api/dns.html#error-codes).

Set the default value of `order` in `dns.lookup()` and `[lookup](././node__dns.d.ts/~/lookup)`. The value could be: * `ipv4first`: sets default `order` to `ipv4first`. * `ipv6first`: sets default `order` to `ipv6first`. * `verbatim`: sets default `order` to `verbatim`. The default is `verbatim` and [dnsPromises.setDefaultResultOrder()](https://nodejs.org/docs/latest-v20.x/api/dns.html#dnspromisessetdefaultresultorderorder) have higher priority than [`--dns-result-order`](https://nodejs.org/docs/latest-v20.x/api/cli.html#--dns-result-orderorder). When using [worker threads](https://nodejs.org/docs/latest-v20.x/api/worker_threads.html), [`dnsPromises.setDefaultResultOrder()`](https://nodejs.org/docs/latest-v20.x/api/dns.html#dnspromisessetdefaultresultorderorder) from the main thread won't affect the default dns orders in workers.

Sets the IP address and port of servers to be used when performing DNS resolution. The `servers` argument is an array of [RFC 5952](https://tools.ietf.org/html/rfc5952#section-6) formatted addresses. If the port is the IANA default DNS port (53) it can be omitted. ```js dnsPromises.setServers([ '4.4.4.4', '[2001:4860:4860::8888]', '4.4.4.4:1053', '[2001:4860:4860::8888]:1053', ]); ``` An error will be thrown if an invalid address is provided. The `dnsPromises.setServers()` method must not be called while a DNS query is in progress. This method works much like [resolve.conf](https://man7.org/linux/man-pages/man5/resolv.conf.5.html). That is, if attempting to resolve with the first server provided results in a `NOTFOUND` error, the `resolve()` method will _not_ attempt to resolve with subsequent servers provided. Fallback DNS servers will only be used if the earlier ones time out or result in some other error.

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve a host name (e.g. `'nodejs.org'`) into an array of the resource records. The `callback` function has arguments `(err, records)`. When successful, `records` will be an array of resource records. The type and structure of individual results varies based on `rrtype`: On error, `err` is an [`Error`](https://nodejs.org/docs/latest-v22.x/api/errors.html#class-error) object, where `err.code` is one of the `DNS error codes`.

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve a IPv4 addresses (`A` records) for the `hostname`. The `addresses` argument passed to the `callback` function will contain an array of IPv4 addresses (e.g.`['74.125.79.104', '74.125.79.105', '74.125.79.106']`).

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve IPv6 addresses (`AAAA` records) for the `hostname`. The `addresses` argument passed to the `callback` function will contain an array of IPv6 addresses.

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve all records (also known as `ANY` or `*` query). The `ret` argument passed to the `callback` function will be an array containing various types of records. Each object has a property `type` that indicates the type of the current record. And depending on the `type`, additional properties will be present on the object: Here is an example of the `ret` object passed to the callback: ```js [ { type: 'A', address: '127.0.0.1', ttl: 299 }, { type: 'CNAME', value: 'example.com' }, { type: 'MX', exchange: 'alt4.aspmx.l.example.com', priority: 50 }, { type: 'NS', value: 'ns1.example.com' }, { type: 'TXT', entries: [ 'v=spf1 include:_spf.example.com ~all' ] }, { type: 'SOA', nsname: 'ns1.example.com', hostmaster: 'admin.example.com', serial: 156696742, refresh: 900, retry: 900, expire: 1800, minttl: 60 } ] ``` DNS server operators may choose not to respond to `ANY` queries. It may be better to call individual methods like [resolve4](././node__dns.d.ts/~/resolve4), [resolveMx](././node__dns.d.ts/~/resolveMx), and so on. For more details, see [RFC 8482](https://tools.ietf.org/html/rfc8482).

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve `CAA` records for the `hostname`. The `addresses` argument passed to the `callback` function will contain an array of certification authority authorization records available for the `hostname` (e.g. `[{critical: 0, iodef: 'mailto:pki@example.com'}, {critical: 128, issue: 'pki.example.com'}]`).

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve `CNAME` records for the `hostname`. The `addresses` argument passed to the `callback` function will contain an array of canonical name records available for the `hostname` (e.g. `['bar.example.com']`).

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve mail exchange records (`MX` records) for the `hostname`. The `addresses` argument passed to the `callback` function will contain an array of objects containing both a `priority` and `exchange` property (e.g. `[{priority: 10, exchange: 'mx.example.com'}, ...]`).

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve regular expression-based records (`NAPTR` records) for the `hostname`. The `addresses` argument passed to the `callback` function will contain an array of objects with the following properties: * `flags` * `service` * `regexp` * `replacement` * `order` * `preference` ```js { flags: 's', service: 'SIP+D2U', regexp: '', replacement: '_sip._udp.example.com', order: 30, preference: 100 } ```

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve name server records (`NS` records) for the `hostname`. The `addresses` argument passed to the `callback` function will contain an array of name server records available for `hostname` (e.g. `['ns1.example.com', 'ns2.example.com']`).

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve pointer records (`PTR` records) for the `hostname`. The `addresses` argument passed to the `callback` function will be an array of strings containing the reply records.

An independent resolver for DNS requests. Creating a new resolver uses the default server settings. Setting the servers used for a resolver using [`resolver.setServers()`](https://nodejs.org/docs/latest-v22.x/api/dns.html#dnssetserversservers) does not affect other resolvers: ```js import { Resolver } from 'node:dns'; const resolver = new Resolver(); resolver.setServers(['4.4.4.4']); // This request will use the server at 4.4.4.4, independent of global settings. resolver.resolve4('example.org', (err, addresses) => { // ... }); ``` The following methods from the `node:dns` module are available: * `resolver.getServers()` * `resolver.resolve()` * `resolver.resolve4()` * `resolver.resolve6()` * `resolver.resolveAny()` * `resolver.resolveCaa()` * `resolver.resolveCname()` * `resolver.resolveMx()` * `resolver.resolveNaptr()` * `resolver.resolveNs()` * `resolver.resolvePtr()` * `resolver.resolveSoa()` * `resolver.resolveSrv()` * `resolver.resolveTxt()` * `resolver.reverse()` * `resolver.setServers()`

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve a start of authority record (`SOA` record) for the `hostname`. The `address` argument passed to the `callback` function will be an object with the following properties: * `nsname` * `hostmaster` * `serial` * `refresh` * `retry` * `expire` * `minttl` ```js { nsname: 'ns.example.com', hostmaster: 'root.example.com', serial: 2013101809, refresh: 10000, retry: 2400, expire: 604800, minttl: 3600 } ```

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve service records (`SRV` records) for the `hostname`. The `addresses` argument passed to the `callback` function will be an array of objects with the following properties: * `priority` * `weight` * `port` * `name` ```js { priority: 10, weight: 5, port: 21223, name: 'service.example.com' } ```

> [!WARNING] Deno compatibility > The `ttl` option is not supported. Uses the DNS protocol to resolve text queries (`TXT` records) for the `hostname`. The `records` argument passed to the `callback` function is a two-dimensional array of the text records available for `hostname` (e.g.`[ ['v=spf1 ip4:0.0.0.0 ', '~all' ] ]`). Each sub-array contains TXT chunks of one record. Depending on the use case, these could be either joined together or treated separately.

Performs a reverse DNS query that resolves an IPv4 or IPv6 address to an array of host names. On error, `err` is an [`Error`](https://nodejs.org/docs/latest-v22.x/api/errors.html#class-error) object, where `err.code` is one of the [DNS error codes](https://nodejs.org/docs/latest-v22.x/api/dns.html#error-codes).

Set the default value of `order` in [lookup](././node__dns.d.ts/~/lookup) and [`dnsPromises.lookup()`](https://nodejs.org/docs/latest-v22.x/api/dns.html#dnspromiseslookuphostname-options). The value could be: * `ipv4first`: sets default `order` to `ipv4first`. * `ipv6first`: sets default `order` to `ipv6first`. * `verbatim`: sets default `order` to `verbatim`. The default is `verbatim` and [setDefaultResultOrder](././node__dns.d.ts/~/setDefaultResultOrder) have higher priority than [`--dns-result-order`](https://nodejs.org/docs/latest-v22.x/api/cli.html#--dns-result-orderorder). When using [worker threads](https://nodejs.org/docs/latest-v22.x/api/worker_threads.html), [setDefaultResultOrder](././node__dns.d.ts/~/setDefaultResultOrder) from the main thread won't affect the default dns orders in workers.

Sets the IP address and port of servers to be used when performing DNS resolution. The `servers` argument is an array of [RFC 5952](https://tools.ietf.org/html/rfc5952#section-6) formatted addresses. If the port is the IANA default DNS port (53) it can be omitted. ```js dns.setServers([ '4.4.4.4', '[2001:4860:4860::8888]', '4.4.4.4:1053', '[2001:4860:4860::8888]:1053', ]); ``` An error will be thrown if an invalid address is provided. The `dns.setServers()` method must not be called while a DNS query is in progress. The [setServers](././node__dns.d.ts/~/setServers) method affects only [resolve](././node__dns.d.ts/~/resolve), `dns.resolve*()` and [reverse](././node__dns.d.ts/~/reverse) (and specifically _not_ [lookup](././node__dns.d.ts/~/lookup)). This method works much like [resolve.conf](https://man7.org/linux/man-pages/man5/resolv.conf.5.html). That is, if attempting to resolve with the first server provided results in a `NOTFOUND` error, the `resolve()` method will _not_ attempt to resolve with subsequent servers provided. Fallback DNS servers will only be used if the earlier ones time out or result in some other error.

If the IPv6 family was specified, but no IPv6 addresses were found, then return IPv4 mapped IPv6 addresses. It is not supported on some operating systems (e.g. FreeBSD 10.1).

> [!WARNING] Deno compatibility > This symbol is a non-functional stub.

> [!WARNING] Deno compatibility > This symbol is a non-functional stub. The `Domain` class encapsulates the functionality of routing errors and uncaught exceptions to the active `Domain` object. To handle the errors that it catches, listen to its `'error'` event.

The `EventEmitter` class is defined and exposed by the `node:events` module: ```js import { EventEmitter } from 'node:events'; ``` All `EventEmitter`s emit the event `'newListener'` when new listeners are added and `'removeListener'` when existing listeners are removed. It supports the following option:

Integrates `EventEmitter` with `AsyncResource` for `EventEmitter`s that require manual async tracking. Specifically, all events emitted by instances of `events.EventEmitterAsyncResource` will run within its `async context`. ```js import { EventEmitterAsyncResource, EventEmitter } from 'node:events'; import { notStrictEqual, strictEqual } from 'node:assert'; import { executionAsyncId, triggerAsyncId } from 'node:async_hooks'; // Async tracking tooling will identify this as 'Q'. const ee1 = new EventEmitterAsyncResource({ name: 'Q' }); // 'foo' listeners will run in the EventEmitters async context. ee1.on('foo', () => { strictEqual(executionAsyncId(), ee1.asyncId); strictEqual(triggerAsyncId(), ee1.triggerAsyncId); }); const ee2 = new EventEmitter(); // 'foo' listeners on ordinary EventEmitters that do not track async // context, however, run in the same async context as the emit(). ee2.on('foo', () => { notStrictEqual(executionAsyncId(), ee2.asyncId); notStrictEqual(triggerAsyncId(), ee2.triggerAsyncId); }); Promise.resolve().then(() => { ee1.emit('foo'); ee2.emit('foo'); }); ``` The `EventEmitterAsyncResource` class has the same methods and takes the same options as `EventEmitter` and `AsyncResource` themselves.

Tests a user's permissions for the file or directory specified by `path`. The `mode` argument is an optional integer that specifies the accessibility checks to be performed. `mode` should be either the value `fs.constants.F_OK` or a mask consisting of the bitwise OR of any of `fs.constants.R_OK`, `fs.constants.W_OK`, and `fs.constants.X_OK` (e.g.`fs.constants.W_OK | fs.constants.R_OK`). Check `File access constants` for possible values of `mode`. If the accessibility check is successful, the promise is fulfilled with no value. If any of the accessibility checks fail, the promise is rejected with an [Error](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Error) object. The following example checks if the file`/etc/passwd` can be read and written by the current process. ```js import { access, constants } from 'node:fs/promises'; try { await access('/etc/passwd', constants.R_OK | constants.W_OK); console.log('can access'); } catch { console.error('cannot access'); } ``` Using `fsPromises.access()` to check for the accessibility of a file before calling `fsPromises.open()` is not recommended. Doing so introduces a race condition, since other processes may change the file's state between the two calls. Instead, user code should open/read/write the file directly and handle the error raised if the file is not accessible.

Asynchronously append data to a file, creating the file if it does not yet exist. `data` can be a string or a `Buffer`. If `options` is a string, then it specifies the `encoding`. The `mode` option only affects the newly created file. See `fs.open()` for more details. The `path` may be specified as a `FileHandle` that has been opened for appending (using `fsPromises.open()`).

Changes the permissions of a file.

Changes the ownership of a file.

Asynchronously copies `src` to `dest`. By default, `dest` is overwritten if it already exists. No guarantees are made about the atomicity of the copy operation. If an error occurs after the destination file has been opened for writing, an attempt will be made to remove the destination. ```js import { copyFile, constants } from 'node:fs/promises'; try { await copyFile('source.txt', 'destination.txt'); console.log('source.txt was copied to destination.txt'); } catch { console.error('The file could not be copied'); } // By using COPYFILE_EXCL, the operation will fail if destination.txt exists. try { await copyFile('source.txt', 'destination.txt', constants.COPYFILE_EXCL); console.log('source.txt was copied to destination.txt'); } catch { console.error('The file could not be copied'); } ```

Asynchronously copies the entire directory structure from `src` to `dest`, including subdirectories and files. When copying a directory to another directory, globs are not supported and behavior is similar to `cp dir1/ dir2/`.

Retrieves the files matching the specified pattern.

Changes the ownership on a symbolic link.

Creates a new link from the `existingPath` to the `newPath`. See the POSIX [`link(2)`](http://man7.org/linux/man-pages/man2/link.2.html) documentation for more detail.

Equivalent to `fsPromises.stat()` unless `path` refers to a symbolic link, in which case the link itself is stat-ed, not the file that it refers to. Refer to the POSIX [`lstat(2)`](http://man7.org/linux/man-pages/man2/lstat.2.html) document for more detail.

Changes the access and modification times of a file in the same way as `fsPromises.utimes()`, with the difference that if the path refers to a symbolic link, then the link is not dereferenced: instead, the timestamps of the symbolic link itself are changed.

Asynchronously creates a directory. The optional `options` argument can be an integer specifying `mode` (permission and sticky bits), or an object with a `mode` property and a `recursive` property indicating whether parent directories should be created. Calling `fsPromises.mkdir()` when `path` is a directory that exists results in a rejection only when `recursive` is false. ```js import { mkdir } from 'node:fs/promises'; try { const projectFolder = new URL('./test/project/', import.meta.url); const createDir = await mkdir(projectFolder, { recursive: true }); console.log(`created ${createDir}`); } catch (err) { console.error(err.message); } ```

Creates a unique temporary directory. A unique directory name is generated by appending six random characters to the end of the provided `prefix`. Due to platform inconsistencies, avoid trailing `X` characters in `prefix`. Some platforms, notably the BSDs, can return more than six random characters, and replace trailing `X` characters in `prefix` with random characters. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use. ```js import { mkdtemp } from 'node:fs/promises'; import { join } from 'node:path'; import { tmpdir } from 'node:os'; try { await mkdtemp(join(tmpdir(), 'foo-')); } catch (err) { console.error(err); } ``` The `fsPromises.mkdtemp()` method will append the six randomly selected characters directly to the `prefix` string. For instance, given a directory `/tmp`, if the intention is to create a temporary directory _within_ `/tmp`, the `prefix` must end with a trailing platform-specific path separator (`import { sep } from 'node:path'`).

Opens a `FileHandle`. Refer to the POSIX [`open(2)`](http://man7.org/linux/man-pages/man2/open.2.html) documentation for more detail. Some characters (`< > : " / \ | ? *`) are reserved under Windows as documented by [Naming Files, Paths, and Namespaces](https://docs.microsoft.com/en-us/windows/desktop/FileIO/naming-a-file). Under NTFS, if the filename contains a colon, Node.js will open a file system stream, as described by [this MSDN page](https://docs.microsoft.com/en-us/windows/desktop/FileIO/using-streams).

Asynchronously open a directory for iterative scanning. See the POSIX [`opendir(3)`](http://man7.org/linux/man-pages/man3/opendir.3.html) documentation for more detail. Creates an `fs.Dir`, which contains all further functions for reading from and cleaning up the directory. The `encoding` option sets the encoding for the `path` while opening the directory and subsequent read operations. Example using async iteration: ```js import { opendir } from 'node:fs/promises'; try { const dir = await opendir('./'); for await (const dirent of dir) console.log(dirent.name); } catch (err) { console.error(err); } ``` When using the async iterator, the `fs.Dir` object will be automatically closed after the iterator exits.

Reads the contents of a directory. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the filenames. If the `encoding` is set to `'buffer'`, the filenames returned will be passed as `Buffer` objects. If `options.withFileTypes` is set to `true`, the returned array will contain `fs.Dirent` objects. ```js import { readdir } from 'node:fs/promises'; try { const files = await readdir(path); for (const file of files) console.log(file); } catch (err) { console.error(err); } ```

Asynchronously reads the entire contents of a file. If no encoding is specified (using `options.encoding`), the data is returned as a `Buffer` object. Otherwise, the data will be a string. If `options` is a string, then it specifies the encoding. When the `path` is a directory, the behavior of `fsPromises.readFile()` is platform-specific. On macOS, Linux, and Windows, the promise will be rejected with an error. On FreeBSD, a representation of the directory's contents will be returned. An example of reading a `package.json` file located in the same directory of the running code: ```js import { readFile } from 'node:fs/promises'; try { const filePath = new URL('./package.json', import.meta.url); const contents = await readFile(filePath, { encoding: 'utf8' }); console.log(contents); } catch (err) { console.error(err.message); } ``` It is possible to abort an ongoing `readFile` using an `AbortSignal`. If a request is aborted the promise returned is rejected with an `AbortError`: ```js import { readFile } from 'node:fs/promises'; try { const controller = new AbortController(); const { signal } = controller; const promise = readFile(fileName, { signal }); // Abort the request before the promise settles. controller.abort(); await promise; } catch (err) { // When a request is aborted - err is an AbortError console.error(err); } ``` Aborting an ongoing request does not abort individual operating system requests but rather the internal buffering `fs.readFile` performs. Any specified `FileHandle` has to support reading.

Reads the contents of the symbolic link referred to by `path`. See the POSIX [`readlink(2)`](http://man7.org/linux/man-pages/man2/readlink.2.html) documentation for more detail. The promise is fulfilled with the`linkString` upon success. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the link path returned. If the `encoding` is set to `'buffer'`, the link path returned will be passed as a `Buffer` object.

Determines the actual location of `path` using the same semantics as the `fs.realpath.native()` function. Only paths that can be converted to UTF8 strings are supported. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the path. If the `encoding` is set to `'buffer'`, the path returned will be passed as a `Buffer` object. On Linux, when Node.js is linked against musl libc, the procfs file system must be mounted on `/proc` in order for this function to work. Glibc does not have this restriction.

Renames `oldPath` to `newPath`.

Removes files and directories (modeled on the standard POSIX `rm` utility).

Removes the directory identified by `path`. Using `fsPromises.rmdir()` on a file (not a directory) results in the promise being rejected with an `ENOENT` error on Windows and an `ENOTDIR` error on POSIX. To get a behavior similar to the `rm -rf` Unix command, use `fsPromises.rm()` with options `{ recursive: true, force: true }`.

Creates a symbolic link. The `type` argument is only used on Windows platforms and can be one of `'dir'`, `'file'`, or `'junction'`. If the `type` argument is not a string, Node.js will autodetect `target` type and use `'file'` or `'dir'`. If the `target` does not exist, `'file'` will be used. Windows junction points require the destination path to be absolute. When using `'junction'`, the `target` argument will automatically be normalized to absolute path. Junction points on NTFS volumes can only point to directories.

Truncates (shortens or extends the length) of the content at `path` to `len` bytes.

If `path` refers to a symbolic link, then the link is removed without affecting the file or directory to which that link refers. If the `path` refers to a file path that is not a symbolic link, the file is deleted. See the POSIX [`unlink(2)`](http://man7.org/linux/man-pages/man2/unlink.2.html) documentation for more detail.

Change the file system timestamps of the object referenced by `path`. The `atime` and `mtime` arguments follow these rules: * Values can be either numbers representing Unix epoch time, `Date`s, or a numeric string like `'123456789.0'`. * If the value can not be converted to a number, or is `NaN`, `Infinity`, or `-Infinity`, an `Error` will be thrown.

Returns an async iterator that watches for changes on `filename`, where `filename`is either a file or a directory. ```js import { watch } from 'node:fs/promises'; const ac = new AbortController(); const { signal } = ac; setTimeout(() => ac.abort(), 10000); (async () => { try { const watcher = watch(__filename, { signal }); for await (const event of watcher) console.log(event); } catch (err) { if (err.name === 'AbortError') return; throw err; } })(); ``` On most platforms, `'rename'` is emitted whenever a filename appears or disappears in the directory. All the `caveats` for `fs.watch()` also apply to `fsPromises.watch()`.

Asynchronously writes data to a file, replacing the file if it already exists. `data` can be a string, a buffer, an [AsyncIterable](https://tc39.github.io/ecma262/#sec-asynciterable-interface), or an [Iterable](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols#The_iterable_protocol) object. The `encoding` option is ignored if `data` is a buffer. If `options` is a string, then it specifies the encoding. The `mode` option only affects the newly created file. See `fs.open()` for more details. Any specified `FileHandle` has to support writing. It is unsafe to use `fsPromises.writeFile()` multiple times on the same file without waiting for the promise to be settled. Similarly to `fsPromises.readFile` \- `fsPromises.writeFile` is a convenience method that performs multiple `write` calls internally to write the buffer passed to it. For performance sensitive code consider using `fs.createWriteStream()` or `filehandle.createWriteStream()`. It is possible to use an `AbortSignal` to cancel an `fsPromises.writeFile()`. Cancelation is "best effort", and some amount of data is likely still to be written. ```js import { writeFile } from 'node:fs/promises'; import { Buffer } from 'node:buffer'; try { const controller = new AbortController(); const { signal } = controller; const data = new Uint8Array(Buffer.from('Hello Node.js')); const promise = writeFile('message.txt', data, { signal }); // Abort the request before the promise settles. controller.abort(); await promise; } catch (err) { // When a request is aborted - err is an AbortError console.error(err); } ``` Aborting an ongoing request does not abort individual operating system requests but rather the internal buffering `fs.writeFile` performs.

> [!WARNING] Deno compatibility > The lchmod implementation is a not implemented. Changes the permissions on a symbolic link. This method is only implemented on macOS.

Tests a user's permissions for the file or directory specified by `path`. The `mode` argument is an optional integer that specifies the accessibility checks to be performed. `mode` should be either the value `fs.constants.F_OK` or a mask consisting of the bitwise OR of any of `fs.constants.R_OK`, `fs.constants.W_OK`, and `fs.constants.X_OK` (e.g.`fs.constants.W_OK | fs.constants.R_OK`). Check `File access constants` for possible values of `mode`. The final argument, `callback`, is a callback function that is invoked with a possible error argument. If any of the accessibility checks fail, the error argument will be an `Error` object. The following examples check if `package.json` exists, and if it is readable or writable. ```js import { access, constants } from 'node:fs'; const file = 'package.json'; // Check if the file exists in the current directory. access(file, constants.F_OK, (err) => { console.log(`${file} ${err ? 'does not exist' : 'exists'}`); }); // Check if the file is readable. access(file, constants.R_OK, (err) => { console.log(`${file} ${err ? 'is not readable' : 'is readable'}`); }); // Check if the file is writable. access(file, constants.W_OK, (err) => { console.log(`${file} ${err ? 'is not writable' : 'is writable'}`); }); // Check if the file is readable and writable. access(file, constants.R_OK | constants.W_OK, (err) => { console.log(`${file} ${err ? 'is not' : 'is'} readable and writable`); }); ``` Do not use `fs.access()` to check for the accessibility of a file before calling `fs.open()`, `fs.readFile()`, or `fs.writeFile()`. Doing so introduces a race condition, since other processes may change the file's state between the two calls. Instead, user code should open/read/write the file directly and handle the error raised if the file is not accessible. **write (NOT RECOMMENDED)** ```js import { access, open, close } from 'node:fs'; access('myfile', (err) => { if (!err) { console.error('myfile already exists'); return; } open('myfile', 'wx', (err, fd) => { if (err) throw err; try { writeMyData(fd); } finally { close(fd, (err) => { if (err) throw err; }); } }); }); ``` **write (RECOMMENDED)** ```js import { open, close } from 'node:fs'; open('myfile', 'wx', (err, fd) => { if (err) { if (err.code === 'EEXIST') { console.error('myfile already exists'); return; } throw err; } try { writeMyData(fd); } finally { close(fd, (err) => { if (err) throw err; }); } }); ``` **read (NOT RECOMMENDED)** ```js import { access, open, close } from 'node:fs'; access('myfile', (err) => { if (err) { if (err.code === 'ENOENT') { console.error('myfile does not exist'); return; } throw err; } open('myfile', 'r', (err, fd) => { if (err) throw err; try { readMyData(fd); } finally { close(fd, (err) => { if (err) throw err; }); } }); }); ``` **read (RECOMMENDED)** ```js import { open, close } from 'node:fs'; open('myfile', 'r', (err, fd) => { if (err) { if (err.code === 'ENOENT') { console.error('myfile does not exist'); return; } throw err; } try { readMyData(fd); } finally { close(fd, (err) => { if (err) throw err; }); } }); ``` The "not recommended" examples above check for accessibility and then use the file; the "recommended" examples are better because they use the file directly and handle the error, if any. In general, check for the accessibility of a file only if the file will not be used directly, for example when its accessibility is a signal from another process. On Windows, access-control policies (ACLs) on a directory may limit access to a file or directory. The `fs.access()` function, however, does not check the ACL and therefore may report that a path is accessible even if the ACL restricts the user from reading or writing to it.

Synchronously tests a user's permissions for the file or directory specified by `path`. The `mode` argument is an optional integer that specifies the accessibility checks to be performed. `mode` should be either the value `fs.constants.F_OK` or a mask consisting of the bitwise OR of any of `fs.constants.R_OK`, `fs.constants.W_OK`, and `fs.constants.X_OK` (e.g.`fs.constants.W_OK | fs.constants.R_OK`). Check `File access constants` for possible values of `mode`. If any of the accessibility checks fail, an `Error` will be thrown. Otherwise, the method will return `undefined`. ```js import { accessSync, constants } from 'node:fs'; try { accessSync('etc/passwd', constants.R_OK | constants.W_OK); console.log('can read/write'); } catch (err) { console.error('no access!'); } ```

Asynchronously append data to a file, creating the file if it does not yet exist. `data` can be a string or a `Buffer`. The `mode` option only affects the newly created file. See [open](././node__fs.d.ts/~/open) for more details. ```js import { appendFile } from 'node:fs'; appendFile('message.txt', 'data to append', (err) => { if (err) throw err; console.log('The "data to append" was appended to file!'); }); ``` If `options` is a string, then it specifies the encoding: ```js import { appendFile } from 'node:fs'; appendFile('message.txt', 'data to append', 'utf8', callback); ``` The `path` may be specified as a numeric file descriptor that has been opened for appending (using `fs.open()` or `fs.openSync()`). The file descriptor will not be closed automatically. ```js import { open, close, appendFile } from 'node:fs'; function closeFd(fd) { close(fd, (err) => { if (err) throw err; }); } open('message.txt', 'a', (err, fd) => { if (err) throw err; try { appendFile(fd, 'data to append', 'utf8', (err) => { closeFd(fd); if (err) throw err; }); } catch (err) { closeFd(fd); throw err; } }); ```

Synchronously append data to a file, creating the file if it does not yet exist. `data` can be a string or a `Buffer`. The `mode` option only affects the newly created file. See [open](././node__fs.d.ts/~/open) for more details. ```js import { appendFileSync } from 'node:fs'; try { appendFileSync('message.txt', 'data to append'); console.log('The "data to append" was appended to file!'); } catch (err) { // Handle the error } ``` If `options` is a string, then it specifies the encoding: ```js import { appendFileSync } from 'node:fs'; appendFileSync('message.txt', 'data to append', 'utf8'); ``` The `path` may be specified as a numeric file descriptor that has been opened for appending (using `fs.open()` or `fs.openSync()`). The file descriptor will not be closed automatically. ```js import { openSync, closeSync, appendFileSync } from 'node:fs'; let fd; try { fd = openSync('message.txt', 'a'); appendFileSync(fd, 'data to append', 'utf8'); } catch (err) { // Handle the error } finally { if (fd !== undefined) closeSync(fd); } ```

Asynchronously changes the permissions of a file. No arguments other than a possible exception are given to the completion callback. See the POSIX [`chmod(2)`](http://man7.org/linux/man-pages/man2/chmod.2.html) documentation for more detail. ```js import { chmod } from 'node:fs'; chmod('my_file.txt', 0o775, (err) => { if (err) throw err; console.log('The permissions for file "my_file.txt" have been changed!'); }); ```

For detailed information, see the documentation of the asynchronous version of this API: [chmod](././node__fs.d.ts/~/chmod). See the POSIX [`chmod(2)`](http://man7.org/linux/man-pages/man2/chmod.2.html) documentation for more detail.

Asynchronously changes owner and group of a file. No arguments other than a possible exception are given to the completion callback. See the POSIX [`chown(2)`](http://man7.org/linux/man-pages/man2/chown.2.html) documentation for more detail.

Synchronously changes owner and group of a file. Returns `undefined`. This is the synchronous version of [chown](././node__fs.d.ts/~/chown). See the POSIX [`chown(2)`](http://man7.org/linux/man-pages/man2/chown.2.html) documentation for more detail.

Closes the file descriptor. No arguments other than a possible exception are given to the completion callback. Calling `fs.close()` on any file descriptor (`fd`) that is currently in use through any other `fs` operation may lead to undefined behavior. See the POSIX [`close(2)`](http://man7.org/linux/man-pages/man2/close.2.html) documentation for more detail.

Closes the file descriptor. Returns `undefined`. Calling `fs.closeSync()` on any file descriptor (`fd`) that is currently in use through any other `fs` operation may lead to undefined behavior. See the POSIX [`close(2)`](http://man7.org/linux/man-pages/man2/close.2.html) documentation for more detail.

Constant for fs.copyFile. Flag indicating the destination file should not be overwritten if it already exists.

Constant for fs.copyFile. copy operation will attempt to create a copy-on-write reflink. If the underlying platform does not support copy-on-write, then a fallback copy mechanism is used.

Constant for fs.copyFile. Copy operation will attempt to create a copy-on-write reflink. If the underlying platform does not support copy-on-write, then the operation will fail with an error.

Constant for fs.access(). File is visible to the calling process.

Constant for fs.open(). Flag indicating that data will be appended to the end of the file.

Constant for fs.open(). Flag indicating to create the file if it does not already exist.

Constant for fs.open(). When set, an attempt will be made to minimize caching effects of file I/O.

Constant for fs.open(). Flag indicating that the open should fail if the path is not a directory.

Constant for fs.open(). Flag indicating that the file is opened for synchronous I/O with write operations waiting for data integrity.

Constant for fs.open(). Flag indicating that opening a file should fail if the O_CREAT flag is set and the file already exists.

constant for fs.open(). Flag indicating reading accesses to the file system will no longer result in an update to the atime information associated with the file. This flag is available on Linux operating systems only.

Constant for fs.open(). Flag indicating that if path identifies a terminal device, opening the path shall not cause that terminal to become the controlling terminal for the process (if the process does not already have one).

Constant for fs.open(). Flag indicating that the open should fail if the path is a symbolic link.

Constant for fs.open(). Flag indicating to open the file in nonblocking mode when possible.

Constant for fs.open(). Flag indicating to open a file for read-only access.

Constant for fs.open(). Flag indicating to open a file for read-write access.

Constant for fs.open(). Flag indicating to open the symbolic link itself rather than the resource it is pointing to.

Constant for fs.open(). Flag indicating that the file is opened for synchronous I/O.

Constant for fs.open(). Flag indicating that if the file exists and is a regular file, and the file is opened successfully for write access, its length shall be truncated to zero.

Constant for fs.open(). Flag indicating to open a file for write-only access.

Constant for fs.access(). File can be read by the calling process.

Constant for fs.Stats mode property for determining a file's type. File type constant for a block-oriented device file.

Constant for fs.Stats mode property for determining a file's type. File type constant for a character-oriented device file.

Constant for fs.Stats mode property for determining a file's type. File type constant for a directory.

Constant for fs.Stats mode property for determining a file's type. File type constant for a FIFO/pipe.

Constant for fs.Stats mode property for determining a file's type. File type constant for a symbolic link.

Constant for fs.Stats mode property for determining a file's type. Bit mask used to extract the file type code.

Constant for fs.Stats mode property for determining a file's type. File type constant for a regular file.

Constant for fs.Stats mode property for determining a file's type. File type constant for a socket.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating readable by group.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating readable by others.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating readable by owner.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating readable, writable and executable by group.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating readable, writable and executable by others.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating readable, writable and executable by owner.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating writable by group.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating writable by others.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating writable by owner.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating executable by group.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating executable by others.

Constant for fs.Stats mode property for determining access permissions for a file. File mode indicating executable by owner.

When set, a memory file mapping is used to access the file. This flag is available on Windows operating systems only. On other operating systems, this flag is ignored.

Constant for fs.access(). File can be written by the calling process.

Constant for fs.access(). File can be executed by the calling process.

Asynchronously copies `src` to `dest`. By default, `dest` is overwritten if it already exists. No arguments other than a possible exception are given to the callback function. Node.js makes no guarantees about the atomicity of the copy operation. If an error occurs after the destination file has been opened for writing, Node.js will attempt to remove the destination. `mode` is an optional integer that specifies the behavior of the copy operation. It is possible to create a mask consisting of the bitwise OR of two or more values (e.g.`fs.constants.COPYFILE_EXCL | fs.constants.COPYFILE_FICLONE`). * `fs.constants.COPYFILE_EXCL`: The copy operation will fail if `dest` already exists. * `fs.constants.COPYFILE_FICLONE`: The copy operation will attempt to create a copy-on-write reflink. If the platform does not support copy-on-write, then a fallback copy mechanism is used. * `fs.constants.COPYFILE_FICLONE_FORCE`: The copy operation will attempt to create a copy-on-write reflink. If the platform does not support copy-on-write, then the operation will fail. ```js import { copyFile, constants } from 'node:fs'; function callback(err) { if (err) throw err; console.log('source.txt was copied to destination.txt'); } // destination.txt will be created or overwritten by default. copyFile('source.txt', 'destination.txt', callback); // By using COPYFILE_EXCL, the operation will fail if destination.txt exists. copyFile('source.txt', 'destination.txt', constants.COPYFILE_EXCL, callback); ```

Synchronously copies `src` to `dest`. By default, `dest` is overwritten if it already exists. Returns `undefined`. Node.js makes no guarantees about the atomicity of the copy operation. If an error occurs after the destination file has been opened for writing, Node.js will attempt to remove the destination. `mode` is an optional integer that specifies the behavior of the copy operation. It is possible to create a mask consisting of the bitwise OR of two or more values (e.g.`fs.constants.COPYFILE_EXCL | fs.constants.COPYFILE_FICLONE`). * `fs.constants.COPYFILE_EXCL`: The copy operation will fail if `dest` already exists. * `fs.constants.COPYFILE_FICLONE`: The copy operation will attempt to create a copy-on-write reflink. If the platform does not support copy-on-write, then a fallback copy mechanism is used. * `fs.constants.COPYFILE_FICLONE_FORCE`: The copy operation will attempt to create a copy-on-write reflink. If the platform does not support copy-on-write, then the operation will fail. ```js import { copyFileSync, constants } from 'node:fs'; // destination.txt will be created or overwritten by default. copyFileSync('source.txt', 'destination.txt'); console.log('source.txt was copied to destination.txt'); // By using COPYFILE_EXCL, the operation will fail if destination.txt exists. copyFileSync('source.txt', 'destination.txt', constants.COPYFILE_EXCL); ```

Asynchronously copies the entire directory structure from `src` to `dest`, including subdirectories and files. When copying a directory to another directory, globs are not supported and behavior is similar to `cp dir1/ dir2/`.

Synchronously copies the entire directory structure from `src` to `dest`, including subdirectories and files. When copying a directory to another directory, globs are not supported and behavior is similar to `cp dir1/ dir2/`.

Unlike the 16 KiB default `highWaterMark` for a `stream.Readable`, the stream returned by this method has a default `highWaterMark` of 64 KiB. `options` can include `start` and `end` values to read a range of bytes from the file instead of the entire file. Both `start` and `end` are inclusive and start counting at 0, allowed values are in the \[0, [`Number.MAX_SAFE_INTEGER`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/MAX_SAFE_INTEGER)\] range. If `fd` is specified and `start` is omitted or `undefined`, `fs.createReadStream()` reads sequentially from the current file position. The `encoding` can be any one of those accepted by `Buffer`. If `fd` is specified, `ReadStream` will ignore the `path` argument and will use the specified file descriptor. This means that no `'open'` event will be emitted. `fd` should be blocking; non-blocking `fd`s should be passed to `net.Socket`. If `fd` points to a character device that only supports blocking reads (such as keyboard or sound card), read operations do not finish until data is available. This can prevent the process from exiting and the stream from closing naturally. By default, the stream will emit a `'close'` event after it has been destroyed. Set the `emitClose` option to `false` to change this behavior. By providing the `fs` option, it is possible to override the corresponding `fs` implementations for `open`, `read`, and `close`. When providing the `fs` option, an override for `read` is required. If no `fd` is provided, an override for `open` is also required. If `autoClose` is `true`, an override for `close` is also required. ```js import { createReadStream } from 'node:fs'; // Create a stream from some character device. const stream = createReadStream('/dev/input/event0'); setTimeout(() => { stream.close(); // This may not close the stream. // Artificially marking end-of-stream, as if the underlying resource had // indicated end-of-file by itself, allows the stream to close. // This does not cancel pending read operations, and if there is such an // operation, the process may still not be able to exit successfully // until it finishes. stream.push(null); stream.read(0); }, 100); ``` If `autoClose` is false, then the file descriptor won't be closed, even if there's an error. It is the application's responsibility to close it and make sure there's no file descriptor leak. If `autoClose` is set to true (default behavior), on `'error'` or `'end'` the file descriptor will be closed automatically. `mode` sets the file mode (permission and sticky bits), but only if the file was created. An example to read the last 10 bytes of a file which is 100 bytes long: ```js import { createReadStream } from 'node:fs'; createReadStream('sample.txt', { start: 90, end: 99 }); ``` If `options` is a string, then it specifies the encoding.

`options` may also include a `start` option to allow writing data at some position past the beginning of the file, allowed values are in the \[0, [`Number.MAX_SAFE_INTEGER`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/MAX_SAFE_INTEGER)\] range. Modifying a file rather than replacing it may require the `flags` option to be set to `r+` rather than the default `w`. The `encoding` can be any one of those accepted by `Buffer`. If `autoClose` is set to true (default behavior) on `'error'` or `'finish'` the file descriptor will be closed automatically. If `autoClose` is false, then the file descriptor won't be closed, even if there's an error. It is the application's responsibility to close it and make sure there's no file descriptor leak. By default, the stream will emit a `'close'` event after it has been destroyed. Set the `emitClose` option to `false` to change this behavior. By providing the `fs` option it is possible to override the corresponding `fs` implementations for `open`, `write`, `writev`, and `close`. Overriding `write()` without `writev()` can reduce performance as some optimizations (`_writev()`) will be disabled. When providing the `fs` option, overrides for at least one of `write` and `writev` are required. If no `fd` option is supplied, an override for `open` is also required. If `autoClose` is `true`, an override for `close` is also required. Like `fs.ReadStream`, if `fd` is specified, `fs.WriteStream` will ignore the `path` argument and will use the specified file descriptor. This means that no `'open'` event will be emitted. `fd` should be blocking; non-blocking `fd`s should be passed to `net.Socket`. If `options` is a string, then it specifies the encoding.

A class representing a directory stream. Created by [opendir](././node__fs.d.ts/~/opendir), [opendirSync](././node__fs.d.ts/~/opendirSync), or `fsPromises.opendir()`. ```js import { opendir } from 'node:fs/promises'; try { const dir = await opendir('./'); for await (const dirent of dir) console.log(dirent.name); } catch (err) { console.error(err); } ``` When using the async iterator, the `fs.Dir` object will be automatically closed after the iterator exits.

A representation of a directory entry, which can be a file or a subdirectory within the directory, as returned by reading from an `fs.Dir`. The directory entry is a combination of the file name and file type pairs. Additionally, when [readdir](././node__fs.d.ts/~/readdir) or [readdirSync](././node__fs.d.ts/~/readdirSync) is called with the `withFileTypes` option set to `true`, the resulting array is filled with `fs.Dirent` objects, rather than strings or `Buffer` s.

Returns `true` if the path exists, `false` otherwise. For detailed information, see the documentation of the asynchronous version of this API: [exists](././node__fs.d.ts/~/exists). `fs.exists()` is deprecated, but `fs.existsSync()` is not. The `callback` parameter to `fs.exists()` accepts parameters that are inconsistent with other Node.js callbacks. `fs.existsSync()` does not use a callback. ```js import { existsSync } from 'node:fs'; if (existsSync('/etc/passwd')) console.log('The path exists.'); ```

Sets the permissions on the file. No arguments other than a possible exception are given to the completion callback. See the POSIX [`fchmod(2)`](http://man7.org/linux/man-pages/man2/fchmod.2.html) documentation for more detail.

Sets the permissions on the file. Returns `undefined`. See the POSIX [`fchmod(2)`](http://man7.org/linux/man-pages/man2/fchmod.2.html) documentation for more detail.

Sets the owner of the file. No arguments other than a possible exception are given to the completion callback. See the POSIX [`fchown(2)`](http://man7.org/linux/man-pages/man2/fchown.2.html) documentation for more detail.

Sets the owner of the file. Returns `undefined`. See the POSIX [`fchown(2)`](http://man7.org/linux/man-pages/man2/fchown.2.html) documentation for more detail.

Forces all currently queued I/O operations associated with the file to the operating system's synchronized I/O completion state. Refer to the POSIX [`fdatasync(2)`](http://man7.org/linux/man-pages/man2/fdatasync.2.html) documentation for details. No arguments other than a possible exception are given to the completion callback.

Forces all currently queued I/O operations associated with the file to the operating system's synchronized I/O completion state. Refer to the POSIX [`fdatasync(2)`](http://man7.org/linux/man-pages/man2/fdatasync.2.html) documentation for details. Returns `undefined`.

Invokes the callback with the `fs.Stats` for the file descriptor. See the POSIX [`fstat(2)`](http://man7.org/linux/man-pages/man2/fstat.2.html) documentation for more detail.

Retrieves the `fs.Stats` for the file descriptor. See the POSIX [`fstat(2)`](http://man7.org/linux/man-pages/man2/fstat.2.html) documentation for more detail.

Request that all data for the open file descriptor is flushed to the storage device. The specific implementation is operating system and device specific. Refer to the POSIX [`fsync(2)`](http://man7.org/linux/man-pages/man2/fsync.2.html) documentation for more detail. No arguments other than a possible exception are given to the completion callback.

Request that all data for the open file descriptor is flushed to the storage device. The specific implementation is operating system and device specific. Refer to the POSIX [`fsync(2)`](http://man7.org/linux/man-pages/man2/fsync.2.html) documentation for more detail. Returns `undefined`.

Truncates the file descriptor. No arguments other than a possible exception are given to the completion callback. See the POSIX [`ftruncate(2)`](http://man7.org/linux/man-pages/man2/ftruncate.2.html) documentation for more detail. If the file referred to by the file descriptor was larger than `len` bytes, only the first `len` bytes will be retained in the file. For example, the following program retains only the first four bytes of the file: ```js import { open, close, ftruncate } from 'node:fs'; function closeFd(fd) { close(fd, (err) => { if (err) throw err; }); } open('temp.txt', 'r+', (err, fd) => { if (err) throw err; try { ftruncate(fd, 4, (err) => { closeFd(fd); if (err) throw err; }); } catch (err) { closeFd(fd); if (err) throw err; } }); ``` If the file previously was shorter than `len` bytes, it is extended, and the extended part is filled with null bytes (`'\0'`): If `len` is negative then `0` will be used.

Truncates the file descriptor. Returns `undefined`. For detailed information, see the documentation of the asynchronous version of this API: [ftruncate](././node__fs.d.ts/~/ftruncate).

Change the file system timestamps of the object referenced by the supplied file descriptor. See [utimes](././node__fs.d.ts/~/utimes).

Synchronous version of [futimes](././node__fs.d.ts/~/futimes). Returns `undefined`.

Retrieves the files matching the specified pattern.

Retrieves the files matching the specified pattern.

Set the owner of the symbolic link. No arguments other than a possible exception are given to the completion callback. See the POSIX [`lchown(2)`](http://man7.org/linux/man-pages/man2/lchown.2.html) documentation for more detail.

Set the owner for the path. Returns `undefined`. See the POSIX [`lchown(2)`](http://man7.org/linux/man-pages/man2/lchown.2.html) documentation for more details.

Creates a new link from the `existingPath` to the `newPath`. See the POSIX [`link(2)`](http://man7.org/linux/man-pages/man2/link.2.html) documentation for more detail. No arguments other than a possible exception are given to the completion callback.

Creates a new link from the `existingPath` to the `newPath`. See the POSIX [`link(2)`](http://man7.org/linux/man-pages/man2/link.2.html) documentation for more detail. Returns `undefined`.

Retrieves the `fs.Stats` for the symbolic link referred to by the path. The callback gets two arguments `(err, stats)` where `stats` is a `fs.Stats` object. `lstat()` is identical to `stat()`, except that if `path` is a symbolic link, then the link itself is stat-ed, not the file that it refers to. See the POSIX [`lstat(2)`](http://man7.org/linux/man-pages/man2/lstat.2.html) documentation for more details.

Synchronous lstat(2) - Get file status. Does not dereference symbolic links.

Changes the access and modification times of a file in the same way as [utimes](././node__fs.d.ts/~/utimes), with the difference that if the path refers to a symbolic link, then the link is not dereferenced: instead, the timestamps of the symbolic link itself are changed. No arguments other than a possible exception are given to the completion callback.

Change the file system timestamps of the symbolic link referenced by `path`. Returns `undefined`, or throws an exception when parameters are incorrect or the operation fails. This is the synchronous version of [lutimes](././node__fs.d.ts/~/lutimes).

Asynchronously creates a directory. The callback is given a possible exception and, if `recursive` is `true`, the first directory path created, `(err[, path])`.`path` can still be `undefined` when `recursive` is `true`, if no directory was created (for instance, if it was previously created). The optional `options` argument can be an integer specifying `mode` (permission and sticky bits), or an object with a `mode` property and a `recursive` property indicating whether parent directories should be created. Calling `fs.mkdir()` when `path` is a directory that exists results in an error only when `recursive` is false. If `recursive` is false and the directory exists, an `EEXIST` error occurs. ```js import { mkdir } from 'node:fs'; // Create ./tmp/a/apple, regardless of whether ./tmp and ./tmp/a exist. mkdir('./tmp/a/apple', { recursive: true }, (err) => { if (err) throw err; }); ``` On Windows, using `fs.mkdir()` on the root directory even with recursion will result in an error: ```js import { mkdir } from 'node:fs'; mkdir('/', { recursive: true }, (err) => { // => [Error: EPERM: operation not permitted, mkdir 'C:\'] }); ``` See the POSIX [`mkdir(2)`](http://man7.org/linux/man-pages/man2/mkdir.2.html) documentation for more details.

Synchronously creates a directory. Returns `undefined`, or if `recursive` is `true`, the first directory path created. This is the synchronous version of [mkdir](././node__fs.d.ts/~/mkdir). See the POSIX [`mkdir(2)`](http://man7.org/linux/man-pages/man2/mkdir.2.html) documentation for more details.

Creates a unique temporary directory. Generates six random characters to be appended behind a required `prefix` to create a unique temporary directory. Due to platform inconsistencies, avoid trailing `X` characters in `prefix`. Some platforms, notably the BSDs, can return more than six random characters, and replace trailing `X` characters in `prefix` with random characters. The created directory path is passed as a string to the callback's second parameter. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use. ```js import { mkdtemp } from 'node:fs'; import { join } from 'node:path'; import { tmpdir } from 'node:os'; mkdtemp(join(tmpdir(), 'foo-'), (err, directory) => { if (err) throw err; console.log(directory); // Prints: /tmp/foo-itXde2 or C:\Users\...\AppData\Local\Temp\foo-itXde2 }); ``` The `fs.mkdtemp()` method will append the six randomly selected characters directly to the `prefix` string. For instance, given a directory `/tmp`, if the intention is to create a temporary directory _within_`/tmp`, the `prefix`must end with a trailing platform-specific path separator (`import { sep } from 'node:path'`). ```js import { tmpdir } from 'node:os'; import { mkdtemp } from 'node:fs'; // The parent directory for the new temporary directory const tmpDir = tmpdir(); // This method is *INCORRECT*: mkdtemp(tmpDir, (err, directory) => { if (err) throw err; console.log(directory); // Will print something similar to `/tmpabc123`. // A new temporary directory is created at the file system root // rather than *within* the /tmp directory. }); // This method is *CORRECT*: import { sep } from 'node:path'; mkdtemp(`${tmpDir}${sep}`, (err, directory) => { if (err) throw err; console.log(directory); // Will print something similar to `/tmp/abc123`. // A new temporary directory is created within // the /tmp directory. }); ```

Returns the created directory path. For detailed information, see the documentation of the asynchronous version of this API: [mkdtemp](././node__fs.d.ts/~/mkdtemp). The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use.

Asynchronous file open. See the POSIX [`open(2)`](http://man7.org/linux/man-pages/man2/open.2.html) documentation for more details. `mode` sets the file mode (permission and sticky bits), but only if the file was created. On Windows, only the write permission can be manipulated; see [chmod](././node__fs.d.ts/~/chmod). The callback gets two arguments `(err, fd)`. Some characters (`< > : " / \ | ? *`) are reserved under Windows as documented by [Naming Files, Paths, and Namespaces](https://docs.microsoft.com/en-us/windows/desktop/FileIO/naming-a-file). Under NTFS, if the filename contains a colon, Node.js will open a file system stream, as described by [this MSDN page](https://docs.microsoft.com/en-us/windows/desktop/FileIO/using-streams). Functions based on `fs.open()` exhibit this behavior as well:`fs.writeFile()`, `fs.readFile()`, etc.

Returns a `Blob` whose data is backed by the given file. The file must not be modified after the `Blob` is created. Any modifications will cause reading the `Blob` data to fail with a `DOMException` error. Synchronous stat operations on the file when the `Blob` is created, and before each read in order to detect whether the file data has been modified on disk. ```js import { openAsBlob } from 'node:fs'; const blob = await openAsBlob('the.file.txt'); const ab = await blob.arrayBuffer(); blob.stream(); ```

Asynchronously open a directory. See the POSIX [`opendir(3)`](http://man7.org/linux/man-pages/man3/opendir.3.html) documentation for more details. Creates an `fs.Dir`, which contains all further functions for reading from and cleaning up the directory. The `encoding` option sets the encoding for the `path` while opening the directory and subsequent read operations.

Synchronously open a directory. See [`opendir(3)`](http://man7.org/linux/man-pages/man3/opendir.3.html). Creates an `fs.Dir`, which contains all further functions for reading from and cleaning up the directory. The `encoding` option sets the encoding for the `path` while opening the directory and subsequent read operations.

Returns an integer representing the file descriptor. For detailed information, see the documentation of the asynchronous version of this API: [open](././node__fs.d.ts/~/open).

Valid types for path values in "fs".

The `fs/promises` API provides asynchronous file system methods that return promises. The promise APIs use the underlying Node.js threadpool to perform file system operations off the event loop thread. These operations are not synchronized or threadsafe. Care must be taken when performing multiple concurrent modifications on the same file or data corruption may occur.

Tests a user's permissions for the file or directory specified by `path`. The `mode` argument is an optional integer that specifies the accessibility checks to be performed. `mode` should be either the value `fs.constants.F_OK` or a mask consisting of the bitwise OR of any of `fs.constants.R_OK`, `fs.constants.W_OK`, and `fs.constants.X_OK` (e.g.`fs.constants.W_OK | fs.constants.R_OK`). Check `File access constants` for possible values of `mode`. If the accessibility check is successful, the promise is fulfilled with no value. If any of the accessibility checks fail, the promise is rejected with an [Error](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Error) object. The following example checks if the file`/etc/passwd` can be read and written by the current process. ```js import { access, constants } from 'node:fs/promises'; try { await access('/etc/passwd', constants.R_OK | constants.W_OK); console.log('can access'); } catch { console.error('cannot access'); } ``` Using `fsPromises.access()` to check for the accessibility of a file before calling `fsPromises.open()` is not recommended. Doing so introduces a race condition, since other processes may change the file's state between the two calls. Instead, user code should open/read/write the file directly and handle the error raised if the file is not accessible.

Asynchronously append data to a file, creating the file if it does not yet exist. `data` can be a string or a `Buffer`. If `options` is a string, then it specifies the `encoding`. The `mode` option only affects the newly created file. See `fs.open()` for more details. The `path` may be specified as a `FileHandle` that has been opened for appending (using `fsPromises.open()`).

Changes the permissions of a file.

Changes the ownership of a file.

Asynchronously copies `src` to `dest`. By default, `dest` is overwritten if it already exists. No guarantees are made about the atomicity of the copy operation. If an error occurs after the destination file has been opened for writing, an attempt will be made to remove the destination. ```js import { copyFile, constants } from 'node:fs/promises'; try { await copyFile('source.txt', 'destination.txt'); console.log('source.txt was copied to destination.txt'); } catch { console.error('The file could not be copied'); } // By using COPYFILE_EXCL, the operation will fail if destination.txt exists. try { await copyFile('source.txt', 'destination.txt', constants.COPYFILE_EXCL); console.log('source.txt was copied to destination.txt'); } catch { console.error('The file could not be copied'); } ```

Asynchronously copies the entire directory structure from `src` to `dest`, including subdirectories and files. When copying a directory to another directory, globs are not supported and behavior is similar to `cp dir1/ dir2/`.

Retrieves the files matching the specified pattern.

Changes the ownership on a symbolic link.

Creates a new link from the `existingPath` to the `newPath`. See the POSIX [`link(2)`](http://man7.org/linux/man-pages/man2/link.2.html) documentation for more detail.

Equivalent to `fsPromises.stat()` unless `path` refers to a symbolic link, in which case the link itself is stat-ed, not the file that it refers to. Refer to the POSIX [`lstat(2)`](http://man7.org/linux/man-pages/man2/lstat.2.html) document for more detail.

Changes the access and modification times of a file in the same way as `fsPromises.utimes()`, with the difference that if the path refers to a symbolic link, then the link is not dereferenced: instead, the timestamps of the symbolic link itself are changed.

Asynchronously creates a directory. The optional `options` argument can be an integer specifying `mode` (permission and sticky bits), or an object with a `mode` property and a `recursive` property indicating whether parent directories should be created. Calling `fsPromises.mkdir()` when `path` is a directory that exists results in a rejection only when `recursive` is false. ```js import { mkdir } from 'node:fs/promises'; try { const projectFolder = new URL('./test/project/', import.meta.url); const createDir = await mkdir(projectFolder, { recursive: true }); console.log(`created ${createDir}`); } catch (err) { console.error(err.message); } ```

Creates a unique temporary directory. A unique directory name is generated by appending six random characters to the end of the provided `prefix`. Due to platform inconsistencies, avoid trailing `X` characters in `prefix`. Some platforms, notably the BSDs, can return more than six random characters, and replace trailing `X` characters in `prefix` with random characters. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use. ```js import { mkdtemp } from 'node:fs/promises'; import { join } from 'node:path'; import { tmpdir } from 'node:os'; try { await mkdtemp(join(tmpdir(), 'foo-')); } catch (err) { console.error(err); } ``` The `fsPromises.mkdtemp()` method will append the six randomly selected characters directly to the `prefix` string. For instance, given a directory `/tmp`, if the intention is to create a temporary directory _within_ `/tmp`, the `prefix` must end with a trailing platform-specific path separator (`import { sep } from 'node:path'`).

Opens a `FileHandle`. Refer to the POSIX [`open(2)`](http://man7.org/linux/man-pages/man2/open.2.html) documentation for more detail. Some characters (`< > : " / \ | ? *`) are reserved under Windows as documented by [Naming Files, Paths, and Namespaces](https://docs.microsoft.com/en-us/windows/desktop/FileIO/naming-a-file). Under NTFS, if the filename contains a colon, Node.js will open a file system stream, as described by [this MSDN page](https://docs.microsoft.com/en-us/windows/desktop/FileIO/using-streams).

Asynchronously open a directory for iterative scanning. See the POSIX [`opendir(3)`](http://man7.org/linux/man-pages/man3/opendir.3.html) documentation for more detail. Creates an `fs.Dir`, which contains all further functions for reading from and cleaning up the directory. The `encoding` option sets the encoding for the `path` while opening the directory and subsequent read operations. Example using async iteration: ```js import { opendir } from 'node:fs/promises'; try { const dir = await opendir('./'); for await (const dirent of dir) console.log(dirent.name); } catch (err) { console.error(err); } ``` When using the async iterator, the `fs.Dir` object will be automatically closed after the iterator exits.

Reads the contents of a directory. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the filenames. If the `encoding` is set to `'buffer'`, the filenames returned will be passed as `Buffer` objects. If `options.withFileTypes` is set to `true`, the returned array will contain `fs.Dirent` objects. ```js import { readdir } from 'node:fs/promises'; try { const files = await readdir(path); for (const file of files) console.log(file); } catch (err) { console.error(err); } ```

Asynchronously reads the entire contents of a file. If no encoding is specified (using `options.encoding`), the data is returned as a `Buffer` object. Otherwise, the data will be a string. If `options` is a string, then it specifies the encoding. When the `path` is a directory, the behavior of `fsPromises.readFile()` is platform-specific. On macOS, Linux, and Windows, the promise will be rejected with an error. On FreeBSD, a representation of the directory's contents will be returned. An example of reading a `package.json` file located in the same directory of the running code: ```js import { readFile } from 'node:fs/promises'; try { const filePath = new URL('./package.json', import.meta.url); const contents = await readFile(filePath, { encoding: 'utf8' }); console.log(contents); } catch (err) { console.error(err.message); } ``` It is possible to abort an ongoing `readFile` using an `AbortSignal`. If a request is aborted the promise returned is rejected with an `AbortError`: ```js import { readFile } from 'node:fs/promises'; try { const controller = new AbortController(); const { signal } = controller; const promise = readFile(fileName, { signal }); // Abort the request before the promise settles. controller.abort(); await promise; } catch (err) { // When a request is aborted - err is an AbortError console.error(err); } ``` Aborting an ongoing request does not abort individual operating system requests but rather the internal buffering `fs.readFile` performs. Any specified `FileHandle` has to support reading.

Reads the contents of the symbolic link referred to by `path`. See the POSIX [`readlink(2)`](http://man7.org/linux/man-pages/man2/readlink.2.html) documentation for more detail. The promise is fulfilled with the`linkString` upon success. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the link path returned. If the `encoding` is set to `'buffer'`, the link path returned will be passed as a `Buffer` object.

Determines the actual location of `path` using the same semantics as the `fs.realpath.native()` function. Only paths that can be converted to UTF8 strings are supported. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the path. If the `encoding` is set to `'buffer'`, the path returned will be passed as a `Buffer` object. On Linux, when Node.js is linked against musl libc, the procfs file system must be mounted on `/proc` in order for this function to work. Glibc does not have this restriction.

Renames `oldPath` to `newPath`.

Removes files and directories (modeled on the standard POSIX `rm` utility).

Removes the directory identified by `path`. Using `fsPromises.rmdir()` on a file (not a directory) results in the promise being rejected with an `ENOENT` error on Windows and an `ENOTDIR` error on POSIX. To get a behavior similar to the `rm -rf` Unix command, use `fsPromises.rm()` with options `{ recursive: true, force: true }`.

Creates a symbolic link. The `type` argument is only used on Windows platforms and can be one of `'dir'`, `'file'`, or `'junction'`. If the `type` argument is not a string, Node.js will autodetect `target` type and use `'file'` or `'dir'`. If the `target` does not exist, `'file'` will be used. Windows junction points require the destination path to be absolute. When using `'junction'`, the `target` argument will automatically be normalized to absolute path. Junction points on NTFS volumes can only point to directories.

Truncates (shortens or extends the length) of the content at `path` to `len` bytes.

If `path` refers to a symbolic link, then the link is removed without affecting the file or directory to which that link refers. If the `path` refers to a file path that is not a symbolic link, the file is deleted. See the POSIX [`unlink(2)`](http://man7.org/linux/man-pages/man2/unlink.2.html) documentation for more detail.

Change the file system timestamps of the object referenced by `path`. The `atime` and `mtime` arguments follow these rules: * Values can be either numbers representing Unix epoch time, `Date`s, or a numeric string like `'123456789.0'`. * If the value can not be converted to a number, or is `NaN`, `Infinity`, or `-Infinity`, an `Error` will be thrown.

Returns an async iterator that watches for changes on `filename`, where `filename`is either a file or a directory. ```js import { watch } from 'node:fs/promises'; const ac = new AbortController(); const { signal } = ac; setTimeout(() => ac.abort(), 10000); (async () => { try { const watcher = watch(__filename, { signal }); for await (const event of watcher) console.log(event); } catch (err) { if (err.name === 'AbortError') return; throw err; } })(); ``` On most platforms, `'rename'` is emitted whenever a filename appears or disappears in the directory. All the `caveats` for `fs.watch()` also apply to `fsPromises.watch()`.

Asynchronously writes data to a file, replacing the file if it already exists. `data` can be a string, a buffer, an [AsyncIterable](https://tc39.github.io/ecma262/#sec-asynciterable-interface), or an [Iterable](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols#The_iterable_protocol) object. The `encoding` option is ignored if `data` is a buffer. If `options` is a string, then it specifies the encoding. The `mode` option only affects the newly created file. See `fs.open()` for more details. Any specified `FileHandle` has to support writing. It is unsafe to use `fsPromises.writeFile()` multiple times on the same file without waiting for the promise to be settled. Similarly to `fsPromises.readFile` \- `fsPromises.writeFile` is a convenience method that performs multiple `write` calls internally to write the buffer passed to it. For performance sensitive code consider using `fs.createWriteStream()` or `filehandle.createWriteStream()`. It is possible to use an `AbortSignal` to cancel an `fsPromises.writeFile()`. Cancelation is "best effort", and some amount of data is likely still to be written. ```js import { writeFile } from 'node:fs/promises'; import { Buffer } from 'node:buffer'; try { const controller = new AbortController(); const { signal } = controller; const data = new Uint8Array(Buffer.from('Hello Node.js')); const promise = writeFile('message.txt', data, { signal }); // Abort the request before the promise settles. controller.abort(); await promise; } catch (err) { // When a request is aborted - err is an AbortError console.error(err); } ``` Aborting an ongoing request does not abort individual operating system requests but rather the internal buffering `fs.writeFile` performs.

Read data from the file specified by `fd`. The callback is given the three arguments, `(err, bytesRead, buffer)`. If the file is not modified concurrently, the end-of-file is reached when the number of bytes read is zero. If this method is invoked as its `util.promisify()` ed version, it returns a promise for an `Object` with `bytesRead` and `buffer` properties.

Reads the contents of a directory. The callback gets two arguments `(err, files)` where `files` is an array of the names of the files in the directory excluding `'.'` and `'..'`. See the POSIX [`readdir(3)`](http://man7.org/linux/man-pages/man3/readdir.3.html) documentation for more details. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the filenames passed to the callback. If the `encoding` is set to `'buffer'`, the filenames returned will be passed as `Buffer` objects. If `options.withFileTypes` is set to `true`, the `files` array will contain `fs.Dirent` objects.

Reads the contents of the directory. See the POSIX [`readdir(3)`](http://man7.org/linux/man-pages/man3/readdir.3.html) documentation for more details. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the filenames returned. If the `encoding` is set to `'buffer'`, the filenames returned will be passed as `Buffer` objects. If `options.withFileTypes` is set to `true`, the result will contain `fs.Dirent` objects.

Asynchronously reads the entire contents of a file. ```js import { readFile } from 'node:fs'; readFile('/etc/passwd', (err, data) => { if (err) throw err; console.log(data); }); ``` The callback is passed two arguments `(err, data)`, where `data` is the contents of the file. If no encoding is specified, then the raw buffer is returned. If `options` is a string, then it specifies the encoding: ```js import { readFile } from 'node:fs'; readFile('/etc/passwd', 'utf8', callback); ``` When the path is a directory, the behavior of `fs.readFile()` and [readFileSync](././node__fs.d.ts/~/readFileSync) is platform-specific. On macOS, Linux, and Windows, an error will be returned. On FreeBSD, a representation of the directory's contents will be returned. ```js import { readFile } from 'node:fs'; // macOS, Linux, and Windows readFile('', (err, data) => { // => [Error: EISDIR: illegal operation on a directory, read ] }); // FreeBSD readFile('', (err, data) => { // => null, }); ``` It is possible to abort an ongoing request using an `AbortSignal`. If a request is aborted the callback is called with an `AbortError`: ```js import { readFile } from 'node:fs'; const controller = new AbortController(); const signal = controller.signal; readFile(fileInfo[0].name, { signal }, (err, buf) => { // ... }); // When you want to abort the request controller.abort(); ``` The `fs.readFile()` function buffers the entire file. To minimize memory costs, when possible prefer streaming via `fs.createReadStream()`. Aborting an ongoing request does not abort individual operating system requests but rather the internal buffering `fs.readFile` performs.

Returns the contents of the `path`. For detailed information, see the documentation of the asynchronous version of this API: [readFile](././node__fs.d.ts/~/readFile). If the `encoding` option is specified then this function returns a string. Otherwise it returns a buffer. Similar to [readFile](././node__fs.d.ts/~/readFile), when the path is a directory, the behavior of `fs.readFileSync()` is platform-specific. ```js import { readFileSync } from 'node:fs'; // macOS, Linux, and Windows readFileSync(''); // => [Error: EISDIR: illegal operation on a directory, read ] // FreeBSD readFileSync(''); // => ```

Reads the contents of the symbolic link referred to by `path`. The callback gets two arguments `(err, linkString)`. See the POSIX [`readlink(2)`](http://man7.org/linux/man-pages/man2/readlink.2.html) documentation for more details. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the link path passed to the callback. If the `encoding` is set to `'buffer'`, the link path returned will be passed as a `Buffer` object.

Returns the symbolic link's string value. See the POSIX [`readlink(2)`](http://man7.org/linux/man-pages/man2/readlink.2.html) documentation for more details. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the link path returned. If the `encoding` is set to `'buffer'`, the link path returned will be passed as a `Buffer` object.

Instances of `fs.ReadStream` are created and returned using the [createReadStream](././node__fs.d.ts/~/createReadStream) function.

Returns the number of `bytesRead`. For detailed information, see the documentation of the asynchronous version of this API: [read](././node__fs.d.ts/~/read).

Read from a file specified by `fd` and write to an array of `ArrayBufferView`s using `readv()`. `position` is the offset from the beginning of the file from where data should be read. If `typeof position !== 'number'`, the data will be read from the current position. The callback will be given three arguments: `err`, `bytesRead`, and `buffers`. `bytesRead` is how many bytes were read from the file. If this method is invoked as its `util.promisify()` ed version, it returns a promise for an `Object` with `bytesRead` and `buffers` properties.

For detailed information, see the documentation of the asynchronous version of this API: [readv](././node__fs.d.ts/~/readv).

Asynchronously computes the canonical pathname by resolving `.`, `..`, and symbolic links. A canonical pathname is not necessarily unique. Hard links and bind mounts can expose a file system entity through many pathnames. This function behaves like [`realpath(3)`](http://man7.org/linux/man-pages/man3/realpath.3.html), with some exceptions: 1. No case conversion is performed on case-insensitive file systems. 2. The maximum number of symbolic links is platform-independent and generally (much) higher than what the native [`realpath(3)`](http://man7.org/linux/man-pages/man3/realpath.3.html) implementation supports. The `callback` gets two arguments `(err, resolvedPath)`. May use `process.cwd` to resolve relative paths. Only paths that can be converted to UTF8 strings are supported. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the path passed to the callback. If the `encoding` is set to `'buffer'`, the path returned will be passed as a `Buffer` object. If `path` resolves to a socket or a pipe, the function will return a system dependent name for that object.

Asynchronous [`realpath(3)`](http://man7.org/linux/man-pages/man3/realpath.3.html). The `callback` gets two arguments `(err, resolvedPath)`. Only paths that can be converted to UTF8 strings are supported. The optional `options` argument can be a string specifying an encoding, or an object with an `encoding` property specifying the character encoding to use for the path passed to the callback. If the `encoding` is set to `'buffer'`, the path returned will be passed as a `Buffer` object. On Linux, when Node.js is linked against musl libc, the procfs file system must be mounted on `/proc` in order for this function to work. Glibc does not have this restriction.

Returns the resolved pathname. For detailed information, see the documentation of the asynchronous version of this API: [realpath](././node__fs.d.ts/~/realpath).

Asynchronously rename file at `oldPath` to the pathname provided as `newPath`. In the case that `newPath` already exists, it will be overwritten. If there is a directory at `newPath`, an error will be raised instead. No arguments other than a possible exception are given to the completion callback. See also: [`rename(2)`](http://man7.org/linux/man-pages/man2/rename.2.html). ```js import { rename } from 'node:fs'; rename('oldFile.txt', 'newFile.txt', (err) => { if (err) throw err; console.log('Rename complete!'); }); ```

Renames the file from `oldPath` to `newPath`. Returns `undefined`. See the POSIX [`rename(2)`](http://man7.org/linux/man-pages/man2/rename.2.html) documentation for more details.

Asynchronously removes files and directories (modeled on the standard POSIX `rm` utility). No arguments other than a possible exception are given to the completion callback.

Asynchronous [`rmdir(2)`](http://man7.org/linux/man-pages/man2/rmdir.2.html). No arguments other than a possible exception are given to the completion callback. Using `fs.rmdir()` on a file (not a directory) results in an `ENOENT` error on Windows and an `ENOTDIR` error on POSIX. To get a behavior similar to the `rm -rf` Unix command, use [rm](././node__fs.d.ts/~/rm) with options `{ recursive: true, force: true }`.

Synchronous [`rmdir(2)`](http://man7.org/linux/man-pages/man2/rmdir.2.html). Returns `undefined`. Using `fs.rmdirSync()` on a file (not a directory) results in an `ENOENT` error on Windows and an `ENOTDIR` error on POSIX. To get a behavior similar to the `rm -rf` Unix command, use [rmSync](././node__fs.d.ts/~/rmSync) with options `{ recursive: true, force: true }`.

Synchronously removes files and directories (modeled on the standard POSIX `rm` utility). Returns `undefined`.

Asynchronous [`stat(2)`](http://man7.org/linux/man-pages/man2/stat.2.html). The callback gets two arguments `(err, stats)` where`stats` is an `fs.Stats` object. In case of an error, the `err.code` will be one of `Common System Errors`. [stat](././node__fs.d.ts/~/stat) follows symbolic links. Use [lstat](././node__fs.d.ts/~/lstat) to look at the links themselves. Using `fs.stat()` to check for the existence of a file before calling`fs.open()`, `fs.readFile()`, or `fs.writeFile()` is not recommended. Instead, user code should open/read/write the file directly and handle the error raised if the file is not available. To check if a file exists without manipulating it afterwards, [access](././node__fs.d.ts/~/access) is recommended. For example, given the following directory structure: ```text - txtDir -- file.txt - app.js ``` The next program will check for the stats of the given paths: ```js import { stat } from 'node:fs'; const pathsToCheck = ['./txtDir', './txtDir/file.txt']; for (let i = 0; i < pathsToCheck.length; i++) { stat(pathsToCheck[i], (err, stats) => { console.log(stats.isDirectory()); console.log(stats); }); } ``` The resulting output will resemble: ```console true Stats { dev: 16777220, mode: 16877, nlink: 3, uid: 501, gid: 20, rdev: 0, blksize: 4096, ino: 14214262, size: 96, blocks: 0, atimeMs: 1561174653071.963, mtimeMs: 1561174614583.3518, ctimeMs: 1561174626623.5366, birthtimeMs: 1561174126937.2893, atime: 2019-06-22T03:37:33.072Z, mtime: 2019-06-22T03:36:54.583Z, ctime: 2019-06-22T03:37:06.624Z, birthtime: 2019-06-22T03:28:46.937Z } false Stats { dev: 16777220, mode: 33188, nlink: 1, uid: 501, gid: 20, rdev: 0, blksize: 4096, ino: 14214074, size: 8, blocks: 8, atimeMs: 1561174616618.8555, mtimeMs: 1561174614584, ctimeMs: 1561174614583.8145, birthtimeMs: 1561174007710.7478, atime: 2019-06-22T03:36:56.619Z, mtime: 2019-06-22T03:36:54.584Z, ctime: 2019-06-22T03:36:54.584Z, birthtime: 2019-06-22T03:26:47.711Z } ```

Asynchronous [`statfs(2)`](http://man7.org/linux/man-pages/man2/statfs.2.html). Returns information about the mounted file system which contains `path`. The callback gets two arguments `(err, stats)` where `stats`is an `fs.StatFs` object. In case of an error, the `err.code` will be one of `Common System Errors`.

Synchronous [`statfs(2)`](http://man7.org/linux/man-pages/man2/statfs.2.html). Returns information about the mounted file system which contains `path`. In case of an error, the `err.code` will be one of `Common System Errors`.

A `fs.Stats` object provides information about a file. Objects returned from [stat](././node__fs.d.ts/~/stat), [lstat](././node__fs.d.ts/~/lstat), [fstat](././node__fs.d.ts/~/fstat), and their synchronous counterparts are of this type. If `bigint` in the `options` passed to those methods is true, the numeric values will be `bigint` instead of `number`, and the object will contain additional nanosecond-precision properties suffixed with `Ns`. `Stat` objects are not to be created directly using the `new` keyword. ```console Stats { dev: 2114, ino: 48064969, mode: 33188, nlink: 1, uid: 85, gid: 100, rdev: 0, size: 527, blksize: 4096, blocks: 8, atimeMs: 1318289051000.1, mtimeMs: 1318289051000.1, ctimeMs: 1318289051000.1, birthtimeMs: 1318289051000.1, atime: Mon, 10 Oct 2011 23:24:11 GMT, mtime: Mon, 10 Oct 2011 23:24:11 GMT, ctime: Mon, 10 Oct 2011 23:24:11 GMT, birthtime: Mon, 10 Oct 2011 23:24:11 GMT } ``` `bigint` version: ```console BigIntStats { dev: 2114n, ino: 48064969n, mode: 33188n, nlink: 1n, uid: 85n, gid: 100n, rdev: 0n, size: 527n, blksize: 4096n, blocks: 8n, atimeMs: 1318289051000n, mtimeMs: 1318289051000n, ctimeMs: 1318289051000n, birthtimeMs: 1318289051000n, atimeNs: 1318289051000000000n, mtimeNs: 1318289051000000000n, ctimeNs: 1318289051000000000n, birthtimeNs: 1318289051000000000n, atime: Mon, 10 Oct 2011 23:24:11 GMT, mtime: Mon, 10 Oct 2011 23:24:11 GMT, ctime: Mon, 10 Oct 2011 23:24:11 GMT, birthtime: Mon, 10 Oct 2011 23:24:11 GMT } ```

Provides information about a mounted file system. Objects returned from [statfs](././node__fs.d.ts/~/statfs) and its synchronous counterpart are of this type. If `bigint` in the `options` passed to those methods is `true`, the numeric values will be `bigint` instead of `number`. ```console StatFs { type: 1397114950, bsize: 4096, blocks: 121938943, bfree: 61058895, bavail: 61058895, files: 999, ffree: 1000000 } ``` `bigint` version: ```console StatFs { type: 1397114950n, bsize: 4096n, blocks: 121938943n, bfree: 61058895n, bavail: 61058895n, files: 999n, ffree: 1000000n } ```

Synchronous stat(2) - Get file status.

Class: fs.StatWatcher

Creates the link called `path` pointing to `target`. No arguments other than a possible exception are given to the completion callback. See the POSIX [`symlink(2)`](http://man7.org/linux/man-pages/man2/symlink.2.html) documentation for more details. The `type` argument is only available on Windows and ignored on other platforms. It can be set to `'dir'`, `'file'`, or `'junction'`. If the `type` argument is not a string, Node.js will autodetect `target` type and use `'file'` or `'dir'`. If the `target` does not exist, `'file'` will be used. Windows junction points require the destination path to be absolute. When using `'junction'`, the`target` argument will automatically be normalized to absolute path. Junction points on NTFS volumes can only point to directories. Relative targets are relative to the link's parent directory. ```js import { symlink } from 'node:fs'; symlink('./mew', './mewtwo', callback); ``` The above example creates a symbolic link `mewtwo` which points to `mew` in the same directory: ```bash $ tree . . ├── mew └── mewtwo -> ./mew ```

Returns `undefined`. For detailed information, see the documentation of the asynchronous version of this API: [symlink](././node__fs.d.ts/~/symlink).

Truncates the file. No arguments other than a possible exception are given to the completion callback. A file descriptor can also be passed as the first argument. In this case, `fs.ftruncate()` is called. ```js import { truncate } from 'node:fs'; // Assuming that 'path/file.txt' is a regular file. truncate('path/file.txt', (err) => { if (err) throw err; console.log('path/file.txt was truncated'); }); ``` Passing a file descriptor is deprecated and may result in an error being thrown in the future. See the POSIX [`truncate(2)`](http://man7.org/linux/man-pages/man2/truncate.2.html) documentation for more details.

Truncates the file. Returns `undefined`. A file descriptor can also be passed as the first argument. In this case, `fs.ftruncateSync()` is called. Passing a file descriptor is deprecated and may result in an error being thrown in the future.

Asynchronously removes a file or symbolic link. No arguments other than a possible exception are given to the completion callback. ```js import { unlink } from 'node:fs'; // Assuming that 'path/file.txt' is a regular file. unlink('path/file.txt', (err) => { if (err) throw err; console.log('path/file.txt was deleted'); }); ``` `fs.unlink()` will not work on a directory, empty or otherwise. To remove a directory, use [rmdir](././node__fs.d.ts/~/rmdir). See the POSIX [`unlink(2)`](http://man7.org/linux/man-pages/man2/unlink.2.html) documentation for more details.

Synchronous [`unlink(2)`](http://man7.org/linux/man-pages/man2/unlink.2.html). Returns `undefined`.

Stop watching for changes on `filename`. If `listener` is specified, only that particular listener is removed. Otherwise, _all_ listeners are removed, effectively stopping watching of `filename`. Calling `fs.unwatchFile()` with a filename that is not being watched is a no-op, not an error. Using [watch](././node__fs.d.ts/~/watch) is more efficient than `fs.watchFile()` and `fs.unwatchFile()`. `fs.watch()` should be used instead of `fs.watchFile()` and `fs.unwatchFile()` when possible.

Change the file system timestamps of the object referenced by `path`. The `atime` and `mtime` arguments follow these rules: * Values can be either numbers representing Unix epoch time in seconds, `Date`s, or a numeric string like `'123456789.0'`. * If the value can not be converted to a number, or is `NaN`, `Infinity`, or `-Infinity`, an `Error` will be thrown.

Returns `undefined`. For detailed information, see the documentation of the asynchronous version of this API: [utimes](././node__fs.d.ts/~/utimes).

Watch for changes on `filename`, where `filename` is either a file or a directory. The second argument is optional. If `options` is provided as a string, it specifies the `encoding`. Otherwise `options` should be passed as an object. The listener callback gets two arguments `(eventType, filename)`. `eventType`is either `'rename'` or `'change'`, and `filename` is the name of the file which triggered the event. On most platforms, `'rename'` is emitted whenever a filename appears or disappears in the directory. The listener callback is attached to the `'change'` event fired by `fs.FSWatcher`, but it is not the same thing as the `'change'` value of `eventType`. If a `signal` is passed, aborting the corresponding AbortController will close the returned `fs.FSWatcher`.

Watch for changes on `filename`. The callback `listener` will be called each time the file is accessed. The `options` argument may be omitted. If provided, it should be an object. The `options` object may contain a boolean named `persistent` that indicates whether the process should continue to run as long as files are being watched. The `options` object may specify an `interval` property indicating how often the target should be polled in milliseconds. The `listener` gets two arguments the current stat object and the previous stat object: ```js import { watchFile } from 'node:fs'; watchFile('message.text', (curr, prev) => { console.log(`the current mtime is: ${curr.mtime}`); console.log(`the previous mtime was: ${prev.mtime}`); }); ``` These stat objects are instances of `fs.Stat`. If the `bigint` option is `true`, the numeric values in these objects are specified as `BigInt`s. To be notified when the file was modified, not just accessed, it is necessary to compare `curr.mtimeMs` and `prev.mtimeMs`. When an `fs.watchFile` operation results in an `ENOENT` error, it will invoke the listener once, with all the fields zeroed (or, for dates, the Unix Epoch). If the file is created later on, the listener will be called again, with the latest stat objects. This is a change in functionality since v0.10. Using [watch](././node__fs.d.ts/~/watch) is more efficient than `fs.watchFile` and `fs.unwatchFile`. `fs.watch` should be used instead of `fs.watchFile` and `fs.unwatchFile` when possible. When a file being watched by `fs.watchFile()` disappears and reappears, then the contents of `previous` in the second callback event (the file's reappearance) will be the same as the contents of `previous` in the first callback event (its disappearance). This happens when: * the file is deleted, followed by a restore * the file is renamed and then renamed a second time back to its original name

Watch for changes on `filename`. The callback `listener` will be called each time the file is accessed. The `options` argument may be omitted. If provided, it should be an object. The `options` object may contain a boolean named `persistent` that indicates whether the process should continue to run as long as files are being watched. The `options` object may specify an `interval` property indicating how often the target should be polled in milliseconds. The `listener` gets two arguments the current stat object and the previous stat object: ```js import { watchFile } from 'node:fs'; watchFile('message.text', (curr, prev) => { console.log(`the current mtime is: ${curr.mtime}`); console.log(`the previous mtime was: ${prev.mtime}`); }); ``` These stat objects are instances of `fs.Stat`. If the `bigint` option is `true`, the numeric values in these objects are specified as `BigInt`s. To be notified when the file was modified, not just accessed, it is necessary to compare `curr.mtimeMs` and `prev.mtimeMs`. When an `fs.watchFile` operation results in an `ENOENT` error, it will invoke the listener once, with all the fields zeroed (or, for dates, the Unix Epoch). If the file is created later on, the listener will be called again, with the latest stat objects. This is a change in functionality since v0.10. Using [watch](././node__fs.d.ts/~/watch) is more efficient than `fs.watchFile` and `fs.unwatchFile`. `fs.watch` should be used instead of `fs.watchFile` and `fs.unwatchFile` when possible. When a file being watched by `fs.watchFile()` disappears and reappears, then the contents of `previous` in the second callback event (the file's reappearance) will be the same as the contents of `previous` in the first callback event (its disappearance). This happens when: * the file is deleted, followed by a restore * the file is renamed and then renamed a second time back to its original name

Write `buffer` to the file specified by `fd`. `offset` determines the part of the buffer to be written, and `length` is an integer specifying the number of bytes to write. `position` refers to the offset from the beginning of the file where this data should be written. If `typeof position !== 'number'`, the data will be written at the current position. See [`pwrite(2)`](http://man7.org/linux/man-pages/man2/pwrite.2.html). The callback will be given three arguments `(err, bytesWritten, buffer)` where `bytesWritten` specifies how many _bytes_ were written from `buffer`. If this method is invoked as its `util.promisify()` ed version, it returns a promise for an `Object` with `bytesWritten` and `buffer` properties. It is unsafe to use `fs.write()` multiple times on the same file without waiting for the callback. For this scenario, [createWriteStream](././node__fs.d.ts/~/createWriteStream) is recommended. On Linux, positional writes don't work when the file is opened in append mode. The kernel ignores the position argument and always appends the data to the end of the file.

> [!WARNING] Deno compatibility > Missing `utf16le`, `latin1` and `ucs2` encoding. When `file` is a filename, asynchronously writes data to the file, replacing the file if it already exists. `data` can be a string or a buffer. When `file` is a file descriptor, the behavior is similar to calling `fs.write()` directly (which is recommended). See the notes below on using a file descriptor. The `encoding` option is ignored if `data` is a buffer. The `mode` option only affects the newly created file. See [open](././node__fs.d.ts/~/open) for more details. ```js import { writeFile } from 'node:fs'; import { Buffer } from 'node:buffer'; const data = new Uint8Array(Buffer.from('Hello Node.js')); writeFile('message.txt', data, (err) => { if (err) throw err; console.log('The file has been saved!'); }); ``` If `options` is a string, then it specifies the encoding: ```js import { writeFile } from 'node:fs'; writeFile('message.txt', 'Hello Node.js', 'utf8', callback); ``` It is unsafe to use `fs.writeFile()` multiple times on the same file without waiting for the callback. For this scenario, [createWriteStream](././node__fs.d.ts/~/createWriteStream) is recommended. Similarly to `fs.readFile` \- `fs.writeFile` is a convenience method that performs multiple `write` calls internally to write the buffer passed to it. For performance sensitive code consider using [createWriteStream](././node__fs.d.ts/~/createWriteStream). It is possible to use an `AbortSignal` to cancel an `fs.writeFile()`. Cancelation is "best effort", and some amount of data is likely still to be written. ```js import { writeFile } from 'node:fs'; import { Buffer } from 'node:buffer'; const controller = new AbortController(); const { signal } = controller; const data = new Uint8Array(Buffer.from('Hello Node.js')); writeFile('message.txt', data, { signal }, (err) => { // When a request is aborted - the callback is called with an AbortError }); // When the request should be aborted controller.abort(); ``` Aborting an ongoing request does not abort individual operating system requests but rather the internal buffering `fs.writeFile` performs.

> [!WARNING] Deno compatibility > Missing `utf16le`, `latin1` and `ucs2` encoding. Returns `undefined`. The `mode` option only affects the newly created file. See [open](././node__fs.d.ts/~/open) for more details. For detailed information, see the documentation of the asynchronous version of this API: [writeFile](././node__fs.d.ts/~/writeFile).

* Extends `stream.Writable` Instances of `fs.WriteStream` are created and returned using the [createWriteStream](././node__fs.d.ts/~/createWriteStream) function.

For detailed information, see the documentation of the asynchronous version of this API: [write](././node__fs.d.ts/~/write).

Write an array of `ArrayBufferView`s to the file specified by `fd` using `writev()`. `position` is the offset from the beginning of the file where this data should be written. If `typeof position !== 'number'`, the data will be written at the current position. The callback will be given three arguments: `err`, `bytesWritten`, and `buffers`. `bytesWritten` is how many bytes were written from `buffers`. If this method is `util.promisify()` ed, it returns a promise for an `Object` with `bytesWritten` and `buffers` properties. It is unsafe to use `fs.writev()` multiple times on the same file without waiting for the callback. For this scenario, use [createWriteStream](././node__fs.d.ts/~/createWriteStream). On Linux, positional writes don't work when the file is opened in append mode. The kernel ignores the position argument and always appends the data to the end of the file.

For detailed information, see the documentation of the asynchronous version of this API: [writev](././node__fs.d.ts/~/writev).

Test whether or not the given path exists by checking with the file system. Then call the `callback` argument with either true or false: ```js import { exists } from 'node:fs'; exists('/etc/passwd', (e) => { console.log(e ? 'it exists' : 'no passwd!'); }); ``` **The parameters for this callback are not consistent with other Node.js** **callbacks.** Normally, the first parameter to a Node.js callback is an `err` parameter, optionally followed by other parameters. The `fs.exists()` callback has only one boolean parameter. This is one reason `fs.access()` is recommended instead of `fs.exists()`. Using `fs.exists()` to check for the existence of a file before calling `fs.open()`, `fs.readFile()`, or `fs.writeFile()` is not recommended. Doing so introduces a race condition, since other processes may change the file's state between the two calls. Instead, user code should open/read/write the file directly and handle the error raised if the file does not exist. **write (NOT RECOMMENDED)** ```js import { exists, open, close } from 'node:fs'; exists('myfile', (e) => { if (e) { console.error('myfile already exists'); } else { open('myfile', 'wx', (err, fd) => { if (err) throw err; try { writeMyData(fd); } finally { close(fd, (err) => { if (err) throw err; }); } }); } }); ``` **write (RECOMMENDED)** ```js import { open, close } from 'node:fs'; open('myfile', 'wx', (err, fd) => { if (err) { if (err.code === 'EEXIST') { console.error('myfile already exists'); return; } throw err; } try { writeMyData(fd); } finally { close(fd, (err) => { if (err) throw err; }); } }); ``` **read (NOT RECOMMENDED)** ```js import { open, close, exists } from 'node:fs'; exists('myfile', (e) => { if (e) { open('myfile', 'r', (err, fd) => { if (err) throw err; try { readMyData(fd); } finally { close(fd, (err) => { if (err) throw err; }); } }); } else { console.error('myfile does not exist'); } }); ``` **read (RECOMMENDED)** ```js import { open, close } from 'node:fs'; open('myfile', 'r', (err, fd) => { if (err) { if (err.code === 'ENOENT') { console.error('myfile does not exist'); return; } throw err; } try { readMyData(fd); } finally { close(fd, (err) => { if (err) throw err; }); } }); ``` The "not recommended" examples above check for existence and then use the file; the "recommended" examples are better because they use the file directly and handle the error, if any. In general, check for the existence of a file only if the file won't be used directly, for example when its existence is a signal from another process.

Changes the permissions on a symbolic link. No arguments other than a possible exception are given to the completion callback. This method is only implemented on macOS. See the POSIX [`lchmod(2)`](https://www.freebsd.org/cgi/man.cgi?query=lchmod&sektion=2) documentation for more detail.

Changes the permissions on a symbolic link. Returns `undefined`. This method is only implemented on macOS. See the POSIX [`lchmod(2)`](https://www.freebsd.org/cgi/man.cgi?query=lchmod&sektion=2) documentation for more detail.

> [!WARNING] Deno compatibility > The lchmod implementation is a not implemented. Changes the permissions on a symbolic link. This method is only implemented on macOS.

An `Agent` is responsible for managing connection persistence and reuse for HTTP clients. It maintains a queue of pending requests for a given host and port, reusing a single socket connection for each until the queue is empty, at which time the socket is either destroyed or put into a pool where it is kept to be used again for requests to the same host and port. Whether it is destroyed or pooled depends on the `keepAlive` `option`. Pooled connections have TCP Keep-Alive enabled for them, but servers may still close idle connections, in which case they will be removed from the pool and a new connection will be made when a new HTTP request is made for that host and port. Servers may also refuse to allow multiple requests over the same connection, in which case the connection will have to be remade for every request and cannot be pooled. The `Agent` will still make the requests to that server, but each one will occur over a new connection. When a connection is closed by the client or the server, it is removed from the pool. Any unused sockets in the pool will be unrefed so as not to keep the Node.js process running when there are no outstanding requests. (see `socket.unref()`). It is good practice, to `destroy()` an `Agent` instance when it is no longer in use, because unused sockets consume OS resources. Sockets are removed from an agent when the socket emits either a `'close'` event or an `'agentRemove'` event. When intending to keep one HTTP request open for a long time without keeping it in the agent, something like the following may be done: ```js http.get(options, (res) => { // Do stuff }).on('socket', (socket) => { socket.emit('agentRemove'); }); ``` An agent may also be used for an individual request. By providing `{agent: false}` as an option to the `http.get()` or `http.request()` functions, a one-time use `Agent` with default options will be used for the client connection. `agent:false`: ```js http.get({ hostname: 'localhost', port: 80, path: '/', agent: false, // Create a new agent just for this one request }, (res) => { // Do stuff with response }); ``` `options` in [`socket.connect()`](https://nodejs.org/docs/latest-v22.x/api/net.html#socketconnectoptions-connectlistener) are also supported. To configure any of them, a custom [Agent](././node__http.d.ts/~/Agent) instance must be created. ```js import http from 'node:http'; const keepAliveAgent = new http.Agent({ keepAlive: true }); options.agent = keepAliveAgent; http.request(options, onResponseCallback) ```