From eb7bbce73e96a2a60cca759112a55b147264e5ff Mon Sep 17 00:00:00 2001
From: Antoine du Hamel <duhamelantoine1995@gmail.com>
Date: Fri, 20 Jun 2025 09:13:18 +0200
Subject: [PATCH 001/138] tools: disable failing coverage jobs

PR-URL: https://github.com/nodejs/node/pull/58770
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
---
 .github/workflows/coverage-linux-without-intl.yml | 3 ++-
 .github/workflows/coverage-linux.yml              | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/coverage-linux-without-intl.yml b/.github/workflows/coverage-linux-without-intl.yml
index a1f8f060ddab13..5520c7ac608b82 100644
--- a/.github/workflows/coverage-linux-without-intl.yml
+++ b/.github/workflows/coverage-linux-without-intl.yml
@@ -45,7 +45,8 @@ permissions:
 
 jobs:
   coverage-linux-without-intl:
-    if: github.event.pull_request.draft == false
+    # Disabled because "Report JS" step was crashing.
+    if: false
     runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
diff --git a/.github/workflows/coverage-linux.yml b/.github/workflows/coverage-linux.yml
index 9305d5f02cad6f..993207996b9692 100644
--- a/.github/workflows/coverage-linux.yml
+++ b/.github/workflows/coverage-linux.yml
@@ -45,7 +45,8 @@ permissions:
 
 jobs:
   coverage-linux:
-    if: github.event.pull_request.draft == false
+    # Disabled because "Report JS" step was crashing.
+    if: false
     runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2

From 8757a5532fe15a49551f601845d2f256231c5cdd Mon Sep 17 00:00:00 2001
From: Antoine du Hamel <duhamelantoine1995@gmail.com>
Date: Fri, 18 Jul 2025 17:24:41 +0200
Subject: [PATCH 002/138] doc: update release key for aduh95
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58877
Reviewed-By: LiviaMedeiros <livia@cirno.name>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Richard Lau <richard.lau@ibm.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 4475e203792140..4c8aff04743c3b 100644
--- a/README.md
+++ b/README.md
@@ -776,7 +776,7 @@ responding to new issues.
 Primary GPG keys for Node.js Releasers (some Releasers sign with subkeys):
 
 * **Antoine du Hamel** <<duhamelantoine1995@gmail.com>>
-  `C0D6248439F1D5604AAFFB4021D900FFDB233756`
+  `5BE8A3F6C8A5C01D106C0AD820B1A390B168D356`
 * **Juan José Arboleda** <<soyjuanarbol@gmail.com>>
   `DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7`
 * **Marco Ippolito** <<marcoippolito54@gmail.com>>
@@ -796,7 +796,7 @@ To import the full set of trusted release keys (including subkeys possibly used
 to sign releases):
 
 ```bash
-gpg --keyserver hkps://keys.openpgp.org --recv-keys C0D6248439F1D5604AAFFB4021D900FFDB233756 # Antoine du Hamel
+gpg --keyserver hkps://keys.openpgp.org --recv-keys 5BE8A3F6C8A5C01D106C0AD820B1A390B168D356 # Antoine du Hamel
 gpg --keyserver hkps://keys.openpgp.org --recv-keys DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 # Juan José Arboleda
 gpg --keyserver hkps://keys.openpgp.org --recv-keys CC68F5A3106FF448322E48ED27F5E38D5B0A215F # Marco Ippolito
 gpg --keyserver hkps://keys.openpgp.org --recv-keys 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 # Michaël Zasso
@@ -813,6 +813,8 @@ verify a downloaded file.
 
 <summary>Other keys used to sign some previous releases</summary>
 
+* **Antoine du Hamel** <<duhamelantoine1995@gmail.com>>
+  `C0D6248439F1D5604AAFFB4021D900FFDB233756`
 * **Beth Griggs** <<bethanyngriggs@gmail.com>>
   `4ED778F539E3634C779C87C6D7062848A1AB005C`
 * **Bryan English** <<bryan@bryanenglish.com>>

From fee082d684f2e379338b1ae5fabff503c782fa0e Mon Sep 17 00:00:00 2001
From: Fedor Indutny <238531+indutny@users.noreply.github.com>
Date: Wed, 7 May 2025 07:21:52 -0700
Subject: [PATCH 003/138] deps: update llhttp to 9.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

llhttp@9.3.0 optimizes header value parsing on ARM Neon/WASM, and adds
support for a protocol callback for use outside of the typical HTTP
setting (RTSP/ICE).

PR-URL: https://github.com/nodejs/node/pull/58144
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
---
 deps/llhttp/CMakeLists.txt                    |    7 +-
 deps/llhttp/LICENSE                           |   22 +
 deps/llhttp/README.md                         |    9 +-
 deps/llhttp/include/llhttp.h                  |   10 +-
 deps/llhttp/libllhttp.pc.in                   |    8 +-
 deps/llhttp/src/api.c                         |   45 +-
 deps/llhttp/src/llhttp.c                      | 2841 ++++++++---------
 src/node_http_parser.cc                       |    6 +
 test/parallel/test-http-client-parse-error.js |    2 +-
 9 files changed, 1459 insertions(+), 1491 deletions(-)
 create mode 100644 deps/llhttp/LICENSE

diff --git a/deps/llhttp/CMakeLists.txt b/deps/llhttp/CMakeLists.txt
index 87a66929dbe036..56f0098c2c5c49 100644
--- a/deps/llhttp/CMakeLists.txt
+++ b/deps/llhttp/CMakeLists.txt
@@ -1,7 +1,7 @@
-cmake_minimum_required(VERSION 3.5.1)
+cmake_minimum_required(VERSION 3.25.0)
 cmake_policy(SET CMP0069 NEW)
 
-project(llhttp VERSION 9.2.1)
+project(llhttp VERSION 9.3.0)
 include(GNUInstallDirs)
 
 set(CMAKE_C_STANDARD 99)
@@ -49,7 +49,7 @@ function(config_library target)
 
   target_include_directories(${target} PUBLIC
     $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
-    $<INSTALL_INTERFACE:include>
+    $<INSTALL_INTERFACE:${CMAKE_INSTALL_INCLUDEDIR}>
   )
 
   set_target_properties(${target} PROPERTIES
@@ -61,6 +61,7 @@ function(config_library target)
 
   install(TARGETS ${target}
     EXPORT llhttp
+    RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
     LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
     ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
     PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
diff --git a/deps/llhttp/LICENSE b/deps/llhttp/LICENSE
new file mode 100644
index 00000000000000..6c1512dd6bcd6d
--- /dev/null
+++ b/deps/llhttp/LICENSE
@@ -0,0 +1,22 @@
+This software is licensed under the MIT License.
+
+Copyright Fedor Indutny, 2018.
+
+Permission is hereby granted, free of charge, to any person obtaining a
+copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to permit
+persons to whom the Software is furnished to do so, subject to the
+following conditions:
+
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/deps/llhttp/README.md b/deps/llhttp/README.md
index 28653aa0358415..70af44ff0f5a16 100644
--- a/deps/llhttp/README.md
+++ b/deps/llhttp/README.md
@@ -94,7 +94,7 @@ int main() {
 	if (err == HPE_OK) {
 		fprintf(stdout, "Successfully parsed!\n");
 	} else {
-		fprintf(stderr, "Parse error: %s %s\n", llhttp_errno_name(err), parser.reason);
+		fprintf(stderr, "Parse error: %s %s\n", llhttp_errno_name(err), llhttp_get_error_reason(&parser));
 	}
 }
 ```
@@ -112,6 +112,7 @@ The following callbacks can return `0` (proceed normally), `-1` (error) or `HPE_
 * `on_message_complete`: Invoked when a request/response has been completedly parsed.
 * `on_url_complete`: Invoked after the URL has been parsed.
 * `on_method_complete`: Invoked after the HTTP method has been parsed.
+* `on_protocol_complete`: Invoked after the HTTP version has been parsed.
 * `on_version_complete`: Invoked after the HTTP version has been parsed.
 * `on_status_complete`: Invoked after the status code has been parsed.
 * `on_header_field_complete`: Invoked after a header name has been parsed.
@@ -130,6 +131,7 @@ The following callbacks can return `0` (proceed normally), `-1` (error) or `HPE_
 * `on_method`: Invoked when another character of the method is received. 
    When parser is created with `HTTP_BOTH` and the input is a response, this also invoked for the sequence `HTTP/`
    of the first message.
+* `on_protocol`: Invoked when another character of the protocol is received.
 * `on_version`: Invoked when another character of the version is received.
 * `on_header_field`: Invoked when another character of a header name is received.
 * `on_header_value`: Invoked when another character of a header value is received.
@@ -187,7 +189,8 @@ Parse full or partial request/response, invoking user callbacks along the way.
 
 If any of `llhttp_data_cb` returns errno not equal to `HPE_OK` - the parsing interrupts, 
 and such errno is returned from `llhttp_execute()`. If `HPE_PAUSED` was used as a errno, 
-the execution can be resumed with `llhttp_resume()` call.
+the execution can be resumed with `llhttp_resume()` call. In that case the input should be advanced 
+to the last processed byte from the parser, which can be obtained via `llhttp_get_error_pos()`.
 
 In a special case of CONNECT/Upgrade request/response `HPE_PAUSED_UPGRADE` is returned 
 after fully parsing the request/response. If the user wishes to continue parsing, 
@@ -196,6 +199,8 @@ they need to invoke `llhttp_resume_after_upgrade()`.
 **if this function ever returns a non-pause type error, it will continue to return 
 the same error upon each successive call up until `llhttp_init()` is called.**
 
+If this function returns `HPE_OK`, it means all the input has been consumed and parsed.
+
 ### `llhttp_errno_t llhttp_finish(llhttp_t* parser)`
 
 This method should be called when the other side has no further bytes to
diff --git a/deps/llhttp/include/llhttp.h b/deps/llhttp/include/llhttp.h
index 37b7934d2ee7bc..60544596a9942c 100644
--- a/deps/llhttp/include/llhttp.h
+++ b/deps/llhttp/include/llhttp.h
@@ -3,8 +3,8 @@
 #define INCLUDE_LLHTTP_H_
 
 #define LLHTTP_VERSION_MAJOR 9
-#define LLHTTP_VERSION_MINOR 2
-#define LLHTTP_VERSION_PATCH 1
+#define LLHTTP_VERSION_MINOR 3
+#define LLHTTP_VERSION_PATCH 0
 
 #ifndef INCLUDE_LLHTTP_ITSELF_H_
 #define INCLUDE_LLHTTP_ITSELF_H_
@@ -90,7 +90,8 @@ enum llhttp_errno {
   HPE_CB_HEADER_VALUE_COMPLETE = 29,
   HPE_CB_CHUNK_EXTENSION_NAME_COMPLETE = 34,
   HPE_CB_CHUNK_EXTENSION_VALUE_COMPLETE = 35,
-  HPE_CB_RESET = 31
+  HPE_CB_RESET = 31,
+  HPE_CB_PROTOCOL_COMPLETE = 38
 };
 typedef enum llhttp_errno llhttp_errno_t;
 
@@ -326,6 +327,7 @@ typedef enum llhttp_status llhttp_status_t;
   XX(34, CB_CHUNK_EXTENSION_NAME_COMPLETE, CB_CHUNK_EXTENSION_NAME_COMPLETE) \
   XX(35, CB_CHUNK_EXTENSION_VALUE_COMPLETE, CB_CHUNK_EXTENSION_VALUE_COMPLETE) \
   XX(31, CB_RESET, CB_RESET) \
+  XX(38, CB_PROTOCOL_COMPLETE, CB_PROTOCOL_COMPLETE) \
 
 
 #define HTTP_METHOD_MAP(XX) \
@@ -567,6 +569,7 @@ struct llhttp_settings_s {
   llhttp_cb      on_message_begin;
 
   /* Possible return values 0, -1, HPE_USER */
+  llhttp_data_cb on_protocol;
   llhttp_data_cb on_url;
   llhttp_data_cb on_status;
   llhttp_data_cb on_method;
@@ -592,6 +595,7 @@ struct llhttp_settings_s {
 
   /* Possible return values 0, -1, `HPE_PAUSED` */
   llhttp_cb      on_message_complete;
+  llhttp_cb      on_protocol_complete;
   llhttp_cb      on_url_complete;
   llhttp_cb      on_status_complete;
   llhttp_cb      on_method_complete;
diff --git a/deps/llhttp/libllhttp.pc.in b/deps/llhttp/libllhttp.pc.in
index 67d280a830dcc9..4ad300b7409739 100644
--- a/deps/llhttp/libllhttp.pc.in
+++ b/deps/llhttp/libllhttp.pc.in
@@ -1,10 +1,10 @@
 prefix=@CMAKE_INSTALL_PREFIX@
-exec_prefix=@CMAKE_INSTALL_PREFIX@
-libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@
-includedir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_INCLUDEDIR@
+exec_prefix=@CMAKE_INSTALL_FULL_BINDIR@
+libdir=@CMAKE_INSTALL_FULL_LIBDIR@
+includedir=@CMAKE_INSTALL_FULL_INCLUDEDIR@
 
 Name: libllhttp
 Description: Node.js llhttp Library
 Version: @PROJECT_VERSION@
 Libs: -L${libdir} -lllhttp
-Cflags: -I${includedir}
\ No newline at end of file
+Cflags: -I${includedir}
diff --git a/deps/llhttp/src/api.c b/deps/llhttp/src/api.c
index 8c2ce3dc5c455b..0245254177ac8c 100644
--- a/deps/llhttp/src/api.c
+++ b/deps/llhttp/src/api.c
@@ -57,29 +57,14 @@ static int wasm_on_headers_complete_wrap(llhttp_t* p) {
 }
 
 const llhttp_settings_t wasm_settings = {
-  wasm_on_message_begin,
-  wasm_on_url,
-  wasm_on_status,
-  NULL,
-  NULL,
-  wasm_on_header_field,
-  wasm_on_header_value,
-  NULL,
-  NULL,
-  wasm_on_headers_complete_wrap,
-  wasm_on_body,
-  wasm_on_message_complete,
-  NULL,
-  NULL,
-  NULL,
-  NULL,
-  NULL,
-  NULL,
-  NULL,
-  NULL,
-  NULL,
-  NULL,
-  NULL,
+  .on_message_begin = wasm_on_message_begin,
+  .on_url = wasm_on_url,
+  .on_status = wasm_on_status,
+  .on_header_field = wasm_on_header_field,
+  .on_header_value = wasm_on_header_value,
+  .on_headers_complete = wasm_on_headers_complete_wrap,
+  .on_body = wasm_on_body,
+  .on_message_complete = wasm_on_message_complete,
 };
 
 
@@ -341,6 +326,20 @@ int llhttp__on_message_begin(llhttp_t* s, const char* p, const char* endp) {
 }
 
 
+int llhttp__on_protocol(llhttp_t* s, const char* p, const char* endp) {
+  int err;
+  SPAN_CALLBACK_MAYBE(s, on_protocol, p, endp - p);
+  return err;
+}
+
+
+int llhttp__on_protocol_complete(llhttp_t* s, const char* p, const char* endp) {
+  int err;
+  CALLBACK_MAYBE(s, on_protocol_complete);
+  return err;
+}
+
+
 int llhttp__on_url(llhttp_t* s, const char* p, const char* endp) {
   int err;
   SPAN_CALLBACK_MAYBE(s, on_url, p, endp - p);
diff --git a/deps/llhttp/src/llhttp.c b/deps/llhttp/src/llhttp.c
index 3ef3b817f3d9ce..aa4c468209700c 100644
--- a/deps/llhttp/src/llhttp.c
+++ b/deps/llhttp/src/llhttp.c
@@ -10,10 +10,20 @@
  #endif  /* _MSC_VER */
 #endif  /* __SSE4_2__ */
 
+#ifdef __ARM_NEON__
+ #include <arm_neon.h>
+#endif  /* __ARM_NEON__ */
+
+#ifdef __wasm__
+ #include <wasm_simd128.h>
+#endif  /* __wasm__ */
+
 #ifdef _MSC_VER
  #define ALIGN(n) _declspec(align(n))
+ #define UNREACHABLE __assume(0)
 #else  /* !_MSC_VER */
  #define ALIGN(n) __attribute__((aligned(n)))
+ #define UNREACHABLE __builtin_unreachable()
 #endif  /* _MSC_VER */
 
 #include "llhttp.h"
@@ -72,16 +82,16 @@ static const unsigned char llparse_blob12[] = {
   'p', 'g', 'r', 'a', 'd', 'e'
 };
 static const unsigned char llparse_blob13[] = {
-  'T', 'T', 'P', '/'
+  'T', 'T', 'P'
 };
 static const unsigned char llparse_blob14[] = {
   0xd, 0xa, 0xd, 0xa, 'S', 'M', 0xd, 0xa, 0xd, 0xa
 };
 static const unsigned char llparse_blob15[] = {
-  'C', 'E', '/'
+  'C', 'E'
 };
 static const unsigned char llparse_blob16[] = {
-  'T', 'S', 'P', '/'
+  'T', 'S', 'P'
 };
 static const unsigned char llparse_blob17[] = {
   'N', 'O', 'U', 'N', 'C', 'E'
@@ -207,12 +217,18 @@ static const unsigned char llparse_blob57[] = {
   'U', 'B', 'S', 'C', 'R', 'I', 'B', 'E'
 };
 static const unsigned char llparse_blob58[] = {
-  'H', 'T', 'T', 'P', '/'
+  'T', 'T', 'P'
 };
 static const unsigned char llparse_blob59[] = {
-  'A', 'D'
+  'C', 'E'
 };
 static const unsigned char llparse_blob60[] = {
+  'T', 'S', 'P'
+};
+static const unsigned char llparse_blob61[] = {
+  'A', 'D'
+};
+static const unsigned char llparse_blob62[] = {
   'T', 'P', '/'
 };
 
@@ -425,17 +441,27 @@ enum llparse_state_e {
   s_n_llhttp__internal__n_req_http_complete,
   s_n_llhttp__internal__n_invoke_load_method_1,
   s_n_llhttp__internal__n_invoke_llhttp__on_version_complete,
-  s_n_llhttp__internal__n_error_66,
-  s_n_llhttp__internal__n_error_73,
-  s_n_llhttp__internal__n_req_http_minor,
+  s_n_llhttp__internal__n_error_67,
   s_n_llhttp__internal__n_error_74,
-  s_n_llhttp__internal__n_req_http_dot,
+  s_n_llhttp__internal__n_req_http_minor,
   s_n_llhttp__internal__n_error_75,
+  s_n_llhttp__internal__n_req_http_dot,
+  s_n_llhttp__internal__n_error_76,
   s_n_llhttp__internal__n_req_http_major,
   s_n_llhttp__internal__n_span_start_llhttp__on_version,
-  s_n_llhttp__internal__n_req_http_start_1,
-  s_n_llhttp__internal__n_req_http_start_2,
-  s_n_llhttp__internal__n_req_http_start_3,
+  s_n_llhttp__internal__n_req_after_protocol,
+  s_n_llhttp__internal__n_invoke_load_method,
+  s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete,
+  s_n_llhttp__internal__n_error_82,
+  s_n_llhttp__internal__n_req_after_http_start_1,
+  s_n_llhttp__internal__n_invoke_load_method_2,
+  s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_1,
+  s_n_llhttp__internal__n_req_after_http_start_2,
+  s_n_llhttp__internal__n_invoke_load_method_3,
+  s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_2,
+  s_n_llhttp__internal__n_req_after_http_start_3,
+  s_n_llhttp__internal__n_req_after_http_start,
+  s_n_llhttp__internal__n_span_start_llhttp__on_protocol,
   s_n_llhttp__internal__n_req_http_start,
   s_n_llhttp__internal__n_url_to_http,
   s_n_llhttp__internal__n_url_skip_to_http,
@@ -543,15 +569,22 @@ enum llparse_state_e {
   s_n_llhttp__internal__n_res_status_code_digit_1,
   s_n_llhttp__internal__n_res_after_version,
   s_n_llhttp__internal__n_invoke_llhttp__on_version_complete_1,
-  s_n_llhttp__internal__n_error_89,
-  s_n_llhttp__internal__n_error_103,
+  s_n_llhttp__internal__n_error_93,
+  s_n_llhttp__internal__n_error_107,
   s_n_llhttp__internal__n_res_http_minor,
-  s_n_llhttp__internal__n_error_104,
+  s_n_llhttp__internal__n_error_108,
   s_n_llhttp__internal__n_res_http_dot,
-  s_n_llhttp__internal__n_error_105,
+  s_n_llhttp__internal__n_error_109,
   s_n_llhttp__internal__n_res_http_major,
   s_n_llhttp__internal__n_span_start_llhttp__on_version_1,
-  s_n_llhttp__internal__n_start_res,
+  s_n_llhttp__internal__n_res_after_protocol,
+  s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_3,
+  s_n_llhttp__internal__n_error_115,
+  s_n_llhttp__internal__n_res_after_start_1,
+  s_n_llhttp__internal__n_res_after_start_2,
+  s_n_llhttp__internal__n_res_after_start_3,
+  s_n_llhttp__internal__n_res_after_start,
+  s_n_llhttp__internal__n_span_start_llhttp__on_protocol_1,
   s_n_llhttp__internal__n_invoke_llhttp__on_method_complete,
   s_n_llhttp__internal__n_req_or_res_method_2,
   s_n_llhttp__internal__n_invoke_update_type_1,
@@ -574,6 +607,10 @@ int llhttp__on_url(
     llhttp__internal_t* s, const unsigned char* p,
     const unsigned char* endp);
 
+int llhttp__on_protocol(
+    llhttp__internal_t* s, const unsigned char* p,
+    const unsigned char* endp);
+
 int llhttp__on_version(
     llhttp__internal_t* s, const unsigned char* p,
     const unsigned char* endp);
@@ -1057,6 +1094,10 @@ int llhttp__internal__c_or_flags_20(
   return 0;
 }
 
+int llhttp__on_protocol_complete(
+    llhttp__internal_t* s, const unsigned char* p,
+    const unsigned char* endp);
+
 int llhttp__internal__c_load_method(
     llhttp__internal_t* state,
     const unsigned char* p,
@@ -1192,8 +1233,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_test_lenient_flags_3;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__after_message_complete:
     s_n_llhttp__internal__n_invoke_llhttp__after_message_complete: {
@@ -1203,8 +1243,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_invoke_update_finish_1;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_pause_1:
     s_n_llhttp__internal__n_pause_1: {
@@ -1213,8 +1252,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_llhttp__after_message_complete;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_is_equal_upgrade:
     s_n_llhttp__internal__n_invoke_is_equal_upgrade: {
@@ -1224,8 +1262,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_pause_1;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_message_complete_2:
     s_n_llhttp__internal__n_invoke_llhttp__on_message_complete_2: {
@@ -1237,8 +1274,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_38;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_data_almost_done_1:
     s_n_llhttp__internal__n_chunk_data_almost_done_1: {
@@ -1254,8 +1290,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_test_lenient_flags_7;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_data_almost_done:
     s_n_llhttp__internal__n_chunk_data_almost_done: {
@@ -1275,8 +1310,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_test_lenient_flags_7;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_consume_content_length:
     s_n_llhttp__internal__n_consume_content_length: {
@@ -1293,8 +1327,7 @@ static llparse_state_t llhttp__internal__run(
       
       state->content_length -= avail;
       return s_n_llhttp__internal__n_consume_content_length;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_body:
     s_n_llhttp__internal__n_span_start_llhttp__on_body: {
@@ -1304,8 +1337,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_body;
       goto s_n_llhttp__internal__n_consume_content_length;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_is_equal_content_length:
     s_n_llhttp__internal__n_invoke_is_equal_content_length: {
@@ -1315,8 +1347,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_invoke_or_flags;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_size_almost_done:
     s_n_llhttp__internal__n_chunk_size_almost_done: {
@@ -1332,8 +1363,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_test_lenient_flags_8;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_test_lenient_flags_9:
     s_n_llhttp__internal__n_invoke_test_lenient_flags_9: {
@@ -1343,8 +1373,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_20;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete:
     s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete: {
@@ -1356,8 +1385,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_19;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete_1:
     s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete_1: {
@@ -1369,8 +1397,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_21;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete_2:
     s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete_2: {
@@ -1382,8 +1409,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_22;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_test_lenient_flags_10:
     s_n_llhttp__internal__n_invoke_test_lenient_flags_10: {
@@ -1393,8 +1419,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_25;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete:
     s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete: {
@@ -1406,8 +1431,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_24;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete_1:
     s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete_1: {
@@ -1419,8 +1443,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_26;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_extension_quoted_value_done:
     s_n_llhttp__internal__n_chunk_extension_quoted_value_done: {
@@ -1443,8 +1466,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_error_29;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete_2:
     s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete_2: {
@@ -1456,8 +1478,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_27;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_error_30:
     s_n_llhttp__internal__n_error_30: {
@@ -1466,8 +1487,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_extension_quoted_value_quoted_pair:
     s_n_llhttp__internal__n_chunk_extension_quoted_value_quoted_pair: {
@@ -1501,8 +1521,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_value_3;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_error_31:
     s_n_llhttp__internal__n_error_31: {
@@ -1511,8 +1530,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_extension_quoted_value:
     s_n_llhttp__internal__n_chunk_extension_quoted_value: {
@@ -1554,8 +1572,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_value_4;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete_3:
     s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete_3: {
@@ -1567,8 +1584,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_32;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_error_33:
     s_n_llhttp__internal__n_error_33: {
@@ -1577,8 +1593,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_extension_value:
     s_n_llhttp__internal__n_chunk_extension_value: {
@@ -1625,8 +1640,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_value_6;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_chunk_extension_value:
     s_n_llhttp__internal__n_span_start_llhttp__on_chunk_extension_value: {
@@ -1636,8 +1650,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_chunk_extension_value;
       goto s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete_3;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_error_34:
     s_n_llhttp__internal__n_error_34: {
@@ -1646,8 +1659,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_extension_name:
     s_n_llhttp__internal__n_chunk_extension_name: {
@@ -1693,8 +1705,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_name_4;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_chunk_extension_name:
     s_n_llhttp__internal__n_span_start_llhttp__on_chunk_extension_name: {
@@ -1704,8 +1715,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_chunk_extension_name;
       goto s_n_llhttp__internal__n_chunk_extension_name;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_extensions:
     s_n_llhttp__internal__n_chunk_extensions: {
@@ -1725,8 +1735,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_start_llhttp__on_chunk_extension_name;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_size_otherwise:
     s_n_llhttp__internal__n_chunk_size_otherwise: {
@@ -1758,8 +1767,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_error_35;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_size:
     s_n_llhttp__internal__n_chunk_size: {
@@ -1881,8 +1889,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_chunk_size_otherwise;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_chunk_size_digit:
     s_n_llhttp__internal__n_chunk_size_digit: {
@@ -2004,8 +2011,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_error_37;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_update_content_length_1:
     s_n_llhttp__internal__n_invoke_update_content_length_1: {
@@ -2013,8 +2019,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_chunk_size_digit;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_consume_content_length_1:
     s_n_llhttp__internal__n_consume_content_length_1: {
@@ -2031,8 +2036,7 @@ static llparse_state_t llhttp__internal__run(
       
       state->content_length -= avail;
       return s_n_llhttp__internal__n_consume_content_length_1;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_body_1:
     s_n_llhttp__internal__n_span_start_llhttp__on_body_1: {
@@ -2042,8 +2046,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_body;
       goto s_n_llhttp__internal__n_consume_content_length_1;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_eof:
     s_n_llhttp__internal__n_eof: {
@@ -2052,8 +2055,7 @@ static llparse_state_t llhttp__internal__run(
       }
       p++;
       goto s_n_llhttp__internal__n_eof;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_body_2:
     s_n_llhttp__internal__n_span_start_llhttp__on_body_2: {
@@ -2063,8 +2065,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_body;
       goto s_n_llhttp__internal__n_eof;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__after_headers_complete:
     s_n_llhttp__internal__n_invoke_llhttp__after_headers_complete: {
@@ -2082,8 +2083,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_invoke_llhttp__on_message_complete;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_error_5:
     s_n_llhttp__internal__n_error_5: {
@@ -2092,8 +2092,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_headers_almost_done:
     s_n_llhttp__internal__n_headers_almost_done: {
@@ -2109,8 +2108,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_test_lenient_flags_12;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_colon_discard_ws:
     s_n_llhttp__internal__n_header_field_colon_discard_ws: {
@@ -2126,8 +2124,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_field_colon;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_header_value_complete:
     s_n_llhttp__internal__n_invoke_llhttp__on_header_value_complete: {
@@ -2139,8 +2136,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_48;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_header_value:
     s_n_llhttp__internal__n_span_start_llhttp__on_header_value: {
@@ -2150,8 +2146,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_header_value;
       goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_discard_lws:
     s_n_llhttp__internal__n_header_value_discard_lws: {
@@ -2171,8 +2166,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_load_header_state_1;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_discard_ws_almost_done:
     s_n_llhttp__internal__n_header_value_discard_ws_almost_done: {
@@ -2188,8 +2182,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_test_lenient_flags_16;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_lws:
     s_n_llhttp__internal__n_header_value_lws: {
@@ -2207,8 +2200,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_load_header_state_5;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_almost_done:
     s_n_llhttp__internal__n_header_value_almost_done: {
@@ -2224,8 +2216,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_error_53;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_test_lenient_flags_17:
     s_n_llhttp__internal__n_invoke_test_lenient_flags_17: {
@@ -2235,8 +2226,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_51;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_lenient:
     s_n_llhttp__internal__n_header_value_lenient: {
@@ -2255,8 +2245,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_lenient;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_error_54:
     s_n_llhttp__internal__n_error_54: {
@@ -2265,8 +2254,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_otherwise:
     s_n_llhttp__internal__n_header_value_otherwise: {
@@ -2284,8 +2272,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_test_lenient_flags_19;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_connection_token:
     s_n_llhttp__internal__n_header_value_connection_token: {
@@ -2323,8 +2310,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_otherwise;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_connection_ws:
     s_n_llhttp__internal__n_header_value_connection_ws: {
@@ -2350,8 +2336,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_5;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_connection_1:
     s_n_llhttp__internal__n_header_value_connection_1: {
@@ -2374,8 +2359,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_connection_token;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_connection_2:
     s_n_llhttp__internal__n_header_value_connection_2: {
@@ -2398,8 +2382,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_connection_token;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_connection_3:
     s_n_llhttp__internal__n_header_value_connection_3: {
@@ -2422,8 +2405,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_connection_token;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_connection:
     s_n_llhttp__internal__n_header_value_connection: {
@@ -2455,8 +2437,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_connection_token;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_error_56:
     s_n_llhttp__internal__n_error_56: {
@@ -2465,8 +2446,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_error_57:
     s_n_llhttp__internal__n_error_57: {
@@ -2475,8 +2455,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_content_length_ws:
     s_n_llhttp__internal__n_header_value_content_length_ws: {
@@ -2498,8 +2477,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_7;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_content_length:
     s_n_llhttp__internal__n_header_value_content_length: {
@@ -2561,8 +2539,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_content_length_ws;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_error_59:
     s_n_llhttp__internal__n_error_59: {
@@ -2571,8 +2548,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_error_58:
     s_n_llhttp__internal__n_error_58: {
@@ -2581,8 +2557,7 @@ static llparse_state_t llhttp__internal__run(
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_te_token_ows:
     s_n_llhttp__internal__n_header_value_te_token_ows: {
@@ -2602,8 +2577,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_te_chunked;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value:
     s_n_llhttp__internal__n_header_value: {
@@ -2632,7 +2606,6 @@ static llparse_state_t llhttp__internal__run(
       if (endp - p >= 16) {
         __m128i ranges;
         __m128i input;
-        int avail;
         int match_len;
       
         /* Load input */
@@ -2652,6 +2625,78 @@ static llparse_state_t llhttp__internal__run(
         goto s_n_llhttp__internal__n_header_value_otherwise;
       }
       #endif  /* __SSE4_2__ */
+      #ifdef __ARM_NEON__
+      while (endp - p >= 16) {
+        uint8x16_t input;
+        uint8x16_t single;
+        uint8x16_t mask;
+        uint8x8_t narrow;
+        uint64_t match_mask;
+        int match_len;
+      
+        /* Load input */
+        input = vld1q_u8(p);
+        /* Find first character that does not match `ranges` */
+        single = vceqq_u8(input, vdupq_n_u8(0x9));
+        mask = single;
+        single = vandq_u16(
+          vcgeq_u8(input, vdupq_n_u8(' ')),
+          vcleq_u8(input, vdupq_n_u8('~'))
+        );
+        mask = vorrq_u16(mask, single);
+        single = vandq_u16(
+          vcgeq_u8(input, vdupq_n_u8(0x80)),
+          vcleq_u8(input, vdupq_n_u8(0xff))
+        );
+        mask = vorrq_u16(mask, single);
+        narrow = vshrn_n_u16(mask, 4);
+        match_mask = ~vget_lane_u64(vreinterpret_u64_u8(narrow), 0);
+        match_len = __builtin_ctzll(match_mask) >> 2;
+        if (match_len != 16) {
+          p += match_len;
+          goto s_n_llhttp__internal__n_header_value_otherwise;
+        }
+        p += 16;
+      }
+      if (p == endp) {
+        return s_n_llhttp__internal__n_header_value;
+      }
+      #endif  /* __ARM_NEON__ */
+      #ifdef __wasm_simd128__
+      while (endp - p >= 16) {
+        v128_t input;
+        v128_t mask;
+        v128_t single;
+        int match_len;
+      
+        /* Load input */
+        input = wasm_v128_load(p);
+        /* Find first character that does not match `ranges` */
+        single = wasm_i8x16_eq(input, wasm_u8x16_const_splat(0x9));
+        mask = single;
+        single = wasm_v128_and(
+          wasm_i8x16_ge(input, wasm_u8x16_const_splat(' ')),
+          wasm_i8x16_le(input, wasm_u8x16_const_splat('~'))
+        );
+        mask = wasm_v128_or(mask, single);
+        single = wasm_v128_and(
+          wasm_i8x16_ge(input, wasm_u8x16_const_splat(0x80)),
+          wasm_i8x16_le(input, wasm_u8x16_const_splat(0xff))
+        );
+        mask = wasm_v128_or(mask, single);
+        match_len = __builtin_ctz(
+          ~wasm_i8x16_bitmask(mask)
+        );
+        if (match_len != 16) {
+          p += match_len;
+          goto s_n_llhttp__internal__n_header_value_otherwise;
+        }
+        p += 16;
+      }
+      if (p == endp) {
+        return s_n_llhttp__internal__n_header_value;
+      }
+      #endif  /* __wasm_simd128__ */
       switch (lookup_table[(uint8_t) *p]) {
         case 1: {
           p++;
@@ -2661,8 +2706,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_otherwise;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_te_token:
     s_n_llhttp__internal__n_header_value_te_token: {
@@ -2700,8 +2744,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_9;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_te_chunked_last:
     s_n_llhttp__internal__n_header_value_te_chunked_last: {
@@ -2726,8 +2769,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_te_token;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_te_chunked:
     s_n_llhttp__internal__n_header_value_te_chunked: {
@@ -2750,8 +2792,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_value_te_token;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1:
     s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1: {
@@ -2761,8 +2802,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_header_value;
       goto s_n_llhttp__internal__n_invoke_load_header_state_3;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_value_discard_ws:
     s_n_llhttp__internal__n_header_value_discard_ws: {
@@ -2790,8 +2830,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_load_header_state:
     s_n_llhttp__internal__n_invoke_load_header_state: {
@@ -2803,8 +2842,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_header_value_discard_ws;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_header_field_complete:
     s_n_llhttp__internal__n_invoke_llhttp__on_header_field_complete: {
@@ -2816,8 +2854,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_error_45;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_general_otherwise:
     s_n_llhttp__internal__n_header_field_general_otherwise: {
@@ -2832,8 +2869,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_error_62;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_general:
     s_n_llhttp__internal__n_header_field_general: {
@@ -2862,7 +2898,6 @@ static llparse_state_t llhttp__internal__run(
       if (endp - p >= 16) {
         __m128i ranges;
         __m128i input;
-        int avail;
         int match_len;
       
         /* Load input */
@@ -2903,8 +2938,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_field_general_otherwise;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_colon:
     s_n_llhttp__internal__n_header_field_colon: {
@@ -2922,8 +2956,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_10;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_3:
     s_n_llhttp__internal__n_header_field_3: {
@@ -2947,8 +2980,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_11;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_4:
     s_n_llhttp__internal__n_header_field_4: {
@@ -2972,8 +3004,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_11;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_2:
     s_n_llhttp__internal__n_header_field_2: {
@@ -2993,8 +3024,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_11;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_1:
     s_n_llhttp__internal__n_header_field_1: {
@@ -3017,8 +3047,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_11;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_5:
     s_n_llhttp__internal__n_header_field_5: {
@@ -3042,8 +3071,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_11;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_6:
     s_n_llhttp__internal__n_header_field_6: {
@@ -3067,8 +3095,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_11;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_7:
     s_n_llhttp__internal__n_header_field_7: {
@@ -3092,8 +3119,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_11;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field:
     s_n_llhttp__internal__n_header_field: {
@@ -3121,8 +3147,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_header_state_11;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_header_field:
     s_n_llhttp__internal__n_span_start_llhttp__on_header_field: {
@@ -3132,8 +3157,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_header_field;
       goto s_n_llhttp__internal__n_header_field;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_header_field_start:
     s_n_llhttp__internal__n_header_field_start: {
@@ -3156,8 +3180,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_start_llhttp__on_header_field;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_headers_start:
     s_n_llhttp__internal__n_headers_start: {
@@ -3173,8 +3196,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_header_field_start;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_to_http_09:
     s_n_llhttp__internal__n_url_to_http_09: {
@@ -3194,8 +3216,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_http_major;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_skip_to_http09:
     s_n_llhttp__internal__n_url_skip_to_http09: {
@@ -3216,8 +3237,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_url_to_http_09;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_skip_lf_to_http09_1:
     s_n_llhttp__internal__n_url_skip_lf_to_http09_1: {
@@ -3233,8 +3253,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_error_63;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_skip_lf_to_http09:
     s_n_llhttp__internal__n_url_skip_lf_to_http09: {
@@ -3258,8 +3277,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_error_63;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_pri_upgrade:
     s_n_llhttp__internal__n_req_pri_upgrade: {
@@ -3273,17 +3291,16 @@ static llparse_state_t llhttp__internal__run(
       switch (match_seq.status) {
         case kMatchComplete: {
           p++;
-          goto s_n_llhttp__internal__n_error_71;
+          goto s_n_llhttp__internal__n_error_72;
         }
         case kMatchPause: {
           return s_n_llhttp__internal__n_req_pri_upgrade;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_72;
+          goto s_n_llhttp__internal__n_error_73;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_http_complete_crlf:
     s_n_llhttp__internal__n_req_http_complete_crlf: {
@@ -3299,8 +3316,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_test_lenient_flags_26;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_http_complete:
     s_n_llhttp__internal__n_req_http_complete: {
@@ -3317,11 +3333,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_req_http_complete_crlf;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_70;
+          goto s_n_llhttp__internal__n_error_71;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_load_method_1:
     s_n_llhttp__internal__n_invoke_load_method_1: {
@@ -3331,8 +3346,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_req_http_complete;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_version_complete:
     s_n_llhttp__internal__n_invoke_llhttp__on_version_complete: {
@@ -3342,30 +3356,27 @@ static llparse_state_t llhttp__internal__run(
         case 21:
           goto s_n_llhttp__internal__n_pause_21;
         default:
-          goto s_n_llhttp__internal__n_error_67;
+          goto s_n_llhttp__internal__n_error_68;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_error_66:
-    s_n_llhttp__internal__n_error_66: {
+    case s_n_llhttp__internal__n_error_67:
+    s_n_llhttp__internal__n_error_67: {
       state->error = 0x9;
       state->reason = "Invalid HTTP version";
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_error_73:
-    s_n_llhttp__internal__n_error_73: {
+    case s_n_llhttp__internal__n_error_74:
+    s_n_llhttp__internal__n_error_74: {
       state->error = 0x9;
       state->reason = "Invalid minor version";
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_http_minor:
     s_n_llhttp__internal__n_req_http_minor: {
@@ -3427,18 +3438,16 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_version_2;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_error_74:
-    s_n_llhttp__internal__n_error_74: {
+    case s_n_llhttp__internal__n_error_75:
+    s_n_llhttp__internal__n_error_75: {
       state->error = 0x9;
       state->reason = "Expected dot";
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_http_dot:
     s_n_llhttp__internal__n_req_http_dot: {
@@ -3454,18 +3463,16 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_version_3;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_error_75:
-    s_n_llhttp__internal__n_error_75: {
+    case s_n_llhttp__internal__n_error_76:
+    s_n_llhttp__internal__n_error_76: {
       state->error = 0x9;
       state->reason = "Invalid major version";
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_http_major:
     s_n_llhttp__internal__n_req_http_major: {
@@ -3527,8 +3534,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_version_4;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_version:
     s_n_llhttp__internal__n_span_start_llhttp__on_version: {
@@ -3538,109 +3544,313 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_version;
       goto s_n_llhttp__internal__n_req_http_major;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_req_after_protocol:
+    s_n_llhttp__internal__n_req_after_protocol: {
+      if (p == endp) {
+        return s_n_llhttp__internal__n_req_after_protocol;
+      }
+      switch (*p) {
+        case '/': {
+          p++;
+          goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
+        }
+        default: {
+          goto s_n_llhttp__internal__n_error_77;
+        }
+      }
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_invoke_load_method:
+    s_n_llhttp__internal__n_invoke_load_method: {
+      switch (llhttp__internal__c_load_method(state, p, endp)) {
+        case 0:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 1:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 2:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 3:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 4:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 5:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 6:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 7:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 8:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 9:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 10:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 11:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 12:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 13:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 14:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 15:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 16:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 17:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 18:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 19:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 20:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 21:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 22:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 23:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 24:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 25:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 26:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 27:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 28:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 29:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 30:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 31:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 32:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 33:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 34:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 46:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        default:
+          goto s_n_llhttp__internal__n_error_66;
+      }
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_req_http_start_1:
-    s_n_llhttp__internal__n_req_http_start_1: {
+    case s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete:
+    s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete: {
+      switch (llhttp__on_protocol_complete(state, p, endp)) {
+        case 0:
+          goto s_n_llhttp__internal__n_invoke_load_method;
+        case 21:
+          goto s_n_llhttp__internal__n_pause_22;
+        default:
+          goto s_n_llhttp__internal__n_error_65;
+      }
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_error_82:
+    s_n_llhttp__internal__n_error_82: {
+      state->error = 0x8;
+      state->reason = "Expected HTTP/, RTSP/ or ICE/";
+      state->error_pos = (const char*) p;
+      state->_current = (void*) (intptr_t) s_error;
+      return s_error;
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_req_after_http_start_1:
+    s_n_llhttp__internal__n_req_after_http_start_1: {
       llparse_match_t match_seq;
       
       if (p == endp) {
-        return s_n_llhttp__internal__n_req_http_start_1;
+        return s_n_llhttp__internal__n_req_after_http_start_1;
       }
-      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob13, 4);
+      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob13, 3);
       p = match_seq.current;
       switch (match_seq.status) {
         case kMatchComplete: {
           p++;
-          goto s_n_llhttp__internal__n_invoke_load_method;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol;
         }
         case kMatchPause: {
-          return s_n_llhttp__internal__n_req_http_start_1;
+          return s_n_llhttp__internal__n_req_after_http_start_1;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_78;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_3;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_req_http_start_2:
-    s_n_llhttp__internal__n_req_http_start_2: {
+    case s_n_llhttp__internal__n_invoke_load_method_2:
+    s_n_llhttp__internal__n_invoke_load_method_2: {
+      switch (llhttp__internal__c_load_method(state, p, endp)) {
+        case 33:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        default:
+          goto s_n_llhttp__internal__n_error_79;
+      }
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_1:
+    s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_1: {
+      switch (llhttp__on_protocol_complete(state, p, endp)) {
+        case 0:
+          goto s_n_llhttp__internal__n_invoke_load_method_2;
+        case 21:
+          goto s_n_llhttp__internal__n_pause_23;
+        default:
+          goto s_n_llhttp__internal__n_error_78;
+      }
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_req_after_http_start_2:
+    s_n_llhttp__internal__n_req_after_http_start_2: {
       llparse_match_t match_seq;
       
       if (p == endp) {
-        return s_n_llhttp__internal__n_req_http_start_2;
+        return s_n_llhttp__internal__n_req_after_http_start_2;
       }
-      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob15, 3);
+      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob15, 2);
       p = match_seq.current;
       switch (match_seq.status) {
         case kMatchComplete: {
           p++;
-          goto s_n_llhttp__internal__n_invoke_load_method_2;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_1;
         }
         case kMatchPause: {
-          return s_n_llhttp__internal__n_req_http_start_2;
+          return s_n_llhttp__internal__n_req_after_http_start_2;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_78;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_3;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_invoke_load_method_3:
+    s_n_llhttp__internal__n_invoke_load_method_3: {
+      switch (llhttp__internal__c_load_method(state, p, endp)) {
+        case 1:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 3:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 6:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 35:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 36:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 37:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 38:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 39:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 40:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 41:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 42:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 43:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 44:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        case 45:
+          goto s_n_llhttp__internal__n_req_after_protocol;
+        default:
+          goto s_n_llhttp__internal__n_error_81;
+      }
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_2:
+    s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_2: {
+      switch (llhttp__on_protocol_complete(state, p, endp)) {
+        case 0:
+          goto s_n_llhttp__internal__n_invoke_load_method_3;
+        case 21:
+          goto s_n_llhttp__internal__n_pause_24;
+        default:
+          goto s_n_llhttp__internal__n_error_80;
+      }
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_req_http_start_3:
-    s_n_llhttp__internal__n_req_http_start_3: {
+    case s_n_llhttp__internal__n_req_after_http_start_3:
+    s_n_llhttp__internal__n_req_after_http_start_3: {
       llparse_match_t match_seq;
       
       if (p == endp) {
-        return s_n_llhttp__internal__n_req_http_start_3;
+        return s_n_llhttp__internal__n_req_after_http_start_3;
       }
-      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob16, 4);
+      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob16, 3);
       p = match_seq.current;
       switch (match_seq.status) {
         case kMatchComplete: {
           p++;
-          goto s_n_llhttp__internal__n_invoke_load_method_3;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_2;
         }
         case kMatchPause: {
-          return s_n_llhttp__internal__n_req_http_start_3;
+          return s_n_llhttp__internal__n_req_after_http_start_3;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_78;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_3;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_req_http_start:
-    s_n_llhttp__internal__n_req_http_start: {
+    case s_n_llhttp__internal__n_req_after_http_start:
+    s_n_llhttp__internal__n_req_after_http_start: {
       if (p == endp) {
-        return s_n_llhttp__internal__n_req_http_start;
+        return s_n_llhttp__internal__n_req_after_http_start;
       }
       switch (*p) {
-        case ' ': {
-          p++;
-          goto s_n_llhttp__internal__n_req_http_start;
-        }
         case 'H': {
           p++;
-          goto s_n_llhttp__internal__n_req_http_start_1;
+          goto s_n_llhttp__internal__n_req_after_http_start_1;
         }
         case 'I': {
           p++;
-          goto s_n_llhttp__internal__n_req_http_start_2;
+          goto s_n_llhttp__internal__n_req_after_http_start_2;
         }
         case 'R': {
           p++;
-          goto s_n_llhttp__internal__n_req_http_start_3;
+          goto s_n_llhttp__internal__n_req_after_http_start_3;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_78;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_3;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_span_start_llhttp__on_protocol:
+    s_n_llhttp__internal__n_span_start_llhttp__on_protocol: {
+      if (p == endp) {
+        return s_n_llhttp__internal__n_span_start_llhttp__on_protocol;
+      }
+      state->_span_pos0 = (void*) p;
+      state->_span_cb0 = llhttp__on_protocol;
+      goto s_n_llhttp__internal__n_req_after_http_start;
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_req_http_start:
+    s_n_llhttp__internal__n_req_http_start: {
+      if (p == endp) {
+        return s_n_llhttp__internal__n_req_http_start;
+      }
+      switch (*p) {
+        case ' ': {
+          p++;
+          goto s_n_llhttp__internal__n_req_http_start;
+        }
+        default: {
+          goto s_n_llhttp__internal__n_span_start_llhttp__on_protocol;
+        }
+      }
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_to_http:
     s_n_llhttp__internal__n_url_to_http: {
@@ -3660,8 +3870,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_llhttp__on_url_complete_1;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_skip_to_http:
     s_n_llhttp__internal__n_url_skip_to_http: {
@@ -3682,8 +3891,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_url_to_http;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_fragment:
     s_n_llhttp__internal__n_url_fragment: {
@@ -3727,11 +3935,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_url_fragment;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_79;
+          goto s_n_llhttp__internal__n_error_83;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_end_stub_query_3:
     s_n_llhttp__internal__n_span_end_stub_query_3: {
@@ -3740,8 +3947,7 @@ static llparse_state_t llhttp__internal__run(
       }
       p++;
       goto s_n_llhttp__internal__n_url_fragment;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_query:
     s_n_llhttp__internal__n_url_query: {
@@ -3788,11 +3994,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_stub_query_3;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_80;
+          goto s_n_llhttp__internal__n_error_84;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_query_or_fragment:
     s_n_llhttp__internal__n_url_query_or_fragment: {
@@ -3826,11 +4031,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_url_query;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_81;
+          goto s_n_llhttp__internal__n_error_85;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_path:
     s_n_llhttp__internal__n_url_path: {
@@ -3868,8 +4072,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_url_query_or_fragment;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_stub_path_2:
     s_n_llhttp__internal__n_span_start_stub_path_2: {
@@ -3878,8 +4081,7 @@ static llparse_state_t llhttp__internal__run(
       }
       p++;
       goto s_n_llhttp__internal__n_url_path;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_stub_path:
     s_n_llhttp__internal__n_span_start_stub_path: {
@@ -3888,8 +4090,7 @@ static llparse_state_t llhttp__internal__run(
       }
       p++;
       goto s_n_llhttp__internal__n_url_path;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_stub_path_1:
     s_n_llhttp__internal__n_span_start_stub_path_1: {
@@ -3898,8 +4099,7 @@ static llparse_state_t llhttp__internal__run(
       }
       p++;
       goto s_n_llhttp__internal__n_url_path;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_server_with_at:
     s_n_llhttp__internal__n_url_server_with_at: {
@@ -3951,14 +4151,13 @@ static llparse_state_t llhttp__internal__run(
         }
         case 8: {
           p++;
-          goto s_n_llhttp__internal__n_error_82;
+          goto s_n_llhttp__internal__n_error_86;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_83;
+          goto s_n_llhttp__internal__n_error_87;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_server:
     s_n_llhttp__internal__n_url_server: {
@@ -4013,11 +4212,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_url_server_with_at;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_84;
+          goto s_n_llhttp__internal__n_error_88;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_schema_delim_1:
     s_n_llhttp__internal__n_url_schema_delim_1: {
@@ -4030,11 +4228,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_url_server;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_85;
+          goto s_n_llhttp__internal__n_error_89;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_schema_delim:
     s_n_llhttp__internal__n_url_schema_delim: {
@@ -4067,11 +4264,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_url_schema_delim_1;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_85;
+          goto s_n_llhttp__internal__n_error_89;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_end_stub_schema:
     s_n_llhttp__internal__n_span_end_stub_schema: {
@@ -4080,8 +4276,7 @@ static llparse_state_t llhttp__internal__run(
       }
       p++;
       goto s_n_llhttp__internal__n_url_schema_delim;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_schema:
     s_n_llhttp__internal__n_url_schema: {
@@ -4119,11 +4314,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_url_schema;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_86;
+          goto s_n_llhttp__internal__n_error_90;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_start:
     s_n_llhttp__internal__n_url_start: {
@@ -4160,11 +4354,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_url_schema;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_87;
+          goto s_n_llhttp__internal__n_error_91;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_url_1:
     s_n_llhttp__internal__n_span_start_llhttp__on_url_1: {
@@ -4174,8 +4367,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_url;
       goto s_n_llhttp__internal__n_url_start;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_entry_normal:
     s_n_llhttp__internal__n_url_entry_normal: {
@@ -4195,8 +4387,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_start_llhttp__on_url_1;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_url:
     s_n_llhttp__internal__n_span_start_llhttp__on_url: {
@@ -4206,8 +4397,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_url;
       goto s_n_llhttp__internal__n_url_server;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_url_entry_connect:
     s_n_llhttp__internal__n_url_entry_connect: {
@@ -4227,8 +4417,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_start_llhttp__on_url;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_spaces_before_url:
     s_n_llhttp__internal__n_req_spaces_before_url: {
@@ -4244,8 +4433,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_is_equal_method;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_first_space_before_url:
     s_n_llhttp__internal__n_req_first_space_before_url: {
@@ -4258,11 +4446,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_req_spaces_before_url;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_88;
+          goto s_n_llhttp__internal__n_error_92;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_method_complete_1:
     s_n_llhttp__internal__n_invoke_llhttp__on_method_complete_1: {
@@ -4270,12 +4457,11 @@ static llparse_state_t llhttp__internal__run(
         case 0:
           goto s_n_llhttp__internal__n_req_first_space_before_url;
         case 21:
-          goto s_n_llhttp__internal__n_pause_26;
+          goto s_n_llhttp__internal__n_pause_29;
         default:
-          goto s_n_llhttp__internal__n_error_107;
+          goto s_n_llhttp__internal__n_error_111;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_2:
     s_n_llhttp__internal__n_after_start_req_2: {
@@ -4289,11 +4475,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_store_method_1;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_3:
     s_n_llhttp__internal__n_after_start_req_3: {
@@ -4314,11 +4499,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_3;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_1:
     s_n_llhttp__internal__n_after_start_req_1: {
@@ -4335,11 +4519,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_3;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_4:
     s_n_llhttp__internal__n_after_start_req_4: {
@@ -4360,11 +4543,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_4;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_6:
     s_n_llhttp__internal__n_after_start_req_6: {
@@ -4385,11 +4567,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_6;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_8:
     s_n_llhttp__internal__n_after_start_req_8: {
@@ -4410,11 +4591,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_8;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_9:
     s_n_llhttp__internal__n_after_start_req_9: {
@@ -4428,11 +4608,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_store_method_1;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_7:
     s_n_llhttp__internal__n_after_start_req_7: {
@@ -4449,11 +4628,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_9;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_5:
     s_n_llhttp__internal__n_after_start_req_5: {
@@ -4470,11 +4648,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_7;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_12:
     s_n_llhttp__internal__n_after_start_req_12: {
@@ -4495,11 +4672,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_12;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_13:
     s_n_llhttp__internal__n_after_start_req_13: {
@@ -4520,11 +4696,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_13;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_11:
     s_n_llhttp__internal__n_after_start_req_11: {
@@ -4541,11 +4716,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_13;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_10:
     s_n_llhttp__internal__n_after_start_req_10: {
@@ -4558,11 +4732,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_11;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_14:
     s_n_llhttp__internal__n_after_start_req_14: {
@@ -4583,11 +4756,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_14;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_17:
     s_n_llhttp__internal__n_after_start_req_17: {
@@ -4608,11 +4780,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_17;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_16:
     s_n_llhttp__internal__n_after_start_req_16: {
@@ -4629,8 +4800,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_store_method_1;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_15:
     s_n_llhttp__internal__n_after_start_req_15: {
@@ -4650,11 +4820,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_15;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_18:
     s_n_llhttp__internal__n_after_start_req_18: {
@@ -4675,11 +4844,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_18;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_20:
     s_n_llhttp__internal__n_after_start_req_20: {
@@ -4700,11 +4868,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_20;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_21:
     s_n_llhttp__internal__n_after_start_req_21: {
@@ -4725,11 +4892,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_21;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_19:
     s_n_llhttp__internal__n_after_start_req_19: {
@@ -4746,11 +4912,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_21;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_23:
     s_n_llhttp__internal__n_after_start_req_23: {
@@ -4771,11 +4936,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_23;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_24:
     s_n_llhttp__internal__n_after_start_req_24: {
@@ -4796,11 +4960,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_24;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_26:
     s_n_llhttp__internal__n_after_start_req_26: {
@@ -4821,11 +4984,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_26;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_28:
     s_n_llhttp__internal__n_after_start_req_28: {
@@ -4846,11 +5008,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_28;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_29:
     s_n_llhttp__internal__n_after_start_req_29: {
@@ -4864,11 +5025,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_store_method_1;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_27:
     s_n_llhttp__internal__n_after_start_req_27: {
@@ -4885,11 +5045,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_29;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_25:
     s_n_llhttp__internal__n_after_start_req_25: {
@@ -4906,11 +5065,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_27;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_30:
     s_n_llhttp__internal__n_after_start_req_30: {
@@ -4931,11 +5089,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_30;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_22:
     s_n_llhttp__internal__n_after_start_req_22: {
@@ -4960,11 +5117,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_30;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_31:
     s_n_llhttp__internal__n_after_start_req_31: {
@@ -4985,11 +5141,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_31;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_32:
     s_n_llhttp__internal__n_after_start_req_32: {
@@ -5010,11 +5165,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_32;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_35:
     s_n_llhttp__internal__n_after_start_req_35: {
@@ -5035,11 +5189,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_35;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_36:
     s_n_llhttp__internal__n_after_start_req_36: {
@@ -5060,11 +5213,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_36;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_34:
     s_n_llhttp__internal__n_after_start_req_34: {
@@ -5081,11 +5233,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_36;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_37:
     s_n_llhttp__internal__n_after_start_req_37: {
@@ -5106,11 +5257,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_37;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_38:
     s_n_llhttp__internal__n_after_start_req_38: {
@@ -5131,11 +5281,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_38;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_42:
     s_n_llhttp__internal__n_after_start_req_42: {
@@ -5156,11 +5305,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_42;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_43:
     s_n_llhttp__internal__n_after_start_req_43: {
@@ -5181,11 +5329,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_43;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_41:
     s_n_llhttp__internal__n_after_start_req_41: {
@@ -5202,11 +5349,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_43;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_40:
     s_n_llhttp__internal__n_after_start_req_40: {
@@ -5219,11 +5365,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_41;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_39:
     s_n_llhttp__internal__n_after_start_req_39: {
@@ -5241,11 +5386,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_40;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_45:
     s_n_llhttp__internal__n_after_start_req_45: {
@@ -5266,11 +5410,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_45;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_44:
     s_n_llhttp__internal__n_after_start_req_44: {
@@ -5288,11 +5431,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_store_method_1;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_33:
     s_n_llhttp__internal__n_after_start_req_33: {
@@ -5321,11 +5463,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_44;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_46:
     s_n_llhttp__internal__n_after_start_req_46: {
@@ -5346,11 +5487,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_46;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_49:
     s_n_llhttp__internal__n_after_start_req_49: {
@@ -5371,11 +5511,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_49;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_50:
     s_n_llhttp__internal__n_after_start_req_50: {
@@ -5396,11 +5535,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_50;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_51:
     s_n_llhttp__internal__n_after_start_req_51: {
@@ -5421,11 +5559,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_51;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_52:
     s_n_llhttp__internal__n_after_start_req_52: {
@@ -5446,11 +5583,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_52;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_48:
     s_n_llhttp__internal__n_after_start_req_48: {
@@ -5475,11 +5611,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_52;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_47:
     s_n_llhttp__internal__n_after_start_req_47: {
@@ -5492,11 +5627,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_48;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_55:
     s_n_llhttp__internal__n_after_start_req_55: {
@@ -5517,11 +5651,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_55;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_57:
     s_n_llhttp__internal__n_after_start_req_57: {
@@ -5535,11 +5668,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_store_method_1;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_58:
     s_n_llhttp__internal__n_after_start_req_58: {
@@ -5560,11 +5692,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_58;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_56:
     s_n_llhttp__internal__n_after_start_req_56: {
@@ -5581,11 +5712,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_58;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_54:
     s_n_llhttp__internal__n_after_start_req_54: {
@@ -5602,11 +5732,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_56;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_59:
     s_n_llhttp__internal__n_after_start_req_59: {
@@ -5627,11 +5756,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_59;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_60:
     s_n_llhttp__internal__n_after_start_req_60: {
@@ -5652,11 +5780,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_60;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_53:
     s_n_llhttp__internal__n_after_start_req_53: {
@@ -5677,11 +5804,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_60;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_62:
     s_n_llhttp__internal__n_after_start_req_62: {
@@ -5702,11 +5828,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_62;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_63:
     s_n_llhttp__internal__n_after_start_req_63: {
@@ -5727,11 +5852,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_63;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_61:
     s_n_llhttp__internal__n_after_start_req_61: {
@@ -5748,11 +5872,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_63;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_66:
     s_n_llhttp__internal__n_after_start_req_66: {
@@ -5773,11 +5896,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_66;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_68:
     s_n_llhttp__internal__n_after_start_req_68: {
@@ -5798,11 +5920,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_68;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_69:
     s_n_llhttp__internal__n_after_start_req_69: {
@@ -5823,11 +5944,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_69;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_67:
     s_n_llhttp__internal__n_after_start_req_67: {
@@ -5844,11 +5964,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_69;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_70:
     s_n_llhttp__internal__n_after_start_req_70: {
@@ -5869,11 +5988,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_after_start_req_70;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_65:
     s_n_llhttp__internal__n_after_start_req_65: {
@@ -5894,11 +6012,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_70;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req_64:
     s_n_llhttp__internal__n_after_start_req_64: {
@@ -5911,11 +6028,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_65;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_after_start_req:
     s_n_llhttp__internal__n_after_start_req: {
@@ -5992,11 +6108,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_after_start_req_64;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_108;
+          goto s_n_llhttp__internal__n_error_112;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_method_1:
     s_n_llhttp__internal__n_span_start_llhttp__on_method_1: {
@@ -6006,8 +6121,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_method;
       goto s_n_llhttp__internal__n_after_start_req;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_res_line_almost_done:
     s_n_llhttp__internal__n_res_line_almost_done: {
@@ -6027,8 +6141,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_test_lenient_flags_29;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_test_lenient_flags_30:
     s_n_llhttp__internal__n_invoke_test_lenient_flags_30: {
@@ -6036,10 +6149,9 @@ static llparse_state_t llhttp__internal__run(
         case 1:
           goto s_n_llhttp__internal__n_invoke_llhttp__on_status_complete;
         default:
-          goto s_n_llhttp__internal__n_error_94;
+          goto s_n_llhttp__internal__n_error_98;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_res_status:
     s_n_llhttp__internal__n_res_status: {
@@ -6058,8 +6170,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_res_status;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_status:
     s_n_llhttp__internal__n_span_start_llhttp__on_status: {
@@ -6069,8 +6180,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_status;
       goto s_n_llhttp__internal__n_res_status;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_res_status_code_otherwise:
     s_n_llhttp__internal__n_res_status_code_otherwise: {
@@ -6091,11 +6201,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_start_llhttp__on_status;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_95;
+          goto s_n_llhttp__internal__n_error_99;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_res_status_code_digit_3:
     s_n_llhttp__internal__n_res_status_code_digit_3: {
@@ -6154,11 +6263,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_mul_add_status_code_2;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_97;
+          goto s_n_llhttp__internal__n_error_101;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_res_status_code_digit_2:
     s_n_llhttp__internal__n_res_status_code_digit_2: {
@@ -6217,11 +6325,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_mul_add_status_code_1;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_99;
+          goto s_n_llhttp__internal__n_error_103;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_res_status_code_digit_1:
     s_n_llhttp__internal__n_res_status_code_digit_1: {
@@ -6280,11 +6387,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_mul_add_status_code;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_101;
+          goto s_n_llhttp__internal__n_error_105;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_res_after_version:
     s_n_llhttp__internal__n_res_after_version: {
@@ -6297,11 +6403,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_status_code;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_102;
+          goto s_n_llhttp__internal__n_error_106;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_version_complete_1:
     s_n_llhttp__internal__n_invoke_llhttp__on_version_complete_1: {
@@ -6309,32 +6414,29 @@ static llparse_state_t llhttp__internal__run(
         case 0:
           goto s_n_llhttp__internal__n_res_after_version;
         case 21:
-          goto s_n_llhttp__internal__n_pause_25;
+          goto s_n_llhttp__internal__n_pause_28;
         default:
-          goto s_n_llhttp__internal__n_error_90;
+          goto s_n_llhttp__internal__n_error_94;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_error_89:
-    s_n_llhttp__internal__n_error_89: {
+    case s_n_llhttp__internal__n_error_93:
+    s_n_llhttp__internal__n_error_93: {
       state->error = 0x9;
       state->reason = "Invalid HTTP version";
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_error_103:
-    s_n_llhttp__internal__n_error_103: {
+    case s_n_llhttp__internal__n_error_107:
+    s_n_llhttp__internal__n_error_107: {
       state->error = 0x9;
       state->reason = "Invalid minor version";
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_res_http_minor:
     s_n_llhttp__internal__n_res_http_minor: {
@@ -6396,18 +6498,16 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_version_7;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_error_104:
-    s_n_llhttp__internal__n_error_104: {
+    case s_n_llhttp__internal__n_error_108:
+    s_n_llhttp__internal__n_error_108: {
       state->error = 0x9;
       state->reason = "Expected dot";
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_res_http_dot:
     s_n_llhttp__internal__n_res_http_dot: {
@@ -6423,18 +6523,16 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_version_8;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_error_105:
-    s_n_llhttp__internal__n_error_105: {
+    case s_n_llhttp__internal__n_error_109:
+    s_n_llhttp__internal__n_error_109: {
       state->error = 0x9;
       state->reason = "Invalid major version";
       state->error_pos = (const char*) p;
       state->_current = (void*) (intptr_t) s_error;
       return s_error;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_res_http_major:
     s_n_llhttp__internal__n_res_http_major: {
@@ -6496,8 +6594,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_span_end_llhttp__on_version_9;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_version_1:
     s_n_llhttp__internal__n_span_start_llhttp__on_version_1: {
@@ -6507,32 +6604,147 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_version;
       goto s_n_llhttp__internal__n_res_http_major;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
-    case s_n_llhttp__internal__n_start_res:
-    s_n_llhttp__internal__n_start_res: {
+    case s_n_llhttp__internal__n_res_after_protocol:
+    s_n_llhttp__internal__n_res_after_protocol: {
+      if (p == endp) {
+        return s_n_llhttp__internal__n_res_after_protocol;
+      }
+      switch (*p) {
+        case '/': {
+          p++;
+          goto s_n_llhttp__internal__n_span_start_llhttp__on_version_1;
+        }
+        default: {
+          goto s_n_llhttp__internal__n_error_114;
+        }
+      }
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_3:
+    s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_3: {
+      switch (llhttp__on_protocol_complete(state, p, endp)) {
+        case 0:
+          goto s_n_llhttp__internal__n_res_after_protocol;
+        case 21:
+          goto s_n_llhttp__internal__n_pause_30;
+        default:
+          goto s_n_llhttp__internal__n_error_113;
+      }
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_error_115:
+    s_n_llhttp__internal__n_error_115: {
+      state->error = 0x8;
+      state->reason = "Expected HTTP/, RTSP/ or ICE/";
+      state->error_pos = (const char*) p;
+      state->_current = (void*) (intptr_t) s_error;
+      return s_error;
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_res_after_start_1:
+    s_n_llhttp__internal__n_res_after_start_1: {
       llparse_match_t match_seq;
       
       if (p == endp) {
-        return s_n_llhttp__internal__n_start_res;
+        return s_n_llhttp__internal__n_res_after_start_1;
       }
-      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob58, 5);
+      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob58, 3);
       p = match_seq.current;
       switch (match_seq.status) {
         case kMatchComplete: {
           p++;
-          goto s_n_llhttp__internal__n_span_start_llhttp__on_version_1;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_4;
+        }
+        case kMatchPause: {
+          return s_n_llhttp__internal__n_res_after_start_1;
+        }
+        case kMatchMismatch: {
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_5;
+        }
+      }
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_res_after_start_2:
+    s_n_llhttp__internal__n_res_after_start_2: {
+      llparse_match_t match_seq;
+      
+      if (p == endp) {
+        return s_n_llhttp__internal__n_res_after_start_2;
+      }
+      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob59, 2);
+      p = match_seq.current;
+      switch (match_seq.status) {
+        case kMatchComplete: {
+          p++;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_4;
+        }
+        case kMatchPause: {
+          return s_n_llhttp__internal__n_res_after_start_2;
+        }
+        case kMatchMismatch: {
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_5;
+        }
+      }
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_res_after_start_3:
+    s_n_llhttp__internal__n_res_after_start_3: {
+      llparse_match_t match_seq;
+      
+      if (p == endp) {
+        return s_n_llhttp__internal__n_res_after_start_3;
+      }
+      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob60, 3);
+      p = match_seq.current;
+      switch (match_seq.status) {
+        case kMatchComplete: {
+          p++;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_4;
         }
         case kMatchPause: {
-          return s_n_llhttp__internal__n_start_res;
+          return s_n_llhttp__internal__n_res_after_start_3;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_109;
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_5;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_res_after_start:
+    s_n_llhttp__internal__n_res_after_start: {
+      if (p == endp) {
+        return s_n_llhttp__internal__n_res_after_start;
+      }
+      switch (*p) {
+        case 'H': {
+          p++;
+          goto s_n_llhttp__internal__n_res_after_start_1;
+        }
+        case 'I': {
+          p++;
+          goto s_n_llhttp__internal__n_res_after_start_2;
+        }
+        case 'R': {
+          p++;
+          goto s_n_llhttp__internal__n_res_after_start_3;
+        }
+        default: {
+          goto s_n_llhttp__internal__n_span_end_llhttp__on_protocol_5;
+        }
+      }
+      UNREACHABLE;
+    }
+    case s_n_llhttp__internal__n_span_start_llhttp__on_protocol_1:
+    s_n_llhttp__internal__n_span_start_llhttp__on_protocol_1: {
+      if (p == endp) {
+        return s_n_llhttp__internal__n_span_start_llhttp__on_protocol_1;
+      }
+      state->_span_pos0 = (void*) p;
+      state->_span_cb0 = llhttp__on_protocol;
+      goto s_n_llhttp__internal__n_res_after_start;
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_llhttp__on_method_complete:
     s_n_llhttp__internal__n_invoke_llhttp__on_method_complete: {
@@ -6540,12 +6752,11 @@ static llparse_state_t llhttp__internal__run(
         case 0:
           goto s_n_llhttp__internal__n_req_first_space_before_url;
         case 21:
-          goto s_n_llhttp__internal__n_pause_23;
+          goto s_n_llhttp__internal__n_pause_26;
         default:
           goto s_n_llhttp__internal__n_error_1;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_or_res_method_2:
     s_n_llhttp__internal__n_req_or_res_method_2: {
@@ -6554,7 +6765,7 @@ static llparse_state_t llhttp__internal__run(
       if (p == endp) {
         return s_n_llhttp__internal__n_req_or_res_method_2;
       }
-      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob59, 2);
+      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob61, 2);
       p = match_seq.current;
       switch (match_seq.status) {
         case kMatchComplete: {
@@ -6566,11 +6777,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_req_or_res_method_2;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_106;
+          goto s_n_llhttp__internal__n_error_110;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_update_type_1:
     s_n_llhttp__internal__n_invoke_update_type_1: {
@@ -6578,8 +6788,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_span_start_llhttp__on_version_1;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_or_res_method_3:
     s_n_llhttp__internal__n_req_or_res_method_3: {
@@ -6588,7 +6797,7 @@ static llparse_state_t llhttp__internal__run(
       if (p == endp) {
         return s_n_llhttp__internal__n_req_or_res_method_3;
       }
-      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob60, 3);
+      match_seq = llparse__match_sequence_id(state, p, endp, llparse_blob62, 3);
       p = match_seq.current;
       switch (match_seq.status) {
         case kMatchComplete: {
@@ -6599,11 +6808,10 @@ static llparse_state_t llhttp__internal__run(
           return s_n_llhttp__internal__n_req_or_res_method_3;
         }
         case kMatchMismatch: {
-          goto s_n_llhttp__internal__n_error_106;
+          goto s_n_llhttp__internal__n_error_110;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_or_res_method_1:
     s_n_llhttp__internal__n_req_or_res_method_1: {
@@ -6620,11 +6828,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_req_or_res_method_3;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_106;
+          goto s_n_llhttp__internal__n_error_110;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_req_or_res_method:
     s_n_llhttp__internal__n_req_or_res_method: {
@@ -6637,11 +6844,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_req_or_res_method_1;
         }
         default: {
-          goto s_n_llhttp__internal__n_error_106;
+          goto s_n_llhttp__internal__n_error_110;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_span_start_llhttp__on_method:
     s_n_llhttp__internal__n_span_start_llhttp__on_method: {
@@ -6651,8 +6857,7 @@ static llparse_state_t llhttp__internal__run(
       state->_span_pos0 = (void*) p;
       state->_span_cb0 = llhttp__on_method;
       goto s_n_llhttp__internal__n_req_or_res_method;
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_start_req_or_res:
     s_n_llhttp__internal__n_start_req_or_res: {
@@ -6667,8 +6872,7 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_update_type_2;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_load_type:
     s_n_llhttp__internal__n_invoke_load_type: {
@@ -6676,12 +6880,11 @@ static llparse_state_t llhttp__internal__run(
         case 1:
           goto s_n_llhttp__internal__n_span_start_llhttp__on_method_1;
         case 2:
-          goto s_n_llhttp__internal__n_start_res;
+          goto s_n_llhttp__internal__n_span_start_llhttp__on_protocol_1;
         default:
           goto s_n_llhttp__internal__n_start_req_or_res;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_invoke_update_finish:
     s_n_llhttp__internal__n_invoke_update_finish: {
@@ -6689,8 +6892,7 @@ static llparse_state_t llhttp__internal__run(
         default:
           goto s_n_llhttp__internal__n_invoke_llhttp__on_message_begin;
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     case s_n_llhttp__internal__n_start:
     s_n_llhttp__internal__n_start: {
@@ -6710,12 +6912,10 @@ static llparse_state_t llhttp__internal__run(
           goto s_n_llhttp__internal__n_invoke_load_initial_message_completed;
         }
       }
-      /* UNREACHABLE */;
-      abort();
+      UNREACHABLE;
     }
     default:
-      /* UNREACHABLE */
-      abort();
+      UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_2: {
     state->error = 0x7;
@@ -6723,32 +6923,28 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_finish_2: {
     switch (llhttp__internal__c_update_finish_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_start;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_initial_message_completed: {
     switch (llhttp__internal__c_update_initial_message_completed(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_finish_2;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_content_length: {
     switch (llhttp__internal__c_update_content_length(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_initial_message_completed;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_8: {
     state->error = 0x5;
@@ -6756,8 +6952,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_3: {
     switch (llhttp__internal__c_test_lenient_flags_3(state, p, endp)) {
@@ -6766,8 +6961,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_8;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_2: {
     switch (llhttp__internal__c_test_lenient_flags_2(state, p, endp)) {
@@ -6776,16 +6970,14 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_closed;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_finish_1: {
     switch (llhttp__internal__c_update_finish_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_test_lenient_flags_2;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_13: {
     state->error = 0x15;
@@ -6793,8 +6985,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_is_equal_upgrade;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_38: {
     state->error = 0x12;
@@ -6802,8 +6993,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_15: {
     state->error = 0x15;
@@ -6811,8 +7001,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_llhttp__on_message_complete_2;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_40: {
     state->error = 0x14;
@@ -6820,8 +7009,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_chunk_complete_1: {
     switch (llhttp__on_chunk_complete(state, p, endp)) {
@@ -6832,8 +7020,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_40;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_2: {
     state->error = 0x15;
@@ -6841,8 +7028,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_pause_1;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_9: {
     state->error = 0x12;
@@ -6850,8 +7036,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_message_complete_1: {
     switch (llhttp__on_message_complete(state, p, endp)) {
@@ -6862,8 +7047,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_9;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_36: {
     state->error = 0xc;
@@ -6871,8 +7055,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_10: {
     state->error = 0xc;
@@ -6880,8 +7063,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_4: {
     switch (llhttp__internal__c_test_lenient_flags_4(state, p, endp)) {
@@ -6890,8 +7072,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_10;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_3: {
     state->error = 0x15;
@@ -6899,8 +7080,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_update_content_length_1;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_14: {
     state->error = 0x14;
@@ -6908,8 +7088,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_chunk_complete: {
     switch (llhttp__on_chunk_complete(state, p, endp)) {
@@ -6920,8 +7099,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_14;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_13: {
     state->error = 0x19;
@@ -6929,8 +7107,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_6: {
     switch (llhttp__internal__c_test_lenient_flags_1(state, p, endp)) {
@@ -6939,8 +7116,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_13;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_15: {
     state->error = 0x2;
@@ -6948,8 +7124,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_7: {
     switch (llhttp__internal__c_test_lenient_flags_7(state, p, endp)) {
@@ -6958,8 +7133,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_15;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_body: {
     const unsigned char* start;
@@ -6975,16 +7149,14 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_chunk_data_almost_done;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags: {
     switch (llhttp__internal__c_or_flags(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_field_start;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_4: {
     state->error = 0x15;
@@ -6992,8 +7164,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_is_equal_content_length;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_12: {
     state->error = 0x13;
@@ -7001,8 +7172,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_chunk_header: {
     switch (llhttp__on_chunk_header(state, p, endp)) {
@@ -7013,8 +7183,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_12;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_16: {
     state->error = 0x2;
@@ -7022,8 +7191,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_8: {
     switch (llhttp__internal__c_test_lenient_flags_8(state, p, endp)) {
@@ -7032,8 +7200,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_16;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_11: {
     state->error = 0x19;
@@ -7041,8 +7208,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_5: {
     switch (llhttp__internal__c_test_lenient_flags_1(state, p, endp)) {
@@ -7051,8 +7217,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_11;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_17: {
     state->error = 0x2;
@@ -7060,8 +7225,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_18: {
     state->error = 0x2;
@@ -7069,8 +7233,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_20: {
     state->error = 0x19;
@@ -7078,8 +7241,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_5: {
     state->error = 0x15;
@@ -7087,8 +7249,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_test_lenient_flags_9;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_19: {
     state->error = 0x22;
@@ -7096,8 +7257,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_name: {
     const unsigned char* start;
@@ -7113,8 +7273,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_6: {
     state->error = 0x15;
@@ -7122,8 +7281,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_chunk_size_almost_done;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_21: {
     state->error = 0x22;
@@ -7131,8 +7289,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_name_1: {
     const unsigned char* start;
@@ -7149,8 +7306,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete_1;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_7: {
     state->error = 0x15;
@@ -7158,8 +7314,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_chunk_extensions;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_22: {
     state->error = 0x22;
@@ -7167,8 +7322,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_name_2: {
     const unsigned char* start;
@@ -7185,8 +7339,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete_2;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_25: {
     state->error = 0x19;
@@ -7194,8 +7347,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_8: {
     state->error = 0x15;
@@ -7203,8 +7355,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_test_lenient_flags_10;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_24: {
     state->error = 0x23;
@@ -7212,8 +7363,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_value: {
     const unsigned char* start;
@@ -7229,8 +7379,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_9: {
     state->error = 0x15;
@@ -7238,8 +7387,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_chunk_size_almost_done;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_26: {
     state->error = 0x23;
@@ -7247,8 +7395,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_value_1: {
     const unsigned char* start;
@@ -7265,8 +7412,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete_1;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_28: {
     state->error = 0x19;
@@ -7274,8 +7420,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_11: {
     switch (llhttp__internal__c_test_lenient_flags_1(state, p, endp)) {
@@ -7284,8 +7429,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_28;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_29: {
     state->error = 0x2;
@@ -7293,8 +7437,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_10: {
     state->error = 0x15;
@@ -7302,8 +7445,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_chunk_extension_quoted_value_done;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_27: {
     state->error = 0x23;
@@ -7311,8 +7453,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_value_2: {
     const unsigned char* start;
@@ -7328,8 +7469,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete_2;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_value_3: {
     const unsigned char* start;
@@ -7346,8 +7486,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_error_30;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_value_4: {
     const unsigned char* start;
@@ -7364,8 +7503,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_error_31;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_11: {
     state->error = 0x15;
@@ -7373,8 +7511,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_chunk_extensions;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_32: {
     state->error = 0x23;
@@ -7382,8 +7519,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_value_5: {
     const unsigned char* start;
@@ -7400,8 +7536,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_value_complete_3;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_value_6: {
     const unsigned char* start;
@@ -7418,8 +7553,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_error_33;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_12: {
     state->error = 0x15;
@@ -7427,8 +7561,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_chunk_extension_value;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_23: {
     state->error = 0x22;
@@ -7436,8 +7569,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_chunk_extension_name_complete_3: {
     switch (llhttp__on_chunk_extension_name_complete(state, p, endp)) {
@@ -7448,8 +7580,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_23;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_name_3: {
     const unsigned char* start;
@@ -7466,8 +7597,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_span_start_llhttp__on_chunk_extension_value;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_chunk_extension_name_4: {
     const unsigned char* start;
@@ -7484,8 +7614,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_error_34;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_35: {
     state->error = 0xc;
@@ -7493,8 +7622,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_mul_add_content_length: {
     switch (llhttp__internal__c_mul_add_content_length(state, p, endp, match)) {
@@ -7503,8 +7631,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_chunk_size;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_37: {
     state->error = 0xc;
@@ -7512,8 +7639,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_body_1: {
     const unsigned char* start;
@@ -7529,16 +7655,14 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_llhttp__on_message_complete_2;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_finish_3: {
     switch (llhttp__internal__c_update_finish_3(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_span_start_llhttp__on_body_2;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_39: {
     state->error = 0xf;
@@ -7546,8 +7670,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause: {
     state->error = 0x15;
@@ -7555,8 +7678,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_llhttp__after_message_complete;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_7: {
     state->error = 0x12;
@@ -7564,8 +7686,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_message_complete: {
     switch (llhttp__on_message_complete(state, p, endp)) {
@@ -7576,32 +7697,28 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_7;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_1: {
     switch (llhttp__internal__c_or_flags_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__after_headers_complete;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_2: {
     switch (llhttp__internal__c_or_flags_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__after_headers_complete;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_upgrade: {
     switch (llhttp__internal__c_update_upgrade(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_or_flags_2;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_14: {
     state->error = 0x15;
@@ -7609,8 +7726,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_llhttp__after_headers_complete;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_6: {
     state->error = 0x11;
@@ -7618,8 +7734,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_headers_complete: {
     switch (llhttp__on_headers_complete(state, p, endp)) {
@@ -7634,16 +7749,14 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_6;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__before_headers_complete: {
     switch (llhttp__before_headers_complete(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__on_headers_complete;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_flags: {
     switch (llhttp__internal__c_test_flags(state, p, endp)) {
@@ -7652,8 +7765,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__before_headers_complete;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_1: {
     switch (llhttp__internal__c_test_lenient_flags_1(state, p, endp)) {
@@ -7662,8 +7774,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_5;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_17: {
     state->error = 0x15;
@@ -7671,8 +7782,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_llhttp__on_message_complete_2;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_42: {
     state->error = 0x14;
@@ -7680,8 +7790,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_chunk_complete_2: {
     switch (llhttp__on_chunk_complete(state, p, endp)) {
@@ -7692,32 +7801,28 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_42;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_3: {
     switch (llhttp__internal__c_or_flags_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__after_headers_complete;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_4: {
     switch (llhttp__internal__c_or_flags_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__after_headers_complete;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_upgrade_1: {
     switch (llhttp__internal__c_update_upgrade(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_or_flags_4;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_16: {
     state->error = 0x15;
@@ -7725,8 +7830,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_llhttp__after_headers_complete;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_41: {
     state->error = 0x11;
@@ -7734,8 +7838,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_headers_complete_1: {
     switch (llhttp__on_headers_complete(state, p, endp)) {
@@ -7750,16 +7853,14 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_41;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__before_headers_complete_1: {
     switch (llhttp__before_headers_complete(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__on_headers_complete_1;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_flags_1: {
     switch (llhttp__internal__c_test_flags(state, p, endp)) {
@@ -7768,8 +7869,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__before_headers_complete_1;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_43: {
     state->error = 0x2;
@@ -7777,8 +7877,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_12: {
     switch (llhttp__internal__c_test_lenient_flags_8(state, p, endp)) {
@@ -7787,8 +7886,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_43;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_44: {
     state->error = 0xa;
@@ -7796,8 +7894,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_field: {
     const unsigned char* start;
@@ -7814,8 +7911,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_error_5;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_13: {
     switch (llhttp__internal__c_test_lenient_flags(state, p, endp)) {
@@ -7824,8 +7920,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_header_field;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_60: {
     state->error = 0xb;
@@ -7833,8 +7928,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_47: {
     state->error = 0xa;
@@ -7842,8 +7936,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_15: {
     switch (llhttp__internal__c_test_lenient_flags(state, p, endp)) {
@@ -7852,8 +7945,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_47;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_49: {
     state->error = 0xb;
@@ -7861,8 +7953,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_18: {
     state->error = 0x15;
@@ -7870,8 +7961,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_header_field_start;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_48: {
     state->error = 0x1d;
@@ -7879,8 +7969,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_value: {
     const unsigned char* start;
@@ -7896,48 +7985,42 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_llhttp__on_header_value_complete;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state: {
     switch (llhttp__internal__c_update_header_state(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_5: {
     switch (llhttp__internal__c_or_flags_5(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_header_state;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_6: {
     switch (llhttp__internal__c_or_flags_6(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_header_state;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_7: {
     switch (llhttp__internal__c_or_flags_7(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_header_state;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_8: {
     switch (llhttp__internal__c_or_flags_8(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_header_state_2: {
     switch (llhttp__internal__c_load_header_state(state, p, endp)) {
@@ -7952,8 +8035,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_header_state_1: {
     switch (llhttp__internal__c_load_header_state(state, p, endp)) {
@@ -7962,8 +8044,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_invoke_load_header_state_2;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_46: {
     state->error = 0xa;
@@ -7971,8 +8052,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_14: {
     switch (llhttp__internal__c_test_lenient_flags_1(state, p, endp)) {
@@ -7981,8 +8061,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_46;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_50: {
     state->error = 0x2;
@@ -7990,8 +8069,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_16: {
     switch (llhttp__internal__c_test_lenient_flags(state, p, endp)) {
@@ -8000,16 +8078,14 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_50;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_1: {
     switch (llhttp__internal__c_update_header_state_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_header_state_4: {
     switch (llhttp__internal__c_load_header_state(state, p, endp)) {
@@ -8018,8 +8094,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_52: {
     state->error = 0xa;
@@ -8027,8 +8102,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_18: {
     switch (llhttp__internal__c_test_lenient_flags(state, p, endp)) {
@@ -8037,48 +8111,42 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_52;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_2: {
     switch (llhttp__internal__c_update_header_state(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__on_header_value_complete;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_9: {
     switch (llhttp__internal__c_or_flags_5(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_header_state_2;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_10: {
     switch (llhttp__internal__c_or_flags_6(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_header_state_2;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_11: {
     switch (llhttp__internal__c_or_flags_7(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_header_state_2;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_12: {
     switch (llhttp__internal__c_or_flags_8(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__on_header_value_complete;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_header_state_5: {
     switch (llhttp__internal__c_load_header_state(state, p, endp)) {
@@ -8093,8 +8161,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__on_header_value_complete;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_53: {
     state->error = 0x3;
@@ -8102,8 +8169,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_51: {
     state->error = 0x19;
@@ -8111,8 +8177,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_value_1: {
     const unsigned char* start;
@@ -8128,8 +8193,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_test_lenient_flags_17;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2: {
     const unsigned char* start;
@@ -8146,8 +8210,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_header_value_almost_done;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_value_4: {
     const unsigned char* start;
@@ -8163,8 +8226,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_header_value_almost_done;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_value_5: {
     const unsigned char* start;
@@ -8181,8 +8243,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_header_value_almost_done;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_value_3: {
     const unsigned char* start;
@@ -8198,8 +8259,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_error_54;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_19: {
     switch (llhttp__internal__c_test_lenient_flags(state, p, endp)) {
@@ -8208,48 +8268,42 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_3;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_4: {
     switch (llhttp__internal__c_update_header_state(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_value_connection;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_13: {
     switch (llhttp__internal__c_or_flags_5(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_header_state_4;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_14: {
     switch (llhttp__internal__c_or_flags_6(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_header_state_4;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_15: {
     switch (llhttp__internal__c_or_flags_7(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_header_state_4;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_16: {
     switch (llhttp__internal__c_or_flags_8(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_value_connection;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_header_state_6: {
     switch (llhttp__internal__c_load_header_state(state, p, endp)) {
@@ -8264,40 +8318,35 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_header_value_connection;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_5: {
     switch (llhttp__internal__c_update_header_state_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_value_connection_token;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_3: {
     switch (llhttp__internal__c_update_header_state_3(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_value_connection_ws;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_6: {
     switch (llhttp__internal__c_update_header_state_6(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_value_connection_ws;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_7: {
     switch (llhttp__internal__c_update_header_state_7(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_value_connection_ws;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_value_6: {
     const unsigned char* start;
@@ -8313,8 +8362,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_error_56;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_mul_add_content_length_1: {
     switch (llhttp__internal__c_mul_add_content_length_1(state, p, endp, match)) {
@@ -8323,16 +8371,14 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_header_value_content_length;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_17: {
     switch (llhttp__internal__c_or_flags_17(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_value_otherwise;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_value_7: {
     const unsigned char* start;
@@ -8348,8 +8394,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_error_57;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_55: {
     state->error = 0x4;
@@ -8357,8 +8402,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_flags_2: {
     switch (llhttp__internal__c_test_flags_2(state, p, endp)) {
@@ -8367,8 +8411,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_55;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_value_9: {
     const unsigned char* start;
@@ -8385,16 +8428,14 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_error_59;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_8: {
     switch (llhttp__internal__c_update_header_state_8(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_value_otherwise;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_value_8: {
     const unsigned char* start;
@@ -8411,8 +8452,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_error_58;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_20: {
     switch (llhttp__internal__c_test_lenient_flags_20(state, p, endp)) {
@@ -8421,8 +8461,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_header_value_te_chunked;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_type_1: {
     switch (llhttp__internal__c_load_type(state, p, endp)) {
@@ -8431,32 +8470,28 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_header_value_te_chunked;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_9: {
     switch (llhttp__internal__c_update_header_state_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_value;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_and_flags: {
     switch (llhttp__internal__c_and_flags(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_value_te_chunked;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_19: {
     switch (llhttp__internal__c_or_flags_18(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_and_flags;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_21: {
     switch (llhttp__internal__c_test_lenient_flags_20(state, p, endp)) {
@@ -8465,8 +8500,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_invoke_or_flags_19;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_type_2: {
     switch (llhttp__internal__c_load_type(state, p, endp)) {
@@ -8475,16 +8509,14 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_invoke_or_flags_19;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_18: {
     switch (llhttp__internal__c_or_flags_18(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_and_flags;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_flags_3: {
     switch (llhttp__internal__c_test_flags_3(state, p, endp)) {
@@ -8493,16 +8525,14 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_invoke_or_flags_18;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_or_flags_20: {
     switch (llhttp__internal__c_or_flags_20(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_header_state_9;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_header_state_3: {
     switch (llhttp__internal__c_load_header_state(state, p, endp)) {
@@ -8517,8 +8547,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_header_value;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_22: {
     switch (llhttp__internal__c_test_lenient_flags_22(state, p, endp)) {
@@ -8527,8 +8556,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_header_value_discard_ws;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_flags_4: {
     switch (llhttp__internal__c_test_flags_4(state, p, endp)) {
@@ -8537,8 +8565,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_header_value_discard_ws;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_61: {
     state->error = 0xf;
@@ -8546,8 +8573,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_23: {
     switch (llhttp__internal__c_test_lenient_flags_22(state, p, endp)) {
@@ -8556,8 +8582,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_header_value_discard_ws;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_flags_5: {
     switch (llhttp__internal__c_test_flags_2(state, p, endp)) {
@@ -8566,8 +8591,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_header_value_discard_ws;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_19: {
     state->error = 0x15;
@@ -8575,8 +8599,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_load_header_state;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_45: {
     state->error = 0x1c;
@@ -8584,8 +8607,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_field_1: {
     const unsigned char* start;
@@ -8602,8 +8624,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_invoke_llhttp__on_header_field_complete;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_header_field_2: {
     const unsigned char* start;
@@ -8620,8 +8641,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_invoke_llhttp__on_header_field_complete;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_62: {
     state->error = 0xa;
@@ -8629,32 +8649,28 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_10: {
     switch (llhttp__internal__c_update_header_state_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_field_general;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_store_header_state: {
     switch (llhttp__internal__c_store_header_state(state, p, endp, match)) {
       default:
         goto s_n_llhttp__internal__n_header_field_colon;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_header_state_11: {
     switch (llhttp__internal__c_update_header_state_1(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_header_field_general;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_4: {
     state->error = 0x1e;
@@ -8662,8 +8678,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags: {
     switch (llhttp__internal__c_test_lenient_flags(state, p, endp)) {
@@ -8672,8 +8687,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_4;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_20: {
     state->error = 0x15;
@@ -8681,8 +8695,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_headers_start;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_3: {
     state->error = 0x1a;
@@ -8690,8 +8703,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_url_complete: {
     switch (llhttp__on_url_complete(state, p, endp)) {
@@ -8702,24 +8714,21 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_error_3;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_http_minor: {
     switch (llhttp__internal__c_update_http_minor(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_llhttp__on_url_complete;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_http_major: {
     switch (llhttp__internal__c_update_http_major(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_http_minor;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_3: {
     const unsigned char* start;
@@ -8735,8 +8744,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_to_http09;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_63: {
     state->error = 0x7;
@@ -8744,8 +8752,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_4: {
     const unsigned char* start;
@@ -8761,73 +8768,65 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_lf_to_http09;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_71: {
+  s_n_llhttp__internal__n_error_72: {
     state->error = 0x17;
     state->reason = "Pause on PRI/Upgrade";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_72: {
+  s_n_llhttp__internal__n_error_73: {
     state->error = 0x9;
     state->reason = "Expected HTTP/2 Connection Preface";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_69: {
+  s_n_llhttp__internal__n_error_70: {
     state->error = 0x2;
     state->reason = "Expected CRLF after version";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_26: {
     switch (llhttp__internal__c_test_lenient_flags_8(state, p, endp)) {
       case 1:
         goto s_n_llhttp__internal__n_headers_start;
       default:
-        goto s_n_llhttp__internal__n_error_69;
+        goto s_n_llhttp__internal__n_error_70;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_68: {
+  s_n_llhttp__internal__n_error_69: {
     state->error = 0x9;
     state->reason = "Expected CRLF after version";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_25: {
     switch (llhttp__internal__c_test_lenient_flags_1(state, p, endp)) {
       case 1:
         goto s_n_llhttp__internal__n_req_http_complete_crlf;
       default:
-        goto s_n_llhttp__internal__n_error_68;
+        goto s_n_llhttp__internal__n_error_69;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_70: {
+  s_n_llhttp__internal__n_error_71: {
     state->error = 0x9;
     state->reason = "Expected CRLF after version";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_pause_21: {
     state->error = 0x15;
@@ -8835,17 +8834,15 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_load_method_1;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_67: {
+  s_n_llhttp__internal__n_error_68: {
     state->error = 0x21;
     state->reason = "`on_version_complete` callback error";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_version_1: {
     const unsigned char* start;
@@ -8861,8 +8858,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_llhttp__on_version_complete;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_version: {
     const unsigned char* start;
@@ -8874,12 +8870,11 @@ static llparse_state_t llhttp__internal__run(
     if (err != 0) {
       state->error = err;
       state->error_pos = (const char*) p;
-      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_66;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_67;
       return s_error;
     }
-    goto s_n_llhttp__internal__n_error_66;
-    /* UNREACHABLE */;
-    abort();
+    goto s_n_llhttp__internal__n_error_67;
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_http_minor: {
     switch (llhttp__internal__c_load_http_minor(state, p, endp)) {
@@ -8888,8 +8883,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_version;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_http_minor_1: {
     switch (llhttp__internal__c_load_http_minor(state, p, endp)) {
@@ -8900,8 +8894,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_version;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_http_minor_2: {
     switch (llhttp__internal__c_load_http_minor(state, p, endp)) {
@@ -8910,8 +8903,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_version;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_http_major: {
     switch (llhttp__internal__c_load_http_major(state, p, endp)) {
@@ -8924,8 +8916,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_version;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_24: {
     switch (llhttp__internal__c_test_lenient_flags_24(state, p, endp)) {
@@ -8934,16 +8925,14 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_invoke_load_http_major;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_store_http_minor: {
     switch (llhttp__internal__c_store_http_minor(state, p, endp, match)) {
       default:
         goto s_n_llhttp__internal__n_invoke_test_lenient_flags_24;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_version_2: {
     const unsigned char* start;
@@ -8955,12 +8944,11 @@ static llparse_state_t llhttp__internal__run(
     if (err != 0) {
       state->error = err;
       state->error_pos = (const char*) p;
-      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_73;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_74;
       return s_error;
     }
-    goto s_n_llhttp__internal__n_error_73;
-    /* UNREACHABLE */;
-    abort();
+    goto s_n_llhttp__internal__n_error_74;
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_version_3: {
     const unsigned char* start;
@@ -8972,20 +8960,18 @@ static llparse_state_t llhttp__internal__run(
     if (err != 0) {
       state->error = err;
       state->error_pos = (const char*) p;
-      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_74;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_75;
       return s_error;
     }
-    goto s_n_llhttp__internal__n_error_74;
-    /* UNREACHABLE */;
-    abort();
+    goto s_n_llhttp__internal__n_error_75;
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_store_http_major: {
     switch (llhttp__internal__c_store_http_major(state, p, endp, match)) {
       default:
         goto s_n_llhttp__internal__n_req_http_dot;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_version_4: {
     const unsigned char* start;
@@ -8997,183 +8983,163 @@ static llparse_state_t llhttp__internal__run(
     if (err != 0) {
       state->error = err;
       state->error_pos = (const char*) p;
-      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_75;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_76;
       return s_error;
     }
-    goto s_n_llhttp__internal__n_error_75;
-    /* UNREACHABLE */;
-    abort();
+    goto s_n_llhttp__internal__n_error_76;
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_65: {
+  s_n_llhttp__internal__n_error_77: {
+    state->error = 0x8;
+    state->reason = "Expected HTTP/, RTSP/ or ICE/";
+    state->error_pos = (const char*) p;
+    state->_current = (void*) (intptr_t) s_error;
+    return s_error;
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_error_66: {
     state->error = 0x8;
     state->reason = "Invalid method for HTTP/x.x request";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_invoke_load_method: {
-    switch (llhttp__internal__c_load_method(state, p, endp)) {
-      case 0:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 1:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 2:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 3:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 4:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 5:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 6:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 7:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 8:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 9:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 10:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 11:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 12:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 13:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 14:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 15:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 16:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 17:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 18:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 19:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 20:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 21:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 22:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 23:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 24:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 25:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 26:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 27:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 28:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 29:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 30:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 31:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 32:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 33:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 34:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 46:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      default:
-        goto s_n_llhttp__internal__n_error_65;
-    }
-    /* UNREACHABLE */;
-    abort();
+  s_n_llhttp__internal__n_pause_22: {
+    state->error = 0x15;
+    state->reason = "on_protocol_complete pause";
+    state->error_pos = (const char*) p;
+    state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_load_method;
+    return s_error;
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_78: {
-    state->error = 0x8;
-    state->reason = "Expected HTTP/";
+  s_n_llhttp__internal__n_error_65: {
+    state->error = 0x26;
+    state->reason = "`on_protocol_complete` callback error";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_span_end_llhttp__on_protocol: {
+    const unsigned char* start;
+    int err;
+    
+    start = state->_span_pos0;
+    state->_span_pos0 = NULL;
+    err = llhttp__on_protocol(state, start, p);
+    if (err != 0) {
+      state->error = err;
+      state->error_pos = (const char*) p;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete;
+      return s_error;
+    }
+    goto s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete;
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_span_end_llhttp__on_protocol_3: {
+    const unsigned char* start;
+    int err;
+    
+    start = state->_span_pos0;
+    state->_span_pos0 = NULL;
+    err = llhttp__on_protocol(state, start, p);
+    if (err != 0) {
+      state->error = err;
+      state->error_pos = (const char*) p;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_82;
+      return s_error;
+    }
+    goto s_n_llhttp__internal__n_error_82;
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_76: {
+  s_n_llhttp__internal__n_error_79: {
     state->error = 0x8;
     state->reason = "Expected SOURCE method for ICE/x.x request";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_invoke_load_method_2: {
-    switch (llhttp__internal__c_load_method(state, p, endp)) {
-      case 33:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      default:
-        goto s_n_llhttp__internal__n_error_76;
+  s_n_llhttp__internal__n_pause_23: {
+    state->error = 0x15;
+    state->reason = "on_protocol_complete pause";
+    state->error_pos = (const char*) p;
+    state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_load_method_2;
+    return s_error;
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_error_78: {
+    state->error = 0x26;
+    state->reason = "`on_protocol_complete` callback error";
+    state->error_pos = (const char*) p;
+    state->_current = (void*) (intptr_t) s_error;
+    return s_error;
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_span_end_llhttp__on_protocol_1: {
+    const unsigned char* start;
+    int err;
+    
+    start = state->_span_pos0;
+    state->_span_pos0 = NULL;
+    err = llhttp__on_protocol(state, start, p);
+    if (err != 0) {
+      state->error = err;
+      state->error_pos = (const char*) p;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_1;
+      return s_error;
     }
-    /* UNREACHABLE */;
-    abort();
+    goto s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_1;
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_77: {
+  s_n_llhttp__internal__n_error_81: {
     state->error = 0x8;
     state->reason = "Invalid method for RTSP/x.x request";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_invoke_load_method_3: {
-    switch (llhttp__internal__c_load_method(state, p, endp)) {
-      case 1:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 3:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 6:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 35:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 36:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 37:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 38:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 39:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 40:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 41:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 42:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 43:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 44:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      case 45:
-        goto s_n_llhttp__internal__n_span_start_llhttp__on_version;
-      default:
-        goto s_n_llhttp__internal__n_error_77;
+  s_n_llhttp__internal__n_pause_24: {
+    state->error = 0x15;
+    state->reason = "on_protocol_complete pause";
+    state->error_pos = (const char*) p;
+    state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_load_method_3;
+    return s_error;
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_error_80: {
+    state->error = 0x26;
+    state->reason = "`on_protocol_complete` callback error";
+    state->error_pos = (const char*) p;
+    state->_current = (void*) (intptr_t) s_error;
+    return s_error;
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_span_end_llhttp__on_protocol_2: {
+    const unsigned char* start;
+    int err;
+    
+    start = state->_span_pos0;
+    state->_span_pos0 = NULL;
+    err = llhttp__on_protocol(state, start, p);
+    if (err != 0) {
+      state->error = err;
+      state->error_pos = (const char*) p;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_2;
+      return s_error;
     }
-    /* UNREACHABLE */;
-    abort();
+    goto s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_2;
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_pause_22: {
+  s_n_llhttp__internal__n_pause_25: {
     state->error = 0x15;
     state->reason = "on_url_complete pause";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_req_http_start;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_64: {
     state->error = 0x1a;
@@ -9181,20 +9147,18 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_url_complete_1: {
     switch (llhttp__on_url_complete(state, p, endp)) {
       case 0:
         goto s_n_llhttp__internal__n_req_http_start;
       case 21:
-        goto s_n_llhttp__internal__n_pause_22;
+        goto s_n_llhttp__internal__n_pause_25;
       default:
         goto s_n_llhttp__internal__n_error_64;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_5: {
     const unsigned char* start;
@@ -9210,8 +9174,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_to_http;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_6: {
     const unsigned char* start;
@@ -9227,8 +9190,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_to_http09;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_7: {
     const unsigned char* start;
@@ -9244,8 +9206,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_lf_to_http09;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_8: {
     const unsigned char* start;
@@ -9261,17 +9222,15 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_to_http;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_79: {
+  s_n_llhttp__internal__n_error_83: {
     state->error = 0x7;
     state->reason = "Invalid char in url fragment start";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_9: {
     const unsigned char* start;
@@ -9287,8 +9246,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_to_http09;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_10: {
     const unsigned char* start;
@@ -9304,8 +9262,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_lf_to_http09;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_11: {
     const unsigned char* start;
@@ -9321,26 +9278,23 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_to_http;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_80: {
+  s_n_llhttp__internal__n_error_84: {
     state->error = 0x7;
     state->reason = "Invalid char in url query";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_81: {
+  s_n_llhttp__internal__n_error_85: {
     state->error = 0x7;
     state->reason = "Invalid char in url path";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url: {
     const unsigned char* start;
@@ -9356,8 +9310,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_to_http09;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_1: {
     const unsigned char* start;
@@ -9373,8 +9326,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_lf_to_http09;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_2: {
     const unsigned char* start;
@@ -9390,8 +9342,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_to_http;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_12: {
     const unsigned char* start;
@@ -9407,8 +9358,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_to_http09;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_13: {
     const unsigned char* start;
@@ -9424,8 +9374,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_lf_to_http09;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_url_14: {
     const unsigned char* start;
@@ -9441,62 +9390,55 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_url_skip_to_http;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_82: {
+  s_n_llhttp__internal__n_error_86: {
     state->error = 0x7;
     state->reason = "Double @ in url";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_83: {
+  s_n_llhttp__internal__n_error_87: {
     state->error = 0x7;
     state->reason = "Unexpected char in url server";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_84: {
+  s_n_llhttp__internal__n_error_88: {
     state->error = 0x7;
     state->reason = "Unexpected char in url server";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_85: {
+  s_n_llhttp__internal__n_error_89: {
     state->error = 0x7;
     state->reason = "Unexpected char in url schema";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_86: {
+  s_n_llhttp__internal__n_error_90: {
     state->error = 0x7;
     state->reason = "Unexpected char in url schema";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_87: {
+  s_n_llhttp__internal__n_error_91: {
     state->error = 0x7;
     state->reason = "Unexpected start char in url";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_is_equal_method: {
     switch (llhttp__internal__c_is_equal_method(state, p, endp)) {
@@ -9505,35 +9447,31 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_url_entry_connect;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_88: {
+  s_n_llhttp__internal__n_error_92: {
     state->error = 0x6;
     state->reason = "Expected space after method";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_pause_26: {
+  s_n_llhttp__internal__n_pause_29: {
     state->error = 0x15;
     state->reason = "on_method_complete pause";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_req_first_space_before_url;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_107: {
+  s_n_llhttp__internal__n_error_111: {
     state->error = 0x20;
     state->reason = "`on_method_complete` callback error";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_method_2: {
     const unsigned char* start;
@@ -9549,129 +9487,115 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_llhttp__on_method_complete_1;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_store_method_1: {
     switch (llhttp__internal__c_store_method(state, p, endp, match)) {
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_method_2;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_108: {
+  s_n_llhttp__internal__n_error_112: {
     state->error = 0x6;
     state->reason = "Invalid method encountered";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_100: {
+  s_n_llhttp__internal__n_error_104: {
     state->error = 0xd;
     state->reason = "Invalid status code";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_98: {
+  s_n_llhttp__internal__n_error_102: {
     state->error = 0xd;
     state->reason = "Invalid status code";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_96: {
+  s_n_llhttp__internal__n_error_100: {
     state->error = 0xd;
     state->reason = "Invalid status code";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_pause_24: {
+  s_n_llhttp__internal__n_pause_27: {
     state->error = 0x15;
     state->reason = "on_status_complete pause";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_headers_start;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_92: {
+  s_n_llhttp__internal__n_error_96: {
     state->error = 0x1b;
     state->reason = "`on_status_complete` callback error";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_status_complete: {
     switch (llhttp__on_status_complete(state, p, endp)) {
       case 0:
         goto s_n_llhttp__internal__n_headers_start;
       case 21:
-        goto s_n_llhttp__internal__n_pause_24;
+        goto s_n_llhttp__internal__n_pause_27;
       default:
-        goto s_n_llhttp__internal__n_error_92;
+        goto s_n_llhttp__internal__n_error_96;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_91: {
+  s_n_llhttp__internal__n_error_95: {
     state->error = 0xd;
     state->reason = "Invalid response status";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_28: {
     switch (llhttp__internal__c_test_lenient_flags_1(state, p, endp)) {
       case 1:
         goto s_n_llhttp__internal__n_invoke_llhttp__on_status_complete;
       default:
-        goto s_n_llhttp__internal__n_error_91;
+        goto s_n_llhttp__internal__n_error_95;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_93: {
+  s_n_llhttp__internal__n_error_97: {
     state->error = 0x2;
     state->reason = "Expected LF after CR";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_29: {
     switch (llhttp__internal__c_test_lenient_flags_8(state, p, endp)) {
       case 1:
         goto s_n_llhttp__internal__n_invoke_llhttp__on_status_complete;
       default:
-        goto s_n_llhttp__internal__n_error_93;
+        goto s_n_llhttp__internal__n_error_97;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_94: {
+  s_n_llhttp__internal__n_error_98: {
     state->error = 0x19;
     state->reason = "Missing expected CR after response line";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_status: {
     const unsigned char* start;
@@ -9688,8 +9612,7 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_invoke_test_lenient_flags_30;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_status_1: {
     const unsigned char* start;
@@ -9706,109 +9629,97 @@ static llparse_state_t llhttp__internal__run(
     }
     p++;
     goto s_n_llhttp__internal__n_res_line_almost_done;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_95: {
+  s_n_llhttp__internal__n_error_99: {
     state->error = 0xd;
     state->reason = "Invalid response status";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_mul_add_status_code_2: {
     switch (llhttp__internal__c_mul_add_status_code(state, p, endp, match)) {
       case 1:
-        goto s_n_llhttp__internal__n_error_96;
+        goto s_n_llhttp__internal__n_error_100;
       default:
         goto s_n_llhttp__internal__n_res_status_code_otherwise;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_97: {
+  s_n_llhttp__internal__n_error_101: {
     state->error = 0xd;
     state->reason = "Invalid status code";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_mul_add_status_code_1: {
     switch (llhttp__internal__c_mul_add_status_code(state, p, endp, match)) {
       case 1:
-        goto s_n_llhttp__internal__n_error_98;
+        goto s_n_llhttp__internal__n_error_102;
       default:
         goto s_n_llhttp__internal__n_res_status_code_digit_3;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_99: {
+  s_n_llhttp__internal__n_error_103: {
     state->error = 0xd;
     state->reason = "Invalid status code";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_mul_add_status_code: {
     switch (llhttp__internal__c_mul_add_status_code(state, p, endp, match)) {
       case 1:
-        goto s_n_llhttp__internal__n_error_100;
+        goto s_n_llhttp__internal__n_error_104;
       default:
         goto s_n_llhttp__internal__n_res_status_code_digit_2;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_101: {
+  s_n_llhttp__internal__n_error_105: {
     state->error = 0xd;
     state->reason = "Invalid status code";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_status_code: {
     switch (llhttp__internal__c_update_status_code(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_res_status_code_digit_1;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_102: {
+  s_n_llhttp__internal__n_error_106: {
     state->error = 0x9;
     state->reason = "Expected space after version";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_pause_25: {
+  s_n_llhttp__internal__n_pause_28: {
     state->error = 0x15;
     state->reason = "on_version_complete pause";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_res_after_version;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_90: {
+  s_n_llhttp__internal__n_error_94: {
     state->error = 0x21;
     state->reason = "`on_version_complete` callback error";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_version_6: {
     const unsigned char* start;
@@ -9824,8 +9735,7 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_llhttp__on_version_complete_1;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_version_5: {
     const unsigned char* start;
@@ -9837,12 +9747,11 @@ static llparse_state_t llhttp__internal__run(
     if (err != 0) {
       state->error = err;
       state->error_pos = (const char*) p;
-      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_89;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_93;
       return s_error;
     }
-    goto s_n_llhttp__internal__n_error_89;
-    /* UNREACHABLE */;
-    abort();
+    goto s_n_llhttp__internal__n_error_93;
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_http_minor_3: {
     switch (llhttp__internal__c_load_http_minor(state, p, endp)) {
@@ -9851,8 +9760,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_version_5;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_http_minor_4: {
     switch (llhttp__internal__c_load_http_minor(state, p, endp)) {
@@ -9863,8 +9771,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_version_5;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_http_minor_5: {
     switch (llhttp__internal__c_load_http_minor(state, p, endp)) {
@@ -9873,8 +9780,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_version_5;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_http_major_1: {
     switch (llhttp__internal__c_load_http_major(state, p, endp)) {
@@ -9887,8 +9793,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_version_5;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_test_lenient_flags_27: {
     switch (llhttp__internal__c_test_lenient_flags_24(state, p, endp)) {
@@ -9897,16 +9802,14 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_invoke_load_http_major_1;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_store_http_minor_1: {
     switch (llhttp__internal__c_store_http_minor(state, p, endp, match)) {
       default:
         goto s_n_llhttp__internal__n_invoke_test_lenient_flags_27;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_version_7: {
     const unsigned char* start;
@@ -9918,12 +9821,11 @@ static llparse_state_t llhttp__internal__run(
     if (err != 0) {
       state->error = err;
       state->error_pos = (const char*) p;
-      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_103;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_107;
       return s_error;
     }
-    goto s_n_llhttp__internal__n_error_103;
-    /* UNREACHABLE */;
-    abort();
+    goto s_n_llhttp__internal__n_error_107;
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_version_8: {
     const unsigned char* start;
@@ -9935,20 +9837,18 @@ static llparse_state_t llhttp__internal__run(
     if (err != 0) {
       state->error = err;
       state->error_pos = (const char*) p;
-      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_104;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_108;
       return s_error;
     }
-    goto s_n_llhttp__internal__n_error_104;
-    /* UNREACHABLE */;
-    abort();
+    goto s_n_llhttp__internal__n_error_108;
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_store_http_major_1: {
     switch (llhttp__internal__c_store_http_major(state, p, endp, match)) {
       default:
         goto s_n_llhttp__internal__n_res_http_dot;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_version_9: {
     const unsigned char* start;
@@ -9960,30 +9860,75 @@ static llparse_state_t llhttp__internal__run(
     if (err != 0) {
       state->error = err;
       state->error_pos = (const char*) p;
-      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_105;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_109;
       return s_error;
     }
-    goto s_n_llhttp__internal__n_error_105;
-    /* UNREACHABLE */;
-    abort();
+    goto s_n_llhttp__internal__n_error_109;
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_109: {
+  s_n_llhttp__internal__n_error_114: {
     state->error = 0x8;
-    state->reason = "Expected HTTP/";
+    state->reason = "Expected HTTP/, RTSP/ or ICE/";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_pause_23: {
+  s_n_llhttp__internal__n_pause_30: {
+    state->error = 0x15;
+    state->reason = "on_protocol_complete pause";
+    state->error_pos = (const char*) p;
+    state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_res_after_protocol;
+    return s_error;
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_error_113: {
+    state->error = 0x26;
+    state->reason = "`on_protocol_complete` callback error";
+    state->error_pos = (const char*) p;
+    state->_current = (void*) (intptr_t) s_error;
+    return s_error;
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_span_end_llhttp__on_protocol_4: {
+    const unsigned char* start;
+    int err;
+    
+    start = state->_span_pos0;
+    state->_span_pos0 = NULL;
+    err = llhttp__on_protocol(state, start, p);
+    if (err != 0) {
+      state->error = err;
+      state->error_pos = (const char*) p;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_3;
+      return s_error;
+    }
+    goto s_n_llhttp__internal__n_invoke_llhttp__on_protocol_complete_3;
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_span_end_llhttp__on_protocol_5: {
+    const unsigned char* start;
+    int err;
+    
+    start = state->_span_pos0;
+    state->_span_pos0 = NULL;
+    err = llhttp__on_protocol(state, start, p);
+    if (err != 0) {
+      state->error = err;
+      state->error_pos = (const char*) p;
+      state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_115;
+      return s_error;
+    }
+    goto s_n_llhttp__internal__n_error_115;
+    UNREACHABLE;
+  }
+  s_n_llhttp__internal__n_pause_26: {
     state->error = 0x15;
     state->reason = "on_method_complete pause";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_req_first_space_before_url;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error_1: {
     state->error = 0x20;
@@ -9991,8 +9936,7 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_method: {
     const unsigned char* start;
@@ -10008,33 +9952,29 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_llhttp__on_method_complete;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_type: {
     switch (llhttp__internal__c_update_type(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_span_end_llhttp__on_method;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_store_method: {
     switch (llhttp__internal__c_store_method(state, p, endp, match)) {
       default:
         goto s_n_llhttp__internal__n_invoke_update_type;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_106: {
+  s_n_llhttp__internal__n_error_110: {
     state->error = 0x8;
     state->reason = "Invalid word encountered";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_span_end_llhttp__on_method_1: {
     const unsigned char* start;
@@ -10050,25 +9990,22 @@ static llparse_state_t llhttp__internal__run(
       return s_error;
     }
     goto s_n_llhttp__internal__n_invoke_update_type_1;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_update_type_2: {
     switch (llhttp__internal__c_update_type(state, p, endp)) {
       default:
         goto s_n_llhttp__internal__n_span_start_llhttp__on_method_1;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_pause_27: {
+  s_n_llhttp__internal__n_pause_31: {
     state->error = 0x15;
     state->reason = "on_message_begin pause";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_load_type;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_error: {
     state->error = 0x10;
@@ -10076,50 +10013,45 @@ static llparse_state_t llhttp__internal__run(
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_message_begin: {
     switch (llhttp__on_message_begin(state, p, endp)) {
       case 0:
         goto s_n_llhttp__internal__n_invoke_load_type;
       case 21:
-        goto s_n_llhttp__internal__n_pause_27;
+        goto s_n_llhttp__internal__n_pause_31;
       default:
         goto s_n_llhttp__internal__n_error;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_pause_28: {
+  s_n_llhttp__internal__n_pause_32: {
     state->error = 0x15;
     state->reason = "on_reset pause";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_invoke_update_finish;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
-  s_n_llhttp__internal__n_error_110: {
+  s_n_llhttp__internal__n_error_116: {
     state->error = 0x1f;
     state->reason = "`on_reset` callback error";
     state->error_pos = (const char*) p;
     state->_current = (void*) (intptr_t) s_error;
     return s_error;
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_llhttp__on_reset: {
     switch (llhttp__on_reset(state, p, endp)) {
       case 0:
         goto s_n_llhttp__internal__n_invoke_update_finish;
       case 21:
-        goto s_n_llhttp__internal__n_pause_28;
+        goto s_n_llhttp__internal__n_pause_32;
       default:
-        goto s_n_llhttp__internal__n_error_110;
+        goto s_n_llhttp__internal__n_error_116;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
   s_n_llhttp__internal__n_invoke_load_initial_message_completed: {
     switch (llhttp__internal__c_load_initial_message_completed(state, p, endp)) {
@@ -10128,8 +10060,7 @@ static llparse_state_t llhttp__internal__run(
       default:
         goto s_n_llhttp__internal__n_invoke_update_finish;
     }
-    /* UNREACHABLE */;
-    abort();
+    UNREACHABLE;
   }
 }
 
diff --git a/src/node_http_parser.cc b/src/node_http_parser.cc
index 663f7da5b901a7..8ded2021920576 100644
--- a/src/node_http_parser.cc
+++ b/src/node_http_parser.cc
@@ -1200,6 +1200,10 @@ void ConnectionsList::Expired(const FunctionCallbackInfo<Value>& args) {
 
 const llhttp_settings_t Parser::settings = {
     Proxy<Call, &Parser::on_message_begin>::Raw,
+
+    // on_protocol
+    nullptr,
+
     Proxy<DataCall, &Parser::on_url>::Raw,
     Proxy<DataCall, &Parser::on_status>::Raw,
 
@@ -1220,6 +1224,8 @@ const llhttp_settings_t Parser::settings = {
     Proxy<DataCall, &Parser::on_body>::Raw,
     Proxy<Call, &Parser::on_message_complete>::Raw,
 
+    // on_protocol_complete
+    nullptr,
     // on_url_complete
     nullptr,
     // on_status_complete
diff --git a/test/parallel/test-http-client-parse-error.js b/test/parallel/test-http-client-parse-error.js
index 5d0ad4b1463ed5..c2167aaabcf8fd 100644
--- a/test/parallel/test-http-client-parse-error.js
+++ b/test/parallel/test-http-client-parse-error.js
@@ -47,7 +47,7 @@ server.listen(0, common.mustCall(() => {
       assert.strictEqual(req.socket.listenerCount('end'), 1);
       common.expectsError({
         code: 'HPE_INVALID_CONSTANT',
-        message: 'Parse Error: Expected HTTP/'
+        message: 'Parse Error: Expected HTTP/, RTSP/ or ICE/'
       })(e);
       countdown.dec();
     }));

From 84d5c4d2441718c4825083e9cc85429bf8100108 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Stan=C4=9Bk?= <jstanek@redhat.com>
Date: Thu, 22 May 2025 14:16:25 +0200
Subject: [PATCH 004/138] build: search for libnode.so in multiple places

As the actual location of built libnode.so may differ depending on which
system was used to orchestrate the build (ninja or make),
multiple places should be searched for it's location.

PR-URL: https://github.com/nodejs/node/pull/58213
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
---
 tools/install.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/tools/install.py b/tools/install.py
index 2dceb5c39ea4a1..8babb8fd6ecd9d 100755
--- a/tools/install.py
+++ b/tools/install.py
@@ -181,9 +181,19 @@ def files(options, action):
       link_path = abspath(options.install_path, 'lib/libnode.so')
       try_symlink(options, so_name, link_path)
     else:
-      output_lib = 'libnode.' + options.variables.get('shlib_suffix')
-      action(options, [os.path.join(options.build_dir, output_lib)],
-             os.path.join(options.variables.get('libdir'), output_lib))
+      # Ninja and Makefile generators output the library in different directories;
+      # find out which one we have, and install first found
+      output_lib_name = 'libnode.' + options.variables.get('shlib_suffix')
+      output_lib_candidate_paths = [
+        os.path.join(options.build_dir, output_lib_name),
+        os.path.join(options.build_dir, "lib", output_lib_name),
+      ]
+      try:
+        output_lib = next(filter(os.path.exists, output_lib_candidate_paths))
+      except StopIteration as not_found:
+        raise RuntimeError("No libnode.so to install!") from not_found
+      action(options, [output_lib],
+             os.path.join(options.variables.get('libdir'), output_lib_name))
 
   action(options, [os.path.join(options.v8_dir, 'tools/gdbinit')], 'share/doc/node/')
   action(options, [os.path.join(options.v8_dir, 'tools/lldb_commands.py')], 'share/doc/node/')

From 959a67f6ff9cacb8c786fa6e8ea6acdf3a4b4ee9 Mon Sep 17 00:00:00 2001
From: Livia Medeiros <livia@cirno.name>
Date: Wed, 14 May 2025 16:08:14 +0900
Subject: [PATCH 005/138] doc: make Stability labels not sticky in Stability
 index
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58291
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Dario Piotrowicz <dario.piotrowicz@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
---
 doc/api_assets/style.css | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/doc/api_assets/style.css b/doc/api_assets/style.css
index 1288b1a5956390..0db84473402b7e 100644
--- a/doc/api_assets/style.css
+++ b/doc/api_assets/style.css
@@ -295,6 +295,10 @@ li.picker-header a span {
   line-height: 1.5;
 }
 
+#api-section-documentation .api_stability {
+  position: static;
+}
+
 .api_stability * {
   color: var(--white) !important;
 }

From 182ae67233a83d74fe641059ddac3ee80a3a207d Mon Sep 17 00:00:00 2001
From: Ethan Arrowood <ethan@arrowood.dev>
Date: Mon, 2 Jun 2025 09:29:36 -0600
Subject: [PATCH 006/138] dns: fix dns query cache implementation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58404
Refs: https://github.com/nodejs/node/pull/57640
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>
---
 src/cares_wrap.cc         | 6 +++---
 test/parallel/test-dns.js | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/cares_wrap.cc b/src/cares_wrap.cc
index cc19df09f1756f..8ca1595a738e10 100644
--- a/src/cares_wrap.cc
+++ b/src/cares_wrap.cc
@@ -724,9 +724,9 @@ void ChannelWrap::Setup() {
   }
 
   /* We do the call to ares_init_option for caller. */
-  const int optmask =
-      ARES_OPT_FLAGS | ARES_OPT_TIMEOUTMS |
-      ARES_OPT_SOCK_STATE_CB | ARES_OPT_TRIES;
+  const int optmask = ARES_OPT_FLAGS | ARES_OPT_TIMEOUTMS |
+                      ARES_OPT_SOCK_STATE_CB | ARES_OPT_TRIES |
+                      ARES_OPT_QUERY_CACHE;
   r = ares_init_options(&channel_, &options, optmask);
 
   if (r != ARES_SUCCESS) {
diff --git a/test/parallel/test-dns.js b/test/parallel/test-dns.js
index a6b3e459aa00a5..7d67b09d58fc5d 100644
--- a/test/parallel/test-dns.js
+++ b/test/parallel/test-dns.js
@@ -415,7 +415,7 @@ assert.throws(() => {
         (answer) => Object.assign({ domain }, answer)
       ),
     }), port, address);
-  }, cases.length * 2 - 1));
+  }, cases.length * 2));
 
   server.bind(0, common.mustCall(() => {
     const address = server.address();

From 04d9c5baebbb96847b361f88691e8dee6d6a9600 Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Thu, 10 Jul 2025 16:22:51 +0200
Subject: [PATCH 007/138] doc: add scroll margin to links
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58982
Reviewed-By: Claudio Wunder <cwunder@gnome.org>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
---
 doc/api_assets/style.css | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/doc/api_assets/style.css b/doc/api_assets/style.css
index 0db84473402b7e..bcf6b88b94b890 100644
--- a/doc/api_assets/style.css
+++ b/doc/api_assets/style.css
@@ -369,6 +369,11 @@ p {
   padding-bottom: 2rem;
 }
 
+/* prevent the module-level sticky stability header from overlapping the section headers when clicked */
+#apicontent:has(> .api_stability) a {
+  scroll-margin-top: 50px;
+}
+
 table {
   border-collapse: collapse;
   margin: 0 0 1.5rem;
@@ -830,6 +835,12 @@ kbd {
     position: relative;
     top: 0;
   }
+  .api_stability {
+    top: 0;
+  }
+  #apicontent a {
+    scroll-margin-top: 0;
+  }
 }
 
 @media not screen, (max-height: 1000px) {

From 9b74e9bfd9a97d53954ca923654414e03ecff8e9 Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Mon, 11 Nov 2024 14:31:44 -0300
Subject: [PATCH 008/138] permission: ignore internalModuleStat on module
 loading
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This improves Permission Model usage when allowing read access to
specifi modules. To achieve that, the permission model check on
internalModuleStat has been removed meaning that on module loading,
uv_fs_stat is performed on files and folders even when the permission
model is enabled. Although a uv_fs_stat is performed, reading/executing
the module will still pass by the permission model check.

Without this PR when an app tries to --allow-fs-read=./a.js
--allow-fs-read=./b.js where `a` attempt to load b, it will fails as
it reads $pwd and no permission has been given to this path.

PR-URL: https://github.com/nodejs/node/pull/55797
Backport-PR-URL: https://github.com/nodejs/node/pull/58185
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
---
 doc/api/cli.md                                |  7 --
 doc/api/permissions.md                        |  7 --
 lib/internal/modules/cjs/loader.js            |  6 +-
 src/node_file.cc                              |  6 +-
 test/fixtures/permission/fs-read.js           |  7 ++
 test/fixtures/permission/main-module.js       |  1 +
 test/fixtures/permission/main-module.mjs      |  1 +
 test/fixtures/permission/required-module.js   |  1 +
 test/fixtures/permission/required-module.mjs  |  1 +
 ...test-permission-fs-internal-module-stat.js | 19 +++++
 test/parallel/test-permission-fs-require.js   | 76 +++++++++++++++++++
 11 files changed, 109 insertions(+), 23 deletions(-)
 create mode 100644 test/fixtures/permission/main-module.js
 create mode 100644 test/fixtures/permission/main-module.mjs
 create mode 100644 test/fixtures/permission/required-module.js
 create mode 100644 test/fixtures/permission/required-module.mjs
 create mode 100644 test/parallel/test-permission-fs-internal-module-stat.js
 create mode 100644 test/parallel/test-permission-fs-require.js

diff --git a/doc/api/cli.md b/doc/api/cli.md
index d39b090ba6cc29..cff17926e2bc83 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -217,15 +217,8 @@ The initializer module also needs to be allowed. Consider the following example:
 
 ```console
 $ node --experimental-permission t.js
-node:internal/modules/cjs/loader:162
-  const result = internalModuleStat(filename);
-                 ^
 
 Error: Access to this API has been restricted
-    at stat (node:internal/modules/cjs/loader:162:18)
-    at Module._findPath (node:internal/modules/cjs/loader:640:16)
-    at resolveMainPath (node:internal/modules/run_main:15:25)
-    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:53:24)
     at node:internal/main/run_main_module:23:47 {
   code: 'ERR_ACCESS_DENIED',
   permission: 'FileSystemRead',
diff --git a/doc/api/permissions.md b/doc/api/permissions.md
index 80516643e890d4..4a17d949721241 100644
--- a/doc/api/permissions.md
+++ b/doc/api/permissions.md
@@ -500,15 +500,8 @@ will be restricted.
 
 ```console
 $ node --experimental-permission index.js
-node:internal/modules/cjs/loader:171
-  const result = internalModuleStat(filename);
-                 ^
 
 Error: Access to this API has been restricted
-    at stat (node:internal/modules/cjs/loader:171:18)
-    at Module._findPath (node:internal/modules/cjs/loader:627:16)
-    at resolveMainPath (node:internal/modules/run_main:19:25)
-    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:76:24)
     at node:internal/main/run_main_module:23:47 {
   code: 'ERR_ACCESS_DENIED',
   permission: 'FileSystemRead',
diff --git a/lib/internal/modules/cjs/loader.js b/lib/internal/modules/cjs/loader.js
index ebccdb28256314..33e80234ce8ff1 100644
--- a/lib/internal/modules/cjs/loader.js
+++ b/lib/internal/modules/cjs/loader.js
@@ -164,7 +164,6 @@ const policy = getLazy(
 );
 const shouldReportRequiredModules = getLazy(() => process.env.WATCH_REPORT_DEPENDENCIES);
 
-const permission = require('internal/process/permission');
 const {
   vm_dynamic_import_default_internal,
 } = internalBinding('symbols');
@@ -704,11 +703,8 @@ Module._findPath = function(request, paths, isMain) {
   // For each path
   for (let i = 0; i < paths.length; i++) {
     // Don't search further if path doesn't exist
-    // or doesn't have permission to it
     const curPath = paths[i];
-    if (insidePath && curPath &&
-      ((permission.isEnabled() && !permission.has('fs.read', curPath)) || _stat(curPath) < 1)
-    ) {
+    if (insidePath && curPath && _stat(curPath) < 1) {
       continue;
     }
 
diff --git a/src/node_file.cc b/src/node_file.cc
index bba27a4a901594..3dd087294e6a95 100644
--- a/src/node_file.cc
+++ b/src/node_file.cc
@@ -1045,6 +1045,8 @@ static void ExistsSync(const FunctionCallbackInfo<Value>& args) {
 }
 
 // Used to speed up module loading. Returns an array [string, boolean]
+// Do not expose this function through public API as it doesn't hold
+// Permission Model checks.
 static void InternalModuleReadJSON(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
   Isolate* isolate = env->isolate();
@@ -1052,8 +1054,6 @@ static void InternalModuleReadJSON(const FunctionCallbackInfo<Value>& args) {
 
   CHECK(args[0]->IsString());
   node::Utf8Value path(isolate, args[0]);
-  THROW_IF_INSUFFICIENT_PERMISSIONS(
-      env, permission::PermissionScope::kFileSystemRead, path.ToStringView());
 
   if (strlen(*path) != path.length()) {
     args.GetReturnValue().Set(Array::New(isolate));
@@ -1149,8 +1149,6 @@ static void InternalModuleStat(const FunctionCallbackInfo<Value>& args) {
 
   CHECK(args[0]->IsString());
   node::Utf8Value path(env->isolate(), args[0]);
-  THROW_IF_INSUFFICIENT_PERMISSIONS(
-      env, permission::PermissionScope::kFileSystemRead, path.ToStringView());
 
   uv_fs_t req;
   int rc = uv_fs_stat(env->event_loop(), &req, *path, nullptr);
diff --git a/test/fixtures/permission/fs-read.js b/test/fixtures/permission/fs-read.js
index 03261d975ab94c..5679387cfd6275 100644
--- a/test/fixtures/permission/fs-read.js
+++ b/test/fixtures/permission/fs-read.js
@@ -281,6 +281,13 @@ const regularFile = __filename;
     permission: 'FileSystemRead',
     // resource: path.toNamespacedPath(blockedFolder),
   }));
+  assert.throws(() => {
+    fs.readdirSync(blockedFolder, { recursive: true });
+  }, common.expectsError({
+    code: 'ERR_ACCESS_DENIED',
+    permission: 'FileSystemRead',
+    resource: path.toNamespacedPath(blockedFolder),
+  }));
   assert.throws(() => {
     fs.readdirSync(blockedFolder);
   }, common.expectsError({
diff --git a/test/fixtures/permission/main-module.js b/test/fixtures/permission/main-module.js
new file mode 100644
index 00000000000000..cac52e04dddd24
--- /dev/null
+++ b/test/fixtures/permission/main-module.js
@@ -0,0 +1 @@
+require('./required-module');
\ No newline at end of file
diff --git a/test/fixtures/permission/main-module.mjs b/test/fixtures/permission/main-module.mjs
new file mode 100644
index 00000000000000..e7c28f7f6cab19
--- /dev/null
+++ b/test/fixtures/permission/main-module.mjs
@@ -0,0 +1 @@
+import './required-module.mjs';
\ No newline at end of file
diff --git a/test/fixtures/permission/required-module.js b/test/fixtures/permission/required-module.js
new file mode 100644
index 00000000000000..e8dbf442c5b1a2
--- /dev/null
+++ b/test/fixtures/permission/required-module.js
@@ -0,0 +1 @@
+console.log('ok');
\ No newline at end of file
diff --git a/test/fixtures/permission/required-module.mjs b/test/fixtures/permission/required-module.mjs
new file mode 100644
index 00000000000000..e8dbf442c5b1a2
--- /dev/null
+++ b/test/fixtures/permission/required-module.mjs
@@ -0,0 +1 @@
+console.log('ok');
\ No newline at end of file
diff --git a/test/parallel/test-permission-fs-internal-module-stat.js b/test/parallel/test-permission-fs-internal-module-stat.js
new file mode 100644
index 00000000000000..68e02f7f96327a
--- /dev/null
+++ b/test/parallel/test-permission-fs-internal-module-stat.js
@@ -0,0 +1,19 @@
+// Flags: --expose-internals --experimental-permission --allow-fs-read=test/common* --allow-fs-read=tools* --allow-fs-read=test/parallel* --allow-child-process
+'use strict';
+
+const common = require('../common');
+common.skipIfWorker();
+
+if (!common.hasCrypto) {
+  common.skip('no crypto');
+}
+
+const { internalBinding } = require('internal/test/binding');
+const fixtures = require('../common/fixtures');
+
+const blockedFile = fixtures.path('permission', 'deny', 'protected-file.md');
+const internalFsBinding = internalBinding('fs');
+
+{
+  internalFsBinding.internalModuleStat(blockedFile);
+}
diff --git a/test/parallel/test-permission-fs-require.js b/test/parallel/test-permission-fs-require.js
new file mode 100644
index 00000000000000..6a2e9201dac7b4
--- /dev/null
+++ b/test/parallel/test-permission-fs-require.js
@@ -0,0 +1,76 @@
+// Flags: --experimental-permission --allow-fs-read=* --allow-child-process
+'use strict';
+
+const common = require('../common');
+common.skipIfWorker();
+const fixtures = require('../common/fixtures');
+
+const assert = require('node:assert');
+const { spawnSync } = require('node:child_process');
+
+{
+  const mainModule = fixtures.path('permission', 'main-module.js');
+  const requiredModule = fixtures.path('permission', 'required-module.js');
+  const { status, stdout, stderr } = spawnSync(
+    process.execPath,
+    [
+      '--experimental-permission',
+      '--allow-fs-read', mainModule,
+      '--allow-fs-read', requiredModule,
+      mainModule,
+    ]
+  );
+
+  assert.strictEqual(status, 0, stderr.toString());
+  assert.strictEqual(stdout.toString(), 'ok\n');
+}
+
+{
+  // When required module is not passed as allowed path
+  const mainModule = fixtures.path('permission', 'main-module.js');
+  const { status, stderr } = spawnSync(
+    process.execPath,
+    [
+      '--experimental-permission',
+      '--allow-fs-read', mainModule,
+      mainModule,
+    ]
+  );
+
+  assert.strictEqual(status, 1, stderr.toString());
+  assert.match(stderr.toString(), /Error: Access to this API has been restricted/);
+}
+
+{
+  // ESM loader test
+  const mainModule = fixtures.path('permission', 'main-module.mjs');
+  const requiredModule = fixtures.path('permission', 'required-module.mjs');
+  const { status, stdout, stderr } = spawnSync(
+    process.execPath,
+    [
+      '--experimental-permission',
+      '--allow-fs-read', mainModule,
+      '--allow-fs-read', requiredModule,
+      mainModule,
+    ]
+  );
+
+  assert.strictEqual(status, 0, stderr.toString());
+  assert.strictEqual(stdout.toString(), 'ok\n');
+}
+
+{
+  // When required module is not passed as allowed path (ESM)
+  const mainModule = fixtures.path('permission', 'main-module.mjs');
+  const { status, stderr } = spawnSync(
+    process.execPath,
+    [
+      '--experimental-permission',
+      '--allow-fs-read', mainModule,
+      mainModule,
+    ]
+  );
+
+  assert.strictEqual(status, 1, stderr.toString());
+  assert.match(stderr.toString(), /Error: Access to this API has been restricted/);
+}

From 142d701201fc57dcfb873f0993f18b8aad382e88 Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Thu, 26 Jun 2025 18:08:49 -0400
Subject: [PATCH 009/138] deps: update minimatch to 10.0.3
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58712
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 deps/minimatch/dist/commonjs/index.js     |    7 +-
 deps/minimatch/dist/commonjs/index.js.map |    2 +-
 deps/minimatch/dist/esm/index.js          |    2 +-
 deps/minimatch/dist/esm/index.js.map      |    2 +-
 deps/minimatch/index.js                   |  207 +--
 deps/minimatch/package-lock.json          | 1597 +++++++++++++--------
 deps/minimatch/package.json               |   21 +-
 7 files changed, 1133 insertions(+), 705 deletions(-)

diff --git a/deps/minimatch/dist/commonjs/index.js b/deps/minimatch/dist/commonjs/index.js
index 64a0f1f833222e..f58fb8616aa9ab 100644
--- a/deps/minimatch/dist/commonjs/index.js
+++ b/deps/minimatch/dist/commonjs/index.js
@@ -1,10 +1,7 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.unescape = exports.escape = exports.AST = exports.Minimatch = exports.match = exports.makeRe = exports.braceExpand = exports.defaults = exports.filter = exports.GLOBSTAR = exports.sep = exports.minimatch = void 0;
-const brace_expansion_1 = __importDefault(require("brace-expansion"));
+const brace_expansion_1 = require("@isaacs/brace-expansion");
 const assert_valid_pattern_js_1 = require("./assert-valid-pattern.js");
 const ast_js_1 = require("./ast.js");
 const escape_js_1 = require("./escape.js");
@@ -157,7 +154,7 @@ const braceExpand = (pattern, options = {}) => {
         // shortcut. no need to expand.
         return [pattern];
     }
-    return (0, brace_expansion_1.default)(pattern);
+    return (0, brace_expansion_1.expand)(pattern);
 };
 exports.braceExpand = braceExpand;
 exports.minimatch.braceExpand = exports.braceExpand;
diff --git a/deps/minimatch/dist/commonjs/index.js.map b/deps/minimatch/dist/commonjs/index.js.map
index 5e9676935a3463..96ae5accf6a889 100644
--- a/deps/minimatch/dist/commonjs/index.js.map
+++ b/deps/minimatch/dist/commonjs/index.js.map
@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;AAAA,sEAAoC;AACpC,uEAA8D;AAC9D,qCAA2C;AAC3C,2CAAoC;AACpC,+CAAwC;AAsCjC,MAAM,SAAS,GAAG,CACvB,CAAS,EACT,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,IAAA,4CAAkB,EAAC,OAAO,CAAC,CAAA;IAE3B,oCAAoC;IACpC,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;QACpD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;AACjD,CAAC,CAAA;AAbY,QAAA,SAAS,aAarB;AAED,wDAAwD;AACxD,MAAM,YAAY,GAAG,uBAAuB,CAAA;AAC5C,MAAM,cAAc,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,CAAS,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACvC,MAAM,iBAAiB,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACzE,MAAM,oBAAoB,GAAG,CAAC,GAAW,EAAE,EAAE;IAC3C,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC3E,CAAC,CAAA;AACD,MAAM,uBAAuB,GAAG,CAAC,GAAW,EAAE,EAAE;IAC9C,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACrD,CAAC,CAAA;AACD,MAAM,aAAa,GAAG,YAAY,CAAA;AAClC,MAAM,eAAe,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC5E,MAAM,kBAAkB,GAAG,CAAC,CAAS,EAAE,EAAE,CACvC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC5C,MAAM,SAAS,GAAG,SAAS,CAAA;AAC3B,MAAM,WAAW,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AAC/E,MAAM,MAAM,GAAG,OAAO,CAAA;AACtB,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AACpE,MAAM,WAAW,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,CAAA;AAC5E,MAAM,QAAQ,GAAG,wBAAwB,CAAA;AACzC,MAAM,gBAAgB,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IAC5D,MAAM,KAAK,GAAG,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACnC,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAA;IACtB,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACjE,CAAC,CAAA;AACD,MAAM,mBAAmB,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IAC/D,MAAM,KAAK,GAAG,kBAAkB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACtC,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAA;IACtB,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACjE,CAAC,CAAA;AACD,MAAM,aAAa,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IACzD,MAAM,KAAK,GAAG,kBAAkB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACtC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAClE,CAAC,CAAA;AACD,MAAM,UAAU,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IACtD,MAAM,KAAK,GAAG,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACnC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAClE,CAAC,CAAA;AACD,MAAM,eAAe,GAAG,CAAC,CAAC,EAAE,CAAmB,EAAE,EAAE;IACjD,MAAM,GAAG,GAAG,EAAE,CAAC,MAAM,CAAA;IACrB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AAC9D,CAAC,CAAA;AACD,MAAM,kBAAkB,GAAG,CAAC,CAAC,EAAE,CAAmB,EAAE,EAAE;IACpD,MAAM,GAAG,GAAG,EAAE,CAAC,MAAM,CAAA;IACrB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,CAAA;AACnE,CAAC,CAAA;AAED,qBAAqB;AACrB,MAAM,eAAe,GAAa,CAChC,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO;IACpC,CAAC,CAAC,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAC9B,OAAO,CAAC,GAAG;QACX,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC;QAC7C,OAAO,CAAC,QAAQ;IAClB,CAAC,CAAC,OAAO,CACA,CAAA;AAEb,MAAM,IAAI,GAAkC;IAC1C,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;IACpB,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE;CACpB,CAAA;AACD,oBAAoB;AAEP,QAAA,GAAG,GAAG,eAAe,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAA;AAChF,iBAAS,CAAC,GAAG,GAAG,WAAG,CAAA;AAEN,QAAA,QAAQ,GAAG,MAAM,CAAC,aAAa,CAAC,CAAA;AAC7C,iBAAS,CAAC,QAAQ,GAAG,gBAAQ,CAAA;AAE7B,gCAAgC;AAChC,iDAAiD;AACjD,MAAM,KAAK,GAAG,MAAM,CAAA;AAEpB,gCAAgC;AAChC,MAAM,IAAI,GAAG,KAAK,GAAG,IAAI,CAAA;AAEzB,4DAA4D;AAC5D,+DAA+D;AAC/D,6CAA6C;AAC7C,MAAM,UAAU,GAAG,yCAAyC,CAAA;AAE5D,kCAAkC;AAClC,6CAA6C;AAC7C,MAAM,YAAY,GAAG,yBAAyB,CAAA;AAEvC,MAAM,MAAM,GACjB,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACpD,CAAC,CAAS,EAAE,EAAE,CACZ,IAAA,iBAAS,EAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;AAHrB,QAAA,MAAM,UAGe;AAClC,iBAAS,CAAC,MAAM,GAAG,cAAM,CAAA;AAEzB,MAAM,GAAG,GAAG,CAAC,CAAmB,EAAE,IAAsB,EAAE,EAAE,EAAE,CAC5D,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;AAElB,MAAM,QAAQ,GAAG,CAAC,GAAqB,EAAoB,EAAE;IAClE,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;QAChE,OAAO,iBAAS,CAAA;IAClB,CAAC;IAED,MAAM,IAAI,GAAG,iBAAS,CAAA;IAEtB,MAAM,CAAC,GAAG,CAAC,CAAS,EAAE,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACvE,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;IAErC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE;QACtB,SAAS,EAAE,MAAM,SAAU,SAAQ,IAAI,CAAC,SAAS;YAC/C,YAAY,OAAe,EAAE,UAA4B,EAAE;gBACzD,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACnC,CAAC;YACD,MAAM,CAAC,QAAQ,CAAC,OAAyB;gBACvC,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;YACnD,CAAC;SACF;QAED,GAAG,EAAE,MAAM,GAAI,SAAQ,IAAI,CAAC,GAAG;YAC7B,qBAAqB;YACrB,YACE,IAAwB,EACxB,MAAY,EACZ,UAA4B,EAAE;gBAE9B,KAAK,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACxC,CAAC;YACD,oBAAoB;YAEpB,MAAM,CAAC,QAAQ,CAAC,OAAe,EAAE,UAA4B,EAAE;gBAC7D,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACtD,CAAC;SACF;QAED,QAAQ,EAAE,CACR,CAAS,EACT,UAA0D,EAAE,EAC5D,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAExC,MAAM,EAAE,CACN,CAAS,EACT,UAA0D,EAAE,EAC5D,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEtC,MAAM,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC1D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzC,QAAQ,EAAE,CAAC,OAAyB,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzE,MAAM,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC1D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzC,WAAW,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC/D,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE9C,KAAK,EAAE,CAAC,IAAc,EAAE,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACzE,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE9C,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,QAAQ,EAAE,gBAA2B;KACtC,CAAC,CAAA;AACJ,CAAC,CAAA;AA/DY,QAAA,QAAQ,YA+DpB;AACD,iBAAS,CAAC,QAAQ,GAAG,gBAAQ,CAAA;AAE7B,mBAAmB;AACnB,qBAAqB;AACrB,mBAAmB;AACnB,8BAA8B;AAC9B,mCAAmC;AACnC,2CAA2C;AAC3C,EAAE;AACF,iCAAiC;AACjC,qBAAqB;AACrB,iBAAiB;AACV,MAAM,WAAW,GAAG,CACzB,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,IAAA,4CAAkB,EAAC,OAAO,CAAC,CAAA;IAE3B,wDAAwD;IACxD,wDAAwD;IACxD,IAAI,OAAO,CAAC,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACzD,+BAA+B;QAC/B,OAAO,CAAC,OAAO,CAAC,CAAA;IAClB,CAAC;IAED,OAAO,IAAA,yBAAM,EAAC,OAAO,CAAC,CAAA;AACxB,CAAC,CAAA;AAdY,QAAA,WAAW,eAcvB;AACD,iBAAS,CAAC,WAAW,GAAG,mBAAW,CAAA;AAEnC,yCAAyC;AACzC,kDAAkD;AAClD,oEAAoE;AACpE,oEAAoE;AACpE,6DAA6D;AAC7D,kEAAkE;AAClE,EAAE;AACF,0EAA0E;AAC1E,wEAAwE;AACxE,qEAAqE;AACrE,8DAA8D;AAEvD,MAAM,MAAM,GAAG,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACxE,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,MAAM,EAAE,CAAA;AAD7B,QAAA,MAAM,UACuB;AAC1C,iBAAS,CAAC,MAAM,GAAG,cAAM,CAAA;AAElB,MAAM,KAAK,GAAG,CACnB,IAAc,EACd,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,MAAM,EAAE,GAAG,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IAC1C,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACpC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACtC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACpB,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AAXY,QAAA,KAAK,SAWjB;AACD,iBAAS,CAAC,KAAK,GAAG,aAAK,CAAA;AAEvB,+BAA+B;AAC/B,MAAM,SAAS,GAAG,yBAAyB,CAAA;AAC3C,MAAM,YAAY,GAAG,CAAC,CAAS,EAAE,EAAE,CACjC,CAAC,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,CAAA;AAU/C,MAAa,SAAS;IACpB,OAAO,CAAkB;IACzB,GAAG,CAAyB;IAC5B,OAAO,CAAQ;IAEf,oBAAoB,CAAS;IAC7B,QAAQ,CAAS;IACjB,MAAM,CAAS;IACf,OAAO,CAAS;IAChB,KAAK,CAAS;IACd,uBAAuB,CAAS;IAChC,OAAO,CAAS;IAChB,OAAO,CAAU;IACjB,SAAS,CAAY;IACrB,MAAM,CAAS;IAEf,SAAS,CAAS;IAClB,QAAQ,CAAU;IAClB,kBAAkB,CAAS;IAE3B,MAAM,CAAyB;IAC/B,YAAY,OAAe,EAAE,UAA4B,EAAE;QACzD,IAAA,4CAAkB,EAAC,OAAO,CAAC,CAAA;QAE3B,OAAO,GAAG,OAAO,IAAI,EAAE,CAAA;QACvB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAA;QACnD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAA;QAC1C,IAAI,CAAC,oBAAoB;YACvB,CAAC,CAAC,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC,kBAAkB,KAAK,KAAK,CAAA;QACxE,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC9B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QACjD,CAAC;QACD,IAAI,CAAC,uBAAuB,GAAG,CAAC,CAAC,OAAO,CAAC,uBAAuB,CAAA;QAChE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAA;QAClB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACnB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAA;QAClC,IAAI,CAAC,OAAO,GAAG,KAAK,CAAA;QACpB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;QAChC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAA;QACnC,IAAI,CAAC,kBAAkB;YACrB,OAAO,CAAC,kBAAkB,KAAK,SAAS;gBACtC,CAAC,CAAC,OAAO,CAAC,kBAAkB;gBAC5B,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,CAAA;QAEvC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAA;QACjB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;QACnB,IAAI,CAAC,GAAG,GAAG,EAAE,CAAA;QAEb,+BAA+B;QAC/B,IAAI,CAAC,IAAI,EAAE,CAAA;IACb,CAAC;IAED,QAAQ;QACN,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtD,OAAO,IAAI,CAAA;QACb,CAAC;QACD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;YAC/B,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;gBAC3B,IAAI,OAAO,IAAI,KAAK,QAAQ;oBAAE,OAAO,IAAI,CAAA;YAC3C,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,KAAK,CAAC,GAAG,CAAQ,IAAG,CAAC;IAErB,IAAI;QACF,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,6CAA6C;QAC7C,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACpD,IAAI,CAAC,OAAO,GAAG,IAAI,CAAA;YACnB,OAAM;QACR,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,CAAC,KAAK,GAAG,IAAI,CAAA;YACjB,OAAM;QACR,CAAC;QAED,oCAAoC;QACpC,IAAI,CAAC,WAAW,EAAE,CAAA;QAElB,wBAAwB;QACxB,IAAI,CAAC,OAAO,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAA;QAE/C,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,IAAI,CAAC,KAAK,GAAG,CAAC,GAAG,IAAW,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAA;QACzD,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QAEtC,+DAA+D;QAC/D,kCAAkC;QAClC,8DAA8D;QAC9D,oDAAoD;QACpD,wCAAwC;QACxC,EAAE;QACF,mEAAmE;QACnE,oEAAoE;QACpE,kEAAkE;QAClE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAA;QAC9D,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAA;QAC9C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;QAExC,mBAAmB;QACnB,IAAI,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE;YACxC,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC9C,qCAAqC;gBACrC,MAAM,KAAK,GACT,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBACvC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBACvB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBACrC,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACpE,CAAC;qBAAM,IAAI,OAAO,EAAE,CAAC;oBACnB,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACxD,CAAC;YACH,CAAC;YACD,OAAO,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAA;QACpC,CAAC,CAAC,CAAA;QAEF,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;QAE7B,sDAAsD;QACtD,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,MAAM,CACnB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CACF,CAAA;QAE5B,2CAA2C;QAC3C,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACzC,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;gBACrB,IACE,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG;oBAC5B,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,QAAQ;oBACxB,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EACtB,CAAC;oBACD,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAA;gBACZ,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACpC,CAAC;IAED,yDAAyD;IACzD,0DAA0D;IAC1D,yDAAyD;IACzD,4DAA4D;IAC5D,uCAAuC;IACvC,UAAU,CAAC,SAAqB;QAC9B,yDAAyD;QACzD,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC7C,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC7B,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAA;oBACvB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,EAAE,iBAAiB,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAA;QAE9C,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAC3B,wDAAwD;YACxD,SAAS,GAAG,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAA;YAChD,SAAS,GAAG,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAA;QACnD,CAAC;aAAM,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAClC,mDAAmD;YACnD,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAA;QAC9C,CAAC;aAAM,CAAC;YACN,8CAA8C;YAC9C,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;QACvD,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,wCAAwC;IACxC,yBAAyB,CAAC,SAAqB;QAC7C,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YAC3B,IAAI,EAAE,GAAW,CAAC,CAAC,CAAA;YACnB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,IAAI,CAAC,GAAG,EAAE,CAAA;gBACV,OAAO,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC7B,CAAC,EAAE,CAAA;gBACL,CAAC;gBACD,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;oBACb,KAAK,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAA;gBAC1B,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAA;QACd,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,kDAAkD;IAClD,gBAAgB,CAAC,SAAqB;QACpC,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YAC3B,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,GAAa,EAAE,IAAI,EAAE,EAAE;gBAC3C,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;gBAChC,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBACnC,OAAO,GAAG,CAAA;gBACZ,CAAC;gBACD,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBAClB,IAAI,IAAI,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;wBAC3D,GAAG,CAAC,GAAG,EAAE,CAAA;wBACT,OAAO,GAAG,CAAA;oBACZ,CAAC;gBACH,CAAC;gBACD,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBACd,OAAO,GAAG,CAAA;YACZ,CAAC,EAAE,EAAE,CAAC,CAAA;YACN,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QAC1C,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,oBAAoB,CAAC,KAAwB;QAC3C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1B,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;QAChC,CAAC;QACD,IAAI,YAAY,GAAY,KAAK,CAAA;QACjC,GAAG,CAAC;YACF,YAAY,GAAG,KAAK,CAAA;YACpB,mCAAmC;YACnC,IAAI,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC;gBAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC1C,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;oBAClB,iCAAiC;oBACjC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE;wBAAE,SAAQ;oBACpD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;wBAC1B,YAAY,GAAG,IAAI,CAAA;wBACnB,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;wBAClB,CAAC,EAAE,CAAA;oBACL,CAAC;gBACH,CAAC;gBACD,IACE,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;oBAChB,KAAK,CAAC,MAAM,KAAK,CAAC;oBAClB,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,EACrC,CAAC;oBACD,YAAY,GAAG,IAAI,CAAA;oBACnB,KAAK,CAAC,GAAG,EAAE,CAAA;gBACb,CAAC;YACH,CAAC;YAED,sCAAsC;YACtC,IAAI,EAAE,GAAW,CAAC,CAAA;YAClB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;gBACvB,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC/C,YAAY,GAAG,IAAI,CAAA;oBACnB,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;oBACvB,EAAE,IAAI,CAAC,CAAA;gBACT,CAAC;YACH,CAAC;QACH,CAAC,QAAQ,YAAY,EAAC;QACtB,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC1C,CAAC;IAED,yCAAyC;IACzC,8BAA8B;IAC9B,+BAA+B;IAC/B,iDAAiD;IACjD,iBAAiB;IACjB,EAAE;IACF,gEAAgE;IAChE,gEAAgE;IAChE,kEAAkE;IAClE,qDAAqD;IACrD,EAAE;IACF,kFAAkF;IAClF,mCAAmC;IACnC,sCAAsC;IACtC,4BAA4B;IAC5B,EAAE;IACF,qEAAqE;IACrE,+DAA+D;IAC/D,oBAAoB,CAAC,SAAqB;QACxC,IAAI,YAAY,GAAG,KAAK,CAAA;QACxB,GAAG,CAAC;YACF,YAAY,GAAG,KAAK,CAAA;YACpB,kFAAkF;YAClF,KAAK,IAAI,KAAK,IAAI,SAAS,EAAE,CAAC;gBAC5B,IAAI,EAAE,GAAW,CAAC,CAAC,CAAA;gBACnB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBACjD,IAAI,GAAG,GAAW,EAAE,CAAA;oBACpB,OAAO,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC/B,wCAAwC;wBACxC,GAAG,EAAE,CAAA;oBACP,CAAC;oBACD,uDAAuD;oBACvD,mCAAmC;oBACnC,IAAI,GAAG,GAAG,EAAE,EAAE,CAAC;wBACb,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,CAAA;oBAChC,CAAC;oBAED,IAAI,IAAI,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACxB,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACvB,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACxB,IAAI,IAAI,KAAK,IAAI;wBAAE,SAAQ;oBAC3B,IACE,CAAC,CAAC;wBACF,CAAC,KAAK,GAAG;wBACT,CAAC,KAAK,IAAI;wBACV,CAAC,EAAE;wBACH,EAAE,KAAK,GAAG;wBACV,EAAE,KAAK,IAAI,EACX,CAAC;wBACD,SAAQ;oBACV,CAAC;oBACD,YAAY,GAAG,IAAI,CAAA;oBACnB,4CAA4C;oBAC5C,KAAK,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC,CAAA;oBACnB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;oBAC5B,KAAK,CAAC,EAAE,CAAC,GAAG,IAAI,CAAA;oBAChB,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;oBACrB,EAAE,EAAE,CAAA;gBACN,CAAC;gBAED,mCAAmC;gBACnC,IAAI,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC;oBAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;wBAC1C,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;wBAClB,iCAAiC;wBACjC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE;4BAAE,SAAQ;wBACpD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;4BAC1B,YAAY,GAAG,IAAI,CAAA;4BACnB,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;4BAClB,CAAC,EAAE,CAAA;wBACL,CAAC;oBACH,CAAC;oBACD,IACE,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;wBAChB,KAAK,CAAC,MAAM,KAAK,CAAC;wBAClB,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,EACrC,CAAC;wBACD,YAAY,GAAG,IAAI,CAAA;wBACnB,KAAK,CAAC,GAAG,EAAE,CAAA;oBACb,CAAC;gBACH,CAAC;gBAED,sCAAsC;gBACtC,IAAI,EAAE,GAAW,CAAC,CAAA;gBAClB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBACjD,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACvB,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC/C,YAAY,GAAG,IAAI,CAAA;wBACnB,MAAM,OAAO,GAAG,EAAE,KAAK,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,IAAI,CAAA;wBAClD,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;wBAClC,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,CAAA;wBACjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;4BAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;wBACtC,EAAE,IAAI,CAAC,CAAA;oBACT,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,QAAQ,YAAY,EAAC;QAEtB,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,sCAAsC;IACtC,sDAAsD;IACtD,8CAA8C;IAC9C,oDAAoD;IACpD,EAAE;IACF,2DAA2D;IAC3D,mDAAmD;IACnD,qBAAqB,CAAC,SAAqB;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAC7B,SAAS,CAAC,CAAC,CAAC,EACZ,SAAS,CAAC,CAAC,CAAC,EACZ,CAAC,IAAI,CAAC,uBAAuB,CAC9B,CAAA;gBACD,IAAI,OAAO,EAAE,CAAC;oBACZ,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAA;oBACjB,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAA;oBACtB,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,CAAA;IAC1C,CAAC;IAED,UAAU,CACR,CAAW,EACX,CAAW,EACX,eAAwB,KAAK;QAE7B,IAAI,EAAE,GAAG,CAAC,CAAA;QACV,IAAI,EAAE,GAAG,CAAC,CAAA;QACV,IAAI,MAAM,GAAa,EAAE,CAAA;QACzB,IAAI,KAAK,GAAW,EAAE,CAAA;QACtB,OAAO,EAAE,GAAG,CAAC,CAAC,MAAM,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;YACtC,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;gBACpB,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAC1C,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IAAI,YAAY,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;gBACjE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IAAI,YAAY,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;gBACjE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IACL,CAAC,CAAC,EAAE,CAAC,KAAK,GAAG;gBACb,CAAC,CAAC,EAAE,CAAC;gBACL,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,EACd,CAAC;gBACD,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,KAAK,CAAA;gBAC/B,KAAK,GAAG,GAAG,CAAA;gBACX,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IACL,CAAC,CAAC,EAAE,CAAC,KAAK,GAAG;gBACb,CAAC,CAAC,EAAE,CAAC;gBACL,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,EACd,CAAC;gBACD,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,KAAK,CAAA;gBAC/B,KAAK,GAAG,GAAG,CAAA;gBACX,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,CAAC;gBACN,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;QACD,8DAA8D;QAC9D,iCAAiC;QACjC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,MAAM,CAAA;IACxC,CAAC;IAED,WAAW;QACT,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAM;QAEzB,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,IAAI,MAAM,GAAG,KAAK,CAAA;QAClB,IAAI,YAAY,GAAG,CAAC,CAAA;QAEpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YACrE,MAAM,GAAG,CAAC,MAAM,CAAA;YAChB,YAAY,EAAE,CAAA;QAChB,CAAC;QAED,IAAI,YAAY;YAAE,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QAC5D,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED,+CAA+C;IAC/C,yCAAyC;IACzC,uDAAuD;IACvD,mDAAmD;IACnD,mBAAmB;IACnB,QAAQ,CAAC,IAAc,EAAE,OAAsB,EAAE,UAAmB,KAAK;QACvE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,4DAA4D;QAC5D,mEAAmE;QACnE,sBAAsB;QACtB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,MAAM,SAAS,GAAG,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;YAC1E,MAAM,OAAO,GACX,CAAC,SAAS;gBACV,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE;gBACd,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE;gBACd,IAAI,CAAC,CAAC,CAAC,KAAK,GAAG;gBACf,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;YAE3B,MAAM,YAAY,GAChB,OAAO,OAAO,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;YAChE,MAAM,UAAU,GACd,CAAC,YAAY;gBACb,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE;gBACjB,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE;gBACjB,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG;gBAClB,OAAO,OAAO,CAAC,CAAC,CAAC,KAAK,QAAQ;gBAC9B,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;YAE9B,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACnD,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACzD,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,GAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,OAAO,CAAC,GAAG,CAAW,CAAC,CAAA;gBACtE,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;oBAC1C,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,CAAA;oBACjB,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;wBACd,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBAC9B,CAAC;yBAAM,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;wBACrB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBACxB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,4DAA4D;QAC5D,oEAAoE;QACpE,MAAM,EAAE,iBAAiB,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAA;QAC9C,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAC3B,IAAI,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAA;QACxC,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;QAC/C,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;QAEnD,KACE,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,EACzD,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,EAClB,EAAE,EAAE,EAAE,EAAE,EAAE,EACV,CAAC;YACD,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;YAC3B,IAAI,CAAC,GAAG,OAAO,CAAC,EAAE,CAAC,CAAA;YACnB,IAAI,CAAC,GAAG,IAAI,CAAC,EAAE,CAAC,CAAA;YAEhB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;YAEzB,wBAAwB;YACxB,wCAAwC;YACxC,qBAAqB;YACrB,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC;gBAChB,OAAO,KAAK,CAAA;YACd,CAAC;YACD,oBAAoB;YAEpB,IAAI,CAAC,KAAK,gBAAQ,EAAE,CAAC;gBACnB,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBAEvC,OAAO;gBACP,yCAAyC;gBACzC,cAAc;gBACd,cAAc;gBACd,cAAc;gBACd,QAAQ;gBACR,iDAAiD;gBACjD,wDAAwD;gBACxD,yBAAyB;gBACzB,sDAAsD;gBACtD,6BAA6B;gBAC7B,EAAE;gBACF,mCAAmC;gBACnC,gBAAgB;gBAChB,eAAe;gBACf,kCAAkC;gBAClC,oBAAoB;gBACpB,mBAAmB;gBACnB,qCAAqC;gBACrC,mCAAmC;gBACnC,iCAAiC;gBACjC,kCAAkC;gBAClC,IAAI,EAAE,GAAG,EAAE,CAAA;gBACX,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;gBACf,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;oBACd,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;oBAC3B,8CAA8C;oBAC9C,yBAAyB;oBACzB,2CAA2C;oBAC3C,sBAAsB;oBACtB,sDAAsD;oBACtD,uBAAuB;oBACvB,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;wBACrB,IACE,IAAI,CAAC,EAAE,CAAC,KAAK,GAAG;4BAChB,IAAI,CAAC,EAAE,CAAC,KAAK,IAAI;4BACjB,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;4BAE5C,OAAO,KAAK,CAAA;oBAChB,CAAC;oBACD,OAAO,IAAI,CAAA;gBACb,CAAC;gBAED,mDAAmD;gBACnD,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC;oBACf,IAAI,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAA;oBAExB,IAAI,CAAC,KAAK,CAAC,kBAAkB,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;oBAEhE,qDAAqD;oBACrD,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,EAAE,CAAC;wBAC9D,IAAI,CAAC,KAAK,CAAC,uBAAuB,EAAE,EAAE,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;wBACtD,iBAAiB;wBACjB,OAAO,IAAI,CAAA;oBACb,CAAC;yBAAM,CAAC;wBACN,kCAAkC;wBAClC,iDAAiD;wBACjD,IACE,SAAS,KAAK,GAAG;4BACjB,SAAS,KAAK,IAAI;4BAClB,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,EAC7C,CAAC;4BACD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;4BAClD,MAAK;wBACP,CAAC;wBAED,uCAAuC;wBACvC,IAAI,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAA;wBACtD,EAAE,EAAE,CAAA;oBACN,CAAC;gBACH,CAAC;gBAED,sBAAsB;gBACtB,mEAAmE;gBACnE,qBAAqB;gBACrB,IAAI,OAAO,EAAE,CAAC;oBACZ,kBAAkB;oBAClB,IAAI,CAAC,KAAK,CAAC,0BAA0B,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;oBAC7D,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;wBACd,OAAO,IAAI,CAAA;oBACb,CAAC;gBACH,CAAC;gBACD,oBAAoB;gBACpB,OAAO,KAAK,CAAA;YACd,CAAC;YAED,0BAA0B;YAC1B,gDAAgD;YAChD,qDAAqD;YACrD,IAAI,GAAY,CAAA;YAChB,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;gBAC1B,GAAG,GAAG,CAAC,KAAK,CAAC,CAAA;gBACb,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAA;YACvC,CAAC;iBAAM,CAAC;gBACN,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gBACf,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAA;YACxC,CAAC;YAED,IAAI,CAAC,GAAG;gBAAE,OAAO,KAAK,CAAA;QACxB,CAAC;QAED,oDAAoD;QACpD,oDAAoD;QACpD,2CAA2C;QAC3C,kDAAkD;QAClD,oDAAoD;QACpD,uDAAuD;QACvD,oDAAoD;QACpD,yDAAyD;QACzD,6BAA6B;QAC7B,yCAAyC;QAEzC,gEAAgE;QAChE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC3B,oDAAoD;YACpD,gBAAgB;YAChB,OAAO,IAAI,CAAA;QACb,CAAC;aAAM,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACrB,+CAA+C;YAC/C,iDAAiD;YACjD,uBAAuB;YACvB,OAAO,OAAO,CAAA;QAChB,CAAC;aAAM,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACrB,4CAA4C;YAC5C,oDAAoD;YACpD,iDAAiD;YACjD,wBAAwB;YACxB,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAA;YAEvC,qBAAqB;QACvB,CAAC;aAAM,CAAC;YACN,yBAAyB;YACzB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,CAAA;QACzB,CAAC;QACD,oBAAoB;IACtB,CAAC;IAED,WAAW;QACT,OAAO,IAAA,mBAAW,EAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,OAAe;QACnB,IAAA,4CAAkB,EAAC,OAAO,CAAC,CAAA;QAE3B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,YAAY;QACZ,IAAI,OAAO,KAAK,IAAI;YAAE,OAAO,gBAAQ,CAAA;QACrC,IAAI,OAAO,KAAK,EAAE;YAAE,OAAO,EAAE,CAAA;QAE7B,uDAAuD;QACvD,0DAA0D;QAC1D,IAAI,CAA0B,CAAA;QAC9B,IAAI,QAAQ,GAAoC,IAAI,CAAA;QACpD,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAChC,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAA;QACjD,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;YAC7C,QAAQ,GAAG,CACT,OAAO,CAAC,MAAM;gBACZ,CAAC,CAAC,OAAO,CAAC,GAAG;oBACX,CAAC,CAAC,uBAAuB;oBACzB,CAAC,CAAC,oBAAoB;gBACxB,CAAC,CAAC,OAAO,CAAC,GAAG;oBACb,CAAC,CAAC,iBAAiB;oBACnB,CAAC,CAAC,cAAc,CACnB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACT,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACzC,QAAQ,GAAG,CACT,OAAO,CAAC,MAAM;gBACZ,CAAC,CAAC,OAAO,CAAC,GAAG;oBACX,CAAC,CAAC,mBAAmB;oBACrB,CAAC,CAAC,gBAAgB;gBACpB,CAAC,CAAC,OAAO,CAAC,GAAG;oBACb,CAAC,CAAC,aAAa;oBACf,CAAC,CAAC,UAAU,CACf,CAAC,CAAC,CAAC,CAAA;QACN,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YAC9C,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,eAAe,CAAA;QAC/D,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;YAC1C,QAAQ,GAAG,WAAW,CAAA;QACxB,CAAC;QAED,MAAM,EAAE,GAAG,YAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAA;QAC5D,IAAI,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE,CAAC;YACvC,2CAA2C;YAC3C,OAAO,CAAC,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAA;QACzD,CAAC;QACD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM;QACJ,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK;YAAE,OAAO,IAAI,CAAC,MAAM,CAAA;QAE5D,mDAAmD;QACnD,4BAA4B;QAC5B,EAAE;QACF,wDAAwD;QACxD,yDAAyD;QACzD,2CAA2C;QAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;QAEpB,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;YACnB,OAAO,IAAI,CAAC,MAAM,CAAA;QACpB,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU;YAChC,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,OAAO,CAAC,GAAG;gBACb,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,YAAY,CAAA;QAChB,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;QAElD,kCAAkC;QAClC,kDAAkD;QAClD,sEAAsE;QACtE,iDAAiD;QACjD,8DAA8D;QAC9D,mCAAmC;QACnC,IAAI,EAAE,GAAG,GAAG;aACT,GAAG,CAAC,OAAO,CAAC,EAAE;YACb,MAAM,EAAE,GAAiC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;gBACvD,IAAI,CAAC,YAAY,MAAM,EAAE,CAAC;oBACxB,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;wBAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;gBACjD,CAAC;gBACD,OAAO,OAAO,CAAC,KAAK,QAAQ;oBAC1B,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;oBACjB,CAAC,CAAC,CAAC,KAAK,gBAAQ;wBAChB,CAAC,CAAC,gBAAQ;wBACV,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YACZ,CAAC,CAAiC,CAAA;YAClC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBAClB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;gBACtB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;gBACtB,IAAI,CAAC,KAAK,gBAAQ,IAAI,IAAI,KAAK,gBAAQ,EAAE,CAAC;oBACxC,OAAM;gBACR,CAAC;gBACD,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBACvB,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,gBAAQ,EAAE,CAAC;wBAC5C,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,SAAS,GAAG,OAAO,GAAG,OAAO,GAAG,IAAI,CAAA;oBAClD,CAAC;yBAAM,CAAC;wBACN,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,CAAA;oBACjB,CAAC;gBACH,CAAC;qBAAM,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBAC9B,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,GAAG,IAAI,CAAA;gBAC/C,CAAC;qBAAM,IAAI,IAAI,KAAK,gBAAQ,EAAE,CAAC;oBAC7B,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,YAAY,GAAG,OAAO,GAAG,MAAM,GAAG,IAAI,CAAA;oBACzD,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,gBAAQ,CAAA;gBACtB,CAAC;YACH,CAAC,CAAC,CAAA;YACF,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,gBAAQ,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACjD,CAAC,CAAC;aACD,IAAI,CAAC,GAAG,CAAC,CAAA;QAEZ,+DAA+D;QAC/D,mEAAmE;QACnE,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAC9D,4BAA4B;QAC5B,gDAAgD;QAChD,EAAE,GAAG,GAAG,GAAG,IAAI,GAAG,EAAE,GAAG,KAAK,GAAG,GAAG,CAAA;QAElC,gDAAgD;QAChD,IAAI,IAAI,CAAC,MAAM;YAAE,EAAE,GAAG,MAAM,GAAG,EAAE,GAAG,MAAM,CAAA;QAE1C,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAA;YACjD,qBAAqB;QACvB,CAAC;QAAC,OAAO,EAAE,EAAE,CAAC;YACZ,uBAAuB;YACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACrB,CAAC;QACD,oBAAoB;QACpB,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,UAAU,CAAC,CAAS;QAClB,mDAAmD;QACnD,6DAA6D;QAC7D,8CAA8C;QAC9C,0CAA0C;QAC1C,IAAI,IAAI,CAAC,uBAAuB,EAAE,CAAC;YACjC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACrB,CAAC;aAAM,IAAI,IAAI,CAAC,SAAS,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;YACnD,sCAAsC;YACtC,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAA;QAChC,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;QACvB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,CAAS,EAAE,OAAO,GAAG,IAAI,CAAC,OAAO;QACrC,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QACpC,8CAA8C;QAC9C,iBAAiB;QACjB,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO,KAAK,CAAA;QACd,CAAC;QACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,EAAE,CAAA;QACjB,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,IAAI,OAAO,EAAE,CAAC;YACzB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,gCAAgC;QAChC,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAC7B,CAAC;QAED,6CAA6C;QAC7C,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;QAErC,0DAA0D;QAC1D,2DAA2D;QAC3D,mCAAmC;QACnC,uCAAuC;QAEvC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;QACpB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,CAAA;QAEpC,0EAA0E;QAC1E,IAAI,QAAQ,GAAW,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACxC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBACrD,QAAQ,GAAG,EAAE,CAAC,CAAC,CAAC,CAAA;YAClB,CAAC;QACH,CAAC;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;YACtB,IAAI,IAAI,GAAG,EAAE,CAAA;YACb,IAAI,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9C,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAA;YACnB,CAAC;YACD,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;YACjD,IAAI,GAAG,EAAE,CAAC;gBACR,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;oBACvB,OAAO,IAAI,CAAA;gBACb,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,MAAM,CAAA;YACrB,CAAC;QACH,CAAC;QAED,2DAA2D;QAC3D,8BAA8B;QAC9B,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,GAAqB;QACnC,OAAO,iBAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,CAAA;IAC1C,CAAC;CACF;AAl4BD,8BAk4BC;AACD,qBAAqB;AACrB,mCAA8B;AAArB,6FAAA,GAAG,OAAA;AACZ,yCAAoC;AAA3B,mGAAA,MAAM,OAAA;AACf,6CAAwC;AAA/B,uGAAA,QAAQ,OAAA;AACjB,oBAAoB;AACpB,iBAAS,CAAC,GAAG,GAAG,YAAG,CAAA;AACnB,iBAAS,CAAC,SAAS,GAAG,SAAS,CAAA;AAC/B,iBAAS,CAAC,MAAM,GAAG,kBAAM,CAAA;AACzB,iBAAS,CAAC,QAAQ,GAAG,sBAAQ,CAAA","sourcesContent":["import expand from 'brace-expansion'\nimport { assertValidPattern } from './assert-valid-pattern.js'\nimport { AST, ExtglobType } from './ast.js'\nimport { escape } from './escape.js'\nimport { unescape } from './unescape.js'\n\ntype Platform =\n  | 'aix'\n  | 'android'\n  | 'darwin'\n  | 'freebsd'\n  | 'haiku'\n  | 'linux'\n  | 'openbsd'\n  | 'sunos'\n  | 'win32'\n  | 'cygwin'\n  | 'netbsd'\n\nexport interface MinimatchOptions {\n  nobrace?: boolean\n  nocomment?: boolean\n  nonegate?: boolean\n  debug?: boolean\n  noglobstar?: boolean\n  noext?: boolean\n  nonull?: boolean\n  windowsPathsNoEscape?: boolean\n  allowWindowsEscape?: boolean\n  partial?: boolean\n  dot?: boolean\n  nocase?: boolean\n  nocaseMagicOnly?: boolean\n  magicalBraces?: boolean\n  matchBase?: boolean\n  flipNegate?: boolean\n  preserveMultipleSlashes?: boolean\n  optimizationLevel?: number\n  platform?: Platform\n  windowsNoMagicRoot?: boolean\n}\n\nexport const minimatch = (\n  p: string,\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  assertValidPattern(pattern)\n\n  // shortcut: comments match nothing.\n  if (!options.nocomment && pattern.charAt(0) === '#') {\n    return false\n  }\n\n  return new Minimatch(pattern, options).match(p)\n}\n\n// Optimized checking for the most common glob patterns.\nconst starDotExtRE = /^\\*+([^+@!?\\*\\[\\(]*)$/\nconst starDotExtTest = (ext: string) => (f: string) =>\n  !f.startsWith('.') && f.endsWith(ext)\nconst starDotExtTestDot = (ext: string) => (f: string) => f.endsWith(ext)\nconst starDotExtTestNocase = (ext: string) => {\n  ext = ext.toLowerCase()\n  return (f: string) => !f.startsWith('.') && f.toLowerCase().endsWith(ext)\n}\nconst starDotExtTestNocaseDot = (ext: string) => {\n  ext = ext.toLowerCase()\n  return (f: string) => f.toLowerCase().endsWith(ext)\n}\nconst starDotStarRE = /^\\*+\\.\\*+$/\nconst starDotStarTest = (f: string) => !f.startsWith('.') && f.includes('.')\nconst starDotStarTestDot = (f: string) =>\n  f !== '.' && f !== '..' && f.includes('.')\nconst dotStarRE = /^\\.\\*+$/\nconst dotStarTest = (f: string) => f !== '.' && f !== '..' && f.startsWith('.')\nconst starRE = /^\\*+$/\nconst starTest = (f: string) => f.length !== 0 && !f.startsWith('.')\nconst starTestDot = (f: string) => f.length !== 0 && f !== '.' && f !== '..'\nconst qmarksRE = /^\\?+([^+@!?\\*\\[\\(]*)?$/\nconst qmarksTestNocase = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExt([$0])\n  if (!ext) return noext\n  ext = ext.toLowerCase()\n  return (f: string) => noext(f) && f.toLowerCase().endsWith(ext)\n}\nconst qmarksTestNocaseDot = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExtDot([$0])\n  if (!ext) return noext\n  ext = ext.toLowerCase()\n  return (f: string) => noext(f) && f.toLowerCase().endsWith(ext)\n}\nconst qmarksTestDot = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExtDot([$0])\n  return !ext ? noext : (f: string) => noext(f) && f.endsWith(ext)\n}\nconst qmarksTest = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExt([$0])\n  return !ext ? noext : (f: string) => noext(f) && f.endsWith(ext)\n}\nconst qmarksTestNoExt = ([$0]: RegExpMatchArray) => {\n  const len = $0.length\n  return (f: string) => f.length === len && !f.startsWith('.')\n}\nconst qmarksTestNoExtDot = ([$0]: RegExpMatchArray) => {\n  const len = $0.length\n  return (f: string) => f.length === len && f !== '.' && f !== '..'\n}\n\n/* c8 ignore start */\nconst defaultPlatform: Platform = (\n  typeof process === 'object' && process\n    ? (typeof process.env === 'object' &&\n        process.env &&\n        process.env.__MINIMATCH_TESTING_PLATFORM__) ||\n      process.platform\n    : 'posix'\n) as Platform\ntype Sep = '\\\\' | '/'\nconst path: { [k: string]: { sep: Sep } } = {\n  win32: { sep: '\\\\' },\n  posix: { sep: '/' },\n}\n/* c8 ignore stop */\n\nexport const sep = defaultPlatform === 'win32' ? path.win32.sep : path.posix.sep\nminimatch.sep = sep\n\nexport const GLOBSTAR = Symbol('globstar **')\nminimatch.GLOBSTAR = GLOBSTAR\n\n// any single thing other than /\n// don't need to escape / when using new RegExp()\nconst qmark = '[^/]'\n\n// * => any number of characters\nconst star = qmark + '*?'\n\n// ** when dots are allowed.  Anything goes, except .. and .\n// not (^ or / followed by one or two dots followed by $ or /),\n// followed by anything, any number of times.\nconst twoStarDot = '(?:(?!(?:\\\\/|^)(?:\\\\.{1,2})($|\\\\/)).)*?'\n\n// not a ^ or / followed by a dot,\n// followed by anything, any number of times.\nconst twoStarNoDot = '(?:(?!(?:\\\\/|^)\\\\.).)*?'\n\nexport const filter =\n  (pattern: string, options: MinimatchOptions = {}) =>\n  (p: string) =>\n    minimatch(p, pattern, options)\nminimatch.filter = filter\n\nconst ext = (a: MinimatchOptions, b: MinimatchOptions = {}) =>\n  Object.assign({}, a, b)\n\nexport const defaults = (def: MinimatchOptions): typeof minimatch => {\n  if (!def || typeof def !== 'object' || !Object.keys(def).length) {\n    return minimatch\n  }\n\n  const orig = minimatch\n\n  const m = (p: string, pattern: string, options: MinimatchOptions = {}) =>\n    orig(p, pattern, ext(def, options))\n\n  return Object.assign(m, {\n    Minimatch: class Minimatch extends orig.Minimatch {\n      constructor(pattern: string, options: MinimatchOptions = {}) {\n        super(pattern, ext(def, options))\n      }\n      static defaults(options: MinimatchOptions) {\n        return orig.defaults(ext(def, options)).Minimatch\n      }\n    },\n\n    AST: class AST extends orig.AST {\n      /* c8 ignore start */\n      constructor(\n        type: ExtglobType | null,\n        parent?: AST,\n        options: MinimatchOptions = {}\n      ) {\n        super(type, parent, ext(def, options))\n      }\n      /* c8 ignore stop */\n\n      static fromGlob(pattern: string, options: MinimatchOptions = {}) {\n        return orig.AST.fromGlob(pattern, ext(def, options))\n      }\n    },\n\n    unescape: (\n      s: string,\n      options: Pick<MinimatchOptions, 'windowsPathsNoEscape'> = {}\n    ) => orig.unescape(s, ext(def, options)),\n\n    escape: (\n      s: string,\n      options: Pick<MinimatchOptions, 'windowsPathsNoEscape'> = {}\n    ) => orig.escape(s, ext(def, options)),\n\n    filter: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.filter(pattern, ext(def, options)),\n\n    defaults: (options: MinimatchOptions) => orig.defaults(ext(def, options)),\n\n    makeRe: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.makeRe(pattern, ext(def, options)),\n\n    braceExpand: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.braceExpand(pattern, ext(def, options)),\n\n    match: (list: string[], pattern: string, options: MinimatchOptions = {}) =>\n      orig.match(list, pattern, ext(def, options)),\n\n    sep: orig.sep,\n    GLOBSTAR: GLOBSTAR as typeof GLOBSTAR,\n  })\n}\nminimatch.defaults = defaults\n\n// Brace expansion:\n// a{b,c}d -> abd acd\n// a{b,}c -> abc ac\n// a{0..3}d -> a0d a1d a2d a3d\n// a{b,c{d,e}f}g -> abg acdfg acefg\n// a{b,c}d{e,f}g -> abdeg acdeg abdeg abdfg\n//\n// Invalid sets are not expanded.\n// a{2..}b -> a{2..}b\n// a{b}c -> a{b}c\nexport const braceExpand = (\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  assertValidPattern(pattern)\n\n  // Thanks to Yeting Li <https://github.com/yetingli> for\n  // improving this regexp to avoid a ReDOS vulnerability.\n  if (options.nobrace || !/\\{(?:(?!\\{).)*\\}/.test(pattern)) {\n    // shortcut. no need to expand.\n    return [pattern]\n  }\n\n  return expand(pattern)\n}\nminimatch.braceExpand = braceExpand\n\n// parse a component of the expanded set.\n// At this point, no pattern may contain \"/\" in it\n// so we're going to return a 2d array, where each entry is the full\n// pattern, split on '/', and then turned into a regular expression.\n// A regexp is made at the end which joins each array with an\n// escaped /, and another full one which joins each regexp with |.\n//\n// Following the lead of Bash 4.1, note that \"**\" only has special meaning\n// when it is the *only* thing in a path portion.  Otherwise, any series\n// of * is equivalent to a single *.  Globstar behavior is enabled by\n// default, and can be disabled by setting options.noglobstar.\n\nexport const makeRe = (pattern: string, options: MinimatchOptions = {}) =>\n  new Minimatch(pattern, options).makeRe()\nminimatch.makeRe = makeRe\n\nexport const match = (\n  list: string[],\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  const mm = new Minimatch(pattern, options)\n  list = list.filter(f => mm.match(f))\n  if (mm.options.nonull && !list.length) {\n    list.push(pattern)\n  }\n  return list\n}\nminimatch.match = match\n\n// replace stuff like \\* with *\nconst globMagic = /[?*]|[+@!]\\(.*?\\)|\\[|\\]/\nconst regExpEscape = (s: string) =>\n  s.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')\n\nexport type MMRegExp = RegExp & {\n  _src?: string\n  _glob?: string\n}\n\nexport type ParseReturnFiltered = string | MMRegExp | typeof GLOBSTAR\nexport type ParseReturn = ParseReturnFiltered | false\n\nexport class Minimatch {\n  options: MinimatchOptions\n  set: ParseReturnFiltered[][]\n  pattern: string\n\n  windowsPathsNoEscape: boolean\n  nonegate: boolean\n  negate: boolean\n  comment: boolean\n  empty: boolean\n  preserveMultipleSlashes: boolean\n  partial: boolean\n  globSet: string[]\n  globParts: string[][]\n  nocase: boolean\n\n  isWindows: boolean\n  platform: Platform\n  windowsNoMagicRoot: boolean\n\n  regexp: false | null | MMRegExp\n  constructor(pattern: string, options: MinimatchOptions = {}) {\n    assertValidPattern(pattern)\n\n    options = options || {}\n    this.options = options\n    this.pattern = pattern\n    this.platform = options.platform || defaultPlatform\n    this.isWindows = this.platform === 'win32'\n    this.windowsPathsNoEscape =\n      !!options.windowsPathsNoEscape || options.allowWindowsEscape === false\n    if (this.windowsPathsNoEscape) {\n      this.pattern = this.pattern.replace(/\\\\/g, '/')\n    }\n    this.preserveMultipleSlashes = !!options.preserveMultipleSlashes\n    this.regexp = null\n    this.negate = false\n    this.nonegate = !!options.nonegate\n    this.comment = false\n    this.empty = false\n    this.partial = !!options.partial\n    this.nocase = !!this.options.nocase\n    this.windowsNoMagicRoot =\n      options.windowsNoMagicRoot !== undefined\n        ? options.windowsNoMagicRoot\n        : !!(this.isWindows && this.nocase)\n\n    this.globSet = []\n    this.globParts = []\n    this.set = []\n\n    // make the set of regexps etc.\n    this.make()\n  }\n\n  hasMagic(): boolean {\n    if (this.options.magicalBraces && this.set.length > 1) {\n      return true\n    }\n    for (const pattern of this.set) {\n      for (const part of pattern) {\n        if (typeof part !== 'string') return true\n      }\n    }\n    return false\n  }\n\n  debug(..._: any[]) {}\n\n  make() {\n    const pattern = this.pattern\n    const options = this.options\n\n    // empty patterns and comments match nothing.\n    if (!options.nocomment && pattern.charAt(0) === '#') {\n      this.comment = true\n      return\n    }\n\n    if (!pattern) {\n      this.empty = true\n      return\n    }\n\n    // step 1: figure out negation, etc.\n    this.parseNegate()\n\n    // step 2: expand braces\n    this.globSet = [...new Set(this.braceExpand())]\n\n    if (options.debug) {\n      this.debug = (...args: any[]) => console.error(...args)\n    }\n\n    this.debug(this.pattern, this.globSet)\n\n    // step 3: now we have a set, so turn each one into a series of\n    // path-portion matching patterns.\n    // These will be regexps, except in the case of \"**\", which is\n    // set to the GLOBSTAR object for globstar behavior,\n    // and will not contain any / characters\n    //\n    // First, we preprocess to make the glob pattern sets a bit simpler\n    // and deduped.  There are some perf-killing patterns that can cause\n    // problems with a glob walk, but we can simplify them down a bit.\n    const rawGlobParts = this.globSet.map(s => this.slashSplit(s))\n    this.globParts = this.preprocess(rawGlobParts)\n    this.debug(this.pattern, this.globParts)\n\n    // glob --> regexps\n    let set = this.globParts.map((s, _, __) => {\n      if (this.isWindows && this.windowsNoMagicRoot) {\n        // check if it's a drive or unc path.\n        const isUNC =\n          s[0] === '' &&\n          s[1] === '' &&\n          (s[2] === '?' || !globMagic.test(s[2])) &&\n          !globMagic.test(s[3])\n        const isDrive = /^[a-z]:/i.test(s[0])\n        if (isUNC) {\n          return [...s.slice(0, 4), ...s.slice(4).map(ss => this.parse(ss))]\n        } else if (isDrive) {\n          return [s[0], ...s.slice(1).map(ss => this.parse(ss))]\n        }\n      }\n      return s.map(ss => this.parse(ss))\n    })\n\n    this.debug(this.pattern, set)\n\n    // filter out everything that didn't compile properly.\n    this.set = set.filter(\n      s => s.indexOf(false) === -1\n    ) as ParseReturnFiltered[][]\n\n    // do not treat the ? in UNC paths as magic\n    if (this.isWindows) {\n      for (let i = 0; i < this.set.length; i++) {\n        const p = this.set[i]\n        if (\n          p[0] === '' &&\n          p[1] === '' &&\n          this.globParts[i][2] === '?' &&\n          typeof p[3] === 'string' &&\n          /^[a-z]:$/i.test(p[3])\n        ) {\n          p[2] = '?'\n        }\n      }\n    }\n\n    this.debug(this.pattern, this.set)\n  }\n\n  // various transforms to equivalent pattern sets that are\n  // faster to process in a filesystem walk.  The goal is to\n  // eliminate what we can, and push all ** patterns as far\n  // to the right as possible, even if it increases the number\n  // of patterns that we have to process.\n  preprocess(globParts: string[][]) {\n    // if we're not in globstar mode, then turn all ** into *\n    if (this.options.noglobstar) {\n      for (let i = 0; i < globParts.length; i++) {\n        for (let j = 0; j < globParts[i].length; j++) {\n          if (globParts[i][j] === '**') {\n            globParts[i][j] = '*'\n          }\n        }\n      }\n    }\n\n    const { optimizationLevel = 1 } = this.options\n\n    if (optimizationLevel >= 2) {\n      // aggressive optimization for the purpose of fs walking\n      globParts = this.firstPhasePreProcess(globParts)\n      globParts = this.secondPhasePreProcess(globParts)\n    } else if (optimizationLevel >= 1) {\n      // just basic optimizations to remove some .. parts\n      globParts = this.levelOneOptimize(globParts)\n    } else {\n      // just collapse multiple ** portions into one\n      globParts = this.adjascentGlobstarOptimize(globParts)\n    }\n\n    return globParts\n  }\n\n  // just get rid of adjascent ** portions\n  adjascentGlobstarOptimize(globParts: string[][]) {\n    return globParts.map(parts => {\n      let gs: number = -1\n      while (-1 !== (gs = parts.indexOf('**', gs + 1))) {\n        let i = gs\n        while (parts[i + 1] === '**') {\n          i++\n        }\n        if (i !== gs) {\n          parts.splice(gs, i - gs)\n        }\n      }\n      return parts\n    })\n  }\n\n  // get rid of adjascent ** and resolve .. portions\n  levelOneOptimize(globParts: string[][]) {\n    return globParts.map(parts => {\n      parts = parts.reduce((set: string[], part) => {\n        const prev = set[set.length - 1]\n        if (part === '**' && prev === '**') {\n          return set\n        }\n        if (part === '..') {\n          if (prev && prev !== '..' && prev !== '.' && prev !== '**') {\n            set.pop()\n            return set\n          }\n        }\n        set.push(part)\n        return set\n      }, [])\n      return parts.length === 0 ? [''] : parts\n    })\n  }\n\n  levelTwoFileOptimize(parts: string | string[]) {\n    if (!Array.isArray(parts)) {\n      parts = this.slashSplit(parts)\n    }\n    let didSomething: boolean = false\n    do {\n      didSomething = false\n      // <pre>/<e>/<rest> -> <pre>/<rest>\n      if (!this.preserveMultipleSlashes) {\n        for (let i = 1; i < parts.length - 1; i++) {\n          const p = parts[i]\n          // don't squeeze out UNC patterns\n          if (i === 1 && p === '' && parts[0] === '') continue\n          if (p === '.' || p === '') {\n            didSomething = true\n            parts.splice(i, 1)\n            i--\n          }\n        }\n        if (\n          parts[0] === '.' &&\n          parts.length === 2 &&\n          (parts[1] === '.' || parts[1] === '')\n        ) {\n          didSomething = true\n          parts.pop()\n        }\n      }\n\n      // <pre>/<p>/../<rest> -> <pre>/<rest>\n      let dd: number = 0\n      while (-1 !== (dd = parts.indexOf('..', dd + 1))) {\n        const p = parts[dd - 1]\n        if (p && p !== '.' && p !== '..' && p !== '**') {\n          didSomething = true\n          parts.splice(dd - 1, 2)\n          dd -= 2\n        }\n      }\n    } while (didSomething)\n    return parts.length === 0 ? [''] : parts\n  }\n\n  // First phase: single-pattern processing\n  // <pre> is 1 or more portions\n  // <rest> is 1 or more portions\n  // <p> is any portion other than ., .., '', or **\n  // <e> is . or ''\n  //\n  // **/.. is *brutal* for filesystem walking performance, because\n  // it effectively resets the recursive walk each time it occurs,\n  // and ** cannot be reduced out by a .. pattern part like a regexp\n  // or most strings (other than .., ., and '') can be.\n  //\n  // <pre>/**/../<p>/<p>/<rest> -> {<pre>/../<p>/<p>/<rest>,<pre>/**/<p>/<p>/<rest>}\n  // <pre>/<e>/<rest> -> <pre>/<rest>\n  // <pre>/<p>/../<rest> -> <pre>/<rest>\n  // **/**/<rest> -> **/<rest>\n  //\n  // **/*/<rest> -> */**/<rest> <== not valid because ** doesn't follow\n  // this WOULD be allowed if ** did follow symlinks, or * didn't\n  firstPhasePreProcess(globParts: string[][]) {\n    let didSomething = false\n    do {\n      didSomething = false\n      // <pre>/**/../<p>/<p>/<rest> -> {<pre>/../<p>/<p>/<rest>,<pre>/**/<p>/<p>/<rest>}\n      for (let parts of globParts) {\n        let gs: number = -1\n        while (-1 !== (gs = parts.indexOf('**', gs + 1))) {\n          let gss: number = gs\n          while (parts[gss + 1] === '**') {\n            // <pre>/**/**/<rest> -> <pre>/**/<rest>\n            gss++\n          }\n          // eg, if gs is 2 and gss is 4, that means we have 3 **\n          // parts, and can remove 2 of them.\n          if (gss > gs) {\n            parts.splice(gs + 1, gss - gs)\n          }\n\n          let next = parts[gs + 1]\n          const p = parts[gs + 2]\n          const p2 = parts[gs + 3]\n          if (next !== '..') continue\n          if (\n            !p ||\n            p === '.' ||\n            p === '..' ||\n            !p2 ||\n            p2 === '.' ||\n            p2 === '..'\n          ) {\n            continue\n          }\n          didSomething = true\n          // edit parts in place, and push the new one\n          parts.splice(gs, 1)\n          const other = parts.slice(0)\n          other[gs] = '**'\n          globParts.push(other)\n          gs--\n        }\n\n        // <pre>/<e>/<rest> -> <pre>/<rest>\n        if (!this.preserveMultipleSlashes) {\n          for (let i = 1; i < parts.length - 1; i++) {\n            const p = parts[i]\n            // don't squeeze out UNC patterns\n            if (i === 1 && p === '' && parts[0] === '') continue\n            if (p === '.' || p === '') {\n              didSomething = true\n              parts.splice(i, 1)\n              i--\n            }\n          }\n          if (\n            parts[0] === '.' &&\n            parts.length === 2 &&\n            (parts[1] === '.' || parts[1] === '')\n          ) {\n            didSomething = true\n            parts.pop()\n          }\n        }\n\n        // <pre>/<p>/../<rest> -> <pre>/<rest>\n        let dd: number = 0\n        while (-1 !== (dd = parts.indexOf('..', dd + 1))) {\n          const p = parts[dd - 1]\n          if (p && p !== '.' && p !== '..' && p !== '**') {\n            didSomething = true\n            const needDot = dd === 1 && parts[dd + 1] === '**'\n            const splin = needDot ? ['.'] : []\n            parts.splice(dd - 1, 2, ...splin)\n            if (parts.length === 0) parts.push('')\n            dd -= 2\n          }\n        }\n      }\n    } while (didSomething)\n\n    return globParts\n  }\n\n  // second phase: multi-pattern dedupes\n  // {<pre>/*/<rest>,<pre>/<p>/<rest>} -> <pre>/*/<rest>\n  // {<pre>/<rest>,<pre>/<rest>} -> <pre>/<rest>\n  // {<pre>/**/<rest>,<pre>/<rest>} -> <pre>/**/<rest>\n  //\n  // {<pre>/**/<rest>,<pre>/**/<p>/<rest>} -> <pre>/**/<rest>\n  // ^-- not valid because ** doens't follow symlinks\n  secondPhasePreProcess(globParts: string[][]): string[][] {\n    for (let i = 0; i < globParts.length - 1; i++) {\n      for (let j = i + 1; j < globParts.length; j++) {\n        const matched = this.partsMatch(\n          globParts[i],\n          globParts[j],\n          !this.preserveMultipleSlashes\n        )\n        if (matched) {\n          globParts[i] = []\n          globParts[j] = matched\n          break\n        }\n      }\n    }\n    return globParts.filter(gs => gs.length)\n  }\n\n  partsMatch(\n    a: string[],\n    b: string[],\n    emptyGSMatch: boolean = false\n  ): false | string[] {\n    let ai = 0\n    let bi = 0\n    let result: string[] = []\n    let which: string = ''\n    while (ai < a.length && bi < b.length) {\n      if (a[ai] === b[bi]) {\n        result.push(which === 'b' ? b[bi] : a[ai])\n        ai++\n        bi++\n      } else if (emptyGSMatch && a[ai] === '**' && b[bi] === a[ai + 1]) {\n        result.push(a[ai])\n        ai++\n      } else if (emptyGSMatch && b[bi] === '**' && a[ai] === b[bi + 1]) {\n        result.push(b[bi])\n        bi++\n      } else if (\n        a[ai] === '*' &&\n        b[bi] &&\n        (this.options.dot || !b[bi].startsWith('.')) &&\n        b[bi] !== '**'\n      ) {\n        if (which === 'b') return false\n        which = 'a'\n        result.push(a[ai])\n        ai++\n        bi++\n      } else if (\n        b[bi] === '*' &&\n        a[ai] &&\n        (this.options.dot || !a[ai].startsWith('.')) &&\n        a[ai] !== '**'\n      ) {\n        if (which === 'a') return false\n        which = 'b'\n        result.push(b[bi])\n        ai++\n        bi++\n      } else {\n        return false\n      }\n    }\n    // if we fall out of the loop, it means they two are identical\n    // as long as their lengths match\n    return a.length === b.length && result\n  }\n\n  parseNegate() {\n    if (this.nonegate) return\n\n    const pattern = this.pattern\n    let negate = false\n    let negateOffset = 0\n\n    for (let i = 0; i < pattern.length && pattern.charAt(i) === '!'; i++) {\n      negate = !negate\n      negateOffset++\n    }\n\n    if (negateOffset) this.pattern = pattern.slice(negateOffset)\n    this.negate = negate\n  }\n\n  // set partial to true to test if, for example,\n  // \"/a/b\" matches the start of \"/*/b/*/d\"\n  // Partial means, if you run out of file before you run\n  // out of pattern, then that's fine, as long as all\n  // the parts match.\n  matchOne(file: string[], pattern: ParseReturn[], partial: boolean = false) {\n    const options = this.options\n\n    // UNC paths like //?/X:/... can match X:/... and vice versa\n    // Drive letters in absolute drive or unc paths are always compared\n    // case-insensitively.\n    if (this.isWindows) {\n      const fileDrive = typeof file[0] === 'string' && /^[a-z]:$/i.test(file[0])\n      const fileUNC =\n        !fileDrive &&\n        file[0] === '' &&\n        file[1] === '' &&\n        file[2] === '?' &&\n        /^[a-z]:$/i.test(file[3])\n\n      const patternDrive =\n        typeof pattern[0] === 'string' && /^[a-z]:$/i.test(pattern[0])\n      const patternUNC =\n        !patternDrive &&\n        pattern[0] === '' &&\n        pattern[1] === '' &&\n        pattern[2] === '?' &&\n        typeof pattern[3] === 'string' &&\n        /^[a-z]:$/i.test(pattern[3])\n\n      const fdi = fileUNC ? 3 : fileDrive ? 0 : undefined\n      const pdi = patternUNC ? 3 : patternDrive ? 0 : undefined\n      if (typeof fdi === 'number' && typeof pdi === 'number') {\n        const [fd, pd]: [string, string] = [file[fdi], pattern[pdi] as string]\n        if (fd.toLowerCase() === pd.toLowerCase()) {\n          pattern[pdi] = fd\n          if (pdi > fdi) {\n            pattern = pattern.slice(pdi)\n          } else if (fdi > pdi) {\n            file = file.slice(fdi)\n          }\n        }\n      }\n    }\n\n    // resolve and reduce . and .. portions in the file as well.\n    // dont' need to do the second phase, because it's only one string[]\n    const { optimizationLevel = 1 } = this.options\n    if (optimizationLevel >= 2) {\n      file = this.levelTwoFileOptimize(file)\n    }\n\n    this.debug('matchOne', this, { file, pattern })\n    this.debug('matchOne', file.length, pattern.length)\n\n    for (\n      var fi = 0, pi = 0, fl = file.length, pl = pattern.length;\n      fi < fl && pi < pl;\n      fi++, pi++\n    ) {\n      this.debug('matchOne loop')\n      var p = pattern[pi]\n      var f = file[fi]\n\n      this.debug(pattern, p, f)\n\n      // should be impossible.\n      // some invalid regexp stuff in the set.\n      /* c8 ignore start */\n      if (p === false) {\n        return false\n      }\n      /* c8 ignore stop */\n\n      if (p === GLOBSTAR) {\n        this.debug('GLOBSTAR', [pattern, p, f])\n\n        // \"**\"\n        // a/**/b/**/c would match the following:\n        // a/b/x/y/z/c\n        // a/x/y/z/b/c\n        // a/b/x/b/x/c\n        // a/b/c\n        // To do this, take the rest of the pattern after\n        // the **, and see if it would match the file remainder.\n        // If so, return success.\n        // If not, the ** \"swallows\" a segment, and try again.\n        // This is recursively awful.\n        //\n        // a/**/b/**/c matching a/b/x/y/z/c\n        // - a matches a\n        // - doublestar\n        //   - matchOne(b/x/y/z/c, b/**/c)\n        //     - b matches b\n        //     - doublestar\n        //       - matchOne(x/y/z/c, c) -> no\n        //       - matchOne(y/z/c, c) -> no\n        //       - matchOne(z/c, c) -> no\n        //       - matchOne(c, c) yes, hit\n        var fr = fi\n        var pr = pi + 1\n        if (pr === pl) {\n          this.debug('** at the end')\n          // a ** at the end will just swallow the rest.\n          // We have found a match.\n          // however, it will not swallow /.x, unless\n          // options.dot is set.\n          // . and .. are *never* matched by **, for explosively\n          // exponential reasons.\n          for (; fi < fl; fi++) {\n            if (\n              file[fi] === '.' ||\n              file[fi] === '..' ||\n              (!options.dot && file[fi].charAt(0) === '.')\n            )\n              return false\n          }\n          return true\n        }\n\n        // ok, let's see if we can swallow whatever we can.\n        while (fr < fl) {\n          var swallowee = file[fr]\n\n          this.debug('\\nglobstar while', file, fr, pattern, pr, swallowee)\n\n          // XXX remove this slice.  Just pass the start index.\n          if (this.matchOne(file.slice(fr), pattern.slice(pr), partial)) {\n            this.debug('globstar found match!', fr, fl, swallowee)\n            // found a match.\n            return true\n          } else {\n            // can't swallow \".\" or \"..\" ever.\n            // can only swallow \".foo\" when explicitly asked.\n            if (\n              swallowee === '.' ||\n              swallowee === '..' ||\n              (!options.dot && swallowee.charAt(0) === '.')\n            ) {\n              this.debug('dot detected!', file, fr, pattern, pr)\n              break\n            }\n\n            // ** swallows a segment, and continue.\n            this.debug('globstar swallow a segment, and continue')\n            fr++\n          }\n        }\n\n        // no match was found.\n        // However, in partial mode, we can't say this is necessarily over.\n        /* c8 ignore start */\n        if (partial) {\n          // ran out of file\n          this.debug('\\n>>> no match, partial?', file, fr, pattern, pr)\n          if (fr === fl) {\n            return true\n          }\n        }\n        /* c8 ignore stop */\n        return false\n      }\n\n      // something other than **\n      // non-magic patterns just have to match exactly\n      // patterns with magic have been turned into regexps.\n      let hit: boolean\n      if (typeof p === 'string') {\n        hit = f === p\n        this.debug('string match', p, f, hit)\n      } else {\n        hit = p.test(f)\n        this.debug('pattern match', p, f, hit)\n      }\n\n      if (!hit) return false\n    }\n\n    // Note: ending in / means that we'll get a final \"\"\n    // at the end of the pattern.  This can only match a\n    // corresponding \"\" at the end of the file.\n    // If the file ends in /, then it can only match a\n    // a pattern that ends in /, unless the pattern just\n    // doesn't have any more for it. But, a/b/ should *not*\n    // match \"a/b/*\", even though \"\" matches against the\n    // [^/]*? pattern, except in partial mode, where it might\n    // simply not be reached yet.\n    // However, a/b/ should still satisfy a/*\n\n    // now either we fell off the end of the pattern, or we're done.\n    if (fi === fl && pi === pl) {\n      // ran out of pattern and filename at the same time.\n      // an exact hit!\n      return true\n    } else if (fi === fl) {\n      // ran out of file, but still had pattern left.\n      // this is ok if we're doing the match as part of\n      // a glob fs traversal.\n      return partial\n    } else if (pi === pl) {\n      // ran out of pattern, still have file left.\n      // this is only acceptable if we're on the very last\n      // empty segment of a file with a trailing slash.\n      // a/* should match a/b/\n      return fi === fl - 1 && file[fi] === ''\n\n      /* c8 ignore start */\n    } else {\n      // should be unreachable.\n      throw new Error('wtf?')\n    }\n    /* c8 ignore stop */\n  }\n\n  braceExpand() {\n    return braceExpand(this.pattern, this.options)\n  }\n\n  parse(pattern: string): ParseReturn {\n    assertValidPattern(pattern)\n\n    const options = this.options\n\n    // shortcuts\n    if (pattern === '**') return GLOBSTAR\n    if (pattern === '') return ''\n\n    // far and away, the most common glob pattern parts are\n    // *, *.*, and *.<ext>  Add a fast check method for those.\n    let m: RegExpMatchArray | null\n    let fastTest: null | ((f: string) => boolean) = null\n    if ((m = pattern.match(starRE))) {\n      fastTest = options.dot ? starTestDot : starTest\n    } else if ((m = pattern.match(starDotExtRE))) {\n      fastTest = (\n        options.nocase\n          ? options.dot\n            ? starDotExtTestNocaseDot\n            : starDotExtTestNocase\n          : options.dot\n          ? starDotExtTestDot\n          : starDotExtTest\n      )(m[1])\n    } else if ((m = pattern.match(qmarksRE))) {\n      fastTest = (\n        options.nocase\n          ? options.dot\n            ? qmarksTestNocaseDot\n            : qmarksTestNocase\n          : options.dot\n          ? qmarksTestDot\n          : qmarksTest\n      )(m)\n    } else if ((m = pattern.match(starDotStarRE))) {\n      fastTest = options.dot ? starDotStarTestDot : starDotStarTest\n    } else if ((m = pattern.match(dotStarRE))) {\n      fastTest = dotStarTest\n    }\n\n    const re = AST.fromGlob(pattern, this.options).toMMPattern()\n    if (fastTest && typeof re === 'object') {\n      // Avoids overriding in frozen environments\n      Reflect.defineProperty(re, 'test', { value: fastTest })\n    }\n    return re\n  }\n\n  makeRe() {\n    if (this.regexp || this.regexp === false) return this.regexp\n\n    // at this point, this.set is a 2d array of partial\n    // pattern strings, or \"**\".\n    //\n    // It's better to use .match().  This function shouldn't\n    // be used, really, but it's pretty convenient sometimes,\n    // when you just want to work with a regex.\n    const set = this.set\n\n    if (!set.length) {\n      this.regexp = false\n      return this.regexp\n    }\n    const options = this.options\n\n    const twoStar = options.noglobstar\n      ? star\n      : options.dot\n      ? twoStarDot\n      : twoStarNoDot\n    const flags = new Set(options.nocase ? ['i'] : [])\n\n    // regexpify non-globstar patterns\n    // if ** is only item, then we just do one twoStar\n    // if ** is first, and there are more, prepend (\\/|twoStar\\/)? to next\n    // if ** is last, append (\\/twoStar|) to previous\n    // if ** is in the middle, append (\\/|\\/twoStar\\/) to previous\n    // then filter out GLOBSTAR symbols\n    let re = set\n      .map(pattern => {\n        const pp: (string | typeof GLOBSTAR)[] = pattern.map(p => {\n          if (p instanceof RegExp) {\n            for (const f of p.flags.split('')) flags.add(f)\n          }\n          return typeof p === 'string'\n            ? regExpEscape(p)\n            : p === GLOBSTAR\n            ? GLOBSTAR\n            : p._src\n        }) as (string | typeof GLOBSTAR)[]\n        pp.forEach((p, i) => {\n          const next = pp[i + 1]\n          const prev = pp[i - 1]\n          if (p !== GLOBSTAR || prev === GLOBSTAR) {\n            return\n          }\n          if (prev === undefined) {\n            if (next !== undefined && next !== GLOBSTAR) {\n              pp[i + 1] = '(?:\\\\/|' + twoStar + '\\\\/)?' + next\n            } else {\n              pp[i] = twoStar\n            }\n          } else if (next === undefined) {\n            pp[i - 1] = prev + '(?:\\\\/|' + twoStar + ')?'\n          } else if (next !== GLOBSTAR) {\n            pp[i - 1] = prev + '(?:\\\\/|\\\\/' + twoStar + '\\\\/)' + next\n            pp[i + 1] = GLOBSTAR\n          }\n        })\n        return pp.filter(p => p !== GLOBSTAR).join('/')\n      })\n      .join('|')\n\n    // need to wrap in parens if we had more than one thing with |,\n    // otherwise only the first will be anchored to ^ and the last to $\n    const [open, close] = set.length > 1 ? ['(?:', ')'] : ['', '']\n    // must match entire pattern\n    // ending in a * or ** will make it less strict.\n    re = '^' + open + re + close + '$'\n\n    // can match anything, as long as it's not this.\n    if (this.negate) re = '^(?!' + re + ').+$'\n\n    try {\n      this.regexp = new RegExp(re, [...flags].join(''))\n      /* c8 ignore start */\n    } catch (ex) {\n      // should be impossible\n      this.regexp = false\n    }\n    /* c8 ignore stop */\n    return this.regexp\n  }\n\n  slashSplit(p: string) {\n    // if p starts with // on windows, we preserve that\n    // so that UNC paths aren't broken.  Otherwise, any number of\n    // / characters are coalesced into one, unless\n    // preserveMultipleSlashes is set to true.\n    if (this.preserveMultipleSlashes) {\n      return p.split('/')\n    } else if (this.isWindows && /^\\/\\/[^\\/]+/.test(p)) {\n      // add an extra '' for the one we lose\n      return ['', ...p.split(/\\/+/)]\n    } else {\n      return p.split(/\\/+/)\n    }\n  }\n\n  match(f: string, partial = this.partial) {\n    this.debug('match', f, this.pattern)\n    // short-circuit in the case of busted things.\n    // comments, etc.\n    if (this.comment) {\n      return false\n    }\n    if (this.empty) {\n      return f === ''\n    }\n\n    if (f === '/' && partial) {\n      return true\n    }\n\n    const options = this.options\n\n    // windows: need to use /, not \\\n    if (this.isWindows) {\n      f = f.split('\\\\').join('/')\n    }\n\n    // treat the test path as a set of pathparts.\n    const ff = this.slashSplit(f)\n    this.debug(this.pattern, 'split', ff)\n\n    // just ONE of the pattern sets in this.set needs to match\n    // in order for it to be valid.  If negating, then just one\n    // match means that we have failed.\n    // Either way, return on the first hit.\n\n    const set = this.set\n    this.debug(this.pattern, 'set', set)\n\n    // Find the basename of the path by looking for the last non-empty segment\n    let filename: string = ff[ff.length - 1]\n    if (!filename) {\n      for (let i = ff.length - 2; !filename && i >= 0; i--) {\n        filename = ff[i]\n      }\n    }\n\n    for (let i = 0; i < set.length; i++) {\n      const pattern = set[i]\n      let file = ff\n      if (options.matchBase && pattern.length === 1) {\n        file = [filename]\n      }\n      const hit = this.matchOne(file, pattern, partial)\n      if (hit) {\n        if (options.flipNegate) {\n          return true\n        }\n        return !this.negate\n      }\n    }\n\n    // didn't get any hits.  this is success if it's a negative\n    // pattern, failure otherwise.\n    if (options.flipNegate) {\n      return false\n    }\n    return this.negate\n  }\n\n  static defaults(def: MinimatchOptions) {\n    return minimatch.defaults(def).Minimatch\n  }\n}\n/* c8 ignore start */\nexport { AST } from './ast.js'\nexport { escape } from './escape.js'\nexport { unescape } from './unescape.js'\n/* c8 ignore stop */\nminimatch.AST = AST\nminimatch.Minimatch = Minimatch\nminimatch.escape = escape\nminimatch.unescape = unescape\n"]}
\ No newline at end of file
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAAA,6DAAgD;AAChD,uEAA8D;AAC9D,qCAA2C;AAC3C,2CAAoC;AACpC,+CAAwC;AAsCjC,MAAM,SAAS,GAAG,CACvB,CAAS,EACT,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,IAAA,4CAAkB,EAAC,OAAO,CAAC,CAAA;IAE3B,oCAAoC;IACpC,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;QACpD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;AACjD,CAAC,CAAA;AAbY,QAAA,SAAS,aAarB;AAED,wDAAwD;AACxD,MAAM,YAAY,GAAG,uBAAuB,CAAA;AAC5C,MAAM,cAAc,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,CAAS,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACvC,MAAM,iBAAiB,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACzE,MAAM,oBAAoB,GAAG,CAAC,GAAW,EAAE,EAAE;IAC3C,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC3E,CAAC,CAAA;AACD,MAAM,uBAAuB,GAAG,CAAC,GAAW,EAAE,EAAE;IAC9C,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACrD,CAAC,CAAA;AACD,MAAM,aAAa,GAAG,YAAY,CAAA;AAClC,MAAM,eAAe,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC5E,MAAM,kBAAkB,GAAG,CAAC,CAAS,EAAE,EAAE,CACvC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC5C,MAAM,SAAS,GAAG,SAAS,CAAA;AAC3B,MAAM,WAAW,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AAC/E,MAAM,MAAM,GAAG,OAAO,CAAA;AACtB,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AACpE,MAAM,WAAW,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,CAAA;AAC5E,MAAM,QAAQ,GAAG,wBAAwB,CAAA;AACzC,MAAM,gBAAgB,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IAC5D,MAAM,KAAK,GAAG,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACnC,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAA;IACtB,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACjE,CAAC,CAAA;AACD,MAAM,mBAAmB,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IAC/D,MAAM,KAAK,GAAG,kBAAkB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACtC,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAA;IACtB,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACjE,CAAC,CAAA;AACD,MAAM,aAAa,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IACzD,MAAM,KAAK,GAAG,kBAAkB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACtC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAClE,CAAC,CAAA;AACD,MAAM,UAAU,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IACtD,MAAM,KAAK,GAAG,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACnC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAClE,CAAC,CAAA;AACD,MAAM,eAAe,GAAG,CAAC,CAAC,EAAE,CAAmB,EAAE,EAAE;IACjD,MAAM,GAAG,GAAG,EAAE,CAAC,MAAM,CAAA;IACrB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AAC9D,CAAC,CAAA;AACD,MAAM,kBAAkB,GAAG,CAAC,CAAC,EAAE,CAAmB,EAAE,EAAE;IACpD,MAAM,GAAG,GAAG,EAAE,CAAC,MAAM,CAAA;IACrB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,CAAA;AACnE,CAAC,CAAA;AAED,qBAAqB;AACrB,MAAM,eAAe,GAAa,CAChC,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO;IACpC,CAAC,CAAC,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAC9B,OAAO,CAAC,GAAG;QACX,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC;QAC7C,OAAO,CAAC,QAAQ;IAClB,CAAC,CAAC,OAAO,CACA,CAAA;AAEb,MAAM,IAAI,GAAkC;IAC1C,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;IACpB,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE;CACpB,CAAA;AACD,oBAAoB;AAEP,QAAA,GAAG,GAAG,eAAe,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAA;AAChF,iBAAS,CAAC,GAAG,GAAG,WAAG,CAAA;AAEN,QAAA,QAAQ,GAAG,MAAM,CAAC,aAAa,CAAC,CAAA;AAC7C,iBAAS,CAAC,QAAQ,GAAG,gBAAQ,CAAA;AAE7B,gCAAgC;AAChC,iDAAiD;AACjD,MAAM,KAAK,GAAG,MAAM,CAAA;AAEpB,gCAAgC;AAChC,MAAM,IAAI,GAAG,KAAK,GAAG,IAAI,CAAA;AAEzB,4DAA4D;AAC5D,+DAA+D;AAC/D,6CAA6C;AAC7C,MAAM,UAAU,GAAG,yCAAyC,CAAA;AAE5D,kCAAkC;AAClC,6CAA6C;AAC7C,MAAM,YAAY,GAAG,yBAAyB,CAAA;AAEvC,MAAM,MAAM,GACjB,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACpD,CAAC,CAAS,EAAE,EAAE,CACZ,IAAA,iBAAS,EAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;AAHrB,QAAA,MAAM,UAGe;AAClC,iBAAS,CAAC,MAAM,GAAG,cAAM,CAAA;AAEzB,MAAM,GAAG,GAAG,CAAC,CAAmB,EAAE,IAAsB,EAAE,EAAE,EAAE,CAC5D,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;AAElB,MAAM,QAAQ,GAAG,CAAC,GAAqB,EAAoB,EAAE;IAClE,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;QAChE,OAAO,iBAAS,CAAA;IAClB,CAAC;IAED,MAAM,IAAI,GAAG,iBAAS,CAAA;IAEtB,MAAM,CAAC,GAAG,CAAC,CAAS,EAAE,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACvE,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;IAErC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE;QACtB,SAAS,EAAE,MAAM,SAAU,SAAQ,IAAI,CAAC,SAAS;YAC/C,YAAY,OAAe,EAAE,UAA4B,EAAE;gBACzD,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACnC,CAAC;YACD,MAAM,CAAC,QAAQ,CAAC,OAAyB;gBACvC,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;YACnD,CAAC;SACF;QAED,GAAG,EAAE,MAAM,GAAI,SAAQ,IAAI,CAAC,GAAG;YAC7B,qBAAqB;YACrB,YACE,IAAwB,EACxB,MAAY,EACZ,UAA4B,EAAE;gBAE9B,KAAK,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACxC,CAAC;YACD,oBAAoB;YAEpB,MAAM,CAAC,QAAQ,CAAC,OAAe,EAAE,UAA4B,EAAE;gBAC7D,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACtD,CAAC;SACF;QAED,QAAQ,EAAE,CACR,CAAS,EACT,UAA0D,EAAE,EAC5D,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAExC,MAAM,EAAE,CACN,CAAS,EACT,UAA0D,EAAE,EAC5D,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEtC,MAAM,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC1D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzC,QAAQ,EAAE,CAAC,OAAyB,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzE,MAAM,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC1D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzC,WAAW,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC/D,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE9C,KAAK,EAAE,CAAC,IAAc,EAAE,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACzE,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE9C,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,QAAQ,EAAE,gBAA2B;KACtC,CAAC,CAAA;AACJ,CAAC,CAAA;AA/DY,QAAA,QAAQ,YA+DpB;AACD,iBAAS,CAAC,QAAQ,GAAG,gBAAQ,CAAA;AAE7B,mBAAmB;AACnB,qBAAqB;AACrB,mBAAmB;AACnB,8BAA8B;AAC9B,mCAAmC;AACnC,2CAA2C;AAC3C,EAAE;AACF,iCAAiC;AACjC,qBAAqB;AACrB,iBAAiB;AACV,MAAM,WAAW,GAAG,CACzB,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,IAAA,4CAAkB,EAAC,OAAO,CAAC,CAAA;IAE3B,wDAAwD;IACxD,wDAAwD;IACxD,IAAI,OAAO,CAAC,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACzD,+BAA+B;QAC/B,OAAO,CAAC,OAAO,CAAC,CAAA;IAClB,CAAC;IAED,OAAO,IAAA,wBAAM,EAAC,OAAO,CAAC,CAAA;AACxB,CAAC,CAAA;AAdY,QAAA,WAAW,eAcvB;AACD,iBAAS,CAAC,WAAW,GAAG,mBAAW,CAAA;AAEnC,yCAAyC;AACzC,kDAAkD;AAClD,oEAAoE;AACpE,oEAAoE;AACpE,6DAA6D;AAC7D,kEAAkE;AAClE,EAAE;AACF,0EAA0E;AAC1E,wEAAwE;AACxE,qEAAqE;AACrE,8DAA8D;AAEvD,MAAM,MAAM,GAAG,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACxE,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,MAAM,EAAE,CAAA;AAD7B,QAAA,MAAM,UACuB;AAC1C,iBAAS,CAAC,MAAM,GAAG,cAAM,CAAA;AAElB,MAAM,KAAK,GAAG,CACnB,IAAc,EACd,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,MAAM,EAAE,GAAG,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IAC1C,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACpC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACtC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACpB,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AAXY,QAAA,KAAK,SAWjB;AACD,iBAAS,CAAC,KAAK,GAAG,aAAK,CAAA;AAEvB,+BAA+B;AAC/B,MAAM,SAAS,GAAG,yBAAyB,CAAA;AAC3C,MAAM,YAAY,GAAG,CAAC,CAAS,EAAE,EAAE,CACjC,CAAC,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,CAAA;AAU/C,MAAa,SAAS;IACpB,OAAO,CAAkB;IACzB,GAAG,CAAyB;IAC5B,OAAO,CAAQ;IAEf,oBAAoB,CAAS;IAC7B,QAAQ,CAAS;IACjB,MAAM,CAAS;IACf,OAAO,CAAS;IAChB,KAAK,CAAS;IACd,uBAAuB,CAAS;IAChC,OAAO,CAAS;IAChB,OAAO,CAAU;IACjB,SAAS,CAAY;IACrB,MAAM,CAAS;IAEf,SAAS,CAAS;IAClB,QAAQ,CAAU;IAClB,kBAAkB,CAAS;IAE3B,MAAM,CAAyB;IAC/B,YAAY,OAAe,EAAE,UAA4B,EAAE;QACzD,IAAA,4CAAkB,EAAC,OAAO,CAAC,CAAA;QAE3B,OAAO,GAAG,OAAO,IAAI,EAAE,CAAA;QACvB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAA;QACnD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAA;QAC1C,IAAI,CAAC,oBAAoB;YACvB,CAAC,CAAC,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC,kBAAkB,KAAK,KAAK,CAAA;QACxE,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC9B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QACjD,CAAC;QACD,IAAI,CAAC,uBAAuB,GAAG,CAAC,CAAC,OAAO,CAAC,uBAAuB,CAAA;QAChE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAA;QAClB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACnB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAA;QAClC,IAAI,CAAC,OAAO,GAAG,KAAK,CAAA;QACpB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;QAChC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAA;QACnC,IAAI,CAAC,kBAAkB;YACrB,OAAO,CAAC,kBAAkB,KAAK,SAAS;gBACtC,CAAC,CAAC,OAAO,CAAC,kBAAkB;gBAC5B,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,CAAA;QAEvC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAA;QACjB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;QACnB,IAAI,CAAC,GAAG,GAAG,EAAE,CAAA;QAEb,+BAA+B;QAC/B,IAAI,CAAC,IAAI,EAAE,CAAA;IACb,CAAC;IAED,QAAQ;QACN,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtD,OAAO,IAAI,CAAA;QACb,CAAC;QACD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;YAC/B,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;gBAC3B,IAAI,OAAO,IAAI,KAAK,QAAQ;oBAAE,OAAO,IAAI,CAAA;YAC3C,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,KAAK,CAAC,GAAG,CAAQ,IAAG,CAAC;IAErB,IAAI;QACF,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,6CAA6C;QAC7C,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACpD,IAAI,CAAC,OAAO,GAAG,IAAI,CAAA;YACnB,OAAM;QACR,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,CAAC,KAAK,GAAG,IAAI,CAAA;YACjB,OAAM;QACR,CAAC;QAED,oCAAoC;QACpC,IAAI,CAAC,WAAW,EAAE,CAAA;QAElB,wBAAwB;QACxB,IAAI,CAAC,OAAO,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAA;QAE/C,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,IAAI,CAAC,KAAK,GAAG,CAAC,GAAG,IAAW,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAA;QACzD,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QAEtC,+DAA+D;QAC/D,kCAAkC;QAClC,8DAA8D;QAC9D,oDAAoD;QACpD,wCAAwC;QACxC,EAAE;QACF,mEAAmE;QACnE,oEAAoE;QACpE,kEAAkE;QAClE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAA;QAC9D,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAA;QAC9C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;QAExC,mBAAmB;QACnB,IAAI,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE;YACxC,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC9C,qCAAqC;gBACrC,MAAM,KAAK,GACT,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBACvC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBACvB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBACrC,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACpE,CAAC;qBAAM,IAAI,OAAO,EAAE,CAAC;oBACnB,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACxD,CAAC;YACH,CAAC;YACD,OAAO,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAA;QACpC,CAAC,CAAC,CAAA;QAEF,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;QAE7B,sDAAsD;QACtD,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,MAAM,CACnB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CACF,CAAA;QAE5B,2CAA2C;QAC3C,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACzC,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;gBACrB,IACE,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG;oBAC5B,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,QAAQ;oBACxB,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EACtB,CAAC;oBACD,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAA;gBACZ,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACpC,CAAC;IAED,yDAAyD;IACzD,0DAA0D;IAC1D,yDAAyD;IACzD,4DAA4D;IAC5D,uCAAuC;IACvC,UAAU,CAAC,SAAqB;QAC9B,yDAAyD;QACzD,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC7C,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC7B,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAA;oBACvB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,EAAE,iBAAiB,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAA;QAE9C,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAC3B,wDAAwD;YACxD,SAAS,GAAG,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAA;YAChD,SAAS,GAAG,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAA;QACnD,CAAC;aAAM,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAClC,mDAAmD;YACnD,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAA;QAC9C,CAAC;aAAM,CAAC;YACN,8CAA8C;YAC9C,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;QACvD,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,wCAAwC;IACxC,yBAAyB,CAAC,SAAqB;QAC7C,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YAC3B,IAAI,EAAE,GAAW,CAAC,CAAC,CAAA;YACnB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,IAAI,CAAC,GAAG,EAAE,CAAA;gBACV,OAAO,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC7B,CAAC,EAAE,CAAA;gBACL,CAAC;gBACD,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;oBACb,KAAK,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAA;gBAC1B,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAA;QACd,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,kDAAkD;IAClD,gBAAgB,CAAC,SAAqB;QACpC,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YAC3B,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,GAAa,EAAE,IAAI,EAAE,EAAE;gBAC3C,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;gBAChC,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBACnC,OAAO,GAAG,CAAA;gBACZ,CAAC;gBACD,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBAClB,IAAI,IAAI,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;wBAC3D,GAAG,CAAC,GAAG,EAAE,CAAA;wBACT,OAAO,GAAG,CAAA;oBACZ,CAAC;gBACH,CAAC;gBACD,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBACd,OAAO,GAAG,CAAA;YACZ,CAAC,EAAE,EAAE,CAAC,CAAA;YACN,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QAC1C,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,oBAAoB,CAAC,KAAwB;QAC3C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1B,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;QAChC,CAAC;QACD,IAAI,YAAY,GAAY,KAAK,CAAA;QACjC,GAAG,CAAC;YACF,YAAY,GAAG,KAAK,CAAA;YACpB,mCAAmC;YACnC,IAAI,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC;gBAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC1C,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;oBAClB,iCAAiC;oBACjC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE;wBAAE,SAAQ;oBACpD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;wBAC1B,YAAY,GAAG,IAAI,CAAA;wBACnB,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;wBAClB,CAAC,EAAE,CAAA;oBACL,CAAC;gBACH,CAAC;gBACD,IACE,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;oBAChB,KAAK,CAAC,MAAM,KAAK,CAAC;oBAClB,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,EACrC,CAAC;oBACD,YAAY,GAAG,IAAI,CAAA;oBACnB,KAAK,CAAC,GAAG,EAAE,CAAA;gBACb,CAAC;YACH,CAAC;YAED,sCAAsC;YACtC,IAAI,EAAE,GAAW,CAAC,CAAA;YAClB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;gBACvB,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC/C,YAAY,GAAG,IAAI,CAAA;oBACnB,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;oBACvB,EAAE,IAAI,CAAC,CAAA;gBACT,CAAC;YACH,CAAC;QACH,CAAC,QAAQ,YAAY,EAAC;QACtB,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC1C,CAAC;IAED,yCAAyC;IACzC,8BAA8B;IAC9B,+BAA+B;IAC/B,iDAAiD;IACjD,iBAAiB;IACjB,EAAE;IACF,gEAAgE;IAChE,gEAAgE;IAChE,kEAAkE;IAClE,qDAAqD;IACrD,EAAE;IACF,kFAAkF;IAClF,mCAAmC;IACnC,sCAAsC;IACtC,4BAA4B;IAC5B,EAAE;IACF,qEAAqE;IACrE,+DAA+D;IAC/D,oBAAoB,CAAC,SAAqB;QACxC,IAAI,YAAY,GAAG,KAAK,CAAA;QACxB,GAAG,CAAC;YACF,YAAY,GAAG,KAAK,CAAA;YACpB,kFAAkF;YAClF,KAAK,IAAI,KAAK,IAAI,SAAS,EAAE,CAAC;gBAC5B,IAAI,EAAE,GAAW,CAAC,CAAC,CAAA;gBACnB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBACjD,IAAI,GAAG,GAAW,EAAE,CAAA;oBACpB,OAAO,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC/B,wCAAwC;wBACxC,GAAG,EAAE,CAAA;oBACP,CAAC;oBACD,uDAAuD;oBACvD,mCAAmC;oBACnC,IAAI,GAAG,GAAG,EAAE,EAAE,CAAC;wBACb,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,CAAA;oBAChC,CAAC;oBAED,IAAI,IAAI,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACxB,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACvB,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACxB,IAAI,IAAI,KAAK,IAAI;wBAAE,SAAQ;oBAC3B,IACE,CAAC,CAAC;wBACF,CAAC,KAAK,GAAG;wBACT,CAAC,KAAK,IAAI;wBACV,CAAC,EAAE;wBACH,EAAE,KAAK,GAAG;wBACV,EAAE,KAAK,IAAI,EACX,CAAC;wBACD,SAAQ;oBACV,CAAC;oBACD,YAAY,GAAG,IAAI,CAAA;oBACnB,4CAA4C;oBAC5C,KAAK,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC,CAAA;oBACnB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;oBAC5B,KAAK,CAAC,EAAE,CAAC,GAAG,IAAI,CAAA;oBAChB,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;oBACrB,EAAE,EAAE,CAAA;gBACN,CAAC;gBAED,mCAAmC;gBACnC,IAAI,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC;oBAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;wBAC1C,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;wBAClB,iCAAiC;wBACjC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE;4BAAE,SAAQ;wBACpD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;4BAC1B,YAAY,GAAG,IAAI,CAAA;4BACnB,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;4BAClB,CAAC,EAAE,CAAA;wBACL,CAAC;oBACH,CAAC;oBACD,IACE,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;wBAChB,KAAK,CAAC,MAAM,KAAK,CAAC;wBAClB,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,EACrC,CAAC;wBACD,YAAY,GAAG,IAAI,CAAA;wBACnB,KAAK,CAAC,GAAG,EAAE,CAAA;oBACb,CAAC;gBACH,CAAC;gBAED,sCAAsC;gBACtC,IAAI,EAAE,GAAW,CAAC,CAAA;gBAClB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBACjD,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACvB,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC/C,YAAY,GAAG,IAAI,CAAA;wBACnB,MAAM,OAAO,GAAG,EAAE,KAAK,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,IAAI,CAAA;wBAClD,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;wBAClC,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,CAAA;wBACjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;4BAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;wBACtC,EAAE,IAAI,CAAC,CAAA;oBACT,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,QAAQ,YAAY,EAAC;QAEtB,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,sCAAsC;IACtC,sDAAsD;IACtD,8CAA8C;IAC9C,oDAAoD;IACpD,EAAE;IACF,2DAA2D;IAC3D,mDAAmD;IACnD,qBAAqB,CAAC,SAAqB;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAC7B,SAAS,CAAC,CAAC,CAAC,EACZ,SAAS,CAAC,CAAC,CAAC,EACZ,CAAC,IAAI,CAAC,uBAAuB,CAC9B,CAAA;gBACD,IAAI,OAAO,EAAE,CAAC;oBACZ,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAA;oBACjB,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAA;oBACtB,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,CAAA;IAC1C,CAAC;IAED,UAAU,CACR,CAAW,EACX,CAAW,EACX,eAAwB,KAAK;QAE7B,IAAI,EAAE,GAAG,CAAC,CAAA;QACV,IAAI,EAAE,GAAG,CAAC,CAAA;QACV,IAAI,MAAM,GAAa,EAAE,CAAA;QACzB,IAAI,KAAK,GAAW,EAAE,CAAA;QACtB,OAAO,EAAE,GAAG,CAAC,CAAC,MAAM,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;YACtC,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;gBACpB,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAC1C,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IAAI,YAAY,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;gBACjE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IAAI,YAAY,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;gBACjE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IACL,CAAC,CAAC,EAAE,CAAC,KAAK,GAAG;gBACb,CAAC,CAAC,EAAE,CAAC;gBACL,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,EACd,CAAC;gBACD,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,KAAK,CAAA;gBAC/B,KAAK,GAAG,GAAG,CAAA;gBACX,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IACL,CAAC,CAAC,EAAE,CAAC,KAAK,GAAG;gBACb,CAAC,CAAC,EAAE,CAAC;gBACL,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,EACd,CAAC;gBACD,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,KAAK,CAAA;gBAC/B,KAAK,GAAG,GAAG,CAAA;gBACX,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,CAAC;gBACN,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;QACD,8DAA8D;QAC9D,iCAAiC;QACjC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,MAAM,CAAA;IACxC,CAAC;IAED,WAAW;QACT,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAM;QAEzB,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,IAAI,MAAM,GAAG,KAAK,CAAA;QAClB,IAAI,YAAY,GAAG,CAAC,CAAA;QAEpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YACrE,MAAM,GAAG,CAAC,MAAM,CAAA;YAChB,YAAY,EAAE,CAAA;QAChB,CAAC;QAED,IAAI,YAAY;YAAE,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QAC5D,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED,+CAA+C;IAC/C,yCAAyC;IACzC,uDAAuD;IACvD,mDAAmD;IACnD,mBAAmB;IACnB,QAAQ,CAAC,IAAc,EAAE,OAAsB,EAAE,UAAmB,KAAK;QACvE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,4DAA4D;QAC5D,mEAAmE;QACnE,sBAAsB;QACtB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,MAAM,SAAS,GAAG,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;YAC1E,MAAM,OAAO,GACX,CAAC,SAAS;gBACV,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE;gBACd,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE;gBACd,IAAI,CAAC,CAAC,CAAC,KAAK,GAAG;gBACf,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;YAE3B,MAAM,YAAY,GAChB,OAAO,OAAO,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;YAChE,MAAM,UAAU,GACd,CAAC,YAAY;gBACb,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE;gBACjB,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE;gBACjB,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG;gBAClB,OAAO,OAAO,CAAC,CAAC,CAAC,KAAK,QAAQ;gBAC9B,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;YAE9B,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACnD,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACzD,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,GAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,OAAO,CAAC,GAAG,CAAW,CAAC,CAAA;gBACtE,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;oBAC1C,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,CAAA;oBACjB,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;wBACd,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBAC9B,CAAC;yBAAM,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;wBACrB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBACxB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,4DAA4D;QAC5D,oEAAoE;QACpE,MAAM,EAAE,iBAAiB,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAA;QAC9C,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAC3B,IAAI,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAA;QACxC,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;QAC/C,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;QAEnD,KACE,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,EACzD,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,EAClB,EAAE,EAAE,EAAE,EAAE,EAAE,EACV,CAAC;YACD,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;YAC3B,IAAI,CAAC,GAAG,OAAO,CAAC,EAAE,CAAC,CAAA;YACnB,IAAI,CAAC,GAAG,IAAI,CAAC,EAAE,CAAC,CAAA;YAEhB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;YAEzB,wBAAwB;YACxB,wCAAwC;YACxC,qBAAqB;YACrB,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC;gBAChB,OAAO,KAAK,CAAA;YACd,CAAC;YACD,oBAAoB;YAEpB,IAAI,CAAC,KAAK,gBAAQ,EAAE,CAAC;gBACnB,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBAEvC,OAAO;gBACP,yCAAyC;gBACzC,cAAc;gBACd,cAAc;gBACd,cAAc;gBACd,QAAQ;gBACR,iDAAiD;gBACjD,wDAAwD;gBACxD,yBAAyB;gBACzB,sDAAsD;gBACtD,6BAA6B;gBAC7B,EAAE;gBACF,mCAAmC;gBACnC,gBAAgB;gBAChB,eAAe;gBACf,kCAAkC;gBAClC,oBAAoB;gBACpB,mBAAmB;gBACnB,qCAAqC;gBACrC,mCAAmC;gBACnC,iCAAiC;gBACjC,kCAAkC;gBAClC,IAAI,EAAE,GAAG,EAAE,CAAA;gBACX,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;gBACf,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;oBACd,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;oBAC3B,8CAA8C;oBAC9C,yBAAyB;oBACzB,2CAA2C;oBAC3C,sBAAsB;oBACtB,sDAAsD;oBACtD,uBAAuB;oBACvB,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;wBACrB,IACE,IAAI,CAAC,EAAE,CAAC,KAAK,GAAG;4BAChB,IAAI,CAAC,EAAE,CAAC,KAAK,IAAI;4BACjB,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;4BAE5C,OAAO,KAAK,CAAA;oBAChB,CAAC;oBACD,OAAO,IAAI,CAAA;gBACb,CAAC;gBAED,mDAAmD;gBACnD,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC;oBACf,IAAI,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAA;oBAExB,IAAI,CAAC,KAAK,CAAC,kBAAkB,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;oBAEhE,qDAAqD;oBACrD,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,EAAE,CAAC;wBAC9D,IAAI,CAAC,KAAK,CAAC,uBAAuB,EAAE,EAAE,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;wBACtD,iBAAiB;wBACjB,OAAO,IAAI,CAAA;oBACb,CAAC;yBAAM,CAAC;wBACN,kCAAkC;wBAClC,iDAAiD;wBACjD,IACE,SAAS,KAAK,GAAG;4BACjB,SAAS,KAAK,IAAI;4BAClB,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,EAC7C,CAAC;4BACD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;4BAClD,MAAK;wBACP,CAAC;wBAED,uCAAuC;wBACvC,IAAI,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAA;wBACtD,EAAE,EAAE,CAAA;oBACN,CAAC;gBACH,CAAC;gBAED,sBAAsB;gBACtB,mEAAmE;gBACnE,qBAAqB;gBACrB,IAAI,OAAO,EAAE,CAAC;oBACZ,kBAAkB;oBAClB,IAAI,CAAC,KAAK,CAAC,0BAA0B,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;oBAC7D,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;wBACd,OAAO,IAAI,CAAA;oBACb,CAAC;gBACH,CAAC;gBACD,oBAAoB;gBACpB,OAAO,KAAK,CAAA;YACd,CAAC;YAED,0BAA0B;YAC1B,gDAAgD;YAChD,qDAAqD;YACrD,IAAI,GAAY,CAAA;YAChB,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;gBAC1B,GAAG,GAAG,CAAC,KAAK,CAAC,CAAA;gBACb,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAA;YACvC,CAAC;iBAAM,CAAC;gBACN,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gBACf,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAA;YACxC,CAAC;YAED,IAAI,CAAC,GAAG;gBAAE,OAAO,KAAK,CAAA;QACxB,CAAC;QAED,oDAAoD;QACpD,oDAAoD;QACpD,2CAA2C;QAC3C,kDAAkD;QAClD,oDAAoD;QACpD,uDAAuD;QACvD,oDAAoD;QACpD,yDAAyD;QACzD,6BAA6B;QAC7B,yCAAyC;QAEzC,gEAAgE;QAChE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC3B,oDAAoD;YACpD,gBAAgB;YAChB,OAAO,IAAI,CAAA;QACb,CAAC;aAAM,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACrB,+CAA+C;YAC/C,iDAAiD;YACjD,uBAAuB;YACvB,OAAO,OAAO,CAAA;QAChB,CAAC;aAAM,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACrB,4CAA4C;YAC5C,oDAAoD;YACpD,iDAAiD;YACjD,wBAAwB;YACxB,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAA;YAEvC,qBAAqB;QACvB,CAAC;aAAM,CAAC;YACN,yBAAyB;YACzB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,CAAA;QACzB,CAAC;QACD,oBAAoB;IACtB,CAAC;IAED,WAAW;QACT,OAAO,IAAA,mBAAW,EAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,OAAe;QACnB,IAAA,4CAAkB,EAAC,OAAO,CAAC,CAAA;QAE3B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,YAAY;QACZ,IAAI,OAAO,KAAK,IAAI;YAAE,OAAO,gBAAQ,CAAA;QACrC,IAAI,OAAO,KAAK,EAAE;YAAE,OAAO,EAAE,CAAA;QAE7B,uDAAuD;QACvD,0DAA0D;QAC1D,IAAI,CAA0B,CAAA;QAC9B,IAAI,QAAQ,GAAoC,IAAI,CAAA;QACpD,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAChC,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAA;QACjD,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;YAC7C,QAAQ,GAAG,CACT,OAAO,CAAC,MAAM;gBACZ,CAAC,CAAC,OAAO,CAAC,GAAG;oBACX,CAAC,CAAC,uBAAuB;oBACzB,CAAC,CAAC,oBAAoB;gBACxB,CAAC,CAAC,OAAO,CAAC,GAAG;oBACb,CAAC,CAAC,iBAAiB;oBACnB,CAAC,CAAC,cAAc,CACnB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACT,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACzC,QAAQ,GAAG,CACT,OAAO,CAAC,MAAM;gBACZ,CAAC,CAAC,OAAO,CAAC,GAAG;oBACX,CAAC,CAAC,mBAAmB;oBACrB,CAAC,CAAC,gBAAgB;gBACpB,CAAC,CAAC,OAAO,CAAC,GAAG;oBACb,CAAC,CAAC,aAAa;oBACf,CAAC,CAAC,UAAU,CACf,CAAC,CAAC,CAAC,CAAA;QACN,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YAC9C,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,eAAe,CAAA;QAC/D,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;YAC1C,QAAQ,GAAG,WAAW,CAAA;QACxB,CAAC;QAED,MAAM,EAAE,GAAG,YAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAA;QAC5D,IAAI,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE,CAAC;YACvC,2CAA2C;YAC3C,OAAO,CAAC,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAA;QACzD,CAAC;QACD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM;QACJ,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK;YAAE,OAAO,IAAI,CAAC,MAAM,CAAA;QAE5D,mDAAmD;QACnD,4BAA4B;QAC5B,EAAE;QACF,wDAAwD;QACxD,yDAAyD;QACzD,2CAA2C;QAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;QAEpB,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;YACnB,OAAO,IAAI,CAAC,MAAM,CAAA;QACpB,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU;YAChC,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,OAAO,CAAC,GAAG;gBACb,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,YAAY,CAAA;QAChB,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;QAElD,kCAAkC;QAClC,kDAAkD;QAClD,sEAAsE;QACtE,iDAAiD;QACjD,8DAA8D;QAC9D,mCAAmC;QACnC,IAAI,EAAE,GAAG,GAAG;aACT,GAAG,CAAC,OAAO,CAAC,EAAE;YACb,MAAM,EAAE,GAAiC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;gBACvD,IAAI,CAAC,YAAY,MAAM,EAAE,CAAC;oBACxB,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;wBAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;gBACjD,CAAC;gBACD,OAAO,OAAO,CAAC,KAAK,QAAQ;oBAC1B,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;oBACjB,CAAC,CAAC,CAAC,KAAK,gBAAQ;wBAChB,CAAC,CAAC,gBAAQ;wBACV,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YACZ,CAAC,CAAiC,CAAA;YAClC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBAClB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;gBACtB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;gBACtB,IAAI,CAAC,KAAK,gBAAQ,IAAI,IAAI,KAAK,gBAAQ,EAAE,CAAC;oBACxC,OAAM;gBACR,CAAC;gBACD,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBACvB,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,gBAAQ,EAAE,CAAC;wBAC5C,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,SAAS,GAAG,OAAO,GAAG,OAAO,GAAG,IAAI,CAAA;oBAClD,CAAC;yBAAM,CAAC;wBACN,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,CAAA;oBACjB,CAAC;gBACH,CAAC;qBAAM,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBAC9B,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,GAAG,IAAI,CAAA;gBAC/C,CAAC;qBAAM,IAAI,IAAI,KAAK,gBAAQ,EAAE,CAAC;oBAC7B,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,YAAY,GAAG,OAAO,GAAG,MAAM,GAAG,IAAI,CAAA;oBACzD,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,gBAAQ,CAAA;gBACtB,CAAC;YACH,CAAC,CAAC,CAAA;YACF,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,gBAAQ,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACjD,CAAC,CAAC;aACD,IAAI,CAAC,GAAG,CAAC,CAAA;QAEZ,+DAA+D;QAC/D,mEAAmE;QACnE,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAC9D,4BAA4B;QAC5B,gDAAgD;QAChD,EAAE,GAAG,GAAG,GAAG,IAAI,GAAG,EAAE,GAAG,KAAK,GAAG,GAAG,CAAA;QAElC,gDAAgD;QAChD,IAAI,IAAI,CAAC,MAAM;YAAE,EAAE,GAAG,MAAM,GAAG,EAAE,GAAG,MAAM,CAAA;QAE1C,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAA;YACjD,qBAAqB;QACvB,CAAC;QAAC,OAAO,EAAE,EAAE,CAAC;YACZ,uBAAuB;YACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACrB,CAAC;QACD,oBAAoB;QACpB,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,UAAU,CAAC,CAAS;QAClB,mDAAmD;QACnD,6DAA6D;QAC7D,8CAA8C;QAC9C,0CAA0C;QAC1C,IAAI,IAAI,CAAC,uBAAuB,EAAE,CAAC;YACjC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACrB,CAAC;aAAM,IAAI,IAAI,CAAC,SAAS,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;YACnD,sCAAsC;YACtC,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAA;QAChC,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;QACvB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,CAAS,EAAE,OAAO,GAAG,IAAI,CAAC,OAAO;QACrC,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QACpC,8CAA8C;QAC9C,iBAAiB;QACjB,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO,KAAK,CAAA;QACd,CAAC;QACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,EAAE,CAAA;QACjB,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,IAAI,OAAO,EAAE,CAAC;YACzB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,gCAAgC;QAChC,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAC7B,CAAC;QAED,6CAA6C;QAC7C,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;QAErC,0DAA0D;QAC1D,2DAA2D;QAC3D,mCAAmC;QACnC,uCAAuC;QAEvC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;QACpB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,CAAA;QAEpC,0EAA0E;QAC1E,IAAI,QAAQ,GAAW,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACxC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBACrD,QAAQ,GAAG,EAAE,CAAC,CAAC,CAAC,CAAA;YAClB,CAAC;QACH,CAAC;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;YACtB,IAAI,IAAI,GAAG,EAAE,CAAA;YACb,IAAI,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9C,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAA;YACnB,CAAC;YACD,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;YACjD,IAAI,GAAG,EAAE,CAAC;gBACR,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;oBACvB,OAAO,IAAI,CAAA;gBACb,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,MAAM,CAAA;YACrB,CAAC;QACH,CAAC;QAED,2DAA2D;QAC3D,8BAA8B;QAC9B,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,GAAqB;QACnC,OAAO,iBAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,CAAA;IAC1C,CAAC;CACF;AAl4BD,8BAk4BC;AACD,qBAAqB;AACrB,mCAA8B;AAArB,6FAAA,GAAG,OAAA;AACZ,yCAAoC;AAA3B,mGAAA,MAAM,OAAA;AACf,6CAAwC;AAA/B,uGAAA,QAAQ,OAAA;AACjB,oBAAoB;AACpB,iBAAS,CAAC,GAAG,GAAG,YAAG,CAAA;AACnB,iBAAS,CAAC,SAAS,GAAG,SAAS,CAAA;AAC/B,iBAAS,CAAC,MAAM,GAAG,kBAAM,CAAA;AACzB,iBAAS,CAAC,QAAQ,GAAG,sBAAQ,CAAA","sourcesContent":["import { expand } from '@isaacs/brace-expansion'\nimport { assertValidPattern } from './assert-valid-pattern.js'\nimport { AST, ExtglobType } from './ast.js'\nimport { escape } from './escape.js'\nimport { unescape } from './unescape.js'\n\ntype Platform =\n  | 'aix'\n  | 'android'\n  | 'darwin'\n  | 'freebsd'\n  | 'haiku'\n  | 'linux'\n  | 'openbsd'\n  | 'sunos'\n  | 'win32'\n  | 'cygwin'\n  | 'netbsd'\n\nexport interface MinimatchOptions {\n  nobrace?: boolean\n  nocomment?: boolean\n  nonegate?: boolean\n  debug?: boolean\n  noglobstar?: boolean\n  noext?: boolean\n  nonull?: boolean\n  windowsPathsNoEscape?: boolean\n  allowWindowsEscape?: boolean\n  partial?: boolean\n  dot?: boolean\n  nocase?: boolean\n  nocaseMagicOnly?: boolean\n  magicalBraces?: boolean\n  matchBase?: boolean\n  flipNegate?: boolean\n  preserveMultipleSlashes?: boolean\n  optimizationLevel?: number\n  platform?: Platform\n  windowsNoMagicRoot?: boolean\n}\n\nexport const minimatch = (\n  p: string,\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  assertValidPattern(pattern)\n\n  // shortcut: comments match nothing.\n  if (!options.nocomment && pattern.charAt(0) === '#') {\n    return false\n  }\n\n  return new Minimatch(pattern, options).match(p)\n}\n\n// Optimized checking for the most common glob patterns.\nconst starDotExtRE = /^\\*+([^+@!?\\*\\[\\(]*)$/\nconst starDotExtTest = (ext: string) => (f: string) =>\n  !f.startsWith('.') && f.endsWith(ext)\nconst starDotExtTestDot = (ext: string) => (f: string) => f.endsWith(ext)\nconst starDotExtTestNocase = (ext: string) => {\n  ext = ext.toLowerCase()\n  return (f: string) => !f.startsWith('.') && f.toLowerCase().endsWith(ext)\n}\nconst starDotExtTestNocaseDot = (ext: string) => {\n  ext = ext.toLowerCase()\n  return (f: string) => f.toLowerCase().endsWith(ext)\n}\nconst starDotStarRE = /^\\*+\\.\\*+$/\nconst starDotStarTest = (f: string) => !f.startsWith('.') && f.includes('.')\nconst starDotStarTestDot = (f: string) =>\n  f !== '.' && f !== '..' && f.includes('.')\nconst dotStarRE = /^\\.\\*+$/\nconst dotStarTest = (f: string) => f !== '.' && f !== '..' && f.startsWith('.')\nconst starRE = /^\\*+$/\nconst starTest = (f: string) => f.length !== 0 && !f.startsWith('.')\nconst starTestDot = (f: string) => f.length !== 0 && f !== '.' && f !== '..'\nconst qmarksRE = /^\\?+([^+@!?\\*\\[\\(]*)?$/\nconst qmarksTestNocase = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExt([$0])\n  if (!ext) return noext\n  ext = ext.toLowerCase()\n  return (f: string) => noext(f) && f.toLowerCase().endsWith(ext)\n}\nconst qmarksTestNocaseDot = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExtDot([$0])\n  if (!ext) return noext\n  ext = ext.toLowerCase()\n  return (f: string) => noext(f) && f.toLowerCase().endsWith(ext)\n}\nconst qmarksTestDot = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExtDot([$0])\n  return !ext ? noext : (f: string) => noext(f) && f.endsWith(ext)\n}\nconst qmarksTest = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExt([$0])\n  return !ext ? noext : (f: string) => noext(f) && f.endsWith(ext)\n}\nconst qmarksTestNoExt = ([$0]: RegExpMatchArray) => {\n  const len = $0.length\n  return (f: string) => f.length === len && !f.startsWith('.')\n}\nconst qmarksTestNoExtDot = ([$0]: RegExpMatchArray) => {\n  const len = $0.length\n  return (f: string) => f.length === len && f !== '.' && f !== '..'\n}\n\n/* c8 ignore start */\nconst defaultPlatform: Platform = (\n  typeof process === 'object' && process\n    ? (typeof process.env === 'object' &&\n        process.env &&\n        process.env.__MINIMATCH_TESTING_PLATFORM__) ||\n      process.platform\n    : 'posix'\n) as Platform\ntype Sep = '\\\\' | '/'\nconst path: { [k: string]: { sep: Sep } } = {\n  win32: { sep: '\\\\' },\n  posix: { sep: '/' },\n}\n/* c8 ignore stop */\n\nexport const sep = defaultPlatform === 'win32' ? path.win32.sep : path.posix.sep\nminimatch.sep = sep\n\nexport const GLOBSTAR = Symbol('globstar **')\nminimatch.GLOBSTAR = GLOBSTAR\n\n// any single thing other than /\n// don't need to escape / when using new RegExp()\nconst qmark = '[^/]'\n\n// * => any number of characters\nconst star = qmark + '*?'\n\n// ** when dots are allowed.  Anything goes, except .. and .\n// not (^ or / followed by one or two dots followed by $ or /),\n// followed by anything, any number of times.\nconst twoStarDot = '(?:(?!(?:\\\\/|^)(?:\\\\.{1,2})($|\\\\/)).)*?'\n\n// not a ^ or / followed by a dot,\n// followed by anything, any number of times.\nconst twoStarNoDot = '(?:(?!(?:\\\\/|^)\\\\.).)*?'\n\nexport const filter =\n  (pattern: string, options: MinimatchOptions = {}) =>\n  (p: string) =>\n    minimatch(p, pattern, options)\nminimatch.filter = filter\n\nconst ext = (a: MinimatchOptions, b: MinimatchOptions = {}) =>\n  Object.assign({}, a, b)\n\nexport const defaults = (def: MinimatchOptions): typeof minimatch => {\n  if (!def || typeof def !== 'object' || !Object.keys(def).length) {\n    return minimatch\n  }\n\n  const orig = minimatch\n\n  const m = (p: string, pattern: string, options: MinimatchOptions = {}) =>\n    orig(p, pattern, ext(def, options))\n\n  return Object.assign(m, {\n    Minimatch: class Minimatch extends orig.Minimatch {\n      constructor(pattern: string, options: MinimatchOptions = {}) {\n        super(pattern, ext(def, options))\n      }\n      static defaults(options: MinimatchOptions) {\n        return orig.defaults(ext(def, options)).Minimatch\n      }\n    },\n\n    AST: class AST extends orig.AST {\n      /* c8 ignore start */\n      constructor(\n        type: ExtglobType | null,\n        parent?: AST,\n        options: MinimatchOptions = {}\n      ) {\n        super(type, parent, ext(def, options))\n      }\n      /* c8 ignore stop */\n\n      static fromGlob(pattern: string, options: MinimatchOptions = {}) {\n        return orig.AST.fromGlob(pattern, ext(def, options))\n      }\n    },\n\n    unescape: (\n      s: string,\n      options: Pick<MinimatchOptions, 'windowsPathsNoEscape'> = {}\n    ) => orig.unescape(s, ext(def, options)),\n\n    escape: (\n      s: string,\n      options: Pick<MinimatchOptions, 'windowsPathsNoEscape'> = {}\n    ) => orig.escape(s, ext(def, options)),\n\n    filter: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.filter(pattern, ext(def, options)),\n\n    defaults: (options: MinimatchOptions) => orig.defaults(ext(def, options)),\n\n    makeRe: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.makeRe(pattern, ext(def, options)),\n\n    braceExpand: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.braceExpand(pattern, ext(def, options)),\n\n    match: (list: string[], pattern: string, options: MinimatchOptions = {}) =>\n      orig.match(list, pattern, ext(def, options)),\n\n    sep: orig.sep,\n    GLOBSTAR: GLOBSTAR as typeof GLOBSTAR,\n  })\n}\nminimatch.defaults = defaults\n\n// Brace expansion:\n// a{b,c}d -> abd acd\n// a{b,}c -> abc ac\n// a{0..3}d -> a0d a1d a2d a3d\n// a{b,c{d,e}f}g -> abg acdfg acefg\n// a{b,c}d{e,f}g -> abdeg acdeg abdeg abdfg\n//\n// Invalid sets are not expanded.\n// a{2..}b -> a{2..}b\n// a{b}c -> a{b}c\nexport const braceExpand = (\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  assertValidPattern(pattern)\n\n  // Thanks to Yeting Li <https://github.com/yetingli> for\n  // improving this regexp to avoid a ReDOS vulnerability.\n  if (options.nobrace || !/\\{(?:(?!\\{).)*\\}/.test(pattern)) {\n    // shortcut. no need to expand.\n    return [pattern]\n  }\n\n  return expand(pattern)\n}\nminimatch.braceExpand = braceExpand\n\n// parse a component of the expanded set.\n// At this point, no pattern may contain \"/\" in it\n// so we're going to return a 2d array, where each entry is the full\n// pattern, split on '/', and then turned into a regular expression.\n// A regexp is made at the end which joins each array with an\n// escaped /, and another full one which joins each regexp with |.\n//\n// Following the lead of Bash 4.1, note that \"**\" only has special meaning\n// when it is the *only* thing in a path portion.  Otherwise, any series\n// of * is equivalent to a single *.  Globstar behavior is enabled by\n// default, and can be disabled by setting options.noglobstar.\n\nexport const makeRe = (pattern: string, options: MinimatchOptions = {}) =>\n  new Minimatch(pattern, options).makeRe()\nminimatch.makeRe = makeRe\n\nexport const match = (\n  list: string[],\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  const mm = new Minimatch(pattern, options)\n  list = list.filter(f => mm.match(f))\n  if (mm.options.nonull && !list.length) {\n    list.push(pattern)\n  }\n  return list\n}\nminimatch.match = match\n\n// replace stuff like \\* with *\nconst globMagic = /[?*]|[+@!]\\(.*?\\)|\\[|\\]/\nconst regExpEscape = (s: string) =>\n  s.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')\n\nexport type MMRegExp = RegExp & {\n  _src?: string\n  _glob?: string\n}\n\nexport type ParseReturnFiltered = string | MMRegExp | typeof GLOBSTAR\nexport type ParseReturn = ParseReturnFiltered | false\n\nexport class Minimatch {\n  options: MinimatchOptions\n  set: ParseReturnFiltered[][]\n  pattern: string\n\n  windowsPathsNoEscape: boolean\n  nonegate: boolean\n  negate: boolean\n  comment: boolean\n  empty: boolean\n  preserveMultipleSlashes: boolean\n  partial: boolean\n  globSet: string[]\n  globParts: string[][]\n  nocase: boolean\n\n  isWindows: boolean\n  platform: Platform\n  windowsNoMagicRoot: boolean\n\n  regexp: false | null | MMRegExp\n  constructor(pattern: string, options: MinimatchOptions = {}) {\n    assertValidPattern(pattern)\n\n    options = options || {}\n    this.options = options\n    this.pattern = pattern\n    this.platform = options.platform || defaultPlatform\n    this.isWindows = this.platform === 'win32'\n    this.windowsPathsNoEscape =\n      !!options.windowsPathsNoEscape || options.allowWindowsEscape === false\n    if (this.windowsPathsNoEscape) {\n      this.pattern = this.pattern.replace(/\\\\/g, '/')\n    }\n    this.preserveMultipleSlashes = !!options.preserveMultipleSlashes\n    this.regexp = null\n    this.negate = false\n    this.nonegate = !!options.nonegate\n    this.comment = false\n    this.empty = false\n    this.partial = !!options.partial\n    this.nocase = !!this.options.nocase\n    this.windowsNoMagicRoot =\n      options.windowsNoMagicRoot !== undefined\n        ? options.windowsNoMagicRoot\n        : !!(this.isWindows && this.nocase)\n\n    this.globSet = []\n    this.globParts = []\n    this.set = []\n\n    // make the set of regexps etc.\n    this.make()\n  }\n\n  hasMagic(): boolean {\n    if (this.options.magicalBraces && this.set.length > 1) {\n      return true\n    }\n    for (const pattern of this.set) {\n      for (const part of pattern) {\n        if (typeof part !== 'string') return true\n      }\n    }\n    return false\n  }\n\n  debug(..._: any[]) {}\n\n  make() {\n    const pattern = this.pattern\n    const options = this.options\n\n    // empty patterns and comments match nothing.\n    if (!options.nocomment && pattern.charAt(0) === '#') {\n      this.comment = true\n      return\n    }\n\n    if (!pattern) {\n      this.empty = true\n      return\n    }\n\n    // step 1: figure out negation, etc.\n    this.parseNegate()\n\n    // step 2: expand braces\n    this.globSet = [...new Set(this.braceExpand())]\n\n    if (options.debug) {\n      this.debug = (...args: any[]) => console.error(...args)\n    }\n\n    this.debug(this.pattern, this.globSet)\n\n    // step 3: now we have a set, so turn each one into a series of\n    // path-portion matching patterns.\n    // These will be regexps, except in the case of \"**\", which is\n    // set to the GLOBSTAR object for globstar behavior,\n    // and will not contain any / characters\n    //\n    // First, we preprocess to make the glob pattern sets a bit simpler\n    // and deduped.  There are some perf-killing patterns that can cause\n    // problems with a glob walk, but we can simplify them down a bit.\n    const rawGlobParts = this.globSet.map(s => this.slashSplit(s))\n    this.globParts = this.preprocess(rawGlobParts)\n    this.debug(this.pattern, this.globParts)\n\n    // glob --> regexps\n    let set = this.globParts.map((s, _, __) => {\n      if (this.isWindows && this.windowsNoMagicRoot) {\n        // check if it's a drive or unc path.\n        const isUNC =\n          s[0] === '' &&\n          s[1] === '' &&\n          (s[2] === '?' || !globMagic.test(s[2])) &&\n          !globMagic.test(s[3])\n        const isDrive = /^[a-z]:/i.test(s[0])\n        if (isUNC) {\n          return [...s.slice(0, 4), ...s.slice(4).map(ss => this.parse(ss))]\n        } else if (isDrive) {\n          return [s[0], ...s.slice(1).map(ss => this.parse(ss))]\n        }\n      }\n      return s.map(ss => this.parse(ss))\n    })\n\n    this.debug(this.pattern, set)\n\n    // filter out everything that didn't compile properly.\n    this.set = set.filter(\n      s => s.indexOf(false) === -1\n    ) as ParseReturnFiltered[][]\n\n    // do not treat the ? in UNC paths as magic\n    if (this.isWindows) {\n      for (let i = 0; i < this.set.length; i++) {\n        const p = this.set[i]\n        if (\n          p[0] === '' &&\n          p[1] === '' &&\n          this.globParts[i][2] === '?' &&\n          typeof p[3] === 'string' &&\n          /^[a-z]:$/i.test(p[3])\n        ) {\n          p[2] = '?'\n        }\n      }\n    }\n\n    this.debug(this.pattern, this.set)\n  }\n\n  // various transforms to equivalent pattern sets that are\n  // faster to process in a filesystem walk.  The goal is to\n  // eliminate what we can, and push all ** patterns as far\n  // to the right as possible, even if it increases the number\n  // of patterns that we have to process.\n  preprocess(globParts: string[][]) {\n    // if we're not in globstar mode, then turn all ** into *\n    if (this.options.noglobstar) {\n      for (let i = 0; i < globParts.length; i++) {\n        for (let j = 0; j < globParts[i].length; j++) {\n          if (globParts[i][j] === '**') {\n            globParts[i][j] = '*'\n          }\n        }\n      }\n    }\n\n    const { optimizationLevel = 1 } = this.options\n\n    if (optimizationLevel >= 2) {\n      // aggressive optimization for the purpose of fs walking\n      globParts = this.firstPhasePreProcess(globParts)\n      globParts = this.secondPhasePreProcess(globParts)\n    } else if (optimizationLevel >= 1) {\n      // just basic optimizations to remove some .. parts\n      globParts = this.levelOneOptimize(globParts)\n    } else {\n      // just collapse multiple ** portions into one\n      globParts = this.adjascentGlobstarOptimize(globParts)\n    }\n\n    return globParts\n  }\n\n  // just get rid of adjascent ** portions\n  adjascentGlobstarOptimize(globParts: string[][]) {\n    return globParts.map(parts => {\n      let gs: number = -1\n      while (-1 !== (gs = parts.indexOf('**', gs + 1))) {\n        let i = gs\n        while (parts[i + 1] === '**') {\n          i++\n        }\n        if (i !== gs) {\n          parts.splice(gs, i - gs)\n        }\n      }\n      return parts\n    })\n  }\n\n  // get rid of adjascent ** and resolve .. portions\n  levelOneOptimize(globParts: string[][]) {\n    return globParts.map(parts => {\n      parts = parts.reduce((set: string[], part) => {\n        const prev = set[set.length - 1]\n        if (part === '**' && prev === '**') {\n          return set\n        }\n        if (part === '..') {\n          if (prev && prev !== '..' && prev !== '.' && prev !== '**') {\n            set.pop()\n            return set\n          }\n        }\n        set.push(part)\n        return set\n      }, [])\n      return parts.length === 0 ? [''] : parts\n    })\n  }\n\n  levelTwoFileOptimize(parts: string | string[]) {\n    if (!Array.isArray(parts)) {\n      parts = this.slashSplit(parts)\n    }\n    let didSomething: boolean = false\n    do {\n      didSomething = false\n      // <pre>/<e>/<rest> -> <pre>/<rest>\n      if (!this.preserveMultipleSlashes) {\n        for (let i = 1; i < parts.length - 1; i++) {\n          const p = parts[i]\n          // don't squeeze out UNC patterns\n          if (i === 1 && p === '' && parts[0] === '') continue\n          if (p === '.' || p === '') {\n            didSomething = true\n            parts.splice(i, 1)\n            i--\n          }\n        }\n        if (\n          parts[0] === '.' &&\n          parts.length === 2 &&\n          (parts[1] === '.' || parts[1] === '')\n        ) {\n          didSomething = true\n          parts.pop()\n        }\n      }\n\n      // <pre>/<p>/../<rest> -> <pre>/<rest>\n      let dd: number = 0\n      while (-1 !== (dd = parts.indexOf('..', dd + 1))) {\n        const p = parts[dd - 1]\n        if (p && p !== '.' && p !== '..' && p !== '**') {\n          didSomething = true\n          parts.splice(dd - 1, 2)\n          dd -= 2\n        }\n      }\n    } while (didSomething)\n    return parts.length === 0 ? [''] : parts\n  }\n\n  // First phase: single-pattern processing\n  // <pre> is 1 or more portions\n  // <rest> is 1 or more portions\n  // <p> is any portion other than ., .., '', or **\n  // <e> is . or ''\n  //\n  // **/.. is *brutal* for filesystem walking performance, because\n  // it effectively resets the recursive walk each time it occurs,\n  // and ** cannot be reduced out by a .. pattern part like a regexp\n  // or most strings (other than .., ., and '') can be.\n  //\n  // <pre>/**/../<p>/<p>/<rest> -> {<pre>/../<p>/<p>/<rest>,<pre>/**/<p>/<p>/<rest>}\n  // <pre>/<e>/<rest> -> <pre>/<rest>\n  // <pre>/<p>/../<rest> -> <pre>/<rest>\n  // **/**/<rest> -> **/<rest>\n  //\n  // **/*/<rest> -> */**/<rest> <== not valid because ** doesn't follow\n  // this WOULD be allowed if ** did follow symlinks, or * didn't\n  firstPhasePreProcess(globParts: string[][]) {\n    let didSomething = false\n    do {\n      didSomething = false\n      // <pre>/**/../<p>/<p>/<rest> -> {<pre>/../<p>/<p>/<rest>,<pre>/**/<p>/<p>/<rest>}\n      for (let parts of globParts) {\n        let gs: number = -1\n        while (-1 !== (gs = parts.indexOf('**', gs + 1))) {\n          let gss: number = gs\n          while (parts[gss + 1] === '**') {\n            // <pre>/**/**/<rest> -> <pre>/**/<rest>\n            gss++\n          }\n          // eg, if gs is 2 and gss is 4, that means we have 3 **\n          // parts, and can remove 2 of them.\n          if (gss > gs) {\n            parts.splice(gs + 1, gss - gs)\n          }\n\n          let next = parts[gs + 1]\n          const p = parts[gs + 2]\n          const p2 = parts[gs + 3]\n          if (next !== '..') continue\n          if (\n            !p ||\n            p === '.' ||\n            p === '..' ||\n            !p2 ||\n            p2 === '.' ||\n            p2 === '..'\n          ) {\n            continue\n          }\n          didSomething = true\n          // edit parts in place, and push the new one\n          parts.splice(gs, 1)\n          const other = parts.slice(0)\n          other[gs] = '**'\n          globParts.push(other)\n          gs--\n        }\n\n        // <pre>/<e>/<rest> -> <pre>/<rest>\n        if (!this.preserveMultipleSlashes) {\n          for (let i = 1; i < parts.length - 1; i++) {\n            const p = parts[i]\n            // don't squeeze out UNC patterns\n            if (i === 1 && p === '' && parts[0] === '') continue\n            if (p === '.' || p === '') {\n              didSomething = true\n              parts.splice(i, 1)\n              i--\n            }\n          }\n          if (\n            parts[0] === '.' &&\n            parts.length === 2 &&\n            (parts[1] === '.' || parts[1] === '')\n          ) {\n            didSomething = true\n            parts.pop()\n          }\n        }\n\n        // <pre>/<p>/../<rest> -> <pre>/<rest>\n        let dd: number = 0\n        while (-1 !== (dd = parts.indexOf('..', dd + 1))) {\n          const p = parts[dd - 1]\n          if (p && p !== '.' && p !== '..' && p !== '**') {\n            didSomething = true\n            const needDot = dd === 1 && parts[dd + 1] === '**'\n            const splin = needDot ? ['.'] : []\n            parts.splice(dd - 1, 2, ...splin)\n            if (parts.length === 0) parts.push('')\n            dd -= 2\n          }\n        }\n      }\n    } while (didSomething)\n\n    return globParts\n  }\n\n  // second phase: multi-pattern dedupes\n  // {<pre>/*/<rest>,<pre>/<p>/<rest>} -> <pre>/*/<rest>\n  // {<pre>/<rest>,<pre>/<rest>} -> <pre>/<rest>\n  // {<pre>/**/<rest>,<pre>/<rest>} -> <pre>/**/<rest>\n  //\n  // {<pre>/**/<rest>,<pre>/**/<p>/<rest>} -> <pre>/**/<rest>\n  // ^-- not valid because ** doens't follow symlinks\n  secondPhasePreProcess(globParts: string[][]): string[][] {\n    for (let i = 0; i < globParts.length - 1; i++) {\n      for (let j = i + 1; j < globParts.length; j++) {\n        const matched = this.partsMatch(\n          globParts[i],\n          globParts[j],\n          !this.preserveMultipleSlashes\n        )\n        if (matched) {\n          globParts[i] = []\n          globParts[j] = matched\n          break\n        }\n      }\n    }\n    return globParts.filter(gs => gs.length)\n  }\n\n  partsMatch(\n    a: string[],\n    b: string[],\n    emptyGSMatch: boolean = false\n  ): false | string[] {\n    let ai = 0\n    let bi = 0\n    let result: string[] = []\n    let which: string = ''\n    while (ai < a.length && bi < b.length) {\n      if (a[ai] === b[bi]) {\n        result.push(which === 'b' ? b[bi] : a[ai])\n        ai++\n        bi++\n      } else if (emptyGSMatch && a[ai] === '**' && b[bi] === a[ai + 1]) {\n        result.push(a[ai])\n        ai++\n      } else if (emptyGSMatch && b[bi] === '**' && a[ai] === b[bi + 1]) {\n        result.push(b[bi])\n        bi++\n      } else if (\n        a[ai] === '*' &&\n        b[bi] &&\n        (this.options.dot || !b[bi].startsWith('.')) &&\n        b[bi] !== '**'\n      ) {\n        if (which === 'b') return false\n        which = 'a'\n        result.push(a[ai])\n        ai++\n        bi++\n      } else if (\n        b[bi] === '*' &&\n        a[ai] &&\n        (this.options.dot || !a[ai].startsWith('.')) &&\n        a[ai] !== '**'\n      ) {\n        if (which === 'a') return false\n        which = 'b'\n        result.push(b[bi])\n        ai++\n        bi++\n      } else {\n        return false\n      }\n    }\n    // if we fall out of the loop, it means they two are identical\n    // as long as their lengths match\n    return a.length === b.length && result\n  }\n\n  parseNegate() {\n    if (this.nonegate) return\n\n    const pattern = this.pattern\n    let negate = false\n    let negateOffset = 0\n\n    for (let i = 0; i < pattern.length && pattern.charAt(i) === '!'; i++) {\n      negate = !negate\n      negateOffset++\n    }\n\n    if (negateOffset) this.pattern = pattern.slice(negateOffset)\n    this.negate = negate\n  }\n\n  // set partial to true to test if, for example,\n  // \"/a/b\" matches the start of \"/*/b/*/d\"\n  // Partial means, if you run out of file before you run\n  // out of pattern, then that's fine, as long as all\n  // the parts match.\n  matchOne(file: string[], pattern: ParseReturn[], partial: boolean = false) {\n    const options = this.options\n\n    // UNC paths like //?/X:/... can match X:/... and vice versa\n    // Drive letters in absolute drive or unc paths are always compared\n    // case-insensitively.\n    if (this.isWindows) {\n      const fileDrive = typeof file[0] === 'string' && /^[a-z]:$/i.test(file[0])\n      const fileUNC =\n        !fileDrive &&\n        file[0] === '' &&\n        file[1] === '' &&\n        file[2] === '?' &&\n        /^[a-z]:$/i.test(file[3])\n\n      const patternDrive =\n        typeof pattern[0] === 'string' && /^[a-z]:$/i.test(pattern[0])\n      const patternUNC =\n        !patternDrive &&\n        pattern[0] === '' &&\n        pattern[1] === '' &&\n        pattern[2] === '?' &&\n        typeof pattern[3] === 'string' &&\n        /^[a-z]:$/i.test(pattern[3])\n\n      const fdi = fileUNC ? 3 : fileDrive ? 0 : undefined\n      const pdi = patternUNC ? 3 : patternDrive ? 0 : undefined\n      if (typeof fdi === 'number' && typeof pdi === 'number') {\n        const [fd, pd]: [string, string] = [file[fdi], pattern[pdi] as string]\n        if (fd.toLowerCase() === pd.toLowerCase()) {\n          pattern[pdi] = fd\n          if (pdi > fdi) {\n            pattern = pattern.slice(pdi)\n          } else if (fdi > pdi) {\n            file = file.slice(fdi)\n          }\n        }\n      }\n    }\n\n    // resolve and reduce . and .. portions in the file as well.\n    // dont' need to do the second phase, because it's only one string[]\n    const { optimizationLevel = 1 } = this.options\n    if (optimizationLevel >= 2) {\n      file = this.levelTwoFileOptimize(file)\n    }\n\n    this.debug('matchOne', this, { file, pattern })\n    this.debug('matchOne', file.length, pattern.length)\n\n    for (\n      var fi = 0, pi = 0, fl = file.length, pl = pattern.length;\n      fi < fl && pi < pl;\n      fi++, pi++\n    ) {\n      this.debug('matchOne loop')\n      var p = pattern[pi]\n      var f = file[fi]\n\n      this.debug(pattern, p, f)\n\n      // should be impossible.\n      // some invalid regexp stuff in the set.\n      /* c8 ignore start */\n      if (p === false) {\n        return false\n      }\n      /* c8 ignore stop */\n\n      if (p === GLOBSTAR) {\n        this.debug('GLOBSTAR', [pattern, p, f])\n\n        // \"**\"\n        // a/**/b/**/c would match the following:\n        // a/b/x/y/z/c\n        // a/x/y/z/b/c\n        // a/b/x/b/x/c\n        // a/b/c\n        // To do this, take the rest of the pattern after\n        // the **, and see if it would match the file remainder.\n        // If so, return success.\n        // If not, the ** \"swallows\" a segment, and try again.\n        // This is recursively awful.\n        //\n        // a/**/b/**/c matching a/b/x/y/z/c\n        // - a matches a\n        // - doublestar\n        //   - matchOne(b/x/y/z/c, b/**/c)\n        //     - b matches b\n        //     - doublestar\n        //       - matchOne(x/y/z/c, c) -> no\n        //       - matchOne(y/z/c, c) -> no\n        //       - matchOne(z/c, c) -> no\n        //       - matchOne(c, c) yes, hit\n        var fr = fi\n        var pr = pi + 1\n        if (pr === pl) {\n          this.debug('** at the end')\n          // a ** at the end will just swallow the rest.\n          // We have found a match.\n          // however, it will not swallow /.x, unless\n          // options.dot is set.\n          // . and .. are *never* matched by **, for explosively\n          // exponential reasons.\n          for (; fi < fl; fi++) {\n            if (\n              file[fi] === '.' ||\n              file[fi] === '..' ||\n              (!options.dot && file[fi].charAt(0) === '.')\n            )\n              return false\n          }\n          return true\n        }\n\n        // ok, let's see if we can swallow whatever we can.\n        while (fr < fl) {\n          var swallowee = file[fr]\n\n          this.debug('\\nglobstar while', file, fr, pattern, pr, swallowee)\n\n          // XXX remove this slice.  Just pass the start index.\n          if (this.matchOne(file.slice(fr), pattern.slice(pr), partial)) {\n            this.debug('globstar found match!', fr, fl, swallowee)\n            // found a match.\n            return true\n          } else {\n            // can't swallow \".\" or \"..\" ever.\n            // can only swallow \".foo\" when explicitly asked.\n            if (\n              swallowee === '.' ||\n              swallowee === '..' ||\n              (!options.dot && swallowee.charAt(0) === '.')\n            ) {\n              this.debug('dot detected!', file, fr, pattern, pr)\n              break\n            }\n\n            // ** swallows a segment, and continue.\n            this.debug('globstar swallow a segment, and continue')\n            fr++\n          }\n        }\n\n        // no match was found.\n        // However, in partial mode, we can't say this is necessarily over.\n        /* c8 ignore start */\n        if (partial) {\n          // ran out of file\n          this.debug('\\n>>> no match, partial?', file, fr, pattern, pr)\n          if (fr === fl) {\n            return true\n          }\n        }\n        /* c8 ignore stop */\n        return false\n      }\n\n      // something other than **\n      // non-magic patterns just have to match exactly\n      // patterns with magic have been turned into regexps.\n      let hit: boolean\n      if (typeof p === 'string') {\n        hit = f === p\n        this.debug('string match', p, f, hit)\n      } else {\n        hit = p.test(f)\n        this.debug('pattern match', p, f, hit)\n      }\n\n      if (!hit) return false\n    }\n\n    // Note: ending in / means that we'll get a final \"\"\n    // at the end of the pattern.  This can only match a\n    // corresponding \"\" at the end of the file.\n    // If the file ends in /, then it can only match a\n    // a pattern that ends in /, unless the pattern just\n    // doesn't have any more for it. But, a/b/ should *not*\n    // match \"a/b/*\", even though \"\" matches against the\n    // [^/]*? pattern, except in partial mode, where it might\n    // simply not be reached yet.\n    // However, a/b/ should still satisfy a/*\n\n    // now either we fell off the end of the pattern, or we're done.\n    if (fi === fl && pi === pl) {\n      // ran out of pattern and filename at the same time.\n      // an exact hit!\n      return true\n    } else if (fi === fl) {\n      // ran out of file, but still had pattern left.\n      // this is ok if we're doing the match as part of\n      // a glob fs traversal.\n      return partial\n    } else if (pi === pl) {\n      // ran out of pattern, still have file left.\n      // this is only acceptable if we're on the very last\n      // empty segment of a file with a trailing slash.\n      // a/* should match a/b/\n      return fi === fl - 1 && file[fi] === ''\n\n      /* c8 ignore start */\n    } else {\n      // should be unreachable.\n      throw new Error('wtf?')\n    }\n    /* c8 ignore stop */\n  }\n\n  braceExpand() {\n    return braceExpand(this.pattern, this.options)\n  }\n\n  parse(pattern: string): ParseReturn {\n    assertValidPattern(pattern)\n\n    const options = this.options\n\n    // shortcuts\n    if (pattern === '**') return GLOBSTAR\n    if (pattern === '') return ''\n\n    // far and away, the most common glob pattern parts are\n    // *, *.*, and *.<ext>  Add a fast check method for those.\n    let m: RegExpMatchArray | null\n    let fastTest: null | ((f: string) => boolean) = null\n    if ((m = pattern.match(starRE))) {\n      fastTest = options.dot ? starTestDot : starTest\n    } else if ((m = pattern.match(starDotExtRE))) {\n      fastTest = (\n        options.nocase\n          ? options.dot\n            ? starDotExtTestNocaseDot\n            : starDotExtTestNocase\n          : options.dot\n          ? starDotExtTestDot\n          : starDotExtTest\n      )(m[1])\n    } else if ((m = pattern.match(qmarksRE))) {\n      fastTest = (\n        options.nocase\n          ? options.dot\n            ? qmarksTestNocaseDot\n            : qmarksTestNocase\n          : options.dot\n          ? qmarksTestDot\n          : qmarksTest\n      )(m)\n    } else if ((m = pattern.match(starDotStarRE))) {\n      fastTest = options.dot ? starDotStarTestDot : starDotStarTest\n    } else if ((m = pattern.match(dotStarRE))) {\n      fastTest = dotStarTest\n    }\n\n    const re = AST.fromGlob(pattern, this.options).toMMPattern()\n    if (fastTest && typeof re === 'object') {\n      // Avoids overriding in frozen environments\n      Reflect.defineProperty(re, 'test', { value: fastTest })\n    }\n    return re\n  }\n\n  makeRe() {\n    if (this.regexp || this.regexp === false) return this.regexp\n\n    // at this point, this.set is a 2d array of partial\n    // pattern strings, or \"**\".\n    //\n    // It's better to use .match().  This function shouldn't\n    // be used, really, but it's pretty convenient sometimes,\n    // when you just want to work with a regex.\n    const set = this.set\n\n    if (!set.length) {\n      this.regexp = false\n      return this.regexp\n    }\n    const options = this.options\n\n    const twoStar = options.noglobstar\n      ? star\n      : options.dot\n      ? twoStarDot\n      : twoStarNoDot\n    const flags = new Set(options.nocase ? ['i'] : [])\n\n    // regexpify non-globstar patterns\n    // if ** is only item, then we just do one twoStar\n    // if ** is first, and there are more, prepend (\\/|twoStar\\/)? to next\n    // if ** is last, append (\\/twoStar|) to previous\n    // if ** is in the middle, append (\\/|\\/twoStar\\/) to previous\n    // then filter out GLOBSTAR symbols\n    let re = set\n      .map(pattern => {\n        const pp: (string | typeof GLOBSTAR)[] = pattern.map(p => {\n          if (p instanceof RegExp) {\n            for (const f of p.flags.split('')) flags.add(f)\n          }\n          return typeof p === 'string'\n            ? regExpEscape(p)\n            : p === GLOBSTAR\n            ? GLOBSTAR\n            : p._src\n        }) as (string | typeof GLOBSTAR)[]\n        pp.forEach((p, i) => {\n          const next = pp[i + 1]\n          const prev = pp[i - 1]\n          if (p !== GLOBSTAR || prev === GLOBSTAR) {\n            return\n          }\n          if (prev === undefined) {\n            if (next !== undefined && next !== GLOBSTAR) {\n              pp[i + 1] = '(?:\\\\/|' + twoStar + '\\\\/)?' + next\n            } else {\n              pp[i] = twoStar\n            }\n          } else if (next === undefined) {\n            pp[i - 1] = prev + '(?:\\\\/|' + twoStar + ')?'\n          } else if (next !== GLOBSTAR) {\n            pp[i - 1] = prev + '(?:\\\\/|\\\\/' + twoStar + '\\\\/)' + next\n            pp[i + 1] = GLOBSTAR\n          }\n        })\n        return pp.filter(p => p !== GLOBSTAR).join('/')\n      })\n      .join('|')\n\n    // need to wrap in parens if we had more than one thing with |,\n    // otherwise only the first will be anchored to ^ and the last to $\n    const [open, close] = set.length > 1 ? ['(?:', ')'] : ['', '']\n    // must match entire pattern\n    // ending in a * or ** will make it less strict.\n    re = '^' + open + re + close + '$'\n\n    // can match anything, as long as it's not this.\n    if (this.negate) re = '^(?!' + re + ').+$'\n\n    try {\n      this.regexp = new RegExp(re, [...flags].join(''))\n      /* c8 ignore start */\n    } catch (ex) {\n      // should be impossible\n      this.regexp = false\n    }\n    /* c8 ignore stop */\n    return this.regexp\n  }\n\n  slashSplit(p: string) {\n    // if p starts with // on windows, we preserve that\n    // so that UNC paths aren't broken.  Otherwise, any number of\n    // / characters are coalesced into one, unless\n    // preserveMultipleSlashes is set to true.\n    if (this.preserveMultipleSlashes) {\n      return p.split('/')\n    } else if (this.isWindows && /^\\/\\/[^\\/]+/.test(p)) {\n      // add an extra '' for the one we lose\n      return ['', ...p.split(/\\/+/)]\n    } else {\n      return p.split(/\\/+/)\n    }\n  }\n\n  match(f: string, partial = this.partial) {\n    this.debug('match', f, this.pattern)\n    // short-circuit in the case of busted things.\n    // comments, etc.\n    if (this.comment) {\n      return false\n    }\n    if (this.empty) {\n      return f === ''\n    }\n\n    if (f === '/' && partial) {\n      return true\n    }\n\n    const options = this.options\n\n    // windows: need to use /, not \\\n    if (this.isWindows) {\n      f = f.split('\\\\').join('/')\n    }\n\n    // treat the test path as a set of pathparts.\n    const ff = this.slashSplit(f)\n    this.debug(this.pattern, 'split', ff)\n\n    // just ONE of the pattern sets in this.set needs to match\n    // in order for it to be valid.  If negating, then just one\n    // match means that we have failed.\n    // Either way, return on the first hit.\n\n    const set = this.set\n    this.debug(this.pattern, 'set', set)\n\n    // Find the basename of the path by looking for the last non-empty segment\n    let filename: string = ff[ff.length - 1]\n    if (!filename) {\n      for (let i = ff.length - 2; !filename && i >= 0; i--) {\n        filename = ff[i]\n      }\n    }\n\n    for (let i = 0; i < set.length; i++) {\n      const pattern = set[i]\n      let file = ff\n      if (options.matchBase && pattern.length === 1) {\n        file = [filename]\n      }\n      const hit = this.matchOne(file, pattern, partial)\n      if (hit) {\n        if (options.flipNegate) {\n          return true\n        }\n        return !this.negate\n      }\n    }\n\n    // didn't get any hits.  this is success if it's a negative\n    // pattern, failure otherwise.\n    if (options.flipNegate) {\n      return false\n    }\n    return this.negate\n  }\n\n  static defaults(def: MinimatchOptions) {\n    return minimatch.defaults(def).Minimatch\n  }\n}\n/* c8 ignore start */\nexport { AST } from './ast.js'\nexport { escape } from './escape.js'\nexport { unescape } from './unescape.js'\n/* c8 ignore stop */\nminimatch.AST = AST\nminimatch.Minimatch = Minimatch\nminimatch.escape = escape\nminimatch.unescape = unescape\n"]}
\ No newline at end of file
diff --git a/deps/minimatch/dist/esm/index.js b/deps/minimatch/dist/esm/index.js
index 84b577b0472cb6..790d6c02a2f22e 100644
--- a/deps/minimatch/dist/esm/index.js
+++ b/deps/minimatch/dist/esm/index.js
@@ -1,4 +1,4 @@
-import expand from 'brace-expansion';
+import { expand } from '@isaacs/brace-expansion';
 import { assertValidPattern } from './assert-valid-pattern.js';
 import { AST } from './ast.js';
 import { escape } from './escape.js';
diff --git a/deps/minimatch/dist/esm/index.js.map b/deps/minimatch/dist/esm/index.js.map
index 2ba6134de89c10..42173930f3ef10 100644
--- a/deps/minimatch/dist/esm/index.js.map
+++ b/deps/minimatch/dist/esm/index.js.map
@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,iBAAiB,CAAA;AACpC,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAC9D,OAAO,EAAE,GAAG,EAAe,MAAM,UAAU,CAAA;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AAsCxC,MAAM,CAAC,MAAM,SAAS,GAAG,CACvB,CAAS,EACT,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,kBAAkB,CAAC,OAAO,CAAC,CAAA;IAE3B,oCAAoC;IACpC,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;QACpD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;AACjD,CAAC,CAAA;AAED,wDAAwD;AACxD,MAAM,YAAY,GAAG,uBAAuB,CAAA;AAC5C,MAAM,cAAc,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,CAAS,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACvC,MAAM,iBAAiB,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACzE,MAAM,oBAAoB,GAAG,CAAC,GAAW,EAAE,EAAE;IAC3C,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC3E,CAAC,CAAA;AACD,MAAM,uBAAuB,GAAG,CAAC,GAAW,EAAE,EAAE;IAC9C,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACrD,CAAC,CAAA;AACD,MAAM,aAAa,GAAG,YAAY,CAAA;AAClC,MAAM,eAAe,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC5E,MAAM,kBAAkB,GAAG,CAAC,CAAS,EAAE,EAAE,CACvC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC5C,MAAM,SAAS,GAAG,SAAS,CAAA;AAC3B,MAAM,WAAW,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AAC/E,MAAM,MAAM,GAAG,OAAO,CAAA;AACtB,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AACpE,MAAM,WAAW,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,CAAA;AAC5E,MAAM,QAAQ,GAAG,wBAAwB,CAAA;AACzC,MAAM,gBAAgB,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IAC5D,MAAM,KAAK,GAAG,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACnC,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAA;IACtB,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACjE,CAAC,CAAA;AACD,MAAM,mBAAmB,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IAC/D,MAAM,KAAK,GAAG,kBAAkB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACtC,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAA;IACtB,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACjE,CAAC,CAAA;AACD,MAAM,aAAa,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IACzD,MAAM,KAAK,GAAG,kBAAkB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACtC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAClE,CAAC,CAAA;AACD,MAAM,UAAU,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IACtD,MAAM,KAAK,GAAG,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACnC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAClE,CAAC,CAAA;AACD,MAAM,eAAe,GAAG,CAAC,CAAC,EAAE,CAAmB,EAAE,EAAE;IACjD,MAAM,GAAG,GAAG,EAAE,CAAC,MAAM,CAAA;IACrB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AAC9D,CAAC,CAAA;AACD,MAAM,kBAAkB,GAAG,CAAC,CAAC,EAAE,CAAmB,EAAE,EAAE;IACpD,MAAM,GAAG,GAAG,EAAE,CAAC,MAAM,CAAA;IACrB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,CAAA;AACnE,CAAC,CAAA;AAED,qBAAqB;AACrB,MAAM,eAAe,GAAa,CAChC,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO;IACpC,CAAC,CAAC,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAC9B,OAAO,CAAC,GAAG;QACX,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC;QAC7C,OAAO,CAAC,QAAQ;IAClB,CAAC,CAAC,OAAO,CACA,CAAA;AAEb,MAAM,IAAI,GAAkC;IAC1C,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;IACpB,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE;CACpB,CAAA;AACD,oBAAoB;AAEpB,MAAM,CAAC,MAAM,GAAG,GAAG,eAAe,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAA;AAChF,SAAS,CAAC,GAAG,GAAG,GAAG,CAAA;AAEnB,MAAM,CAAC,MAAM,QAAQ,GAAG,MAAM,CAAC,aAAa,CAAC,CAAA;AAC7C,SAAS,CAAC,QAAQ,GAAG,QAAQ,CAAA;AAE7B,gCAAgC;AAChC,iDAAiD;AACjD,MAAM,KAAK,GAAG,MAAM,CAAA;AAEpB,gCAAgC;AAChC,MAAM,IAAI,GAAG,KAAK,GAAG,IAAI,CAAA;AAEzB,4DAA4D;AAC5D,+DAA+D;AAC/D,6CAA6C;AAC7C,MAAM,UAAU,GAAG,yCAAyC,CAAA;AAE5D,kCAAkC;AAClC,6CAA6C;AAC7C,MAAM,YAAY,GAAG,yBAAyB,CAAA;AAE9C,MAAM,CAAC,MAAM,MAAM,GACjB,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACpD,CAAC,CAAS,EAAE,EAAE,CACZ,SAAS,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;AAClC,SAAS,CAAC,MAAM,GAAG,MAAM,CAAA;AAEzB,MAAM,GAAG,GAAG,CAAC,CAAmB,EAAE,IAAsB,EAAE,EAAE,EAAE,CAC5D,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;AAEzB,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,GAAqB,EAAoB,EAAE;IAClE,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;QAChE,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,MAAM,IAAI,GAAG,SAAS,CAAA;IAEtB,MAAM,CAAC,GAAG,CAAC,CAAS,EAAE,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACvE,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;IAErC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE;QACtB,SAAS,EAAE,MAAM,SAAU,SAAQ,IAAI,CAAC,SAAS;YAC/C,YAAY,OAAe,EAAE,UAA4B,EAAE;gBACzD,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACnC,CAAC;YACD,MAAM,CAAC,QAAQ,CAAC,OAAyB;gBACvC,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;YACnD,CAAC;SACF;QAED,GAAG,EAAE,MAAM,GAAI,SAAQ,IAAI,CAAC,GAAG;YAC7B,qBAAqB;YACrB,YACE,IAAwB,EACxB,MAAY,EACZ,UAA4B,EAAE;gBAE9B,KAAK,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACxC,CAAC;YACD,oBAAoB;YAEpB,MAAM,CAAC,QAAQ,CAAC,OAAe,EAAE,UAA4B,EAAE;gBAC7D,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACtD,CAAC;SACF;QAED,QAAQ,EAAE,CACR,CAAS,EACT,UAA0D,EAAE,EAC5D,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAExC,MAAM,EAAE,CACN,CAAS,EACT,UAA0D,EAAE,EAC5D,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEtC,MAAM,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC1D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzC,QAAQ,EAAE,CAAC,OAAyB,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzE,MAAM,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC1D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzC,WAAW,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC/D,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE9C,KAAK,EAAE,CAAC,IAAc,EAAE,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACzE,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE9C,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,QAAQ,EAAE,QAA2B;KACtC,CAAC,CAAA;AACJ,CAAC,CAAA;AACD,SAAS,CAAC,QAAQ,GAAG,QAAQ,CAAA;AAE7B,mBAAmB;AACnB,qBAAqB;AACrB,mBAAmB;AACnB,8BAA8B;AAC9B,mCAAmC;AACnC,2CAA2C;AAC3C,EAAE;AACF,iCAAiC;AACjC,qBAAqB;AACrB,iBAAiB;AACjB,MAAM,CAAC,MAAM,WAAW,GAAG,CACzB,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,kBAAkB,CAAC,OAAO,CAAC,CAAA;IAE3B,wDAAwD;IACxD,wDAAwD;IACxD,IAAI,OAAO,CAAC,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACzD,+BAA+B;QAC/B,OAAO,CAAC,OAAO,CAAC,CAAA;IAClB,CAAC;IAED,OAAO,MAAM,CAAC,OAAO,CAAC,CAAA;AACxB,CAAC,CAAA;AACD,SAAS,CAAC,WAAW,GAAG,WAAW,CAAA;AAEnC,yCAAyC;AACzC,kDAAkD;AAClD,oEAAoE;AACpE,oEAAoE;AACpE,6DAA6D;AAC7D,kEAAkE;AAClE,EAAE;AACF,0EAA0E;AAC1E,wEAAwE;AACxE,qEAAqE;AACrE,8DAA8D;AAE9D,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACxE,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,MAAM,EAAE,CAAA;AAC1C,SAAS,CAAC,MAAM,GAAG,MAAM,CAAA;AAEzB,MAAM,CAAC,MAAM,KAAK,GAAG,CACnB,IAAc,EACd,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,MAAM,EAAE,GAAG,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IAC1C,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACpC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACtC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACpB,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AACD,SAAS,CAAC,KAAK,GAAG,KAAK,CAAA;AAEvB,+BAA+B;AAC/B,MAAM,SAAS,GAAG,yBAAyB,CAAA;AAC3C,MAAM,YAAY,GAAG,CAAC,CAAS,EAAE,EAAE,CACjC,CAAC,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,CAAA;AAU/C,MAAM,OAAO,SAAS;IACpB,OAAO,CAAkB;IACzB,GAAG,CAAyB;IAC5B,OAAO,CAAQ;IAEf,oBAAoB,CAAS;IAC7B,QAAQ,CAAS;IACjB,MAAM,CAAS;IACf,OAAO,CAAS;IAChB,KAAK,CAAS;IACd,uBAAuB,CAAS;IAChC,OAAO,CAAS;IAChB,OAAO,CAAU;IACjB,SAAS,CAAY;IACrB,MAAM,CAAS;IAEf,SAAS,CAAS;IAClB,QAAQ,CAAU;IAClB,kBAAkB,CAAS;IAE3B,MAAM,CAAyB;IAC/B,YAAY,OAAe,EAAE,UAA4B,EAAE;QACzD,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAE3B,OAAO,GAAG,OAAO,IAAI,EAAE,CAAA;QACvB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAA;QACnD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAA;QAC1C,IAAI,CAAC,oBAAoB;YACvB,CAAC,CAAC,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC,kBAAkB,KAAK,KAAK,CAAA;QACxE,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC9B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QACjD,CAAC;QACD,IAAI,CAAC,uBAAuB,GAAG,CAAC,CAAC,OAAO,CAAC,uBAAuB,CAAA;QAChE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAA;QAClB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACnB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAA;QAClC,IAAI,CAAC,OAAO,GAAG,KAAK,CAAA;QACpB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;QAChC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAA;QACnC,IAAI,CAAC,kBAAkB;YACrB,OAAO,CAAC,kBAAkB,KAAK,SAAS;gBACtC,CAAC,CAAC,OAAO,CAAC,kBAAkB;gBAC5B,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,CAAA;QAEvC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAA;QACjB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;QACnB,IAAI,CAAC,GAAG,GAAG,EAAE,CAAA;QAEb,+BAA+B;QAC/B,IAAI,CAAC,IAAI,EAAE,CAAA;IACb,CAAC;IAED,QAAQ;QACN,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtD,OAAO,IAAI,CAAA;QACb,CAAC;QACD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;YAC/B,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;gBAC3B,IAAI,OAAO,IAAI,KAAK,QAAQ;oBAAE,OAAO,IAAI,CAAA;YAC3C,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,KAAK,CAAC,GAAG,CAAQ,IAAG,CAAC;IAErB,IAAI;QACF,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,6CAA6C;QAC7C,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACpD,IAAI,CAAC,OAAO,GAAG,IAAI,CAAA;YACnB,OAAM;QACR,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,CAAC,KAAK,GAAG,IAAI,CAAA;YACjB,OAAM;QACR,CAAC;QAED,oCAAoC;QACpC,IAAI,CAAC,WAAW,EAAE,CAAA;QAElB,wBAAwB;QACxB,IAAI,CAAC,OAAO,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAA;QAE/C,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,IAAI,CAAC,KAAK,GAAG,CAAC,GAAG,IAAW,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAA;QACzD,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QAEtC,+DAA+D;QAC/D,kCAAkC;QAClC,8DAA8D;QAC9D,oDAAoD;QACpD,wCAAwC;QACxC,EAAE;QACF,mEAAmE;QACnE,oEAAoE;QACpE,kEAAkE;QAClE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAA;QAC9D,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAA;QAC9C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;QAExC,mBAAmB;QACnB,IAAI,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE;YACxC,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC9C,qCAAqC;gBACrC,MAAM,KAAK,GACT,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBACvC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBACvB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBACrC,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACpE,CAAC;qBAAM,IAAI,OAAO,EAAE,CAAC;oBACnB,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACxD,CAAC;YACH,CAAC;YACD,OAAO,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAA;QACpC,CAAC,CAAC,CAAA;QAEF,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;QAE7B,sDAAsD;QACtD,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,MAAM,CACnB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CACF,CAAA;QAE5B,2CAA2C;QAC3C,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACzC,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;gBACrB,IACE,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG;oBAC5B,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,QAAQ;oBACxB,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EACtB,CAAC;oBACD,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAA;gBACZ,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACpC,CAAC;IAED,yDAAyD;IACzD,0DAA0D;IAC1D,yDAAyD;IACzD,4DAA4D;IAC5D,uCAAuC;IACvC,UAAU,CAAC,SAAqB;QAC9B,yDAAyD;QACzD,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC7C,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC7B,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAA;oBACvB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,EAAE,iBAAiB,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAA;QAE9C,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAC3B,wDAAwD;YACxD,SAAS,GAAG,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAA;YAChD,SAAS,GAAG,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAA;QACnD,CAAC;aAAM,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAClC,mDAAmD;YACnD,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAA;QAC9C,CAAC;aAAM,CAAC;YACN,8CAA8C;YAC9C,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;QACvD,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,wCAAwC;IACxC,yBAAyB,CAAC,SAAqB;QAC7C,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YAC3B,IAAI,EAAE,GAAW,CAAC,CAAC,CAAA;YACnB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,IAAI,CAAC,GAAG,EAAE,CAAA;gBACV,OAAO,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC7B,CAAC,EAAE,CAAA;gBACL,CAAC;gBACD,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;oBACb,KAAK,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAA;gBAC1B,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAA;QACd,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,kDAAkD;IAClD,gBAAgB,CAAC,SAAqB;QACpC,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YAC3B,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,GAAa,EAAE,IAAI,EAAE,EAAE;gBAC3C,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;gBAChC,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBACnC,OAAO,GAAG,CAAA;gBACZ,CAAC;gBACD,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBAClB,IAAI,IAAI,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;wBAC3D,GAAG,CAAC,GAAG,EAAE,CAAA;wBACT,OAAO,GAAG,CAAA;oBACZ,CAAC;gBACH,CAAC;gBACD,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBACd,OAAO,GAAG,CAAA;YACZ,CAAC,EAAE,EAAE,CAAC,CAAA;YACN,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QAC1C,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,oBAAoB,CAAC,KAAwB;QAC3C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1B,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;QAChC,CAAC;QACD,IAAI,YAAY,GAAY,KAAK,CAAA;QACjC,GAAG,CAAC;YACF,YAAY,GAAG,KAAK,CAAA;YACpB,mCAAmC;YACnC,IAAI,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC;gBAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC1C,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;oBAClB,iCAAiC;oBACjC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE;wBAAE,SAAQ;oBACpD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;wBAC1B,YAAY,GAAG,IAAI,CAAA;wBACnB,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;wBAClB,CAAC,EAAE,CAAA;oBACL,CAAC;gBACH,CAAC;gBACD,IACE,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;oBAChB,KAAK,CAAC,MAAM,KAAK,CAAC;oBAClB,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,EACrC,CAAC;oBACD,YAAY,GAAG,IAAI,CAAA;oBACnB,KAAK,CAAC,GAAG,EAAE,CAAA;gBACb,CAAC;YACH,CAAC;YAED,sCAAsC;YACtC,IAAI,EAAE,GAAW,CAAC,CAAA;YAClB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;gBACvB,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC/C,YAAY,GAAG,IAAI,CAAA;oBACnB,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;oBACvB,EAAE,IAAI,CAAC,CAAA;gBACT,CAAC;YACH,CAAC;QACH,CAAC,QAAQ,YAAY,EAAC;QACtB,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC1C,CAAC;IAED,yCAAyC;IACzC,8BAA8B;IAC9B,+BAA+B;IAC/B,iDAAiD;IACjD,iBAAiB;IACjB,EAAE;IACF,gEAAgE;IAChE,gEAAgE;IAChE,kEAAkE;IAClE,qDAAqD;IACrD,EAAE;IACF,kFAAkF;IAClF,mCAAmC;IACnC,sCAAsC;IACtC,4BAA4B;IAC5B,EAAE;IACF,qEAAqE;IACrE,+DAA+D;IAC/D,oBAAoB,CAAC,SAAqB;QACxC,IAAI,YAAY,GAAG,KAAK,CAAA;QACxB,GAAG,CAAC;YACF,YAAY,GAAG,KAAK,CAAA;YACpB,kFAAkF;YAClF,KAAK,IAAI,KAAK,IAAI,SAAS,EAAE,CAAC;gBAC5B,IAAI,EAAE,GAAW,CAAC,CAAC,CAAA;gBACnB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBACjD,IAAI,GAAG,GAAW,EAAE,CAAA;oBACpB,OAAO,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC/B,wCAAwC;wBACxC,GAAG,EAAE,CAAA;oBACP,CAAC;oBACD,uDAAuD;oBACvD,mCAAmC;oBACnC,IAAI,GAAG,GAAG,EAAE,EAAE,CAAC;wBACb,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,CAAA;oBAChC,CAAC;oBAED,IAAI,IAAI,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACxB,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACvB,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACxB,IAAI,IAAI,KAAK,IAAI;wBAAE,SAAQ;oBAC3B,IACE,CAAC,CAAC;wBACF,CAAC,KAAK,GAAG;wBACT,CAAC,KAAK,IAAI;wBACV,CAAC,EAAE;wBACH,EAAE,KAAK,GAAG;wBACV,EAAE,KAAK,IAAI,EACX,CAAC;wBACD,SAAQ;oBACV,CAAC;oBACD,YAAY,GAAG,IAAI,CAAA;oBACnB,4CAA4C;oBAC5C,KAAK,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC,CAAA;oBACnB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;oBAC5B,KAAK,CAAC,EAAE,CAAC,GAAG,IAAI,CAAA;oBAChB,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;oBACrB,EAAE,EAAE,CAAA;gBACN,CAAC;gBAED,mCAAmC;gBACnC,IAAI,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC;oBAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;wBAC1C,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;wBAClB,iCAAiC;wBACjC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE;4BAAE,SAAQ;wBACpD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;4BAC1B,YAAY,GAAG,IAAI,CAAA;4BACnB,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;4BAClB,CAAC,EAAE,CAAA;wBACL,CAAC;oBACH,CAAC;oBACD,IACE,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;wBAChB,KAAK,CAAC,MAAM,KAAK,CAAC;wBAClB,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,EACrC,CAAC;wBACD,YAAY,GAAG,IAAI,CAAA;wBACnB,KAAK,CAAC,GAAG,EAAE,CAAA;oBACb,CAAC;gBACH,CAAC;gBAED,sCAAsC;gBACtC,IAAI,EAAE,GAAW,CAAC,CAAA;gBAClB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBACjD,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACvB,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC/C,YAAY,GAAG,IAAI,CAAA;wBACnB,MAAM,OAAO,GAAG,EAAE,KAAK,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,IAAI,CAAA;wBAClD,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;wBAClC,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,CAAA;wBACjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;4BAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;wBACtC,EAAE,IAAI,CAAC,CAAA;oBACT,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,QAAQ,YAAY,EAAC;QAEtB,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,sCAAsC;IACtC,sDAAsD;IACtD,8CAA8C;IAC9C,oDAAoD;IACpD,EAAE;IACF,2DAA2D;IAC3D,mDAAmD;IACnD,qBAAqB,CAAC,SAAqB;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAC7B,SAAS,CAAC,CAAC,CAAC,EACZ,SAAS,CAAC,CAAC,CAAC,EACZ,CAAC,IAAI,CAAC,uBAAuB,CAC9B,CAAA;gBACD,IAAI,OAAO,EAAE,CAAC;oBACZ,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAA;oBACjB,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAA;oBACtB,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,CAAA;IAC1C,CAAC;IAED,UAAU,CACR,CAAW,EACX,CAAW,EACX,eAAwB,KAAK;QAE7B,IAAI,EAAE,GAAG,CAAC,CAAA;QACV,IAAI,EAAE,GAAG,CAAC,CAAA;QACV,IAAI,MAAM,GAAa,EAAE,CAAA;QACzB,IAAI,KAAK,GAAW,EAAE,CAAA;QACtB,OAAO,EAAE,GAAG,CAAC,CAAC,MAAM,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;YACtC,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;gBACpB,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAC1C,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IAAI,YAAY,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;gBACjE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IAAI,YAAY,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;gBACjE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IACL,CAAC,CAAC,EAAE,CAAC,KAAK,GAAG;gBACb,CAAC,CAAC,EAAE,CAAC;gBACL,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,EACd,CAAC;gBACD,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,KAAK,CAAA;gBAC/B,KAAK,GAAG,GAAG,CAAA;gBACX,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IACL,CAAC,CAAC,EAAE,CAAC,KAAK,GAAG;gBACb,CAAC,CAAC,EAAE,CAAC;gBACL,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,EACd,CAAC;gBACD,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,KAAK,CAAA;gBAC/B,KAAK,GAAG,GAAG,CAAA;gBACX,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,CAAC;gBACN,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;QACD,8DAA8D;QAC9D,iCAAiC;QACjC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,MAAM,CAAA;IACxC,CAAC;IAED,WAAW;QACT,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAM;QAEzB,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,IAAI,MAAM,GAAG,KAAK,CAAA;QAClB,IAAI,YAAY,GAAG,CAAC,CAAA;QAEpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YACrE,MAAM,GAAG,CAAC,MAAM,CAAA;YAChB,YAAY,EAAE,CAAA;QAChB,CAAC;QAED,IAAI,YAAY;YAAE,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QAC5D,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED,+CAA+C;IAC/C,yCAAyC;IACzC,uDAAuD;IACvD,mDAAmD;IACnD,mBAAmB;IACnB,QAAQ,CAAC,IAAc,EAAE,OAAsB,EAAE,UAAmB,KAAK;QACvE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,4DAA4D;QAC5D,mEAAmE;QACnE,sBAAsB;QACtB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,MAAM,SAAS,GAAG,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;YAC1E,MAAM,OAAO,GACX,CAAC,SAAS;gBACV,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE;gBACd,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE;gBACd,IAAI,CAAC,CAAC,CAAC,KAAK,GAAG;gBACf,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;YAE3B,MAAM,YAAY,GAChB,OAAO,OAAO,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;YAChE,MAAM,UAAU,GACd,CAAC,YAAY;gBACb,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE;gBACjB,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE;gBACjB,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG;gBAClB,OAAO,OAAO,CAAC,CAAC,CAAC,KAAK,QAAQ;gBAC9B,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;YAE9B,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACnD,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACzD,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,GAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,OAAO,CAAC,GAAG,CAAW,CAAC,CAAA;gBACtE,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;oBAC1C,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,CAAA;oBACjB,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;wBACd,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBAC9B,CAAC;yBAAM,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;wBACrB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBACxB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,4DAA4D;QAC5D,oEAAoE;QACpE,MAAM,EAAE,iBAAiB,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAA;QAC9C,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAC3B,IAAI,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAA;QACxC,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;QAC/C,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;QAEnD,KACE,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,EACzD,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,EAClB,EAAE,EAAE,EAAE,EAAE,EAAE,EACV,CAAC;YACD,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;YAC3B,IAAI,CAAC,GAAG,OAAO,CAAC,EAAE,CAAC,CAAA;YACnB,IAAI,CAAC,GAAG,IAAI,CAAC,EAAE,CAAC,CAAA;YAEhB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;YAEzB,wBAAwB;YACxB,wCAAwC;YACxC,qBAAqB;YACrB,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC;gBAChB,OAAO,KAAK,CAAA;YACd,CAAC;YACD,oBAAoB;YAEpB,IAAI,CAAC,KAAK,QAAQ,EAAE,CAAC;gBACnB,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBAEvC,OAAO;gBACP,yCAAyC;gBACzC,cAAc;gBACd,cAAc;gBACd,cAAc;gBACd,QAAQ;gBACR,iDAAiD;gBACjD,wDAAwD;gBACxD,yBAAyB;gBACzB,sDAAsD;gBACtD,6BAA6B;gBAC7B,EAAE;gBACF,mCAAmC;gBACnC,gBAAgB;gBAChB,eAAe;gBACf,kCAAkC;gBAClC,oBAAoB;gBACpB,mBAAmB;gBACnB,qCAAqC;gBACrC,mCAAmC;gBACnC,iCAAiC;gBACjC,kCAAkC;gBAClC,IAAI,EAAE,GAAG,EAAE,CAAA;gBACX,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;gBACf,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;oBACd,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;oBAC3B,8CAA8C;oBAC9C,yBAAyB;oBACzB,2CAA2C;oBAC3C,sBAAsB;oBACtB,sDAAsD;oBACtD,uBAAuB;oBACvB,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;wBACrB,IACE,IAAI,CAAC,EAAE,CAAC,KAAK,GAAG;4BAChB,IAAI,CAAC,EAAE,CAAC,KAAK,IAAI;4BACjB,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;4BAE5C,OAAO,KAAK,CAAA;oBAChB,CAAC;oBACD,OAAO,IAAI,CAAA;gBACb,CAAC;gBAED,mDAAmD;gBACnD,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC;oBACf,IAAI,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAA;oBAExB,IAAI,CAAC,KAAK,CAAC,kBAAkB,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;oBAEhE,qDAAqD;oBACrD,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,EAAE,CAAC;wBAC9D,IAAI,CAAC,KAAK,CAAC,uBAAuB,EAAE,EAAE,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;wBACtD,iBAAiB;wBACjB,OAAO,IAAI,CAAA;oBACb,CAAC;yBAAM,CAAC;wBACN,kCAAkC;wBAClC,iDAAiD;wBACjD,IACE,SAAS,KAAK,GAAG;4BACjB,SAAS,KAAK,IAAI;4BAClB,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,EAC7C,CAAC;4BACD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;4BAClD,MAAK;wBACP,CAAC;wBAED,uCAAuC;wBACvC,IAAI,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAA;wBACtD,EAAE,EAAE,CAAA;oBACN,CAAC;gBACH,CAAC;gBAED,sBAAsB;gBACtB,mEAAmE;gBACnE,qBAAqB;gBACrB,IAAI,OAAO,EAAE,CAAC;oBACZ,kBAAkB;oBAClB,IAAI,CAAC,KAAK,CAAC,0BAA0B,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;oBAC7D,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;wBACd,OAAO,IAAI,CAAA;oBACb,CAAC;gBACH,CAAC;gBACD,oBAAoB;gBACpB,OAAO,KAAK,CAAA;YACd,CAAC;YAED,0BAA0B;YAC1B,gDAAgD;YAChD,qDAAqD;YACrD,IAAI,GAAY,CAAA;YAChB,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;gBAC1B,GAAG,GAAG,CAAC,KAAK,CAAC,CAAA;gBACb,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAA;YACvC,CAAC;iBAAM,CAAC;gBACN,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gBACf,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAA;YACxC,CAAC;YAED,IAAI,CAAC,GAAG;gBAAE,OAAO,KAAK,CAAA;QACxB,CAAC;QAED,oDAAoD;QACpD,oDAAoD;QACpD,2CAA2C;QAC3C,kDAAkD;QAClD,oDAAoD;QACpD,uDAAuD;QACvD,oDAAoD;QACpD,yDAAyD;QACzD,6BAA6B;QAC7B,yCAAyC;QAEzC,gEAAgE;QAChE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC3B,oDAAoD;YACpD,gBAAgB;YAChB,OAAO,IAAI,CAAA;QACb,CAAC;aAAM,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACrB,+CAA+C;YAC/C,iDAAiD;YACjD,uBAAuB;YACvB,OAAO,OAAO,CAAA;QAChB,CAAC;aAAM,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACrB,4CAA4C;YAC5C,oDAAoD;YACpD,iDAAiD;YACjD,wBAAwB;YACxB,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAA;YAEvC,qBAAqB;QACvB,CAAC;aAAM,CAAC;YACN,yBAAyB;YACzB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,CAAA;QACzB,CAAC;QACD,oBAAoB;IACtB,CAAC;IAED,WAAW;QACT,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,OAAe;QACnB,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAE3B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,YAAY;QACZ,IAAI,OAAO,KAAK,IAAI;YAAE,OAAO,QAAQ,CAAA;QACrC,IAAI,OAAO,KAAK,EAAE;YAAE,OAAO,EAAE,CAAA;QAE7B,uDAAuD;QACvD,0DAA0D;QAC1D,IAAI,CAA0B,CAAA;QAC9B,IAAI,QAAQ,GAAoC,IAAI,CAAA;QACpD,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAChC,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAA;QACjD,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;YAC7C,QAAQ,GAAG,CACT,OAAO,CAAC,MAAM;gBACZ,CAAC,CAAC,OAAO,CAAC,GAAG;oBACX,CAAC,CAAC,uBAAuB;oBACzB,CAAC,CAAC,oBAAoB;gBACxB,CAAC,CAAC,OAAO,CAAC,GAAG;oBACb,CAAC,CAAC,iBAAiB;oBACnB,CAAC,CAAC,cAAc,CACnB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACT,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACzC,QAAQ,GAAG,CACT,OAAO,CAAC,MAAM;gBACZ,CAAC,CAAC,OAAO,CAAC,GAAG;oBACX,CAAC,CAAC,mBAAmB;oBACrB,CAAC,CAAC,gBAAgB;gBACpB,CAAC,CAAC,OAAO,CAAC,GAAG;oBACb,CAAC,CAAC,aAAa;oBACf,CAAC,CAAC,UAAU,CACf,CAAC,CAAC,CAAC,CAAA;QACN,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YAC9C,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,eAAe,CAAA;QAC/D,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;YAC1C,QAAQ,GAAG,WAAW,CAAA;QACxB,CAAC;QAED,MAAM,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAA;QAC5D,IAAI,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE,CAAC;YACvC,2CAA2C;YAC3C,OAAO,CAAC,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAA;QACzD,CAAC;QACD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM;QACJ,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK;YAAE,OAAO,IAAI,CAAC,MAAM,CAAA;QAE5D,mDAAmD;QACnD,4BAA4B;QAC5B,EAAE;QACF,wDAAwD;QACxD,yDAAyD;QACzD,2CAA2C;QAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;QAEpB,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;YACnB,OAAO,IAAI,CAAC,MAAM,CAAA;QACpB,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU;YAChC,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,OAAO,CAAC,GAAG;gBACb,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,YAAY,CAAA;QAChB,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;QAElD,kCAAkC;QAClC,kDAAkD;QAClD,sEAAsE;QACtE,iDAAiD;QACjD,8DAA8D;QAC9D,mCAAmC;QACnC,IAAI,EAAE,GAAG,GAAG;aACT,GAAG,CAAC,OAAO,CAAC,EAAE;YACb,MAAM,EAAE,GAAiC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;gBACvD,IAAI,CAAC,YAAY,MAAM,EAAE,CAAC;oBACxB,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;wBAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;gBACjD,CAAC;gBACD,OAAO,OAAO,CAAC,KAAK,QAAQ;oBAC1B,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;oBACjB,CAAC,CAAC,CAAC,KAAK,QAAQ;wBAChB,CAAC,CAAC,QAAQ;wBACV,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YACZ,CAAC,CAAiC,CAAA;YAClC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBAClB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;gBACtB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;gBACtB,IAAI,CAAC,KAAK,QAAQ,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACxC,OAAM;gBACR,CAAC;gBACD,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBACvB,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;wBAC5C,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,SAAS,GAAG,OAAO,GAAG,OAAO,GAAG,IAAI,CAAA;oBAClD,CAAC;yBAAM,CAAC;wBACN,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,CAAA;oBACjB,CAAC;gBACH,CAAC;qBAAM,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBAC9B,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,GAAG,IAAI,CAAA;gBAC/C,CAAC;qBAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC7B,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,YAAY,GAAG,OAAO,GAAG,MAAM,GAAG,IAAI,CAAA;oBACzD,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAA;gBACtB,CAAC;YACH,CAAC,CAAC,CAAA;YACF,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACjD,CAAC,CAAC;aACD,IAAI,CAAC,GAAG,CAAC,CAAA;QAEZ,+DAA+D;QAC/D,mEAAmE;QACnE,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAC9D,4BAA4B;QAC5B,gDAAgD;QAChD,EAAE,GAAG,GAAG,GAAG,IAAI,GAAG,EAAE,GAAG,KAAK,GAAG,GAAG,CAAA;QAElC,gDAAgD;QAChD,IAAI,IAAI,CAAC,MAAM;YAAE,EAAE,GAAG,MAAM,GAAG,EAAE,GAAG,MAAM,CAAA;QAE1C,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAA;YACjD,qBAAqB;QACvB,CAAC;QAAC,OAAO,EAAE,EAAE,CAAC;YACZ,uBAAuB;YACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACrB,CAAC;QACD,oBAAoB;QACpB,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,UAAU,CAAC,CAAS;QAClB,mDAAmD;QACnD,6DAA6D;QAC7D,8CAA8C;QAC9C,0CAA0C;QAC1C,IAAI,IAAI,CAAC,uBAAuB,EAAE,CAAC;YACjC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACrB,CAAC;aAAM,IAAI,IAAI,CAAC,SAAS,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;YACnD,sCAAsC;YACtC,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAA;QAChC,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;QACvB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,CAAS,EAAE,OAAO,GAAG,IAAI,CAAC,OAAO;QACrC,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QACpC,8CAA8C;QAC9C,iBAAiB;QACjB,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO,KAAK,CAAA;QACd,CAAC;QACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,EAAE,CAAA;QACjB,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,IAAI,OAAO,EAAE,CAAC;YACzB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,gCAAgC;QAChC,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAC7B,CAAC;QAED,6CAA6C;QAC7C,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;QAErC,0DAA0D;QAC1D,2DAA2D;QAC3D,mCAAmC;QACnC,uCAAuC;QAEvC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;QACpB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,CAAA;QAEpC,0EAA0E;QAC1E,IAAI,QAAQ,GAAW,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACxC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBACrD,QAAQ,GAAG,EAAE,CAAC,CAAC,CAAC,CAAA;YAClB,CAAC;QACH,CAAC;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;YACtB,IAAI,IAAI,GAAG,EAAE,CAAA;YACb,IAAI,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9C,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAA;YACnB,CAAC;YACD,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;YACjD,IAAI,GAAG,EAAE,CAAC;gBACR,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;oBACvB,OAAO,IAAI,CAAA;gBACb,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,MAAM,CAAA;YACrB,CAAC;QACH,CAAC;QAED,2DAA2D;QAC3D,8BAA8B;QAC9B,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,GAAqB;QACnC,OAAO,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,CAAA;IAC1C,CAAC;CACF;AACD,qBAAqB;AACrB,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAA;AAC9B,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AACxC,oBAAoB;AACpB,SAAS,CAAC,GAAG,GAAG,GAAG,CAAA;AACnB,SAAS,CAAC,SAAS,GAAG,SAAS,CAAA;AAC/B,SAAS,CAAC,MAAM,GAAG,MAAM,CAAA;AACzB,SAAS,CAAC,QAAQ,GAAG,QAAQ,CAAA","sourcesContent":["import expand from 'brace-expansion'\nimport { assertValidPattern } from './assert-valid-pattern.js'\nimport { AST, ExtglobType } from './ast.js'\nimport { escape } from './escape.js'\nimport { unescape } from './unescape.js'\n\ntype Platform =\n  | 'aix'\n  | 'android'\n  | 'darwin'\n  | 'freebsd'\n  | 'haiku'\n  | 'linux'\n  | 'openbsd'\n  | 'sunos'\n  | 'win32'\n  | 'cygwin'\n  | 'netbsd'\n\nexport interface MinimatchOptions {\n  nobrace?: boolean\n  nocomment?: boolean\n  nonegate?: boolean\n  debug?: boolean\n  noglobstar?: boolean\n  noext?: boolean\n  nonull?: boolean\n  windowsPathsNoEscape?: boolean\n  allowWindowsEscape?: boolean\n  partial?: boolean\n  dot?: boolean\n  nocase?: boolean\n  nocaseMagicOnly?: boolean\n  magicalBraces?: boolean\n  matchBase?: boolean\n  flipNegate?: boolean\n  preserveMultipleSlashes?: boolean\n  optimizationLevel?: number\n  platform?: Platform\n  windowsNoMagicRoot?: boolean\n}\n\nexport const minimatch = (\n  p: string,\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  assertValidPattern(pattern)\n\n  // shortcut: comments match nothing.\n  if (!options.nocomment && pattern.charAt(0) === '#') {\n    return false\n  }\n\n  return new Minimatch(pattern, options).match(p)\n}\n\n// Optimized checking for the most common glob patterns.\nconst starDotExtRE = /^\\*+([^+@!?\\*\\[\\(]*)$/\nconst starDotExtTest = (ext: string) => (f: string) =>\n  !f.startsWith('.') && f.endsWith(ext)\nconst starDotExtTestDot = (ext: string) => (f: string) => f.endsWith(ext)\nconst starDotExtTestNocase = (ext: string) => {\n  ext = ext.toLowerCase()\n  return (f: string) => !f.startsWith('.') && f.toLowerCase().endsWith(ext)\n}\nconst starDotExtTestNocaseDot = (ext: string) => {\n  ext = ext.toLowerCase()\n  return (f: string) => f.toLowerCase().endsWith(ext)\n}\nconst starDotStarRE = /^\\*+\\.\\*+$/\nconst starDotStarTest = (f: string) => !f.startsWith('.') && f.includes('.')\nconst starDotStarTestDot = (f: string) =>\n  f !== '.' && f !== '..' && f.includes('.')\nconst dotStarRE = /^\\.\\*+$/\nconst dotStarTest = (f: string) => f !== '.' && f !== '..' && f.startsWith('.')\nconst starRE = /^\\*+$/\nconst starTest = (f: string) => f.length !== 0 && !f.startsWith('.')\nconst starTestDot = (f: string) => f.length !== 0 && f !== '.' && f !== '..'\nconst qmarksRE = /^\\?+([^+@!?\\*\\[\\(]*)?$/\nconst qmarksTestNocase = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExt([$0])\n  if (!ext) return noext\n  ext = ext.toLowerCase()\n  return (f: string) => noext(f) && f.toLowerCase().endsWith(ext)\n}\nconst qmarksTestNocaseDot = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExtDot([$0])\n  if (!ext) return noext\n  ext = ext.toLowerCase()\n  return (f: string) => noext(f) && f.toLowerCase().endsWith(ext)\n}\nconst qmarksTestDot = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExtDot([$0])\n  return !ext ? noext : (f: string) => noext(f) && f.endsWith(ext)\n}\nconst qmarksTest = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExt([$0])\n  return !ext ? noext : (f: string) => noext(f) && f.endsWith(ext)\n}\nconst qmarksTestNoExt = ([$0]: RegExpMatchArray) => {\n  const len = $0.length\n  return (f: string) => f.length === len && !f.startsWith('.')\n}\nconst qmarksTestNoExtDot = ([$0]: RegExpMatchArray) => {\n  const len = $0.length\n  return (f: string) => f.length === len && f !== '.' && f !== '..'\n}\n\n/* c8 ignore start */\nconst defaultPlatform: Platform = (\n  typeof process === 'object' && process\n    ? (typeof process.env === 'object' &&\n        process.env &&\n        process.env.__MINIMATCH_TESTING_PLATFORM__) ||\n      process.platform\n    : 'posix'\n) as Platform\ntype Sep = '\\\\' | '/'\nconst path: { [k: string]: { sep: Sep } } = {\n  win32: { sep: '\\\\' },\n  posix: { sep: '/' },\n}\n/* c8 ignore stop */\n\nexport const sep = defaultPlatform === 'win32' ? path.win32.sep : path.posix.sep\nminimatch.sep = sep\n\nexport const GLOBSTAR = Symbol('globstar **')\nminimatch.GLOBSTAR = GLOBSTAR\n\n// any single thing other than /\n// don't need to escape / when using new RegExp()\nconst qmark = '[^/]'\n\n// * => any number of characters\nconst star = qmark + '*?'\n\n// ** when dots are allowed.  Anything goes, except .. and .\n// not (^ or / followed by one or two dots followed by $ or /),\n// followed by anything, any number of times.\nconst twoStarDot = '(?:(?!(?:\\\\/|^)(?:\\\\.{1,2})($|\\\\/)).)*?'\n\n// not a ^ or / followed by a dot,\n// followed by anything, any number of times.\nconst twoStarNoDot = '(?:(?!(?:\\\\/|^)\\\\.).)*?'\n\nexport const filter =\n  (pattern: string, options: MinimatchOptions = {}) =>\n  (p: string) =>\n    minimatch(p, pattern, options)\nminimatch.filter = filter\n\nconst ext = (a: MinimatchOptions, b: MinimatchOptions = {}) =>\n  Object.assign({}, a, b)\n\nexport const defaults = (def: MinimatchOptions): typeof minimatch => {\n  if (!def || typeof def !== 'object' || !Object.keys(def).length) {\n    return minimatch\n  }\n\n  const orig = minimatch\n\n  const m = (p: string, pattern: string, options: MinimatchOptions = {}) =>\n    orig(p, pattern, ext(def, options))\n\n  return Object.assign(m, {\n    Minimatch: class Minimatch extends orig.Minimatch {\n      constructor(pattern: string, options: MinimatchOptions = {}) {\n        super(pattern, ext(def, options))\n      }\n      static defaults(options: MinimatchOptions) {\n        return orig.defaults(ext(def, options)).Minimatch\n      }\n    },\n\n    AST: class AST extends orig.AST {\n      /* c8 ignore start */\n      constructor(\n        type: ExtglobType | null,\n        parent?: AST,\n        options: MinimatchOptions = {}\n      ) {\n        super(type, parent, ext(def, options))\n      }\n      /* c8 ignore stop */\n\n      static fromGlob(pattern: string, options: MinimatchOptions = {}) {\n        return orig.AST.fromGlob(pattern, ext(def, options))\n      }\n    },\n\n    unescape: (\n      s: string,\n      options: Pick<MinimatchOptions, 'windowsPathsNoEscape'> = {}\n    ) => orig.unescape(s, ext(def, options)),\n\n    escape: (\n      s: string,\n      options: Pick<MinimatchOptions, 'windowsPathsNoEscape'> = {}\n    ) => orig.escape(s, ext(def, options)),\n\n    filter: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.filter(pattern, ext(def, options)),\n\n    defaults: (options: MinimatchOptions) => orig.defaults(ext(def, options)),\n\n    makeRe: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.makeRe(pattern, ext(def, options)),\n\n    braceExpand: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.braceExpand(pattern, ext(def, options)),\n\n    match: (list: string[], pattern: string, options: MinimatchOptions = {}) =>\n      orig.match(list, pattern, ext(def, options)),\n\n    sep: orig.sep,\n    GLOBSTAR: GLOBSTAR as typeof GLOBSTAR,\n  })\n}\nminimatch.defaults = defaults\n\n// Brace expansion:\n// a{b,c}d -> abd acd\n// a{b,}c -> abc ac\n// a{0..3}d -> a0d a1d a2d a3d\n// a{b,c{d,e}f}g -> abg acdfg acefg\n// a{b,c}d{e,f}g -> abdeg acdeg abdeg abdfg\n//\n// Invalid sets are not expanded.\n// a{2..}b -> a{2..}b\n// a{b}c -> a{b}c\nexport const braceExpand = (\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  assertValidPattern(pattern)\n\n  // Thanks to Yeting Li <https://github.com/yetingli> for\n  // improving this regexp to avoid a ReDOS vulnerability.\n  if (options.nobrace || !/\\{(?:(?!\\{).)*\\}/.test(pattern)) {\n    // shortcut. no need to expand.\n    return [pattern]\n  }\n\n  return expand(pattern)\n}\nminimatch.braceExpand = braceExpand\n\n// parse a component of the expanded set.\n// At this point, no pattern may contain \"/\" in it\n// so we're going to return a 2d array, where each entry is the full\n// pattern, split on '/', and then turned into a regular expression.\n// A regexp is made at the end which joins each array with an\n// escaped /, and another full one which joins each regexp with |.\n//\n// Following the lead of Bash 4.1, note that \"**\" only has special meaning\n// when it is the *only* thing in a path portion.  Otherwise, any series\n// of * is equivalent to a single *.  Globstar behavior is enabled by\n// default, and can be disabled by setting options.noglobstar.\n\nexport const makeRe = (pattern: string, options: MinimatchOptions = {}) =>\n  new Minimatch(pattern, options).makeRe()\nminimatch.makeRe = makeRe\n\nexport const match = (\n  list: string[],\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  const mm = new Minimatch(pattern, options)\n  list = list.filter(f => mm.match(f))\n  if (mm.options.nonull && !list.length) {\n    list.push(pattern)\n  }\n  return list\n}\nminimatch.match = match\n\n// replace stuff like \\* with *\nconst globMagic = /[?*]|[+@!]\\(.*?\\)|\\[|\\]/\nconst regExpEscape = (s: string) =>\n  s.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')\n\nexport type MMRegExp = RegExp & {\n  _src?: string\n  _glob?: string\n}\n\nexport type ParseReturnFiltered = string | MMRegExp | typeof GLOBSTAR\nexport type ParseReturn = ParseReturnFiltered | false\n\nexport class Minimatch {\n  options: MinimatchOptions\n  set: ParseReturnFiltered[][]\n  pattern: string\n\n  windowsPathsNoEscape: boolean\n  nonegate: boolean\n  negate: boolean\n  comment: boolean\n  empty: boolean\n  preserveMultipleSlashes: boolean\n  partial: boolean\n  globSet: string[]\n  globParts: string[][]\n  nocase: boolean\n\n  isWindows: boolean\n  platform: Platform\n  windowsNoMagicRoot: boolean\n\n  regexp: false | null | MMRegExp\n  constructor(pattern: string, options: MinimatchOptions = {}) {\n    assertValidPattern(pattern)\n\n    options = options || {}\n    this.options = options\n    this.pattern = pattern\n    this.platform = options.platform || defaultPlatform\n    this.isWindows = this.platform === 'win32'\n    this.windowsPathsNoEscape =\n      !!options.windowsPathsNoEscape || options.allowWindowsEscape === false\n    if (this.windowsPathsNoEscape) {\n      this.pattern = this.pattern.replace(/\\\\/g, '/')\n    }\n    this.preserveMultipleSlashes = !!options.preserveMultipleSlashes\n    this.regexp = null\n    this.negate = false\n    this.nonegate = !!options.nonegate\n    this.comment = false\n    this.empty = false\n    this.partial = !!options.partial\n    this.nocase = !!this.options.nocase\n    this.windowsNoMagicRoot =\n      options.windowsNoMagicRoot !== undefined\n        ? options.windowsNoMagicRoot\n        : !!(this.isWindows && this.nocase)\n\n    this.globSet = []\n    this.globParts = []\n    this.set = []\n\n    // make the set of regexps etc.\n    this.make()\n  }\n\n  hasMagic(): boolean {\n    if (this.options.magicalBraces && this.set.length > 1) {\n      return true\n    }\n    for (const pattern of this.set) {\n      for (const part of pattern) {\n        if (typeof part !== 'string') return true\n      }\n    }\n    return false\n  }\n\n  debug(..._: any[]) {}\n\n  make() {\n    const pattern = this.pattern\n    const options = this.options\n\n    // empty patterns and comments match nothing.\n    if (!options.nocomment && pattern.charAt(0) === '#') {\n      this.comment = true\n      return\n    }\n\n    if (!pattern) {\n      this.empty = true\n      return\n    }\n\n    // step 1: figure out negation, etc.\n    this.parseNegate()\n\n    // step 2: expand braces\n    this.globSet = [...new Set(this.braceExpand())]\n\n    if (options.debug) {\n      this.debug = (...args: any[]) => console.error(...args)\n    }\n\n    this.debug(this.pattern, this.globSet)\n\n    // step 3: now we have a set, so turn each one into a series of\n    // path-portion matching patterns.\n    // These will be regexps, except in the case of \"**\", which is\n    // set to the GLOBSTAR object for globstar behavior,\n    // and will not contain any / characters\n    //\n    // First, we preprocess to make the glob pattern sets a bit simpler\n    // and deduped.  There are some perf-killing patterns that can cause\n    // problems with a glob walk, but we can simplify them down a bit.\n    const rawGlobParts = this.globSet.map(s => this.slashSplit(s))\n    this.globParts = this.preprocess(rawGlobParts)\n    this.debug(this.pattern, this.globParts)\n\n    // glob --> regexps\n    let set = this.globParts.map((s, _, __) => {\n      if (this.isWindows && this.windowsNoMagicRoot) {\n        // check if it's a drive or unc path.\n        const isUNC =\n          s[0] === '' &&\n          s[1] === '' &&\n          (s[2] === '?' || !globMagic.test(s[2])) &&\n          !globMagic.test(s[3])\n        const isDrive = /^[a-z]:/i.test(s[0])\n        if (isUNC) {\n          return [...s.slice(0, 4), ...s.slice(4).map(ss => this.parse(ss))]\n        } else if (isDrive) {\n          return [s[0], ...s.slice(1).map(ss => this.parse(ss))]\n        }\n      }\n      return s.map(ss => this.parse(ss))\n    })\n\n    this.debug(this.pattern, set)\n\n    // filter out everything that didn't compile properly.\n    this.set = set.filter(\n      s => s.indexOf(false) === -1\n    ) as ParseReturnFiltered[][]\n\n    // do not treat the ? in UNC paths as magic\n    if (this.isWindows) {\n      for (let i = 0; i < this.set.length; i++) {\n        const p = this.set[i]\n        if (\n          p[0] === '' &&\n          p[1] === '' &&\n          this.globParts[i][2] === '?' &&\n          typeof p[3] === 'string' &&\n          /^[a-z]:$/i.test(p[3])\n        ) {\n          p[2] = '?'\n        }\n      }\n    }\n\n    this.debug(this.pattern, this.set)\n  }\n\n  // various transforms to equivalent pattern sets that are\n  // faster to process in a filesystem walk.  The goal is to\n  // eliminate what we can, and push all ** patterns as far\n  // to the right as possible, even if it increases the number\n  // of patterns that we have to process.\n  preprocess(globParts: string[][]) {\n    // if we're not in globstar mode, then turn all ** into *\n    if (this.options.noglobstar) {\n      for (let i = 0; i < globParts.length; i++) {\n        for (let j = 0; j < globParts[i].length; j++) {\n          if (globParts[i][j] === '**') {\n            globParts[i][j] = '*'\n          }\n        }\n      }\n    }\n\n    const { optimizationLevel = 1 } = this.options\n\n    if (optimizationLevel >= 2) {\n      // aggressive optimization for the purpose of fs walking\n      globParts = this.firstPhasePreProcess(globParts)\n      globParts = this.secondPhasePreProcess(globParts)\n    } else if (optimizationLevel >= 1) {\n      // just basic optimizations to remove some .. parts\n      globParts = this.levelOneOptimize(globParts)\n    } else {\n      // just collapse multiple ** portions into one\n      globParts = this.adjascentGlobstarOptimize(globParts)\n    }\n\n    return globParts\n  }\n\n  // just get rid of adjascent ** portions\n  adjascentGlobstarOptimize(globParts: string[][]) {\n    return globParts.map(parts => {\n      let gs: number = -1\n      while (-1 !== (gs = parts.indexOf('**', gs + 1))) {\n        let i = gs\n        while (parts[i + 1] === '**') {\n          i++\n        }\n        if (i !== gs) {\n          parts.splice(gs, i - gs)\n        }\n      }\n      return parts\n    })\n  }\n\n  // get rid of adjascent ** and resolve .. portions\n  levelOneOptimize(globParts: string[][]) {\n    return globParts.map(parts => {\n      parts = parts.reduce((set: string[], part) => {\n        const prev = set[set.length - 1]\n        if (part === '**' && prev === '**') {\n          return set\n        }\n        if (part === '..') {\n          if (prev && prev !== '..' && prev !== '.' && prev !== '**') {\n            set.pop()\n            return set\n          }\n        }\n        set.push(part)\n        return set\n      }, [])\n      return parts.length === 0 ? [''] : parts\n    })\n  }\n\n  levelTwoFileOptimize(parts: string | string[]) {\n    if (!Array.isArray(parts)) {\n      parts = this.slashSplit(parts)\n    }\n    let didSomething: boolean = false\n    do {\n      didSomething = false\n      // <pre>/<e>/<rest> -> <pre>/<rest>\n      if (!this.preserveMultipleSlashes) {\n        for (let i = 1; i < parts.length - 1; i++) {\n          const p = parts[i]\n          // don't squeeze out UNC patterns\n          if (i === 1 && p === '' && parts[0] === '') continue\n          if (p === '.' || p === '') {\n            didSomething = true\n            parts.splice(i, 1)\n            i--\n          }\n        }\n        if (\n          parts[0] === '.' &&\n          parts.length === 2 &&\n          (parts[1] === '.' || parts[1] === '')\n        ) {\n          didSomething = true\n          parts.pop()\n        }\n      }\n\n      // <pre>/<p>/../<rest> -> <pre>/<rest>\n      let dd: number = 0\n      while (-1 !== (dd = parts.indexOf('..', dd + 1))) {\n        const p = parts[dd - 1]\n        if (p && p !== '.' && p !== '..' && p !== '**') {\n          didSomething = true\n          parts.splice(dd - 1, 2)\n          dd -= 2\n        }\n      }\n    } while (didSomething)\n    return parts.length === 0 ? [''] : parts\n  }\n\n  // First phase: single-pattern processing\n  // <pre> is 1 or more portions\n  // <rest> is 1 or more portions\n  // <p> is any portion other than ., .., '', or **\n  // <e> is . or ''\n  //\n  // **/.. is *brutal* for filesystem walking performance, because\n  // it effectively resets the recursive walk each time it occurs,\n  // and ** cannot be reduced out by a .. pattern part like a regexp\n  // or most strings (other than .., ., and '') can be.\n  //\n  // <pre>/**/../<p>/<p>/<rest> -> {<pre>/../<p>/<p>/<rest>,<pre>/**/<p>/<p>/<rest>}\n  // <pre>/<e>/<rest> -> <pre>/<rest>\n  // <pre>/<p>/../<rest> -> <pre>/<rest>\n  // **/**/<rest> -> **/<rest>\n  //\n  // **/*/<rest> -> */**/<rest> <== not valid because ** doesn't follow\n  // this WOULD be allowed if ** did follow symlinks, or * didn't\n  firstPhasePreProcess(globParts: string[][]) {\n    let didSomething = false\n    do {\n      didSomething = false\n      // <pre>/**/../<p>/<p>/<rest> -> {<pre>/../<p>/<p>/<rest>,<pre>/**/<p>/<p>/<rest>}\n      for (let parts of globParts) {\n        let gs: number = -1\n        while (-1 !== (gs = parts.indexOf('**', gs + 1))) {\n          let gss: number = gs\n          while (parts[gss + 1] === '**') {\n            // <pre>/**/**/<rest> -> <pre>/**/<rest>\n            gss++\n          }\n          // eg, if gs is 2 and gss is 4, that means we have 3 **\n          // parts, and can remove 2 of them.\n          if (gss > gs) {\n            parts.splice(gs + 1, gss - gs)\n          }\n\n          let next = parts[gs + 1]\n          const p = parts[gs + 2]\n          const p2 = parts[gs + 3]\n          if (next !== '..') continue\n          if (\n            !p ||\n            p === '.' ||\n            p === '..' ||\n            !p2 ||\n            p2 === '.' ||\n            p2 === '..'\n          ) {\n            continue\n          }\n          didSomething = true\n          // edit parts in place, and push the new one\n          parts.splice(gs, 1)\n          const other = parts.slice(0)\n          other[gs] = '**'\n          globParts.push(other)\n          gs--\n        }\n\n        // <pre>/<e>/<rest> -> <pre>/<rest>\n        if (!this.preserveMultipleSlashes) {\n          for (let i = 1; i < parts.length - 1; i++) {\n            const p = parts[i]\n            // don't squeeze out UNC patterns\n            if (i === 1 && p === '' && parts[0] === '') continue\n            if (p === '.' || p === '') {\n              didSomething = true\n              parts.splice(i, 1)\n              i--\n            }\n          }\n          if (\n            parts[0] === '.' &&\n            parts.length === 2 &&\n            (parts[1] === '.' || parts[1] === '')\n          ) {\n            didSomething = true\n            parts.pop()\n          }\n        }\n\n        // <pre>/<p>/../<rest> -> <pre>/<rest>\n        let dd: number = 0\n        while (-1 !== (dd = parts.indexOf('..', dd + 1))) {\n          const p = parts[dd - 1]\n          if (p && p !== '.' && p !== '..' && p !== '**') {\n            didSomething = true\n            const needDot = dd === 1 && parts[dd + 1] === '**'\n            const splin = needDot ? ['.'] : []\n            parts.splice(dd - 1, 2, ...splin)\n            if (parts.length === 0) parts.push('')\n            dd -= 2\n          }\n        }\n      }\n    } while (didSomething)\n\n    return globParts\n  }\n\n  // second phase: multi-pattern dedupes\n  // {<pre>/*/<rest>,<pre>/<p>/<rest>} -> <pre>/*/<rest>\n  // {<pre>/<rest>,<pre>/<rest>} -> <pre>/<rest>\n  // {<pre>/**/<rest>,<pre>/<rest>} -> <pre>/**/<rest>\n  //\n  // {<pre>/**/<rest>,<pre>/**/<p>/<rest>} -> <pre>/**/<rest>\n  // ^-- not valid because ** doens't follow symlinks\n  secondPhasePreProcess(globParts: string[][]): string[][] {\n    for (let i = 0; i < globParts.length - 1; i++) {\n      for (let j = i + 1; j < globParts.length; j++) {\n        const matched = this.partsMatch(\n          globParts[i],\n          globParts[j],\n          !this.preserveMultipleSlashes\n        )\n        if (matched) {\n          globParts[i] = []\n          globParts[j] = matched\n          break\n        }\n      }\n    }\n    return globParts.filter(gs => gs.length)\n  }\n\n  partsMatch(\n    a: string[],\n    b: string[],\n    emptyGSMatch: boolean = false\n  ): false | string[] {\n    let ai = 0\n    let bi = 0\n    let result: string[] = []\n    let which: string = ''\n    while (ai < a.length && bi < b.length) {\n      if (a[ai] === b[bi]) {\n        result.push(which === 'b' ? b[bi] : a[ai])\n        ai++\n        bi++\n      } else if (emptyGSMatch && a[ai] === '**' && b[bi] === a[ai + 1]) {\n        result.push(a[ai])\n        ai++\n      } else if (emptyGSMatch && b[bi] === '**' && a[ai] === b[bi + 1]) {\n        result.push(b[bi])\n        bi++\n      } else if (\n        a[ai] === '*' &&\n        b[bi] &&\n        (this.options.dot || !b[bi].startsWith('.')) &&\n        b[bi] !== '**'\n      ) {\n        if (which === 'b') return false\n        which = 'a'\n        result.push(a[ai])\n        ai++\n        bi++\n      } else if (\n        b[bi] === '*' &&\n        a[ai] &&\n        (this.options.dot || !a[ai].startsWith('.')) &&\n        a[ai] !== '**'\n      ) {\n        if (which === 'a') return false\n        which = 'b'\n        result.push(b[bi])\n        ai++\n        bi++\n      } else {\n        return false\n      }\n    }\n    // if we fall out of the loop, it means they two are identical\n    // as long as their lengths match\n    return a.length === b.length && result\n  }\n\n  parseNegate() {\n    if (this.nonegate) return\n\n    const pattern = this.pattern\n    let negate = false\n    let negateOffset = 0\n\n    for (let i = 0; i < pattern.length && pattern.charAt(i) === '!'; i++) {\n      negate = !negate\n      negateOffset++\n    }\n\n    if (negateOffset) this.pattern = pattern.slice(negateOffset)\n    this.negate = negate\n  }\n\n  // set partial to true to test if, for example,\n  // \"/a/b\" matches the start of \"/*/b/*/d\"\n  // Partial means, if you run out of file before you run\n  // out of pattern, then that's fine, as long as all\n  // the parts match.\n  matchOne(file: string[], pattern: ParseReturn[], partial: boolean = false) {\n    const options = this.options\n\n    // UNC paths like //?/X:/... can match X:/... and vice versa\n    // Drive letters in absolute drive or unc paths are always compared\n    // case-insensitively.\n    if (this.isWindows) {\n      const fileDrive = typeof file[0] === 'string' && /^[a-z]:$/i.test(file[0])\n      const fileUNC =\n        !fileDrive &&\n        file[0] === '' &&\n        file[1] === '' &&\n        file[2] === '?' &&\n        /^[a-z]:$/i.test(file[3])\n\n      const patternDrive =\n        typeof pattern[0] === 'string' && /^[a-z]:$/i.test(pattern[0])\n      const patternUNC =\n        !patternDrive &&\n        pattern[0] === '' &&\n        pattern[1] === '' &&\n        pattern[2] === '?' &&\n        typeof pattern[3] === 'string' &&\n        /^[a-z]:$/i.test(pattern[3])\n\n      const fdi = fileUNC ? 3 : fileDrive ? 0 : undefined\n      const pdi = patternUNC ? 3 : patternDrive ? 0 : undefined\n      if (typeof fdi === 'number' && typeof pdi === 'number') {\n        const [fd, pd]: [string, string] = [file[fdi], pattern[pdi] as string]\n        if (fd.toLowerCase() === pd.toLowerCase()) {\n          pattern[pdi] = fd\n          if (pdi > fdi) {\n            pattern = pattern.slice(pdi)\n          } else if (fdi > pdi) {\n            file = file.slice(fdi)\n          }\n        }\n      }\n    }\n\n    // resolve and reduce . and .. portions in the file as well.\n    // dont' need to do the second phase, because it's only one string[]\n    const { optimizationLevel = 1 } = this.options\n    if (optimizationLevel >= 2) {\n      file = this.levelTwoFileOptimize(file)\n    }\n\n    this.debug('matchOne', this, { file, pattern })\n    this.debug('matchOne', file.length, pattern.length)\n\n    for (\n      var fi = 0, pi = 0, fl = file.length, pl = pattern.length;\n      fi < fl && pi < pl;\n      fi++, pi++\n    ) {\n      this.debug('matchOne loop')\n      var p = pattern[pi]\n      var f = file[fi]\n\n      this.debug(pattern, p, f)\n\n      // should be impossible.\n      // some invalid regexp stuff in the set.\n      /* c8 ignore start */\n      if (p === false) {\n        return false\n      }\n      /* c8 ignore stop */\n\n      if (p === GLOBSTAR) {\n        this.debug('GLOBSTAR', [pattern, p, f])\n\n        // \"**\"\n        // a/**/b/**/c would match the following:\n        // a/b/x/y/z/c\n        // a/x/y/z/b/c\n        // a/b/x/b/x/c\n        // a/b/c\n        // To do this, take the rest of the pattern after\n        // the **, and see if it would match the file remainder.\n        // If so, return success.\n        // If not, the ** \"swallows\" a segment, and try again.\n        // This is recursively awful.\n        //\n        // a/**/b/**/c matching a/b/x/y/z/c\n        // - a matches a\n        // - doublestar\n        //   - matchOne(b/x/y/z/c, b/**/c)\n        //     - b matches b\n        //     - doublestar\n        //       - matchOne(x/y/z/c, c) -> no\n        //       - matchOne(y/z/c, c) -> no\n        //       - matchOne(z/c, c) -> no\n        //       - matchOne(c, c) yes, hit\n        var fr = fi\n        var pr = pi + 1\n        if (pr === pl) {\n          this.debug('** at the end')\n          // a ** at the end will just swallow the rest.\n          // We have found a match.\n          // however, it will not swallow /.x, unless\n          // options.dot is set.\n          // . and .. are *never* matched by **, for explosively\n          // exponential reasons.\n          for (; fi < fl; fi++) {\n            if (\n              file[fi] === '.' ||\n              file[fi] === '..' ||\n              (!options.dot && file[fi].charAt(0) === '.')\n            )\n              return false\n          }\n          return true\n        }\n\n        // ok, let's see if we can swallow whatever we can.\n        while (fr < fl) {\n          var swallowee = file[fr]\n\n          this.debug('\\nglobstar while', file, fr, pattern, pr, swallowee)\n\n          // XXX remove this slice.  Just pass the start index.\n          if (this.matchOne(file.slice(fr), pattern.slice(pr), partial)) {\n            this.debug('globstar found match!', fr, fl, swallowee)\n            // found a match.\n            return true\n          } else {\n            // can't swallow \".\" or \"..\" ever.\n            // can only swallow \".foo\" when explicitly asked.\n            if (\n              swallowee === '.' ||\n              swallowee === '..' ||\n              (!options.dot && swallowee.charAt(0) === '.')\n            ) {\n              this.debug('dot detected!', file, fr, pattern, pr)\n              break\n            }\n\n            // ** swallows a segment, and continue.\n            this.debug('globstar swallow a segment, and continue')\n            fr++\n          }\n        }\n\n        // no match was found.\n        // However, in partial mode, we can't say this is necessarily over.\n        /* c8 ignore start */\n        if (partial) {\n          // ran out of file\n          this.debug('\\n>>> no match, partial?', file, fr, pattern, pr)\n          if (fr === fl) {\n            return true\n          }\n        }\n        /* c8 ignore stop */\n        return false\n      }\n\n      // something other than **\n      // non-magic patterns just have to match exactly\n      // patterns with magic have been turned into regexps.\n      let hit: boolean\n      if (typeof p === 'string') {\n        hit = f === p\n        this.debug('string match', p, f, hit)\n      } else {\n        hit = p.test(f)\n        this.debug('pattern match', p, f, hit)\n      }\n\n      if (!hit) return false\n    }\n\n    // Note: ending in / means that we'll get a final \"\"\n    // at the end of the pattern.  This can only match a\n    // corresponding \"\" at the end of the file.\n    // If the file ends in /, then it can only match a\n    // a pattern that ends in /, unless the pattern just\n    // doesn't have any more for it. But, a/b/ should *not*\n    // match \"a/b/*\", even though \"\" matches against the\n    // [^/]*? pattern, except in partial mode, where it might\n    // simply not be reached yet.\n    // However, a/b/ should still satisfy a/*\n\n    // now either we fell off the end of the pattern, or we're done.\n    if (fi === fl && pi === pl) {\n      // ran out of pattern and filename at the same time.\n      // an exact hit!\n      return true\n    } else if (fi === fl) {\n      // ran out of file, but still had pattern left.\n      // this is ok if we're doing the match as part of\n      // a glob fs traversal.\n      return partial\n    } else if (pi === pl) {\n      // ran out of pattern, still have file left.\n      // this is only acceptable if we're on the very last\n      // empty segment of a file with a trailing slash.\n      // a/* should match a/b/\n      return fi === fl - 1 && file[fi] === ''\n\n      /* c8 ignore start */\n    } else {\n      // should be unreachable.\n      throw new Error('wtf?')\n    }\n    /* c8 ignore stop */\n  }\n\n  braceExpand() {\n    return braceExpand(this.pattern, this.options)\n  }\n\n  parse(pattern: string): ParseReturn {\n    assertValidPattern(pattern)\n\n    const options = this.options\n\n    // shortcuts\n    if (pattern === '**') return GLOBSTAR\n    if (pattern === '') return ''\n\n    // far and away, the most common glob pattern parts are\n    // *, *.*, and *.<ext>  Add a fast check method for those.\n    let m: RegExpMatchArray | null\n    let fastTest: null | ((f: string) => boolean) = null\n    if ((m = pattern.match(starRE))) {\n      fastTest = options.dot ? starTestDot : starTest\n    } else if ((m = pattern.match(starDotExtRE))) {\n      fastTest = (\n        options.nocase\n          ? options.dot\n            ? starDotExtTestNocaseDot\n            : starDotExtTestNocase\n          : options.dot\n          ? starDotExtTestDot\n          : starDotExtTest\n      )(m[1])\n    } else if ((m = pattern.match(qmarksRE))) {\n      fastTest = (\n        options.nocase\n          ? options.dot\n            ? qmarksTestNocaseDot\n            : qmarksTestNocase\n          : options.dot\n          ? qmarksTestDot\n          : qmarksTest\n      )(m)\n    } else if ((m = pattern.match(starDotStarRE))) {\n      fastTest = options.dot ? starDotStarTestDot : starDotStarTest\n    } else if ((m = pattern.match(dotStarRE))) {\n      fastTest = dotStarTest\n    }\n\n    const re = AST.fromGlob(pattern, this.options).toMMPattern()\n    if (fastTest && typeof re === 'object') {\n      // Avoids overriding in frozen environments\n      Reflect.defineProperty(re, 'test', { value: fastTest })\n    }\n    return re\n  }\n\n  makeRe() {\n    if (this.regexp || this.regexp === false) return this.regexp\n\n    // at this point, this.set is a 2d array of partial\n    // pattern strings, or \"**\".\n    //\n    // It's better to use .match().  This function shouldn't\n    // be used, really, but it's pretty convenient sometimes,\n    // when you just want to work with a regex.\n    const set = this.set\n\n    if (!set.length) {\n      this.regexp = false\n      return this.regexp\n    }\n    const options = this.options\n\n    const twoStar = options.noglobstar\n      ? star\n      : options.dot\n      ? twoStarDot\n      : twoStarNoDot\n    const flags = new Set(options.nocase ? ['i'] : [])\n\n    // regexpify non-globstar patterns\n    // if ** is only item, then we just do one twoStar\n    // if ** is first, and there are more, prepend (\\/|twoStar\\/)? to next\n    // if ** is last, append (\\/twoStar|) to previous\n    // if ** is in the middle, append (\\/|\\/twoStar\\/) to previous\n    // then filter out GLOBSTAR symbols\n    let re = set\n      .map(pattern => {\n        const pp: (string | typeof GLOBSTAR)[] = pattern.map(p => {\n          if (p instanceof RegExp) {\n            for (const f of p.flags.split('')) flags.add(f)\n          }\n          return typeof p === 'string'\n            ? regExpEscape(p)\n            : p === GLOBSTAR\n            ? GLOBSTAR\n            : p._src\n        }) as (string | typeof GLOBSTAR)[]\n        pp.forEach((p, i) => {\n          const next = pp[i + 1]\n          const prev = pp[i - 1]\n          if (p !== GLOBSTAR || prev === GLOBSTAR) {\n            return\n          }\n          if (prev === undefined) {\n            if (next !== undefined && next !== GLOBSTAR) {\n              pp[i + 1] = '(?:\\\\/|' + twoStar + '\\\\/)?' + next\n            } else {\n              pp[i] = twoStar\n            }\n          } else if (next === undefined) {\n            pp[i - 1] = prev + '(?:\\\\/|' + twoStar + ')?'\n          } else if (next !== GLOBSTAR) {\n            pp[i - 1] = prev + '(?:\\\\/|\\\\/' + twoStar + '\\\\/)' + next\n            pp[i + 1] = GLOBSTAR\n          }\n        })\n        return pp.filter(p => p !== GLOBSTAR).join('/')\n      })\n      .join('|')\n\n    // need to wrap in parens if we had more than one thing with |,\n    // otherwise only the first will be anchored to ^ and the last to $\n    const [open, close] = set.length > 1 ? ['(?:', ')'] : ['', '']\n    // must match entire pattern\n    // ending in a * or ** will make it less strict.\n    re = '^' + open + re + close + '$'\n\n    // can match anything, as long as it's not this.\n    if (this.negate) re = '^(?!' + re + ').+$'\n\n    try {\n      this.regexp = new RegExp(re, [...flags].join(''))\n      /* c8 ignore start */\n    } catch (ex) {\n      // should be impossible\n      this.regexp = false\n    }\n    /* c8 ignore stop */\n    return this.regexp\n  }\n\n  slashSplit(p: string) {\n    // if p starts with // on windows, we preserve that\n    // so that UNC paths aren't broken.  Otherwise, any number of\n    // / characters are coalesced into one, unless\n    // preserveMultipleSlashes is set to true.\n    if (this.preserveMultipleSlashes) {\n      return p.split('/')\n    } else if (this.isWindows && /^\\/\\/[^\\/]+/.test(p)) {\n      // add an extra '' for the one we lose\n      return ['', ...p.split(/\\/+/)]\n    } else {\n      return p.split(/\\/+/)\n    }\n  }\n\n  match(f: string, partial = this.partial) {\n    this.debug('match', f, this.pattern)\n    // short-circuit in the case of busted things.\n    // comments, etc.\n    if (this.comment) {\n      return false\n    }\n    if (this.empty) {\n      return f === ''\n    }\n\n    if (f === '/' && partial) {\n      return true\n    }\n\n    const options = this.options\n\n    // windows: need to use /, not \\\n    if (this.isWindows) {\n      f = f.split('\\\\').join('/')\n    }\n\n    // treat the test path as a set of pathparts.\n    const ff = this.slashSplit(f)\n    this.debug(this.pattern, 'split', ff)\n\n    // just ONE of the pattern sets in this.set needs to match\n    // in order for it to be valid.  If negating, then just one\n    // match means that we have failed.\n    // Either way, return on the first hit.\n\n    const set = this.set\n    this.debug(this.pattern, 'set', set)\n\n    // Find the basename of the path by looking for the last non-empty segment\n    let filename: string = ff[ff.length - 1]\n    if (!filename) {\n      for (let i = ff.length - 2; !filename && i >= 0; i--) {\n        filename = ff[i]\n      }\n    }\n\n    for (let i = 0; i < set.length; i++) {\n      const pattern = set[i]\n      let file = ff\n      if (options.matchBase && pattern.length === 1) {\n        file = [filename]\n      }\n      const hit = this.matchOne(file, pattern, partial)\n      if (hit) {\n        if (options.flipNegate) {\n          return true\n        }\n        return !this.negate\n      }\n    }\n\n    // didn't get any hits.  this is success if it's a negative\n    // pattern, failure otherwise.\n    if (options.flipNegate) {\n      return false\n    }\n    return this.negate\n  }\n\n  static defaults(def: MinimatchOptions) {\n    return minimatch.defaults(def).Minimatch\n  }\n}\n/* c8 ignore start */\nexport { AST } from './ast.js'\nexport { escape } from './escape.js'\nexport { unescape } from './unescape.js'\n/* c8 ignore stop */\nminimatch.AST = AST\nminimatch.Minimatch = Minimatch\nminimatch.escape = escape\nminimatch.unescape = unescape\n"]}
\ No newline at end of file
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAA;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAC9D,OAAO,EAAE,GAAG,EAAe,MAAM,UAAU,CAAA;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AAsCxC,MAAM,CAAC,MAAM,SAAS,GAAG,CACvB,CAAS,EACT,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,kBAAkB,CAAC,OAAO,CAAC,CAAA;IAE3B,oCAAoC;IACpC,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;QACpD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;AACjD,CAAC,CAAA;AAED,wDAAwD;AACxD,MAAM,YAAY,GAAG,uBAAuB,CAAA;AAC5C,MAAM,cAAc,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,CAAS,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACvC,MAAM,iBAAiB,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACzE,MAAM,oBAAoB,GAAG,CAAC,GAAW,EAAE,EAAE;IAC3C,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC3E,CAAC,CAAA;AACD,MAAM,uBAAuB,GAAG,CAAC,GAAW,EAAE,EAAE;IAC9C,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACrD,CAAC,CAAA;AACD,MAAM,aAAa,GAAG,YAAY,CAAA;AAClC,MAAM,eAAe,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC5E,MAAM,kBAAkB,GAAG,CAAC,CAAS,EAAE,EAAE,CACvC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC5C,MAAM,SAAS,GAAG,SAAS,CAAA;AAC3B,MAAM,WAAW,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AAC/E,MAAM,MAAM,GAAG,OAAO,CAAA;AACtB,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AACpE,MAAM,WAAW,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,CAAA;AAC5E,MAAM,QAAQ,GAAG,wBAAwB,CAAA;AACzC,MAAM,gBAAgB,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IAC5D,MAAM,KAAK,GAAG,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACnC,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAA;IACtB,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACjE,CAAC,CAAA;AACD,MAAM,mBAAmB,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IAC/D,MAAM,KAAK,GAAG,kBAAkB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACtC,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAA;IACtB,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AACjE,CAAC,CAAA;AACD,MAAM,aAAa,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IACzD,MAAM,KAAK,GAAG,kBAAkB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACtC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAClE,CAAC,CAAA;AACD,MAAM,UAAU,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,EAAE,CAAmB,EAAE,EAAE;IACtD,MAAM,KAAK,GAAG,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACnC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAClE,CAAC,CAAA;AACD,MAAM,eAAe,GAAG,CAAC,CAAC,EAAE,CAAmB,EAAE,EAAE;IACjD,MAAM,GAAG,GAAG,EAAE,CAAC,MAAM,CAAA;IACrB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;AAC9D,CAAC,CAAA;AACD,MAAM,kBAAkB,GAAG,CAAC,CAAC,EAAE,CAAmB,EAAE,EAAE;IACpD,MAAM,GAAG,GAAG,EAAE,CAAC,MAAM,CAAA;IACrB,OAAO,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,CAAA;AACnE,CAAC,CAAA;AAED,qBAAqB;AACrB,MAAM,eAAe,GAAa,CAChC,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO;IACpC,CAAC,CAAC,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAC9B,OAAO,CAAC,GAAG;QACX,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC;QAC7C,OAAO,CAAC,QAAQ;IAClB,CAAC,CAAC,OAAO,CACA,CAAA;AAEb,MAAM,IAAI,GAAkC;IAC1C,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;IACpB,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE;CACpB,CAAA;AACD,oBAAoB;AAEpB,MAAM,CAAC,MAAM,GAAG,GAAG,eAAe,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAA;AAChF,SAAS,CAAC,GAAG,GAAG,GAAG,CAAA;AAEnB,MAAM,CAAC,MAAM,QAAQ,GAAG,MAAM,CAAC,aAAa,CAAC,CAAA;AAC7C,SAAS,CAAC,QAAQ,GAAG,QAAQ,CAAA;AAE7B,gCAAgC;AAChC,iDAAiD;AACjD,MAAM,KAAK,GAAG,MAAM,CAAA;AAEpB,gCAAgC;AAChC,MAAM,IAAI,GAAG,KAAK,GAAG,IAAI,CAAA;AAEzB,4DAA4D;AAC5D,+DAA+D;AAC/D,6CAA6C;AAC7C,MAAM,UAAU,GAAG,yCAAyC,CAAA;AAE5D,kCAAkC;AAClC,6CAA6C;AAC7C,MAAM,YAAY,GAAG,yBAAyB,CAAA;AAE9C,MAAM,CAAC,MAAM,MAAM,GACjB,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACpD,CAAC,CAAS,EAAE,EAAE,CACZ,SAAS,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;AAClC,SAAS,CAAC,MAAM,GAAG,MAAM,CAAA;AAEzB,MAAM,GAAG,GAAG,CAAC,CAAmB,EAAE,IAAsB,EAAE,EAAE,EAAE,CAC5D,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;AAEzB,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,GAAqB,EAAoB,EAAE;IAClE,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;QAChE,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,MAAM,IAAI,GAAG,SAAS,CAAA;IAEtB,MAAM,CAAC,GAAG,CAAC,CAAS,EAAE,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACvE,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;IAErC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE;QACtB,SAAS,EAAE,MAAM,SAAU,SAAQ,IAAI,CAAC,SAAS;YAC/C,YAAY,OAAe,EAAE,UAA4B,EAAE;gBACzD,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACnC,CAAC;YACD,MAAM,CAAC,QAAQ,CAAC,OAAyB;gBACvC,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;YACnD,CAAC;SACF;QAED,GAAG,EAAE,MAAM,GAAI,SAAQ,IAAI,CAAC,GAAG;YAC7B,qBAAqB;YACrB,YACE,IAAwB,EACxB,MAAY,EACZ,UAA4B,EAAE;gBAE9B,KAAK,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACxC,CAAC;YACD,oBAAoB;YAEpB,MAAM,CAAC,QAAQ,CAAC,OAAe,EAAE,UAA4B,EAAE;gBAC7D,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAA;YACtD,CAAC;SACF;QAED,QAAQ,EAAE,CACR,CAAS,EACT,UAA0D,EAAE,EAC5D,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAExC,MAAM,EAAE,CACN,CAAS,EACT,UAA0D,EAAE,EAC5D,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEtC,MAAM,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC1D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzC,QAAQ,EAAE,CAAC,OAAyB,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzE,MAAM,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC1D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzC,WAAW,EAAE,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CAC/D,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE9C,KAAK,EAAE,CAAC,IAAc,EAAE,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACzE,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE9C,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,QAAQ,EAAE,QAA2B;KACtC,CAAC,CAAA;AACJ,CAAC,CAAA;AACD,SAAS,CAAC,QAAQ,GAAG,QAAQ,CAAA;AAE7B,mBAAmB;AACnB,qBAAqB;AACrB,mBAAmB;AACnB,8BAA8B;AAC9B,mCAAmC;AACnC,2CAA2C;AAC3C,EAAE;AACF,iCAAiC;AACjC,qBAAqB;AACrB,iBAAiB;AACjB,MAAM,CAAC,MAAM,WAAW,GAAG,CACzB,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,kBAAkB,CAAC,OAAO,CAAC,CAAA;IAE3B,wDAAwD;IACxD,wDAAwD;IACxD,IAAI,OAAO,CAAC,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACzD,+BAA+B;QAC/B,OAAO,CAAC,OAAO,CAAC,CAAA;IAClB,CAAC;IAED,OAAO,MAAM,CAAC,OAAO,CAAC,CAAA;AACxB,CAAC,CAAA;AACD,SAAS,CAAC,WAAW,GAAG,WAAW,CAAA;AAEnC,yCAAyC;AACzC,kDAAkD;AAClD,oEAAoE;AACpE,oEAAoE;AACpE,6DAA6D;AAC7D,kEAAkE;AAClE,EAAE;AACF,0EAA0E;AAC1E,wEAAwE;AACxE,qEAAqE;AACrE,8DAA8D;AAE9D,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,OAAe,EAAE,UAA4B,EAAE,EAAE,EAAE,CACxE,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,MAAM,EAAE,CAAA;AAC1C,SAAS,CAAC,MAAM,GAAG,MAAM,CAAA;AAEzB,MAAM,CAAC,MAAM,KAAK,GAAG,CACnB,IAAc,EACd,OAAe,EACf,UAA4B,EAAE,EAC9B,EAAE;IACF,MAAM,EAAE,GAAG,IAAI,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IAC1C,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACpC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACtC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACpB,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AACD,SAAS,CAAC,KAAK,GAAG,KAAK,CAAA;AAEvB,+BAA+B;AAC/B,MAAM,SAAS,GAAG,yBAAyB,CAAA;AAC3C,MAAM,YAAY,GAAG,CAAC,CAAS,EAAE,EAAE,CACjC,CAAC,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,CAAA;AAU/C,MAAM,OAAO,SAAS;IACpB,OAAO,CAAkB;IACzB,GAAG,CAAyB;IAC5B,OAAO,CAAQ;IAEf,oBAAoB,CAAS;IAC7B,QAAQ,CAAS;IACjB,MAAM,CAAS;IACf,OAAO,CAAS;IAChB,KAAK,CAAS;IACd,uBAAuB,CAAS;IAChC,OAAO,CAAS;IAChB,OAAO,CAAU;IACjB,SAAS,CAAY;IACrB,MAAM,CAAS;IAEf,SAAS,CAAS;IAClB,QAAQ,CAAU;IAClB,kBAAkB,CAAS;IAE3B,MAAM,CAAyB;IAC/B,YAAY,OAAe,EAAE,UAA4B,EAAE;QACzD,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAE3B,OAAO,GAAG,OAAO,IAAI,EAAE,CAAA;QACvB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAA;QACnD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAA;QAC1C,IAAI,CAAC,oBAAoB;YACvB,CAAC,CAAC,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC,kBAAkB,KAAK,KAAK,CAAA;QACxE,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC9B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QACjD,CAAC;QACD,IAAI,CAAC,uBAAuB,GAAG,CAAC,CAAC,OAAO,CAAC,uBAAuB,CAAA;QAChE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAA;QAClB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACnB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAA;QAClC,IAAI,CAAC,OAAO,GAAG,KAAK,CAAA;QACpB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;QAChC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAA;QACnC,IAAI,CAAC,kBAAkB;YACrB,OAAO,CAAC,kBAAkB,KAAK,SAAS;gBACtC,CAAC,CAAC,OAAO,CAAC,kBAAkB;gBAC5B,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,CAAA;QAEvC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAA;QACjB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;QACnB,IAAI,CAAC,GAAG,GAAG,EAAE,CAAA;QAEb,+BAA+B;QAC/B,IAAI,CAAC,IAAI,EAAE,CAAA;IACb,CAAC;IAED,QAAQ;QACN,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtD,OAAO,IAAI,CAAA;QACb,CAAC;QACD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;YAC/B,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;gBAC3B,IAAI,OAAO,IAAI,KAAK,QAAQ;oBAAE,OAAO,IAAI,CAAA;YAC3C,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,KAAK,CAAC,GAAG,CAAQ,IAAG,CAAC;IAErB,IAAI;QACF,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,6CAA6C;QAC7C,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACpD,IAAI,CAAC,OAAO,GAAG,IAAI,CAAA;YACnB,OAAM;QACR,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,CAAC,KAAK,GAAG,IAAI,CAAA;YACjB,OAAM;QACR,CAAC;QAED,oCAAoC;QACpC,IAAI,CAAC,WAAW,EAAE,CAAA;QAElB,wBAAwB;QACxB,IAAI,CAAC,OAAO,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAA;QAE/C,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,IAAI,CAAC,KAAK,GAAG,CAAC,GAAG,IAAW,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAA;QACzD,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QAEtC,+DAA+D;QAC/D,kCAAkC;QAClC,8DAA8D;QAC9D,oDAAoD;QACpD,wCAAwC;QACxC,EAAE;QACF,mEAAmE;QACnE,oEAAoE;QACpE,kEAAkE;QAClE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAA;QAC9D,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAA;QAC9C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;QAExC,mBAAmB;QACnB,IAAI,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE;YACxC,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC9C,qCAAqC;gBACrC,MAAM,KAAK,GACT,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBACvC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBACvB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBACrC,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACpE,CAAC;qBAAM,IAAI,OAAO,EAAE,CAAC;oBACnB,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACxD,CAAC;YACH,CAAC;YACD,OAAO,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAA;QACpC,CAAC,CAAC,CAAA;QAEF,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;QAE7B,sDAAsD;QACtD,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,MAAM,CACnB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CACF,CAAA;QAE5B,2CAA2C;QAC3C,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACzC,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;gBACrB,IACE,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;oBACX,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG;oBAC5B,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,QAAQ;oBACxB,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EACtB,CAAC;oBACD,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAA;gBACZ,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACpC,CAAC;IAED,yDAAyD;IACzD,0DAA0D;IAC1D,yDAAyD;IACzD,4DAA4D;IAC5D,uCAAuC;IACvC,UAAU,CAAC,SAAqB;QAC9B,yDAAyD;QACzD,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC7C,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC7B,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAA;oBACvB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,EAAE,iBAAiB,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAA;QAE9C,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAC3B,wDAAwD;YACxD,SAAS,GAAG,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAA;YAChD,SAAS,GAAG,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAA;QACnD,CAAC;aAAM,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAClC,mDAAmD;YACnD,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAA;QAC9C,CAAC;aAAM,CAAC;YACN,8CAA8C;YAC9C,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;QACvD,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,wCAAwC;IACxC,yBAAyB,CAAC,SAAqB;QAC7C,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YAC3B,IAAI,EAAE,GAAW,CAAC,CAAC,CAAA;YACnB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,IAAI,CAAC,GAAG,EAAE,CAAA;gBACV,OAAO,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC7B,CAAC,EAAE,CAAA;gBACL,CAAC;gBACD,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;oBACb,KAAK,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAA;gBAC1B,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAA;QACd,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,kDAAkD;IAClD,gBAAgB,CAAC,SAAqB;QACpC,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YAC3B,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,GAAa,EAAE,IAAI,EAAE,EAAE;gBAC3C,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;gBAChC,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBACnC,OAAO,GAAG,CAAA;gBACZ,CAAC;gBACD,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBAClB,IAAI,IAAI,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;wBAC3D,GAAG,CAAC,GAAG,EAAE,CAAA;wBACT,OAAO,GAAG,CAAA;oBACZ,CAAC;gBACH,CAAC;gBACD,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBACd,OAAO,GAAG,CAAA;YACZ,CAAC,EAAE,EAAE,CAAC,CAAA;YACN,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QAC1C,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,oBAAoB,CAAC,KAAwB;QAC3C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1B,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;QAChC,CAAC;QACD,IAAI,YAAY,GAAY,KAAK,CAAA;QACjC,GAAG,CAAC;YACF,YAAY,GAAG,KAAK,CAAA;YACpB,mCAAmC;YACnC,IAAI,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC;gBAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC1C,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;oBAClB,iCAAiC;oBACjC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE;wBAAE,SAAQ;oBACpD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;wBAC1B,YAAY,GAAG,IAAI,CAAA;wBACnB,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;wBAClB,CAAC,EAAE,CAAA;oBACL,CAAC;gBACH,CAAC;gBACD,IACE,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;oBAChB,KAAK,CAAC,MAAM,KAAK,CAAC;oBAClB,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,EACrC,CAAC;oBACD,YAAY,GAAG,IAAI,CAAA;oBACnB,KAAK,CAAC,GAAG,EAAE,CAAA;gBACb,CAAC;YACH,CAAC;YAED,sCAAsC;YACtC,IAAI,EAAE,GAAW,CAAC,CAAA;YAClB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;gBACvB,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC/C,YAAY,GAAG,IAAI,CAAA;oBACnB,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;oBACvB,EAAE,IAAI,CAAC,CAAA;gBACT,CAAC;YACH,CAAC;QACH,CAAC,QAAQ,YAAY,EAAC;QACtB,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC1C,CAAC;IAED,yCAAyC;IACzC,8BAA8B;IAC9B,+BAA+B;IAC/B,iDAAiD;IACjD,iBAAiB;IACjB,EAAE;IACF,gEAAgE;IAChE,gEAAgE;IAChE,kEAAkE;IAClE,qDAAqD;IACrD,EAAE;IACF,kFAAkF;IAClF,mCAAmC;IACnC,sCAAsC;IACtC,4BAA4B;IAC5B,EAAE;IACF,qEAAqE;IACrE,+DAA+D;IAC/D,oBAAoB,CAAC,SAAqB;QACxC,IAAI,YAAY,GAAG,KAAK,CAAA;QACxB,GAAG,CAAC;YACF,YAAY,GAAG,KAAK,CAAA;YACpB,kFAAkF;YAClF,KAAK,IAAI,KAAK,IAAI,SAAS,EAAE,CAAC;gBAC5B,IAAI,EAAE,GAAW,CAAC,CAAC,CAAA;gBACnB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBACjD,IAAI,GAAG,GAAW,EAAE,CAAA;oBACpB,OAAO,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC/B,wCAAwC;wBACxC,GAAG,EAAE,CAAA;oBACP,CAAC;oBACD,uDAAuD;oBACvD,mCAAmC;oBACnC,IAAI,GAAG,GAAG,EAAE,EAAE,CAAC;wBACb,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,CAAA;oBAChC,CAAC;oBAED,IAAI,IAAI,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACxB,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACvB,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACxB,IAAI,IAAI,KAAK,IAAI;wBAAE,SAAQ;oBAC3B,IACE,CAAC,CAAC;wBACF,CAAC,KAAK,GAAG;wBACT,CAAC,KAAK,IAAI;wBACV,CAAC,EAAE;wBACH,EAAE,KAAK,GAAG;wBACV,EAAE,KAAK,IAAI,EACX,CAAC;wBACD,SAAQ;oBACV,CAAC;oBACD,YAAY,GAAG,IAAI,CAAA;oBACnB,4CAA4C;oBAC5C,KAAK,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC,CAAA;oBACnB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;oBAC5B,KAAK,CAAC,EAAE,CAAC,GAAG,IAAI,CAAA;oBAChB,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;oBACrB,EAAE,EAAE,CAAA;gBACN,CAAC;gBAED,mCAAmC;gBACnC,IAAI,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC;oBAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;wBAC1C,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;wBAClB,iCAAiC;wBACjC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE;4BAAE,SAAQ;wBACpD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;4BAC1B,YAAY,GAAG,IAAI,CAAA;4BACnB,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;4BAClB,CAAC,EAAE,CAAA;wBACL,CAAC;oBACH,CAAC;oBACD,IACE,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;wBAChB,KAAK,CAAC,MAAM,KAAK,CAAC;wBAClB,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,EACrC,CAAC;wBACD,YAAY,GAAG,IAAI,CAAA;wBACnB,KAAK,CAAC,GAAG,EAAE,CAAA;oBACb,CAAC;gBACH,CAAC;gBAED,sCAAsC;gBACtC,IAAI,EAAE,GAAW,CAAC,CAAA;gBAClB,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBACjD,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;oBACvB,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC/C,YAAY,GAAG,IAAI,CAAA;wBACnB,MAAM,OAAO,GAAG,EAAE,KAAK,CAAC,IAAI,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,IAAI,CAAA;wBAClD,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;wBAClC,KAAK,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,CAAA;wBACjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;4BAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;wBACtC,EAAE,IAAI,CAAC,CAAA;oBACT,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,QAAQ,YAAY,EAAC;QAEtB,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,sCAAsC;IACtC,sDAAsD;IACtD,8CAA8C;IAC9C,oDAAoD;IACpD,EAAE;IACF,2DAA2D;IAC3D,mDAAmD;IACnD,qBAAqB,CAAC,SAAqB;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAC7B,SAAS,CAAC,CAAC,CAAC,EACZ,SAAS,CAAC,CAAC,CAAC,EACZ,CAAC,IAAI,CAAC,uBAAuB,CAC9B,CAAA;gBACD,IAAI,OAAO,EAAE,CAAC;oBACZ,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAA;oBACjB,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAA;oBACtB,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,CAAA;IAC1C,CAAC;IAED,UAAU,CACR,CAAW,EACX,CAAW,EACX,eAAwB,KAAK;QAE7B,IAAI,EAAE,GAAG,CAAC,CAAA;QACV,IAAI,EAAE,GAAG,CAAC,CAAA;QACV,IAAI,MAAM,GAAa,EAAE,CAAA;QACzB,IAAI,KAAK,GAAW,EAAE,CAAA;QACtB,OAAO,EAAE,GAAG,CAAC,CAAC,MAAM,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;YACtC,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;gBACpB,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAC1C,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IAAI,YAAY,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;gBACjE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IAAI,YAAY,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;gBACjE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IACL,CAAC,CAAC,EAAE,CAAC,KAAK,GAAG;gBACb,CAAC,CAAC,EAAE,CAAC;gBACL,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,EACd,CAAC;gBACD,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,KAAK,CAAA;gBAC/B,KAAK,GAAG,GAAG,CAAA;gBACX,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,IACL,CAAC,CAAC,EAAE,CAAC,KAAK,GAAG;gBACb,CAAC,CAAC,EAAE,CAAC;gBACL,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,CAAC,EAAE,CAAC,KAAK,IAAI,EACd,CAAC;gBACD,IAAI,KAAK,KAAK,GAAG;oBAAE,OAAO,KAAK,CAAA;gBAC/B,KAAK,GAAG,GAAG,CAAA;gBACX,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;gBAClB,EAAE,EAAE,CAAA;gBACJ,EAAE,EAAE,CAAA;YACN,CAAC;iBAAM,CAAC;gBACN,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;QACD,8DAA8D;QAC9D,iCAAiC;QACjC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,MAAM,CAAA;IACxC,CAAC;IAED,WAAW;QACT,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAM;QAEzB,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,IAAI,MAAM,GAAG,KAAK,CAAA;QAClB,IAAI,YAAY,GAAG,CAAC,CAAA;QAEpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YACrE,MAAM,GAAG,CAAC,MAAM,CAAA;YAChB,YAAY,EAAE,CAAA;QAChB,CAAC;QAED,IAAI,YAAY;YAAE,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QAC5D,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED,+CAA+C;IAC/C,yCAAyC;IACzC,uDAAuD;IACvD,mDAAmD;IACnD,mBAAmB;IACnB,QAAQ,CAAC,IAAc,EAAE,OAAsB,EAAE,UAAmB,KAAK;QACvE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,4DAA4D;QAC5D,mEAAmE;QACnE,sBAAsB;QACtB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,MAAM,SAAS,GAAG,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;YAC1E,MAAM,OAAO,GACX,CAAC,SAAS;gBACV,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE;gBACd,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE;gBACd,IAAI,CAAC,CAAC,CAAC,KAAK,GAAG;gBACf,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;YAE3B,MAAM,YAAY,GAChB,OAAO,OAAO,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;YAChE,MAAM,UAAU,GACd,CAAC,YAAY;gBACb,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE;gBACjB,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE;gBACjB,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG;gBAClB,OAAO,OAAO,CAAC,CAAC,CAAC,KAAK,QAAQ;gBAC9B,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;YAE9B,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACnD,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACzD,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,GAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,OAAO,CAAC,GAAG,CAAW,CAAC,CAAA;gBACtE,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;oBAC1C,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,CAAA;oBACjB,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;wBACd,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBAC9B,CAAC;yBAAM,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;wBACrB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBACxB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,4DAA4D;QAC5D,oEAAoE;QACpE,MAAM,EAAE,iBAAiB,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAA;QAC9C,IAAI,iBAAiB,IAAI,CAAC,EAAE,CAAC;YAC3B,IAAI,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAA;QACxC,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;QAC/C,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;QAEnD,KACE,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,EACzD,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,EAClB,EAAE,EAAE,EAAE,EAAE,EAAE,EACV,CAAC;YACD,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;YAC3B,IAAI,CAAC,GAAG,OAAO,CAAC,EAAE,CAAC,CAAA;YACnB,IAAI,CAAC,GAAG,IAAI,CAAC,EAAE,CAAC,CAAA;YAEhB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;YAEzB,wBAAwB;YACxB,wCAAwC;YACxC,qBAAqB;YACrB,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC;gBAChB,OAAO,KAAK,CAAA;YACd,CAAC;YACD,oBAAoB;YAEpB,IAAI,CAAC,KAAK,QAAQ,EAAE,CAAC;gBACnB,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBAEvC,OAAO;gBACP,yCAAyC;gBACzC,cAAc;gBACd,cAAc;gBACd,cAAc;gBACd,QAAQ;gBACR,iDAAiD;gBACjD,wDAAwD;gBACxD,yBAAyB;gBACzB,sDAAsD;gBACtD,6BAA6B;gBAC7B,EAAE;gBACF,mCAAmC;gBACnC,gBAAgB;gBAChB,eAAe;gBACf,kCAAkC;gBAClC,oBAAoB;gBACpB,mBAAmB;gBACnB,qCAAqC;gBACrC,mCAAmC;gBACnC,iCAAiC;gBACjC,kCAAkC;gBAClC,IAAI,EAAE,GAAG,EAAE,CAAA;gBACX,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;gBACf,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;oBACd,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;oBAC3B,8CAA8C;oBAC9C,yBAAyB;oBACzB,2CAA2C;oBAC3C,sBAAsB;oBACtB,sDAAsD;oBACtD,uBAAuB;oBACvB,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;wBACrB,IACE,IAAI,CAAC,EAAE,CAAC,KAAK,GAAG;4BAChB,IAAI,CAAC,EAAE,CAAC,KAAK,IAAI;4BACjB,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;4BAE5C,OAAO,KAAK,CAAA;oBAChB,CAAC;oBACD,OAAO,IAAI,CAAA;gBACb,CAAC;gBAED,mDAAmD;gBACnD,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC;oBACf,IAAI,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAA;oBAExB,IAAI,CAAC,KAAK,CAAC,kBAAkB,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;oBAEhE,qDAAqD;oBACrD,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,EAAE,CAAC;wBAC9D,IAAI,CAAC,KAAK,CAAC,uBAAuB,EAAE,EAAE,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;wBACtD,iBAAiB;wBACjB,OAAO,IAAI,CAAA;oBACb,CAAC;yBAAM,CAAC;wBACN,kCAAkC;wBAClC,iDAAiD;wBACjD,IACE,SAAS,KAAK,GAAG;4BACjB,SAAS,KAAK,IAAI;4BAClB,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,EAC7C,CAAC;4BACD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;4BAClD,MAAK;wBACP,CAAC;wBAED,uCAAuC;wBACvC,IAAI,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAA;wBACtD,EAAE,EAAE,CAAA;oBACN,CAAC;gBACH,CAAC;gBAED,sBAAsB;gBACtB,mEAAmE;gBACnE,qBAAqB;gBACrB,IAAI,OAAO,EAAE,CAAC;oBACZ,kBAAkB;oBAClB,IAAI,CAAC,KAAK,CAAC,0BAA0B,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;oBAC7D,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;wBACd,OAAO,IAAI,CAAA;oBACb,CAAC;gBACH,CAAC;gBACD,oBAAoB;gBACpB,OAAO,KAAK,CAAA;YACd,CAAC;YAED,0BAA0B;YAC1B,gDAAgD;YAChD,qDAAqD;YACrD,IAAI,GAAY,CAAA;YAChB,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;gBAC1B,GAAG,GAAG,CAAC,KAAK,CAAC,CAAA;gBACb,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAA;YACvC,CAAC;iBAAM,CAAC;gBACN,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gBACf,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAA;YACxC,CAAC;YAED,IAAI,CAAC,GAAG;gBAAE,OAAO,KAAK,CAAA;QACxB,CAAC;QAED,oDAAoD;QACpD,oDAAoD;QACpD,2CAA2C;QAC3C,kDAAkD;QAClD,oDAAoD;QACpD,uDAAuD;QACvD,oDAAoD;QACpD,yDAAyD;QACzD,6BAA6B;QAC7B,yCAAyC;QAEzC,gEAAgE;QAChE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC3B,oDAAoD;YACpD,gBAAgB;YAChB,OAAO,IAAI,CAAA;QACb,CAAC;aAAM,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACrB,+CAA+C;YAC/C,iDAAiD;YACjD,uBAAuB;YACvB,OAAO,OAAO,CAAA;QAChB,CAAC;aAAM,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACrB,4CAA4C;YAC5C,oDAAoD;YACpD,iDAAiD;YACjD,wBAAwB;YACxB,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAA;YAEvC,qBAAqB;QACvB,CAAC;aAAM,CAAC;YACN,yBAAyB;YACzB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,CAAA;QACzB,CAAC;QACD,oBAAoB;IACtB,CAAC;IAED,WAAW;QACT,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,OAAe;QACnB,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAE3B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,YAAY;QACZ,IAAI,OAAO,KAAK,IAAI;YAAE,OAAO,QAAQ,CAAA;QACrC,IAAI,OAAO,KAAK,EAAE;YAAE,OAAO,EAAE,CAAA;QAE7B,uDAAuD;QACvD,0DAA0D;QAC1D,IAAI,CAA0B,CAAA;QAC9B,IAAI,QAAQ,GAAoC,IAAI,CAAA;QACpD,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAChC,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAA;QACjD,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;YAC7C,QAAQ,GAAG,CACT,OAAO,CAAC,MAAM;gBACZ,CAAC,CAAC,OAAO,CAAC,GAAG;oBACX,CAAC,CAAC,uBAAuB;oBACzB,CAAC,CAAC,oBAAoB;gBACxB,CAAC,CAAC,OAAO,CAAC,GAAG;oBACb,CAAC,CAAC,iBAAiB;oBACnB,CAAC,CAAC,cAAc,CACnB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACT,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACzC,QAAQ,GAAG,CACT,OAAO,CAAC,MAAM;gBACZ,CAAC,CAAC,OAAO,CAAC,GAAG;oBACX,CAAC,CAAC,mBAAmB;oBACrB,CAAC,CAAC,gBAAgB;gBACpB,CAAC,CAAC,OAAO,CAAC,GAAG;oBACb,CAAC,CAAC,aAAa;oBACf,CAAC,CAAC,UAAU,CACf,CAAC,CAAC,CAAC,CAAA;QACN,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YAC9C,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,eAAe,CAAA;QAC/D,CAAC;aAAM,IAAI,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;YAC1C,QAAQ,GAAG,WAAW,CAAA;QACxB,CAAC;QAED,MAAM,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAA;QAC5D,IAAI,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE,CAAC;YACvC,2CAA2C;YAC3C,OAAO,CAAC,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAA;QACzD,CAAC;QACD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM;QACJ,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK;YAAE,OAAO,IAAI,CAAC,MAAM,CAAA;QAE5D,mDAAmD;QACnD,4BAA4B;QAC5B,EAAE;QACF,wDAAwD;QACxD,yDAAyD;QACzD,2CAA2C;QAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;QAEpB,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;YACnB,OAAO,IAAI,CAAC,MAAM,CAAA;QACpB,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU;YAChC,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,OAAO,CAAC,GAAG;gBACb,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,YAAY,CAAA;QAChB,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;QAElD,kCAAkC;QAClC,kDAAkD;QAClD,sEAAsE;QACtE,iDAAiD;QACjD,8DAA8D;QAC9D,mCAAmC;QACnC,IAAI,EAAE,GAAG,GAAG;aACT,GAAG,CAAC,OAAO,CAAC,EAAE;YACb,MAAM,EAAE,GAAiC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;gBACvD,IAAI,CAAC,YAAY,MAAM,EAAE,CAAC;oBACxB,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;wBAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;gBACjD,CAAC;gBACD,OAAO,OAAO,CAAC,KAAK,QAAQ;oBAC1B,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;oBACjB,CAAC,CAAC,CAAC,KAAK,QAAQ;wBAChB,CAAC,CAAC,QAAQ;wBACV,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YACZ,CAAC,CAAiC,CAAA;YAClC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBAClB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;gBACtB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;gBACtB,IAAI,CAAC,KAAK,QAAQ,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACxC,OAAM;gBACR,CAAC;gBACD,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBACvB,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;wBAC5C,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,SAAS,GAAG,OAAO,GAAG,OAAO,GAAG,IAAI,CAAA;oBAClD,CAAC;yBAAM,CAAC;wBACN,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,CAAA;oBACjB,CAAC;gBACH,CAAC;qBAAM,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBAC9B,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,GAAG,IAAI,CAAA;gBAC/C,CAAC;qBAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC7B,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,YAAY,GAAG,OAAO,GAAG,MAAM,GAAG,IAAI,CAAA;oBACzD,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAA;gBACtB,CAAC;YACH,CAAC,CAAC,CAAA;YACF,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACjD,CAAC,CAAC;aACD,IAAI,CAAC,GAAG,CAAC,CAAA;QAEZ,+DAA+D;QAC/D,mEAAmE;QACnE,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAC9D,4BAA4B;QAC5B,gDAAgD;QAChD,EAAE,GAAG,GAAG,GAAG,IAAI,GAAG,EAAE,GAAG,KAAK,GAAG,GAAG,CAAA;QAElC,gDAAgD;QAChD,IAAI,IAAI,CAAC,MAAM;YAAE,EAAE,GAAG,MAAM,GAAG,EAAE,GAAG,MAAM,CAAA;QAE1C,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAA;YACjD,qBAAqB;QACvB,CAAC;QAAC,OAAO,EAAE,EAAE,CAAC;YACZ,uBAAuB;YACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACrB,CAAC;QACD,oBAAoB;QACpB,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,UAAU,CAAC,CAAS;QAClB,mDAAmD;QACnD,6DAA6D;QAC7D,8CAA8C;QAC9C,0CAA0C;QAC1C,IAAI,IAAI,CAAC,uBAAuB,EAAE,CAAC;YACjC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACrB,CAAC;aAAM,IAAI,IAAI,CAAC,SAAS,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;YACnD,sCAAsC;YACtC,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAA;QAChC,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;QACvB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,CAAS,EAAE,OAAO,GAAG,IAAI,CAAC,OAAO;QACrC,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QACpC,8CAA8C;QAC9C,iBAAiB;QACjB,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO,KAAK,CAAA;QACd,CAAC;QACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,EAAE,CAAA;QACjB,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,IAAI,OAAO,EAAE,CAAC;YACzB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,gCAAgC;QAChC,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAC7B,CAAC;QAED,6CAA6C;QAC7C,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;QAErC,0DAA0D;QAC1D,2DAA2D;QAC3D,mCAAmC;QACnC,uCAAuC;QAEvC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;QACpB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,CAAA;QAEpC,0EAA0E;QAC1E,IAAI,QAAQ,GAAW,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACxC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBACrD,QAAQ,GAAG,EAAE,CAAC,CAAC,CAAC,CAAA;YAClB,CAAC;QACH,CAAC;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;YACtB,IAAI,IAAI,GAAG,EAAE,CAAA;YACb,IAAI,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9C,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAA;YACnB,CAAC;YACD,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;YACjD,IAAI,GAAG,EAAE,CAAC;gBACR,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;oBACvB,OAAO,IAAI,CAAA;gBACb,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,MAAM,CAAA;YACrB,CAAC;QACH,CAAC;QAED,2DAA2D;QAC3D,8BAA8B;QAC9B,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,GAAqB;QACnC,OAAO,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,CAAA;IAC1C,CAAC;CACF;AACD,qBAAqB;AACrB,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAA;AAC9B,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AACxC,oBAAoB;AACpB,SAAS,CAAC,GAAG,GAAG,GAAG,CAAA;AACnB,SAAS,CAAC,SAAS,GAAG,SAAS,CAAA;AAC/B,SAAS,CAAC,MAAM,GAAG,MAAM,CAAA;AACzB,SAAS,CAAC,QAAQ,GAAG,QAAQ,CAAA","sourcesContent":["import { expand } from '@isaacs/brace-expansion'\nimport { assertValidPattern } from './assert-valid-pattern.js'\nimport { AST, ExtglobType } from './ast.js'\nimport { escape } from './escape.js'\nimport { unescape } from './unescape.js'\n\ntype Platform =\n  | 'aix'\n  | 'android'\n  | 'darwin'\n  | 'freebsd'\n  | 'haiku'\n  | 'linux'\n  | 'openbsd'\n  | 'sunos'\n  | 'win32'\n  | 'cygwin'\n  | 'netbsd'\n\nexport interface MinimatchOptions {\n  nobrace?: boolean\n  nocomment?: boolean\n  nonegate?: boolean\n  debug?: boolean\n  noglobstar?: boolean\n  noext?: boolean\n  nonull?: boolean\n  windowsPathsNoEscape?: boolean\n  allowWindowsEscape?: boolean\n  partial?: boolean\n  dot?: boolean\n  nocase?: boolean\n  nocaseMagicOnly?: boolean\n  magicalBraces?: boolean\n  matchBase?: boolean\n  flipNegate?: boolean\n  preserveMultipleSlashes?: boolean\n  optimizationLevel?: number\n  platform?: Platform\n  windowsNoMagicRoot?: boolean\n}\n\nexport const minimatch = (\n  p: string,\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  assertValidPattern(pattern)\n\n  // shortcut: comments match nothing.\n  if (!options.nocomment && pattern.charAt(0) === '#') {\n    return false\n  }\n\n  return new Minimatch(pattern, options).match(p)\n}\n\n// Optimized checking for the most common glob patterns.\nconst starDotExtRE = /^\\*+([^+@!?\\*\\[\\(]*)$/\nconst starDotExtTest = (ext: string) => (f: string) =>\n  !f.startsWith('.') && f.endsWith(ext)\nconst starDotExtTestDot = (ext: string) => (f: string) => f.endsWith(ext)\nconst starDotExtTestNocase = (ext: string) => {\n  ext = ext.toLowerCase()\n  return (f: string) => !f.startsWith('.') && f.toLowerCase().endsWith(ext)\n}\nconst starDotExtTestNocaseDot = (ext: string) => {\n  ext = ext.toLowerCase()\n  return (f: string) => f.toLowerCase().endsWith(ext)\n}\nconst starDotStarRE = /^\\*+\\.\\*+$/\nconst starDotStarTest = (f: string) => !f.startsWith('.') && f.includes('.')\nconst starDotStarTestDot = (f: string) =>\n  f !== '.' && f !== '..' && f.includes('.')\nconst dotStarRE = /^\\.\\*+$/\nconst dotStarTest = (f: string) => f !== '.' && f !== '..' && f.startsWith('.')\nconst starRE = /^\\*+$/\nconst starTest = (f: string) => f.length !== 0 && !f.startsWith('.')\nconst starTestDot = (f: string) => f.length !== 0 && f !== '.' && f !== '..'\nconst qmarksRE = /^\\?+([^+@!?\\*\\[\\(]*)?$/\nconst qmarksTestNocase = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExt([$0])\n  if (!ext) return noext\n  ext = ext.toLowerCase()\n  return (f: string) => noext(f) && f.toLowerCase().endsWith(ext)\n}\nconst qmarksTestNocaseDot = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExtDot([$0])\n  if (!ext) return noext\n  ext = ext.toLowerCase()\n  return (f: string) => noext(f) && f.toLowerCase().endsWith(ext)\n}\nconst qmarksTestDot = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExtDot([$0])\n  return !ext ? noext : (f: string) => noext(f) && f.endsWith(ext)\n}\nconst qmarksTest = ([$0, ext = '']: RegExpMatchArray) => {\n  const noext = qmarksTestNoExt([$0])\n  return !ext ? noext : (f: string) => noext(f) && f.endsWith(ext)\n}\nconst qmarksTestNoExt = ([$0]: RegExpMatchArray) => {\n  const len = $0.length\n  return (f: string) => f.length === len && !f.startsWith('.')\n}\nconst qmarksTestNoExtDot = ([$0]: RegExpMatchArray) => {\n  const len = $0.length\n  return (f: string) => f.length === len && f !== '.' && f !== '..'\n}\n\n/* c8 ignore start */\nconst defaultPlatform: Platform = (\n  typeof process === 'object' && process\n    ? (typeof process.env === 'object' &&\n        process.env &&\n        process.env.__MINIMATCH_TESTING_PLATFORM__) ||\n      process.platform\n    : 'posix'\n) as Platform\ntype Sep = '\\\\' | '/'\nconst path: { [k: string]: { sep: Sep } } = {\n  win32: { sep: '\\\\' },\n  posix: { sep: '/' },\n}\n/* c8 ignore stop */\n\nexport const sep = defaultPlatform === 'win32' ? path.win32.sep : path.posix.sep\nminimatch.sep = sep\n\nexport const GLOBSTAR = Symbol('globstar **')\nminimatch.GLOBSTAR = GLOBSTAR\n\n// any single thing other than /\n// don't need to escape / when using new RegExp()\nconst qmark = '[^/]'\n\n// * => any number of characters\nconst star = qmark + '*?'\n\n// ** when dots are allowed.  Anything goes, except .. and .\n// not (^ or / followed by one or two dots followed by $ or /),\n// followed by anything, any number of times.\nconst twoStarDot = '(?:(?!(?:\\\\/|^)(?:\\\\.{1,2})($|\\\\/)).)*?'\n\n// not a ^ or / followed by a dot,\n// followed by anything, any number of times.\nconst twoStarNoDot = '(?:(?!(?:\\\\/|^)\\\\.).)*?'\n\nexport const filter =\n  (pattern: string, options: MinimatchOptions = {}) =>\n  (p: string) =>\n    minimatch(p, pattern, options)\nminimatch.filter = filter\n\nconst ext = (a: MinimatchOptions, b: MinimatchOptions = {}) =>\n  Object.assign({}, a, b)\n\nexport const defaults = (def: MinimatchOptions): typeof minimatch => {\n  if (!def || typeof def !== 'object' || !Object.keys(def).length) {\n    return minimatch\n  }\n\n  const orig = minimatch\n\n  const m = (p: string, pattern: string, options: MinimatchOptions = {}) =>\n    orig(p, pattern, ext(def, options))\n\n  return Object.assign(m, {\n    Minimatch: class Minimatch extends orig.Minimatch {\n      constructor(pattern: string, options: MinimatchOptions = {}) {\n        super(pattern, ext(def, options))\n      }\n      static defaults(options: MinimatchOptions) {\n        return orig.defaults(ext(def, options)).Minimatch\n      }\n    },\n\n    AST: class AST extends orig.AST {\n      /* c8 ignore start */\n      constructor(\n        type: ExtglobType | null,\n        parent?: AST,\n        options: MinimatchOptions = {}\n      ) {\n        super(type, parent, ext(def, options))\n      }\n      /* c8 ignore stop */\n\n      static fromGlob(pattern: string, options: MinimatchOptions = {}) {\n        return orig.AST.fromGlob(pattern, ext(def, options))\n      }\n    },\n\n    unescape: (\n      s: string,\n      options: Pick<MinimatchOptions, 'windowsPathsNoEscape'> = {}\n    ) => orig.unescape(s, ext(def, options)),\n\n    escape: (\n      s: string,\n      options: Pick<MinimatchOptions, 'windowsPathsNoEscape'> = {}\n    ) => orig.escape(s, ext(def, options)),\n\n    filter: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.filter(pattern, ext(def, options)),\n\n    defaults: (options: MinimatchOptions) => orig.defaults(ext(def, options)),\n\n    makeRe: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.makeRe(pattern, ext(def, options)),\n\n    braceExpand: (pattern: string, options: MinimatchOptions = {}) =>\n      orig.braceExpand(pattern, ext(def, options)),\n\n    match: (list: string[], pattern: string, options: MinimatchOptions = {}) =>\n      orig.match(list, pattern, ext(def, options)),\n\n    sep: orig.sep,\n    GLOBSTAR: GLOBSTAR as typeof GLOBSTAR,\n  })\n}\nminimatch.defaults = defaults\n\n// Brace expansion:\n// a{b,c}d -> abd acd\n// a{b,}c -> abc ac\n// a{0..3}d -> a0d a1d a2d a3d\n// a{b,c{d,e}f}g -> abg acdfg acefg\n// a{b,c}d{e,f}g -> abdeg acdeg abdeg abdfg\n//\n// Invalid sets are not expanded.\n// a{2..}b -> a{2..}b\n// a{b}c -> a{b}c\nexport const braceExpand = (\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  assertValidPattern(pattern)\n\n  // Thanks to Yeting Li <https://github.com/yetingli> for\n  // improving this regexp to avoid a ReDOS vulnerability.\n  if (options.nobrace || !/\\{(?:(?!\\{).)*\\}/.test(pattern)) {\n    // shortcut. no need to expand.\n    return [pattern]\n  }\n\n  return expand(pattern)\n}\nminimatch.braceExpand = braceExpand\n\n// parse a component of the expanded set.\n// At this point, no pattern may contain \"/\" in it\n// so we're going to return a 2d array, where each entry is the full\n// pattern, split on '/', and then turned into a regular expression.\n// A regexp is made at the end which joins each array with an\n// escaped /, and another full one which joins each regexp with |.\n//\n// Following the lead of Bash 4.1, note that \"**\" only has special meaning\n// when it is the *only* thing in a path portion.  Otherwise, any series\n// of * is equivalent to a single *.  Globstar behavior is enabled by\n// default, and can be disabled by setting options.noglobstar.\n\nexport const makeRe = (pattern: string, options: MinimatchOptions = {}) =>\n  new Minimatch(pattern, options).makeRe()\nminimatch.makeRe = makeRe\n\nexport const match = (\n  list: string[],\n  pattern: string,\n  options: MinimatchOptions = {}\n) => {\n  const mm = new Minimatch(pattern, options)\n  list = list.filter(f => mm.match(f))\n  if (mm.options.nonull && !list.length) {\n    list.push(pattern)\n  }\n  return list\n}\nminimatch.match = match\n\n// replace stuff like \\* with *\nconst globMagic = /[?*]|[+@!]\\(.*?\\)|\\[|\\]/\nconst regExpEscape = (s: string) =>\n  s.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')\n\nexport type MMRegExp = RegExp & {\n  _src?: string\n  _glob?: string\n}\n\nexport type ParseReturnFiltered = string | MMRegExp | typeof GLOBSTAR\nexport type ParseReturn = ParseReturnFiltered | false\n\nexport class Minimatch {\n  options: MinimatchOptions\n  set: ParseReturnFiltered[][]\n  pattern: string\n\n  windowsPathsNoEscape: boolean\n  nonegate: boolean\n  negate: boolean\n  comment: boolean\n  empty: boolean\n  preserveMultipleSlashes: boolean\n  partial: boolean\n  globSet: string[]\n  globParts: string[][]\n  nocase: boolean\n\n  isWindows: boolean\n  platform: Platform\n  windowsNoMagicRoot: boolean\n\n  regexp: false | null | MMRegExp\n  constructor(pattern: string, options: MinimatchOptions = {}) {\n    assertValidPattern(pattern)\n\n    options = options || {}\n    this.options = options\n    this.pattern = pattern\n    this.platform = options.platform || defaultPlatform\n    this.isWindows = this.platform === 'win32'\n    this.windowsPathsNoEscape =\n      !!options.windowsPathsNoEscape || options.allowWindowsEscape === false\n    if (this.windowsPathsNoEscape) {\n      this.pattern = this.pattern.replace(/\\\\/g, '/')\n    }\n    this.preserveMultipleSlashes = !!options.preserveMultipleSlashes\n    this.regexp = null\n    this.negate = false\n    this.nonegate = !!options.nonegate\n    this.comment = false\n    this.empty = false\n    this.partial = !!options.partial\n    this.nocase = !!this.options.nocase\n    this.windowsNoMagicRoot =\n      options.windowsNoMagicRoot !== undefined\n        ? options.windowsNoMagicRoot\n        : !!(this.isWindows && this.nocase)\n\n    this.globSet = []\n    this.globParts = []\n    this.set = []\n\n    // make the set of regexps etc.\n    this.make()\n  }\n\n  hasMagic(): boolean {\n    if (this.options.magicalBraces && this.set.length > 1) {\n      return true\n    }\n    for (const pattern of this.set) {\n      for (const part of pattern) {\n        if (typeof part !== 'string') return true\n      }\n    }\n    return false\n  }\n\n  debug(..._: any[]) {}\n\n  make() {\n    const pattern = this.pattern\n    const options = this.options\n\n    // empty patterns and comments match nothing.\n    if (!options.nocomment && pattern.charAt(0) === '#') {\n      this.comment = true\n      return\n    }\n\n    if (!pattern) {\n      this.empty = true\n      return\n    }\n\n    // step 1: figure out negation, etc.\n    this.parseNegate()\n\n    // step 2: expand braces\n    this.globSet = [...new Set(this.braceExpand())]\n\n    if (options.debug) {\n      this.debug = (...args: any[]) => console.error(...args)\n    }\n\n    this.debug(this.pattern, this.globSet)\n\n    // step 3: now we have a set, so turn each one into a series of\n    // path-portion matching patterns.\n    // These will be regexps, except in the case of \"**\", which is\n    // set to the GLOBSTAR object for globstar behavior,\n    // and will not contain any / characters\n    //\n    // First, we preprocess to make the glob pattern sets a bit simpler\n    // and deduped.  There are some perf-killing patterns that can cause\n    // problems with a glob walk, but we can simplify them down a bit.\n    const rawGlobParts = this.globSet.map(s => this.slashSplit(s))\n    this.globParts = this.preprocess(rawGlobParts)\n    this.debug(this.pattern, this.globParts)\n\n    // glob --> regexps\n    let set = this.globParts.map((s, _, __) => {\n      if (this.isWindows && this.windowsNoMagicRoot) {\n        // check if it's a drive or unc path.\n        const isUNC =\n          s[0] === '' &&\n          s[1] === '' &&\n          (s[2] === '?' || !globMagic.test(s[2])) &&\n          !globMagic.test(s[3])\n        const isDrive = /^[a-z]:/i.test(s[0])\n        if (isUNC) {\n          return [...s.slice(0, 4), ...s.slice(4).map(ss => this.parse(ss))]\n        } else if (isDrive) {\n          return [s[0], ...s.slice(1).map(ss => this.parse(ss))]\n        }\n      }\n      return s.map(ss => this.parse(ss))\n    })\n\n    this.debug(this.pattern, set)\n\n    // filter out everything that didn't compile properly.\n    this.set = set.filter(\n      s => s.indexOf(false) === -1\n    ) as ParseReturnFiltered[][]\n\n    // do not treat the ? in UNC paths as magic\n    if (this.isWindows) {\n      for (let i = 0; i < this.set.length; i++) {\n        const p = this.set[i]\n        if (\n          p[0] === '' &&\n          p[1] === '' &&\n          this.globParts[i][2] === '?' &&\n          typeof p[3] === 'string' &&\n          /^[a-z]:$/i.test(p[3])\n        ) {\n          p[2] = '?'\n        }\n      }\n    }\n\n    this.debug(this.pattern, this.set)\n  }\n\n  // various transforms to equivalent pattern sets that are\n  // faster to process in a filesystem walk.  The goal is to\n  // eliminate what we can, and push all ** patterns as far\n  // to the right as possible, even if it increases the number\n  // of patterns that we have to process.\n  preprocess(globParts: string[][]) {\n    // if we're not in globstar mode, then turn all ** into *\n    if (this.options.noglobstar) {\n      for (let i = 0; i < globParts.length; i++) {\n        for (let j = 0; j < globParts[i].length; j++) {\n          if (globParts[i][j] === '**') {\n            globParts[i][j] = '*'\n          }\n        }\n      }\n    }\n\n    const { optimizationLevel = 1 } = this.options\n\n    if (optimizationLevel >= 2) {\n      // aggressive optimization for the purpose of fs walking\n      globParts = this.firstPhasePreProcess(globParts)\n      globParts = this.secondPhasePreProcess(globParts)\n    } else if (optimizationLevel >= 1) {\n      // just basic optimizations to remove some .. parts\n      globParts = this.levelOneOptimize(globParts)\n    } else {\n      // just collapse multiple ** portions into one\n      globParts = this.adjascentGlobstarOptimize(globParts)\n    }\n\n    return globParts\n  }\n\n  // just get rid of adjascent ** portions\n  adjascentGlobstarOptimize(globParts: string[][]) {\n    return globParts.map(parts => {\n      let gs: number = -1\n      while (-1 !== (gs = parts.indexOf('**', gs + 1))) {\n        let i = gs\n        while (parts[i + 1] === '**') {\n          i++\n        }\n        if (i !== gs) {\n          parts.splice(gs, i - gs)\n        }\n      }\n      return parts\n    })\n  }\n\n  // get rid of adjascent ** and resolve .. portions\n  levelOneOptimize(globParts: string[][]) {\n    return globParts.map(parts => {\n      parts = parts.reduce((set: string[], part) => {\n        const prev = set[set.length - 1]\n        if (part === '**' && prev === '**') {\n          return set\n        }\n        if (part === '..') {\n          if (prev && prev !== '..' && prev !== '.' && prev !== '**') {\n            set.pop()\n            return set\n          }\n        }\n        set.push(part)\n        return set\n      }, [])\n      return parts.length === 0 ? [''] : parts\n    })\n  }\n\n  levelTwoFileOptimize(parts: string | string[]) {\n    if (!Array.isArray(parts)) {\n      parts = this.slashSplit(parts)\n    }\n    let didSomething: boolean = false\n    do {\n      didSomething = false\n      // <pre>/<e>/<rest> -> <pre>/<rest>\n      if (!this.preserveMultipleSlashes) {\n        for (let i = 1; i < parts.length - 1; i++) {\n          const p = parts[i]\n          // don't squeeze out UNC patterns\n          if (i === 1 && p === '' && parts[0] === '') continue\n          if (p === '.' || p === '') {\n            didSomething = true\n            parts.splice(i, 1)\n            i--\n          }\n        }\n        if (\n          parts[0] === '.' &&\n          parts.length === 2 &&\n          (parts[1] === '.' || parts[1] === '')\n        ) {\n          didSomething = true\n          parts.pop()\n        }\n      }\n\n      // <pre>/<p>/../<rest> -> <pre>/<rest>\n      let dd: number = 0\n      while (-1 !== (dd = parts.indexOf('..', dd + 1))) {\n        const p = parts[dd - 1]\n        if (p && p !== '.' && p !== '..' && p !== '**') {\n          didSomething = true\n          parts.splice(dd - 1, 2)\n          dd -= 2\n        }\n      }\n    } while (didSomething)\n    return parts.length === 0 ? [''] : parts\n  }\n\n  // First phase: single-pattern processing\n  // <pre> is 1 or more portions\n  // <rest> is 1 or more portions\n  // <p> is any portion other than ., .., '', or **\n  // <e> is . or ''\n  //\n  // **/.. is *brutal* for filesystem walking performance, because\n  // it effectively resets the recursive walk each time it occurs,\n  // and ** cannot be reduced out by a .. pattern part like a regexp\n  // or most strings (other than .., ., and '') can be.\n  //\n  // <pre>/**/../<p>/<p>/<rest> -> {<pre>/../<p>/<p>/<rest>,<pre>/**/<p>/<p>/<rest>}\n  // <pre>/<e>/<rest> -> <pre>/<rest>\n  // <pre>/<p>/../<rest> -> <pre>/<rest>\n  // **/**/<rest> -> **/<rest>\n  //\n  // **/*/<rest> -> */**/<rest> <== not valid because ** doesn't follow\n  // this WOULD be allowed if ** did follow symlinks, or * didn't\n  firstPhasePreProcess(globParts: string[][]) {\n    let didSomething = false\n    do {\n      didSomething = false\n      // <pre>/**/../<p>/<p>/<rest> -> {<pre>/../<p>/<p>/<rest>,<pre>/**/<p>/<p>/<rest>}\n      for (let parts of globParts) {\n        let gs: number = -1\n        while (-1 !== (gs = parts.indexOf('**', gs + 1))) {\n          let gss: number = gs\n          while (parts[gss + 1] === '**') {\n            // <pre>/**/**/<rest> -> <pre>/**/<rest>\n            gss++\n          }\n          // eg, if gs is 2 and gss is 4, that means we have 3 **\n          // parts, and can remove 2 of them.\n          if (gss > gs) {\n            parts.splice(gs + 1, gss - gs)\n          }\n\n          let next = parts[gs + 1]\n          const p = parts[gs + 2]\n          const p2 = parts[gs + 3]\n          if (next !== '..') continue\n          if (\n            !p ||\n            p === '.' ||\n            p === '..' ||\n            !p2 ||\n            p2 === '.' ||\n            p2 === '..'\n          ) {\n            continue\n          }\n          didSomething = true\n          // edit parts in place, and push the new one\n          parts.splice(gs, 1)\n          const other = parts.slice(0)\n          other[gs] = '**'\n          globParts.push(other)\n          gs--\n        }\n\n        // <pre>/<e>/<rest> -> <pre>/<rest>\n        if (!this.preserveMultipleSlashes) {\n          for (let i = 1; i < parts.length - 1; i++) {\n            const p = parts[i]\n            // don't squeeze out UNC patterns\n            if (i === 1 && p === '' && parts[0] === '') continue\n            if (p === '.' || p === '') {\n              didSomething = true\n              parts.splice(i, 1)\n              i--\n            }\n          }\n          if (\n            parts[0] === '.' &&\n            parts.length === 2 &&\n            (parts[1] === '.' || parts[1] === '')\n          ) {\n            didSomething = true\n            parts.pop()\n          }\n        }\n\n        // <pre>/<p>/../<rest> -> <pre>/<rest>\n        let dd: number = 0\n        while (-1 !== (dd = parts.indexOf('..', dd + 1))) {\n          const p = parts[dd - 1]\n          if (p && p !== '.' && p !== '..' && p !== '**') {\n            didSomething = true\n            const needDot = dd === 1 && parts[dd + 1] === '**'\n            const splin = needDot ? ['.'] : []\n            parts.splice(dd - 1, 2, ...splin)\n            if (parts.length === 0) parts.push('')\n            dd -= 2\n          }\n        }\n      }\n    } while (didSomething)\n\n    return globParts\n  }\n\n  // second phase: multi-pattern dedupes\n  // {<pre>/*/<rest>,<pre>/<p>/<rest>} -> <pre>/*/<rest>\n  // {<pre>/<rest>,<pre>/<rest>} -> <pre>/<rest>\n  // {<pre>/**/<rest>,<pre>/<rest>} -> <pre>/**/<rest>\n  //\n  // {<pre>/**/<rest>,<pre>/**/<p>/<rest>} -> <pre>/**/<rest>\n  // ^-- not valid because ** doens't follow symlinks\n  secondPhasePreProcess(globParts: string[][]): string[][] {\n    for (let i = 0; i < globParts.length - 1; i++) {\n      for (let j = i + 1; j < globParts.length; j++) {\n        const matched = this.partsMatch(\n          globParts[i],\n          globParts[j],\n          !this.preserveMultipleSlashes\n        )\n        if (matched) {\n          globParts[i] = []\n          globParts[j] = matched\n          break\n        }\n      }\n    }\n    return globParts.filter(gs => gs.length)\n  }\n\n  partsMatch(\n    a: string[],\n    b: string[],\n    emptyGSMatch: boolean = false\n  ): false | string[] {\n    let ai = 0\n    let bi = 0\n    let result: string[] = []\n    let which: string = ''\n    while (ai < a.length && bi < b.length) {\n      if (a[ai] === b[bi]) {\n        result.push(which === 'b' ? b[bi] : a[ai])\n        ai++\n        bi++\n      } else if (emptyGSMatch && a[ai] === '**' && b[bi] === a[ai + 1]) {\n        result.push(a[ai])\n        ai++\n      } else if (emptyGSMatch && b[bi] === '**' && a[ai] === b[bi + 1]) {\n        result.push(b[bi])\n        bi++\n      } else if (\n        a[ai] === '*' &&\n        b[bi] &&\n        (this.options.dot || !b[bi].startsWith('.')) &&\n        b[bi] !== '**'\n      ) {\n        if (which === 'b') return false\n        which = 'a'\n        result.push(a[ai])\n        ai++\n        bi++\n      } else if (\n        b[bi] === '*' &&\n        a[ai] &&\n        (this.options.dot || !a[ai].startsWith('.')) &&\n        a[ai] !== '**'\n      ) {\n        if (which === 'a') return false\n        which = 'b'\n        result.push(b[bi])\n        ai++\n        bi++\n      } else {\n        return false\n      }\n    }\n    // if we fall out of the loop, it means they two are identical\n    // as long as their lengths match\n    return a.length === b.length && result\n  }\n\n  parseNegate() {\n    if (this.nonegate) return\n\n    const pattern = this.pattern\n    let negate = false\n    let negateOffset = 0\n\n    for (let i = 0; i < pattern.length && pattern.charAt(i) === '!'; i++) {\n      negate = !negate\n      negateOffset++\n    }\n\n    if (negateOffset) this.pattern = pattern.slice(negateOffset)\n    this.negate = negate\n  }\n\n  // set partial to true to test if, for example,\n  // \"/a/b\" matches the start of \"/*/b/*/d\"\n  // Partial means, if you run out of file before you run\n  // out of pattern, then that's fine, as long as all\n  // the parts match.\n  matchOne(file: string[], pattern: ParseReturn[], partial: boolean = false) {\n    const options = this.options\n\n    // UNC paths like //?/X:/... can match X:/... and vice versa\n    // Drive letters in absolute drive or unc paths are always compared\n    // case-insensitively.\n    if (this.isWindows) {\n      const fileDrive = typeof file[0] === 'string' && /^[a-z]:$/i.test(file[0])\n      const fileUNC =\n        !fileDrive &&\n        file[0] === '' &&\n        file[1] === '' &&\n        file[2] === '?' &&\n        /^[a-z]:$/i.test(file[3])\n\n      const patternDrive =\n        typeof pattern[0] === 'string' && /^[a-z]:$/i.test(pattern[0])\n      const patternUNC =\n        !patternDrive &&\n        pattern[0] === '' &&\n        pattern[1] === '' &&\n        pattern[2] === '?' &&\n        typeof pattern[3] === 'string' &&\n        /^[a-z]:$/i.test(pattern[3])\n\n      const fdi = fileUNC ? 3 : fileDrive ? 0 : undefined\n      const pdi = patternUNC ? 3 : patternDrive ? 0 : undefined\n      if (typeof fdi === 'number' && typeof pdi === 'number') {\n        const [fd, pd]: [string, string] = [file[fdi], pattern[pdi] as string]\n        if (fd.toLowerCase() === pd.toLowerCase()) {\n          pattern[pdi] = fd\n          if (pdi > fdi) {\n            pattern = pattern.slice(pdi)\n          } else if (fdi > pdi) {\n            file = file.slice(fdi)\n          }\n        }\n      }\n    }\n\n    // resolve and reduce . and .. portions in the file as well.\n    // dont' need to do the second phase, because it's only one string[]\n    const { optimizationLevel = 1 } = this.options\n    if (optimizationLevel >= 2) {\n      file = this.levelTwoFileOptimize(file)\n    }\n\n    this.debug('matchOne', this, { file, pattern })\n    this.debug('matchOne', file.length, pattern.length)\n\n    for (\n      var fi = 0, pi = 0, fl = file.length, pl = pattern.length;\n      fi < fl && pi < pl;\n      fi++, pi++\n    ) {\n      this.debug('matchOne loop')\n      var p = pattern[pi]\n      var f = file[fi]\n\n      this.debug(pattern, p, f)\n\n      // should be impossible.\n      // some invalid regexp stuff in the set.\n      /* c8 ignore start */\n      if (p === false) {\n        return false\n      }\n      /* c8 ignore stop */\n\n      if (p === GLOBSTAR) {\n        this.debug('GLOBSTAR', [pattern, p, f])\n\n        // \"**\"\n        // a/**/b/**/c would match the following:\n        // a/b/x/y/z/c\n        // a/x/y/z/b/c\n        // a/b/x/b/x/c\n        // a/b/c\n        // To do this, take the rest of the pattern after\n        // the **, and see if it would match the file remainder.\n        // If so, return success.\n        // If not, the ** \"swallows\" a segment, and try again.\n        // This is recursively awful.\n        //\n        // a/**/b/**/c matching a/b/x/y/z/c\n        // - a matches a\n        // - doublestar\n        //   - matchOne(b/x/y/z/c, b/**/c)\n        //     - b matches b\n        //     - doublestar\n        //       - matchOne(x/y/z/c, c) -> no\n        //       - matchOne(y/z/c, c) -> no\n        //       - matchOne(z/c, c) -> no\n        //       - matchOne(c, c) yes, hit\n        var fr = fi\n        var pr = pi + 1\n        if (pr === pl) {\n          this.debug('** at the end')\n          // a ** at the end will just swallow the rest.\n          // We have found a match.\n          // however, it will not swallow /.x, unless\n          // options.dot is set.\n          // . and .. are *never* matched by **, for explosively\n          // exponential reasons.\n          for (; fi < fl; fi++) {\n            if (\n              file[fi] === '.' ||\n              file[fi] === '..' ||\n              (!options.dot && file[fi].charAt(0) === '.')\n            )\n              return false\n          }\n          return true\n        }\n\n        // ok, let's see if we can swallow whatever we can.\n        while (fr < fl) {\n          var swallowee = file[fr]\n\n          this.debug('\\nglobstar while', file, fr, pattern, pr, swallowee)\n\n          // XXX remove this slice.  Just pass the start index.\n          if (this.matchOne(file.slice(fr), pattern.slice(pr), partial)) {\n            this.debug('globstar found match!', fr, fl, swallowee)\n            // found a match.\n            return true\n          } else {\n            // can't swallow \".\" or \"..\" ever.\n            // can only swallow \".foo\" when explicitly asked.\n            if (\n              swallowee === '.' ||\n              swallowee === '..' ||\n              (!options.dot && swallowee.charAt(0) === '.')\n            ) {\n              this.debug('dot detected!', file, fr, pattern, pr)\n              break\n            }\n\n            // ** swallows a segment, and continue.\n            this.debug('globstar swallow a segment, and continue')\n            fr++\n          }\n        }\n\n        // no match was found.\n        // However, in partial mode, we can't say this is necessarily over.\n        /* c8 ignore start */\n        if (partial) {\n          // ran out of file\n          this.debug('\\n>>> no match, partial?', file, fr, pattern, pr)\n          if (fr === fl) {\n            return true\n          }\n        }\n        /* c8 ignore stop */\n        return false\n      }\n\n      // something other than **\n      // non-magic patterns just have to match exactly\n      // patterns with magic have been turned into regexps.\n      let hit: boolean\n      if (typeof p === 'string') {\n        hit = f === p\n        this.debug('string match', p, f, hit)\n      } else {\n        hit = p.test(f)\n        this.debug('pattern match', p, f, hit)\n      }\n\n      if (!hit) return false\n    }\n\n    // Note: ending in / means that we'll get a final \"\"\n    // at the end of the pattern.  This can only match a\n    // corresponding \"\" at the end of the file.\n    // If the file ends in /, then it can only match a\n    // a pattern that ends in /, unless the pattern just\n    // doesn't have any more for it. But, a/b/ should *not*\n    // match \"a/b/*\", even though \"\" matches against the\n    // [^/]*? pattern, except in partial mode, where it might\n    // simply not be reached yet.\n    // However, a/b/ should still satisfy a/*\n\n    // now either we fell off the end of the pattern, or we're done.\n    if (fi === fl && pi === pl) {\n      // ran out of pattern and filename at the same time.\n      // an exact hit!\n      return true\n    } else if (fi === fl) {\n      // ran out of file, but still had pattern left.\n      // this is ok if we're doing the match as part of\n      // a glob fs traversal.\n      return partial\n    } else if (pi === pl) {\n      // ran out of pattern, still have file left.\n      // this is only acceptable if we're on the very last\n      // empty segment of a file with a trailing slash.\n      // a/* should match a/b/\n      return fi === fl - 1 && file[fi] === ''\n\n      /* c8 ignore start */\n    } else {\n      // should be unreachable.\n      throw new Error('wtf?')\n    }\n    /* c8 ignore stop */\n  }\n\n  braceExpand() {\n    return braceExpand(this.pattern, this.options)\n  }\n\n  parse(pattern: string): ParseReturn {\n    assertValidPattern(pattern)\n\n    const options = this.options\n\n    // shortcuts\n    if (pattern === '**') return GLOBSTAR\n    if (pattern === '') return ''\n\n    // far and away, the most common glob pattern parts are\n    // *, *.*, and *.<ext>  Add a fast check method for those.\n    let m: RegExpMatchArray | null\n    let fastTest: null | ((f: string) => boolean) = null\n    if ((m = pattern.match(starRE))) {\n      fastTest = options.dot ? starTestDot : starTest\n    } else if ((m = pattern.match(starDotExtRE))) {\n      fastTest = (\n        options.nocase\n          ? options.dot\n            ? starDotExtTestNocaseDot\n            : starDotExtTestNocase\n          : options.dot\n          ? starDotExtTestDot\n          : starDotExtTest\n      )(m[1])\n    } else if ((m = pattern.match(qmarksRE))) {\n      fastTest = (\n        options.nocase\n          ? options.dot\n            ? qmarksTestNocaseDot\n            : qmarksTestNocase\n          : options.dot\n          ? qmarksTestDot\n          : qmarksTest\n      )(m)\n    } else if ((m = pattern.match(starDotStarRE))) {\n      fastTest = options.dot ? starDotStarTestDot : starDotStarTest\n    } else if ((m = pattern.match(dotStarRE))) {\n      fastTest = dotStarTest\n    }\n\n    const re = AST.fromGlob(pattern, this.options).toMMPattern()\n    if (fastTest && typeof re === 'object') {\n      // Avoids overriding in frozen environments\n      Reflect.defineProperty(re, 'test', { value: fastTest })\n    }\n    return re\n  }\n\n  makeRe() {\n    if (this.regexp || this.regexp === false) return this.regexp\n\n    // at this point, this.set is a 2d array of partial\n    // pattern strings, or \"**\".\n    //\n    // It's better to use .match().  This function shouldn't\n    // be used, really, but it's pretty convenient sometimes,\n    // when you just want to work with a regex.\n    const set = this.set\n\n    if (!set.length) {\n      this.regexp = false\n      return this.regexp\n    }\n    const options = this.options\n\n    const twoStar = options.noglobstar\n      ? star\n      : options.dot\n      ? twoStarDot\n      : twoStarNoDot\n    const flags = new Set(options.nocase ? ['i'] : [])\n\n    // regexpify non-globstar patterns\n    // if ** is only item, then we just do one twoStar\n    // if ** is first, and there are more, prepend (\\/|twoStar\\/)? to next\n    // if ** is last, append (\\/twoStar|) to previous\n    // if ** is in the middle, append (\\/|\\/twoStar\\/) to previous\n    // then filter out GLOBSTAR symbols\n    let re = set\n      .map(pattern => {\n        const pp: (string | typeof GLOBSTAR)[] = pattern.map(p => {\n          if (p instanceof RegExp) {\n            for (const f of p.flags.split('')) flags.add(f)\n          }\n          return typeof p === 'string'\n            ? regExpEscape(p)\n            : p === GLOBSTAR\n            ? GLOBSTAR\n            : p._src\n        }) as (string | typeof GLOBSTAR)[]\n        pp.forEach((p, i) => {\n          const next = pp[i + 1]\n          const prev = pp[i - 1]\n          if (p !== GLOBSTAR || prev === GLOBSTAR) {\n            return\n          }\n          if (prev === undefined) {\n            if (next !== undefined && next !== GLOBSTAR) {\n              pp[i + 1] = '(?:\\\\/|' + twoStar + '\\\\/)?' + next\n            } else {\n              pp[i] = twoStar\n            }\n          } else if (next === undefined) {\n            pp[i - 1] = prev + '(?:\\\\/|' + twoStar + ')?'\n          } else if (next !== GLOBSTAR) {\n            pp[i - 1] = prev + '(?:\\\\/|\\\\/' + twoStar + '\\\\/)' + next\n            pp[i + 1] = GLOBSTAR\n          }\n        })\n        return pp.filter(p => p !== GLOBSTAR).join('/')\n      })\n      .join('|')\n\n    // need to wrap in parens if we had more than one thing with |,\n    // otherwise only the first will be anchored to ^ and the last to $\n    const [open, close] = set.length > 1 ? ['(?:', ')'] : ['', '']\n    // must match entire pattern\n    // ending in a * or ** will make it less strict.\n    re = '^' + open + re + close + '$'\n\n    // can match anything, as long as it's not this.\n    if (this.negate) re = '^(?!' + re + ').+$'\n\n    try {\n      this.regexp = new RegExp(re, [...flags].join(''))\n      /* c8 ignore start */\n    } catch (ex) {\n      // should be impossible\n      this.regexp = false\n    }\n    /* c8 ignore stop */\n    return this.regexp\n  }\n\n  slashSplit(p: string) {\n    // if p starts with // on windows, we preserve that\n    // so that UNC paths aren't broken.  Otherwise, any number of\n    // / characters are coalesced into one, unless\n    // preserveMultipleSlashes is set to true.\n    if (this.preserveMultipleSlashes) {\n      return p.split('/')\n    } else if (this.isWindows && /^\\/\\/[^\\/]+/.test(p)) {\n      // add an extra '' for the one we lose\n      return ['', ...p.split(/\\/+/)]\n    } else {\n      return p.split(/\\/+/)\n    }\n  }\n\n  match(f: string, partial = this.partial) {\n    this.debug('match', f, this.pattern)\n    // short-circuit in the case of busted things.\n    // comments, etc.\n    if (this.comment) {\n      return false\n    }\n    if (this.empty) {\n      return f === ''\n    }\n\n    if (f === '/' && partial) {\n      return true\n    }\n\n    const options = this.options\n\n    // windows: need to use /, not \\\n    if (this.isWindows) {\n      f = f.split('\\\\').join('/')\n    }\n\n    // treat the test path as a set of pathparts.\n    const ff = this.slashSplit(f)\n    this.debug(this.pattern, 'split', ff)\n\n    // just ONE of the pattern sets in this.set needs to match\n    // in order for it to be valid.  If negating, then just one\n    // match means that we have failed.\n    // Either way, return on the first hit.\n\n    const set = this.set\n    this.debug(this.pattern, 'set', set)\n\n    // Find the basename of the path by looking for the last non-empty segment\n    let filename: string = ff[ff.length - 1]\n    if (!filename) {\n      for (let i = ff.length - 2; !filename && i >= 0; i--) {\n        filename = ff[i]\n      }\n    }\n\n    for (let i = 0; i < set.length; i++) {\n      const pattern = set[i]\n      let file = ff\n      if (options.matchBase && pattern.length === 1) {\n        file = [filename]\n      }\n      const hit = this.matchOne(file, pattern, partial)\n      if (hit) {\n        if (options.flipNegate) {\n          return true\n        }\n        return !this.negate\n      }\n    }\n\n    // didn't get any hits.  this is success if it's a negative\n    // pattern, failure otherwise.\n    if (options.flipNegate) {\n      return false\n    }\n    return this.negate\n  }\n\n  static defaults(def: MinimatchOptions) {\n    return minimatch.defaults(def).Minimatch\n  }\n}\n/* c8 ignore start */\nexport { AST } from './ast.js'\nexport { escape } from './escape.js'\nexport { unescape } from './unescape.js'\n/* c8 ignore stop */\nminimatch.AST = AST\nminimatch.Minimatch = Minimatch\nminimatch.escape = escape\nminimatch.unescape = unescape\n"]}
\ No newline at end of file
diff --git a/deps/minimatch/index.js b/deps/minimatch/index.js
index f3fb6d21cccf8b..e222dc60e99d9c 100644
--- a/deps/minimatch/index.js
+++ b/deps/minimatch/index.js
@@ -4,33 +4,34 @@ var __commonJS = (cb, mod) => function __require() {
   return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
 };
 
-// node_modules/balanced-match/index.js
-var require_balanced_match = __commonJS({
-  "node_modules/balanced-match/index.js"(exports2, module2) {
+// node_modules/@isaacs/balanced-match/dist/commonjs/index.js
+var require_commonjs = __commonJS({
+  "node_modules/@isaacs/balanced-match/dist/commonjs/index.js"(exports2) {
     "use strict";
-    module2.exports = balanced;
-    function balanced(a, b, str) {
-      if (a instanceof RegExp) a = maybeMatch(a, str);
-      if (b instanceof RegExp) b = maybeMatch(b, str);
-      var r = range(a, b, str);
+    Object.defineProperty(exports2, "__esModule", { value: true });
+    exports2.range = exports2.balanced = void 0;
+    var balanced = (a, b, str) => {
+      const ma = a instanceof RegExp ? maybeMatch(a, str) : a;
+      const mb = b instanceof RegExp ? maybeMatch(b, str) : b;
+      const r = ma !== null && mb != null && (0, exports2.range)(ma, mb, str);
       return r && {
         start: r[0],
         end: r[1],
         pre: str.slice(0, r[0]),
-        body: str.slice(r[0] + a.length, r[1]),
-        post: str.slice(r[1] + b.length)
+        body: str.slice(r[0] + ma.length, r[1]),
+        post: str.slice(r[1] + mb.length)
       };
-    }
-    function maybeMatch(reg, str) {
-      var m = str.match(reg);
+    };
+    exports2.balanced = balanced;
+    var maybeMatch = (reg, str) => {
+      const m = str.match(reg);
       return m ? m[0] : null;
-    }
-    balanced.range = range;
-    function range(a, b, str) {
-      var begs, beg, left, right, result;
-      var ai = str.indexOf(a);
-      var bi = str.indexOf(b, ai + 1);
-      var i = ai;
+    };
+    var range = (a, b, str) => {
+      let begs, beg, left, right = void 0, result;
+      let ai = str.indexOf(a);
+      let bi = str.indexOf(b, ai + 1);
+      let i = ai;
       if (ai >= 0 && bi > 0) {
         if (a === b) {
           return [ai, bi];
@@ -38,14 +39,16 @@ var require_balanced_match = __commonJS({
         begs = [];
         left = str.length;
         while (i >= 0 && !result) {
-          if (i == ai) {
+          if (i === ai) {
             begs.push(i);
             ai = str.indexOf(a, i + 1);
-          } else if (begs.length == 1) {
-            result = [begs.pop(), bi];
+          } else if (begs.length === 1) {
+            const r = begs.pop();
+            if (r !== void 0)
+              result = [r, bi];
           } else {
             beg = begs.pop();
-            if (beg < left) {
+            if (beg !== void 0 && beg < left) {
               left = beg;
               right = bi;
             }
@@ -53,61 +56,76 @@ var require_balanced_match = __commonJS({
           }
           i = ai < bi && ai >= 0 ? ai : bi;
         }
-        if (begs.length) {
+        if (begs.length && right !== void 0) {
           result = [left, right];
         }
       }
       return result;
-    }
+    };
+    exports2.range = range;
   }
 });
 
-// node_modules/brace-expansion/index.js
-var require_brace_expansion = __commonJS({
-  "node_modules/brace-expansion/index.js"(exports2, module2) {
-    var balanced = require_balanced_match();
-    module2.exports = expandTop;
+// node_modules/@isaacs/brace-expansion/dist/commonjs/index.js
+var require_commonjs2 = __commonJS({
+  "node_modules/@isaacs/brace-expansion/dist/commonjs/index.js"(exports2) {
+    "use strict";
+    Object.defineProperty(exports2, "__esModule", { value: true });
+    exports2.expand = expand;
+    var balanced_match_1 = require_commonjs();
     var escSlash = "\0SLASH" + Math.random() + "\0";
     var escOpen = "\0OPEN" + Math.random() + "\0";
     var escClose = "\0CLOSE" + Math.random() + "\0";
     var escComma = "\0COMMA" + Math.random() + "\0";
     var escPeriod = "\0PERIOD" + Math.random() + "\0";
+    var escSlashPattern = new RegExp(escSlash, "g");
+    var escOpenPattern = new RegExp(escOpen, "g");
+    var escClosePattern = new RegExp(escClose, "g");
+    var escCommaPattern = new RegExp(escComma, "g");
+    var escPeriodPattern = new RegExp(escPeriod, "g");
+    var slashPattern = /\\\\/g;
+    var openPattern = /\\{/g;
+    var closePattern = /\\}/g;
+    var commaPattern = /\\,/g;
+    var periodPattern = /\\./g;
     function numeric(str) {
-      return parseInt(str, 10) == str ? parseInt(str, 10) : str.charCodeAt(0);
+      return !isNaN(str) ? parseInt(str, 10) : str.charCodeAt(0);
     }
     function escapeBraces(str) {
-      return str.split("\\\\").join(escSlash).split("\\{").join(escOpen).split("\\}").join(escClose).split("\\,").join(escComma).split("\\.").join(escPeriod);
+      return str.replace(slashPattern, escSlash).replace(openPattern, escOpen).replace(closePattern, escClose).replace(commaPattern, escComma).replace(periodPattern, escPeriod);
     }
     function unescapeBraces(str) {
-      return str.split(escSlash).join("\\").split(escOpen).join("{").split(escClose).join("}").split(escComma).join(",").split(escPeriod).join(".");
+      return str.replace(escSlashPattern, "\\").replace(escOpenPattern, "{").replace(escClosePattern, "}").replace(escCommaPattern, ",").replace(escPeriodPattern, ".");
     }
     function parseCommaParts(str) {
-      if (!str)
+      if (!str) {
         return [""];
-      var parts = [];
-      var m = balanced("{", "}", str);
-      if (!m)
+      }
+      const parts = [];
+      const m = (0, balanced_match_1.balanced)("{", "}", str);
+      if (!m) {
         return str.split(",");
-      var pre = m.pre;
-      var body = m.body;
-      var post = m.post;
-      var p = pre.split(",");
+      }
+      const { pre, body, post } = m;
+      const p = pre.split(",");
       p[p.length - 1] += "{" + body + "}";
-      var postParts = parseCommaParts(post);
+      const postParts = parseCommaParts(post);
       if (post.length) {
+        ;
         p[p.length - 1] += postParts.shift();
         p.push.apply(p, postParts);
       }
       parts.push.apply(parts, p);
       return parts;
     }
-    function expandTop(str) {
-      if (!str)
+    function expand(str) {
+      if (!str) {
         return [];
-      if (str.substr(0, 2) === "{}") {
-        str = "\\{\\}" + str.substr(2);
       }
-      return expand(escapeBraces(str), true).map(unescapeBraces);
+      if (str.slice(0, 2) === "{}") {
+        str = "\\{\\}" + str.slice(2);
+      }
+      return expand_(escapeBraces(str), true).map(unescapeBraces);
     }
     function embrace(str) {
       return "{" + str + "}";
@@ -121,73 +139,74 @@ var require_brace_expansion = __commonJS({
     function gte(i, y) {
       return i >= y;
     }
-    function expand(str, isTop) {
-      var expansions = [];
-      var m = balanced("{", "}", str);
-      if (!m) return [str];
-      var pre = m.pre;
-      var post = m.post.length ? expand(m.post, false) : [""];
+    function expand_(str, isTop) {
+      const expansions = [];
+      const m = (0, balanced_match_1.balanced)("{", "}", str);
+      if (!m)
+        return [str];
+      const pre = m.pre;
+      const post = m.post.length ? expand_(m.post, false) : [""];
       if (/\$$/.test(m.pre)) {
-        for (var k = 0; k < post.length; k++) {
-          var expansion = pre + "{" + m.body + "}" + post[k];
+        for (let k = 0; k < post.length; k++) {
+          const expansion = pre + "{" + m.body + "}" + post[k];
           expansions.push(expansion);
         }
       } else {
-        var isNumericSequence = /^-?\d+\.\.-?\d+(?:\.\.-?\d+)?$/.test(m.body);
-        var isAlphaSequence = /^[a-zA-Z]\.\.[a-zA-Z](?:\.\.-?\d+)?$/.test(m.body);
-        var isSequence = isNumericSequence || isAlphaSequence;
-        var isOptions = m.body.indexOf(",") >= 0;
+        const isNumericSequence = /^-?\d+\.\.-?\d+(?:\.\.-?\d+)?$/.test(m.body);
+        const isAlphaSequence = /^[a-zA-Z]\.\.[a-zA-Z](?:\.\.-?\d+)?$/.test(m.body);
+        const isSequence = isNumericSequence || isAlphaSequence;
+        const isOptions = m.body.indexOf(",") >= 0;
         if (!isSequence && !isOptions) {
-          if (m.post.match(/,.*\}/)) {
+          if (m.post.match(/,(?!,).*\}/)) {
             str = m.pre + "{" + m.body + escClose + m.post;
-            return expand(str);
+            return expand_(str);
           }
           return [str];
         }
-        var n;
+        let n;
         if (isSequence) {
           n = m.body.split(/\.\./);
         } else {
           n = parseCommaParts(m.body);
-          if (n.length === 1) {
-            n = expand(n[0], false).map(embrace);
+          if (n.length === 1 && n[0] !== void 0) {
+            n = expand_(n[0], false).map(embrace);
             if (n.length === 1) {
-              return post.map(function(p) {
-                return m.pre + n[0] + p;
-              });
+              return post.map((p) => m.pre + n[0] + p);
             }
           }
         }
-        var N;
-        if (isSequence) {
-          var x = numeric(n[0]);
-          var y = numeric(n[1]);
-          var width = Math.max(n[0].length, n[1].length);
-          var incr = n.length == 3 ? Math.abs(numeric(n[2])) : 1;
-          var test = lte;
-          var reverse = y < x;
+        let N;
+        if (isSequence && n[0] !== void 0 && n[1] !== void 0) {
+          const x = numeric(n[0]);
+          const y = numeric(n[1]);
+          const width = Math.max(n[0].length, n[1].length);
+          let incr = n.length === 3 && n[2] !== void 0 ? Math.abs(numeric(n[2])) : 1;
+          let test = lte;
+          const reverse = y < x;
           if (reverse) {
             incr *= -1;
             test = gte;
           }
-          var pad = n.some(isPadded);
+          const pad = n.some(isPadded);
           N = [];
-          for (var i = x; test(i, y); i += incr) {
-            var c;
+          for (let i = x; test(i, y); i += incr) {
+            let c;
             if (isAlphaSequence) {
               c = String.fromCharCode(i);
-              if (c === "\\")
+              if (c === "\\") {
                 c = "";
+              }
             } else {
               c = String(i);
               if (pad) {
-                var need = width - c.length;
+                const need = width - c.length;
                 if (need > 0) {
-                  var z = new Array(need + 1).join("0");
-                  if (i < 0)
+                  const z = new Array(need + 1).join("0");
+                  if (i < 0) {
                     c = "-" + z + c.slice(1);
-                  else
+                  } else {
                     c = z + c;
+                  }
                 }
               }
             }
@@ -195,15 +214,16 @@ var require_brace_expansion = __commonJS({
           }
         } else {
           N = [];
-          for (var j = 0; j < n.length; j++) {
-            N.push.apply(N, expand(n[j], false));
+          for (let j = 0; j < n.length; j++) {
+            N.push.apply(N, expand_(n[j], false));
           }
         }
-        for (var j = 0; j < N.length; j++) {
-          for (var k = 0; k < post.length; k++) {
-            var expansion = pre + N[j] + post[k];
-            if (!isTop || isSequence || expansion)
+        for (let j = 0; j < N.length; j++) {
+          for (let k = 0; k < post.length; k++) {
+            const expansion = pre + N[j] + post[k];
+            if (!isTop || isSequence || expansion) {
               expansions.push(expansion);
+            }
           }
         }
       }
@@ -864,12 +884,9 @@ var require_escape = __commonJS({
 });
 
 // dist/commonjs/index.js
-var __importDefault = exports && exports.__importDefault || function(mod) {
-  return mod && mod.__esModule ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.unescape = exports.escape = exports.AST = exports.Minimatch = exports.match = exports.makeRe = exports.braceExpand = exports.defaults = exports.filter = exports.GLOBSTAR = exports.sep = exports.minimatch = void 0;
-var brace_expansion_1 = __importDefault(require_brace_expansion());
+var brace_expansion_1 = require_commonjs2();
 var assert_valid_pattern_js_1 = require_assert_valid_pattern();
 var ast_js_1 = require_ast();
 var escape_js_1 = require_escape();
@@ -992,7 +1009,7 @@ var braceExpand = (pattern, options = {}) => {
   if (options.nobrace || !/\{(?:(?!\{).)*\}/.test(pattern)) {
     return [pattern];
   }
-  return (0, brace_expansion_1.default)(pattern);
+  return (0, brace_expansion_1.expand)(pattern);
 };
 exports.braceExpand = braceExpand;
 exports.minimatch.braceExpand = exports.braceExpand;
diff --git a/deps/minimatch/package-lock.json b/deps/minimatch/package-lock.json
index da7eda431aac2a..ef4e4457a1a3ed 100644
--- a/deps/minimatch/package-lock.json
+++ b/deps/minimatch/package-lock.json
@@ -1,26 +1,25 @@
 {
   "name": "minimatch",
-  "version": "10.0.1",
+  "version": "10.0.3",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "minimatch",
-      "version": "10.0.1",
+      "version": "10.0.3",
       "license": "ISC",
       "dependencies": {
-        "brace-expansion": "^2.0.1"
+        "@isaacs/brace-expansion": "^5.0.0"
       },
       "devDependencies": {
         "@types/brace-expansion": "^1.1.2",
-        "@types/node": "^20.14.10",
-        "esbuild": "^0.23.0",
+        "@types/node": "^24.0.0",
+        "esbuild": "^0.25.5",
         "mkdirp": "^3.0.1",
         "prettier": "^3.3.2",
-        "tap": "^20.0.3",
-        "tshy": "^2.0.1",
-        "typedoc": "^0.26.3",
-        "typescript": "^5.5.3"
+        "tap": "^21.1.0",
+        "tshy": "^3.0.2",
+        "typedoc": "^0.28.5"
       },
       "engines": {
         "node": "20 || >=22"
@@ -51,11 +50,14 @@
       "license": "BSD-2-Clause"
     },
     "node_modules/@bcoe/v8-coverage": {
-      "version": "0.2.3",
-      "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz",
-      "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-1.0.2.tgz",
+      "integrity": "sha512-6zABk/ECA/QYSCQ1NGiVwwbQerUCZ+TQbp64Q3AgmfNvurHH0j8TtXa1qbShXA6qqkpAj4V5W8pP6mLe1mcMqA==",
       "dev": true,
-      "license": "MIT"
+      "license": "MIT",
+      "engines": {
+        "node": ">=18"
+      }
     },
     "node_modules/@cspotcode/source-map-support": {
       "version": "0.8.1",
@@ -71,9 +73,9 @@
       }
     },
     "node_modules/@esbuild/aix-ppc64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.23.0.tgz",
-      "integrity": "sha512-3sG8Zwa5fMcA9bgqB8AfWPQ+HFke6uD3h1s3RIwUNK8EG7a4buxvuFTs3j1IMs2NXAk9F30C/FF4vxRgQCcmoQ==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.5.tgz",
+      "integrity": "sha512-9o3TMmpmftaCMepOdA5k/yDw8SfInyzWWTjYTFCX3kPSDJMROQTb8jg+h9Cnwnmm1vOzvxN7gIfB5V2ewpjtGA==",
       "cpu": [
         "ppc64"
       ],
@@ -88,9 +90,9 @@
       }
     },
     "node_modules/@esbuild/android-arm": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.23.0.tgz",
-      "integrity": "sha512-+KuOHTKKyIKgEEqKbGTK8W7mPp+hKinbMBeEnNzjJGyFcWsfrXjSTNluJHCY1RqhxFurdD8uNXQDei7qDlR6+g==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.5.tgz",
+      "integrity": "sha512-AdJKSPeEHgi7/ZhuIPtcQKr5RQdo6OO2IL87JkianiMYMPbCtot9fxPbrMiBADOWWm3T2si9stAiVsGbTQFkbA==",
       "cpu": [
         "arm"
       ],
@@ -105,9 +107,9 @@
       }
     },
     "node_modules/@esbuild/android-arm64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.23.0.tgz",
-      "integrity": "sha512-EuHFUYkAVfU4qBdyivULuu03FhJO4IJN9PGuABGrFy4vUuzk91P2d+npxHcFdpUnfYKy0PuV+n6bKIpHOB3prQ==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.5.tgz",
+      "integrity": "sha512-VGzGhj4lJO+TVGV1v8ntCZWJktV7SGCs3Pn1GRWI1SBFtRALoomm8k5E9Pmwg3HOAal2VDc2F9+PM/rEY6oIDg==",
       "cpu": [
         "arm64"
       ],
@@ -122,9 +124,9 @@
       }
     },
     "node_modules/@esbuild/android-x64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.23.0.tgz",
-      "integrity": "sha512-WRrmKidLoKDl56LsbBMhzTTBxrsVwTKdNbKDalbEZr0tcsBgCLbEtoNthOW6PX942YiYq8HzEnb4yWQMLQuipQ==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.5.tgz",
+      "integrity": "sha512-D2GyJT1kjvO//drbRT3Hib9XPwQeWd9vZoBJn+bu/lVsOZ13cqNdDeqIF/xQ5/VmWvMduP6AmXvylO/PIc2isw==",
       "cpu": [
         "x64"
       ],
@@ -139,9 +141,9 @@
       }
     },
     "node_modules/@esbuild/darwin-arm64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.23.0.tgz",
-      "integrity": "sha512-YLntie/IdS31H54Ogdn+v50NuoWF5BDkEUFpiOChVa9UnKpftgwzZRrI4J132ETIi+D8n6xh9IviFV3eXdxfow==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.5.tgz",
+      "integrity": "sha512-GtaBgammVvdF7aPIgH2jxMDdivezgFu6iKpmT+48+F8Hhg5J/sfnDieg0aeG/jfSvkYQU2/pceFPDKlqZzwnfQ==",
       "cpu": [
         "arm64"
       ],
@@ -156,9 +158,9 @@
       }
     },
     "node_modules/@esbuild/darwin-x64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.23.0.tgz",
-      "integrity": "sha512-IMQ6eme4AfznElesHUPDZ+teuGwoRmVuuixu7sv92ZkdQcPbsNHzutd+rAfaBKo8YK3IrBEi9SLLKWJdEvJniQ==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.5.tgz",
+      "integrity": "sha512-1iT4FVL0dJ76/q1wd7XDsXrSW+oLoquptvh4CLR4kITDtqi2e/xwXwdCVH8hVHU43wgJdsq7Gxuzcs6Iq/7bxQ==",
       "cpu": [
         "x64"
       ],
@@ -173,9 +175,9 @@
       }
     },
     "node_modules/@esbuild/freebsd-arm64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.23.0.tgz",
-      "integrity": "sha512-0muYWCng5vqaxobq6LB3YNtevDFSAZGlgtLoAc81PjUfiFz36n4KMpwhtAd4he8ToSI3TGyuhyx5xmiWNYZFyw==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.5.tgz",
+      "integrity": "sha512-nk4tGP3JThz4La38Uy/gzyXtpkPW8zSAmoUhK9xKKXdBCzKODMc2adkB2+8om9BDYugz+uGV7sLmpTYzvmz6Sw==",
       "cpu": [
         "arm64"
       ],
@@ -190,9 +192,9 @@
       }
     },
     "node_modules/@esbuild/freebsd-x64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.23.0.tgz",
-      "integrity": "sha512-XKDVu8IsD0/q3foBzsXGt/KjD/yTKBCIwOHE1XwiXmrRwrX6Hbnd5Eqn/WvDekddK21tfszBSrE/WMaZh+1buQ==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.5.tgz",
+      "integrity": "sha512-PrikaNjiXdR2laW6OIjlbeuCPrPaAl0IwPIaRv+SMV8CiM8i2LqVUHFC1+8eORgWyY7yhQY+2U2fA55mBzReaw==",
       "cpu": [
         "x64"
       ],
@@ -207,9 +209,9 @@
       }
     },
     "node_modules/@esbuild/linux-arm": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.23.0.tgz",
-      "integrity": "sha512-SEELSTEtOFu5LPykzA395Mc+54RMg1EUgXP+iw2SJ72+ooMwVsgfuwXo5Fn0wXNgWZsTVHwY2cg4Vi/bOD88qw==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.5.tgz",
+      "integrity": "sha512-cPzojwW2okgh7ZlRpcBEtsX7WBuqbLrNXqLU89GxWbNt6uIg78ET82qifUy3W6OVww6ZWobWub5oqZOVtwolfw==",
       "cpu": [
         "arm"
       ],
@@ -224,9 +226,9 @@
       }
     },
     "node_modules/@esbuild/linux-arm64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.23.0.tgz",
-      "integrity": "sha512-j1t5iG8jE7BhonbsEg5d9qOYcVZv/Rv6tghaXM/Ug9xahM0nX/H2gfu6X6z11QRTMT6+aywOMA8TDkhPo8aCGw==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.5.tgz",
+      "integrity": "sha512-Z9kfb1v6ZlGbWj8EJk9T6czVEjjq2ntSYLY2cw6pAZl4oKtfgQuS4HOq41M/BcoLPzrUbNd+R4BXFyH//nHxVg==",
       "cpu": [
         "arm64"
       ],
@@ -241,9 +243,9 @@
       }
     },
     "node_modules/@esbuild/linux-ia32": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.23.0.tgz",
-      "integrity": "sha512-P7O5Tkh2NbgIm2R6x1zGJJsnacDzTFcRWZyTTMgFdVit6E98LTxO+v8LCCLWRvPrjdzXHx9FEOA8oAZPyApWUA==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.5.tgz",
+      "integrity": "sha512-sQ7l00M8bSv36GLV95BVAdhJ2QsIbCuCjh/uYrWiMQSUuV+LpXwIqhgJDcvMTj+VsQmqAHL2yYaasENvJ7CDKA==",
       "cpu": [
         "ia32"
       ],
@@ -258,9 +260,9 @@
       }
     },
     "node_modules/@esbuild/linux-loong64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.23.0.tgz",
-      "integrity": "sha512-InQwepswq6urikQiIC/kkx412fqUZudBO4SYKu0N+tGhXRWUqAx+Q+341tFV6QdBifpjYgUndV1hhMq3WeJi7A==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.5.tgz",
+      "integrity": "sha512-0ur7ae16hDUC4OL5iEnDb0tZHDxYmuQyhKhsPBV8f99f6Z9KQM02g33f93rNH5A30agMS46u2HP6qTdEt6Q1kg==",
       "cpu": [
         "loong64"
       ],
@@ -275,9 +277,9 @@
       }
     },
     "node_modules/@esbuild/linux-mips64el": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.23.0.tgz",
-      "integrity": "sha512-J9rflLtqdYrxHv2FqXE2i1ELgNjT+JFURt/uDMoPQLcjWQA5wDKgQA4t/dTqGa88ZVECKaD0TctwsUfHbVoi4w==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.5.tgz",
+      "integrity": "sha512-kB/66P1OsHO5zLz0i6X0RxlQ+3cu0mkxS3TKFvkb5lin6uwZ/ttOkP3Z8lfR9mJOBk14ZwZ9182SIIWFGNmqmg==",
       "cpu": [
         "mips64el"
       ],
@@ -292,9 +294,9 @@
       }
     },
     "node_modules/@esbuild/linux-ppc64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.23.0.tgz",
-      "integrity": "sha512-cShCXtEOVc5GxU0fM+dsFD10qZ5UpcQ8AM22bYj0u/yaAykWnqXJDpd77ublcX6vdDsWLuweeuSNZk4yUxZwtw==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.5.tgz",
+      "integrity": "sha512-UZCmJ7r9X2fe2D6jBmkLBMQetXPXIsZjQJCjgwpVDz+YMcS6oFR27alkgGv3Oqkv07bxdvw7fyB71/olceJhkQ==",
       "cpu": [
         "ppc64"
       ],
@@ -309,9 +311,9 @@
       }
     },
     "node_modules/@esbuild/linux-riscv64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.23.0.tgz",
-      "integrity": "sha512-HEtaN7Y5UB4tZPeQmgz/UhzoEyYftbMXrBCUjINGjh3uil+rB/QzzpMshz3cNUxqXN7Vr93zzVtpIDL99t9aRw==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.5.tgz",
+      "integrity": "sha512-kTxwu4mLyeOlsVIFPfQo+fQJAV9mh24xL+y+Bm6ej067sYANjyEw1dNHmvoqxJUCMnkBdKpvOn0Ahql6+4VyeA==",
       "cpu": [
         "riscv64"
       ],
@@ -326,9 +328,9 @@
       }
     },
     "node_modules/@esbuild/linux-s390x": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.23.0.tgz",
-      "integrity": "sha512-WDi3+NVAuyjg/Wxi+o5KPqRbZY0QhI9TjrEEm+8dmpY9Xir8+HE/HNx2JoLckhKbFopW0RdO2D72w8trZOV+Wg==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.5.tgz",
+      "integrity": "sha512-K2dSKTKfmdh78uJ3NcWFiqyRrimfdinS5ErLSn3vluHNeHVnBAFWC8a4X5N+7FgVE1EjXS1QDZbpqZBjfrqMTQ==",
       "cpu": [
         "s390x"
       ],
@@ -343,9 +345,9 @@
       }
     },
     "node_modules/@esbuild/linux-x64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.23.0.tgz",
-      "integrity": "sha512-a3pMQhUEJkITgAw6e0bWA+F+vFtCciMjW/LPtoj99MhVt+Mfb6bbL9hu2wmTZgNd994qTAEw+U/r6k3qHWWaOQ==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.5.tgz",
+      "integrity": "sha512-uhj8N2obKTE6pSZ+aMUbqq+1nXxNjZIIjCjGLfsWvVpy7gKCOL6rsY1MhRh9zLtUtAI7vpgLMK6DxjO8Qm9lJw==",
       "cpu": [
         "x64"
       ],
@@ -359,10 +361,27 @@
         "node": ">=18"
       }
     },
+    "node_modules/@esbuild/netbsd-arm64": {
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.5.tgz",
+      "integrity": "sha512-pwHtMP9viAy1oHPvgxtOv+OkduK5ugofNTVDilIzBLpoWAM16r7b/mxBvfpuQDpRQFMfuVr5aLcn4yveGvBZvw==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "netbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
     "node_modules/@esbuild/netbsd-x64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.23.0.tgz",
-      "integrity": "sha512-cRK+YDem7lFTs2Q5nEv/HHc4LnrfBCbH5+JHu6wm2eP+d8OZNoSMYgPZJq78vqQ9g+9+nMuIsAO7skzphRXHyw==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.5.tgz",
+      "integrity": "sha512-WOb5fKrvVTRMfWFNCroYWWklbnXH0Q5rZppjq0vQIdlsQKuw6mdSihwSo4RV/YdQ5UCKKvBy7/0ZZYLBZKIbwQ==",
       "cpu": [
         "x64"
       ],
@@ -377,9 +396,9 @@
       }
     },
     "node_modules/@esbuild/openbsd-arm64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.23.0.tgz",
-      "integrity": "sha512-suXjq53gERueVWu0OKxzWqk7NxiUWSUlrxoZK7usiF50C6ipColGR5qie2496iKGYNLhDZkPxBI3erbnYkU0rQ==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.5.tgz",
+      "integrity": "sha512-7A208+uQKgTxHd0G0uqZO8UjK2R0DDb4fDmERtARjSHWxqMTye4Erz4zZafx7Di9Cv+lNHYuncAkiGFySoD+Mw==",
       "cpu": [
         "arm64"
       ],
@@ -394,9 +413,9 @@
       }
     },
     "node_modules/@esbuild/openbsd-x64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.23.0.tgz",
-      "integrity": "sha512-6p3nHpby0DM/v15IFKMjAaayFhqnXV52aEmv1whZHX56pdkK+MEaLoQWj+H42ssFarP1PcomVhbsR4pkz09qBg==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.5.tgz",
+      "integrity": "sha512-G4hE405ErTWraiZ8UiSoesH8DaCsMm0Cay4fsFWOOUcz8b8rC6uCvnagr+gnioEjWn0wC+o1/TAHt+It+MpIMg==",
       "cpu": [
         "x64"
       ],
@@ -411,9 +430,9 @@
       }
     },
     "node_modules/@esbuild/sunos-x64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.23.0.tgz",
-      "integrity": "sha512-BFelBGfrBwk6LVrmFzCq1u1dZbG4zy/Kp93w2+y83Q5UGYF1d8sCzeLI9NXjKyujjBBniQa8R8PzLFAUrSM9OA==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.5.tgz",
+      "integrity": "sha512-l+azKShMy7FxzY0Rj4RCt5VD/q8mG/e+mDivgspo+yL8zW7qEwctQ6YqKX34DTEleFAvCIUviCFX1SDZRSyMQA==",
       "cpu": [
         "x64"
       ],
@@ -428,9 +447,9 @@
       }
     },
     "node_modules/@esbuild/win32-arm64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.23.0.tgz",
-      "integrity": "sha512-lY6AC8p4Cnb7xYHuIxQ6iYPe6MfO2CC43XXKo9nBXDb35krYt7KGhQnOkRGar5psxYkircpCqfbNDB4uJbS2jQ==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.5.tgz",
+      "integrity": "sha512-O2S7SNZzdcFG7eFKgvwUEZ2VG9D/sn/eIiz8XRZ1Q/DO5a3s76Xv0mdBzVM5j5R639lXQmPmSo0iRpHqUUrsxw==",
       "cpu": [
         "arm64"
       ],
@@ -445,9 +464,9 @@
       }
     },
     "node_modules/@esbuild/win32-ia32": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.23.0.tgz",
-      "integrity": "sha512-7L1bHlOTcO4ByvI7OXVI5pNN6HSu6pUQq9yodga8izeuB1KcT2UkHaH6118QJwopExPn0rMHIseCTx1CRo/uNA==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.5.tgz",
+      "integrity": "sha512-onOJ02pqs9h1iMJ1PQphR+VZv8qBMQ77Klcsqv9CNW2w6yLqoURLcgERAIurY6QE63bbLuqgP9ATqajFLK5AMQ==",
       "cpu": [
         "ia32"
       ],
@@ -462,9 +481,9 @@
       }
     },
     "node_modules/@esbuild/win32-x64": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.23.0.tgz",
-      "integrity": "sha512-Arm+WgUFLUATuoxCJcahGuk6Yj9Pzxd6l11Zb/2aAuv5kWWvvfhLFo2fni4uSK5vzlUdCGZ/BdV5tH8klj8p8g==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.5.tgz",
+      "integrity": "sha512-TXv6YnJ8ZMVdX+SXWVBo/0p8LTcrUYngpWjvm91TMjjBQii7Oz11Lw5lbDV5Y0TzuhSJHwiH4hEtC1I42mMS0g==",
       "cpu": [
         "x64"
       ],
@@ -478,6 +497,41 @@
         "node": ">=18"
       }
     },
+    "node_modules/@gerrit0/mini-shiki": {
+      "version": "3.7.0",
+      "resolved": "https://registry.npmjs.org/@gerrit0/mini-shiki/-/mini-shiki-3.7.0.tgz",
+      "integrity": "sha512-7iY9wg4FWXmeoFJpUL2u+tsmh0d0jcEJHAIzVxl3TG4KL493JNnisdLAILZ77zcD+z3J0keEXZ+lFzUgzQzPDg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@shikijs/engine-oniguruma": "^3.7.0",
+        "@shikijs/langs": "^3.7.0",
+        "@shikijs/themes": "^3.7.0",
+        "@shikijs/types": "^3.7.0",
+        "@shikijs/vscode-textmate": "^10.0.2"
+      }
+    },
+    "node_modules/@isaacs/balanced-match": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@isaacs/balanced-match/-/balanced-match-4.0.1.tgz",
+      "integrity": "sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ==",
+      "license": "MIT",
+      "engines": {
+        "node": "20 || >=22"
+      }
+    },
+    "node_modules/@isaacs/brace-expansion": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.0.tgz",
+      "integrity": "sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==",
+      "license": "MIT",
+      "dependencies": {
+        "@isaacs/balanced-match": "^4.0.1"
+      },
+      "engines": {
+        "node": "20 || >=22"
+      }
+    },
     "node_modules/@isaacs/cliui": {
       "version": "8.0.2",
       "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz",
@@ -707,9 +761,9 @@
       }
     },
     "node_modules/@npmcli/package-json": {
-      "version": "5.2.0",
-      "resolved": "https://registry.npmjs.org/@npmcli/package-json/-/package-json-5.2.0.tgz",
-      "integrity": "sha512-qe/kiqqkW0AGtvBjL8TJKZk/eBBSpnJkUWvHdQ9jM2lKHXRYYJuyNpJPlJw3c8QjC2ow6NZYiLExhUaeJelbxQ==",
+      "version": "5.2.1",
+      "resolved": "https://registry.npmjs.org/@npmcli/package-json/-/package-json-5.2.1.tgz",
+      "integrity": "sha512-f7zYC6kQautXHvNbLEWgD/uGu1+xCn9izgqBfgItWSx22U0ZDekxN08A1vM8cTxj/cRVe0Q94Ode+tdoYmIOOQ==",
       "dev": true,
       "license": "ISC",
       "dependencies": {
@@ -725,6 +779,76 @@
         "node": "^16.14.0 || >=18.0.0"
       }
     },
+    "node_modules/@npmcli/package-json/node_modules/glob": {
+      "version": "10.4.5",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
+      "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "foreground-child": "^3.1.0",
+        "jackspeak": "^3.1.2",
+        "minimatch": "^9.0.4",
+        "minipass": "^7.1.2",
+        "package-json-from-dist": "^1.0.0",
+        "path-scurry": "^1.11.1"
+      },
+      "bin": {
+        "glob": "dist/esm/bin.mjs"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/@npmcli/package-json/node_modules/jackspeak": {
+      "version": "3.4.3",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
+      "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
+      "dev": true,
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "@isaacs/cliui": "^8.0.2"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      },
+      "optionalDependencies": {
+        "@pkgjs/parseargs": "^0.11.0"
+      }
+    },
+    "node_modules/@npmcli/package-json/node_modules/minimatch": {
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "brace-expansion": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.17"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/@npmcli/package-json/node_modules/path-scurry": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
+      "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
+      "dev": true,
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "lru-cache": "^10.2.0",
+        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.18"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
     "node_modules/@npmcli/promise-spawn": {
       "version": "7.0.2",
       "resolved": "https://registry.npmjs.org/@npmcli/promise-spawn/-/promise-spawn-7.0.2.tgz",
@@ -777,16 +901,55 @@
         "node": ">=14"
       }
     },
-    "node_modules/@shikijs/core": {
-      "version": "1.10.3",
-      "resolved": "https://registry.npmjs.org/@shikijs/core/-/core-1.10.3.tgz",
-      "integrity": "sha512-D45PMaBaeDHxww+EkcDQtDAtzv00Gcsp72ukBtaLSmqRvh0WgGMq3Al0rl1QQBZfuneO75NXMIzEZGFitThWbg==",
+    "node_modules/@shikijs/engine-oniguruma": {
+      "version": "3.7.0",
+      "resolved": "https://registry.npmjs.org/@shikijs/engine-oniguruma/-/engine-oniguruma-3.7.0.tgz",
+      "integrity": "sha512-5BxcD6LjVWsGu4xyaBC5bu8LdNgPCVBnAkWTtOCs/CZxcB22L8rcoWfv7Hh/3WooVjBZmFtyxhgvkQFedPGnFw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
+        "@shikijs/types": "3.7.0",
+        "@shikijs/vscode-textmate": "^10.0.2"
+      }
+    },
+    "node_modules/@shikijs/langs": {
+      "version": "3.7.0",
+      "resolved": "https://registry.npmjs.org/@shikijs/langs/-/langs-3.7.0.tgz",
+      "integrity": "sha512-1zYtdfXLr9xDKLTGy5kb7O0zDQsxXiIsw1iIBcNOO8Yi5/Y1qDbJ+0VsFoqTlzdmneO8Ij35g7QKF8kcLyznCQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@shikijs/types": "3.7.0"
+      }
+    },
+    "node_modules/@shikijs/themes": {
+      "version": "3.7.0",
+      "resolved": "https://registry.npmjs.org/@shikijs/themes/-/themes-3.7.0.tgz",
+      "integrity": "sha512-VJx8497iZPy5zLiiCTSIaOChIcKQwR0FebwE9S3rcN0+J/GTWwQ1v/bqhTbpbY3zybPKeO8wdammqkpXc4NVjQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@shikijs/types": "3.7.0"
+      }
+    },
+    "node_modules/@shikijs/types": {
+      "version": "3.7.0",
+      "resolved": "https://registry.npmjs.org/@shikijs/types/-/types-3.7.0.tgz",
+      "integrity": "sha512-MGaLeaRlSWpnP0XSAum3kP3a8vtcTsITqoEPYdt3lQG3YCdQH4DnEhodkYcNMcU0uW0RffhoD1O3e0vG5eSBBg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@shikijs/vscode-textmate": "^10.0.2",
         "@types/hast": "^3.0.4"
       }
     },
+    "node_modules/@shikijs/vscode-textmate": {
+      "version": "10.0.2",
+      "resolved": "https://registry.npmjs.org/@shikijs/vscode-textmate/-/vscode-textmate-10.0.2.tgz",
+      "integrity": "sha512-83yeghZ2xxin3Nj8z1NMd/NCuca+gsYXswywDy5bHvwlWL8tpTQmzGeUuHd9FC3E/SBEMvzJRwWEOz5gGes9Qg==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/@sigstore/bundle": {
       "version": "2.3.2",
       "resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.3.2.tgz",
@@ -811,13 +974,13 @@
       }
     },
     "node_modules/@sigstore/protobuf-specs": {
-      "version": "0.3.2",
-      "resolved": "https://registry.npmjs.org/@sigstore/protobuf-specs/-/protobuf-specs-0.3.2.tgz",
-      "integrity": "sha512-c6B0ehIWxMI8wiS/bj6rHMPqeFvngFV7cDU/MY+B16P9Z3Mp9k8L93eYZ7BYzSickzuqAQqAq0V956b3Ju6mLw==",
+      "version": "0.3.3",
+      "resolved": "https://registry.npmjs.org/@sigstore/protobuf-specs/-/protobuf-specs-0.3.3.tgz",
+      "integrity": "sha512-RpacQhBlwpBWd7KEJsRKcBQalbV28fvkxwTOJIqhIuDysMMaJW47V4OqW30iJB9uRpqOSxxEAQFdr8tTattReQ==",
       "dev": true,
       "license": "Apache-2.0",
       "engines": {
-        "node": "^16.14.0 || >=18.0.0"
+        "node": "^18.17.0 || >=20.5.0"
       }
     },
     "node_modules/@sigstore/sign": {
@@ -868,264 +1031,264 @@
       }
     },
     "node_modules/@tapjs/after": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/after/-/after-2.0.3.tgz",
-      "integrity": "sha512-I5H3lFvevFF2hDykvNKGXyUNrzg9qL001an1AzUKxe/LtL9m6qcxa1tCm9LLjvJcacZHPsQZHPX2QyVqFkoeLQ==",
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/after/-/after-3.0.1.tgz",
+      "integrity": "sha512-EMvLpjqKwmz3mVkilTpcMa/C9H/g+S7lBrPk4CxPJ3i+Lrid0UH80CHqL5OaEeAbyCev9Nio/JkeXuwBKRu2Mg==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "is-actual-promise": "^1.0.1"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/after-each": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/after-each/-/after-each-3.0.3.tgz",
-      "integrity": "sha512-gg+TwlnnNhXkyWMLW9iF7O2U01RYLBwzvsLM2ZwP8f8yS/sH6rjTxYxik6v+mQFvvsoawWrZ5X594pVJUQp80A==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/after-each/-/after-each-4.0.1.tgz",
+      "integrity": "sha512-YkVvfszKTLm57Bju8ET4hKCPXVsd9OCkWUBD8h8g0ZrX61r99Cf6jw/D4eTppPcWryOwE7WO/7aj/toBTp2W/Q==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "function-loop": "^4.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/asserts": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/asserts/-/asserts-3.0.3.tgz",
-      "integrity": "sha512-Jfb+Fdq6nIbBDi4qPDPrptG3kkPd1C3ia+6Uw3foIbHvWARfJek+HkmZAy72Hv9QPlkMDjl37i7w2p64Xr0Fyg==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/asserts/-/asserts-4.0.1.tgz",
+      "integrity": "sha512-MG4Gt2/RctnqTsPxFBzHP9pu8M8uBJrytOnggiMRtLQPHpR1MwuMLGTlk0qOehF8zrpu8J9k1GFbl7MiN/L6+A==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "@tapjs/stack": "3.0.0",
+        "@tapjs/stack": "4.0.0",
         "is-actual-promise": "^1.0.1",
-        "tcompare": "8.0.0",
+        "tcompare": "9.0.0",
         "trivial-deferred": "^2.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/before": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/before/-/before-3.0.3.tgz",
-      "integrity": "sha512-F8tKS3hezg/t0C/sz92/a+Hil5YbOpDSrVTBAv4jyxX4e1Bni7gsniwJ/MwI5BMhZI6UWl8/xReFYBrfGHRXpg==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/before/-/before-4.0.1.tgz",
+      "integrity": "sha512-20mjT6KUqtA+OX6rAIZ/f9flDVOSnVMg4HyEjuIonn0Kk2EWqRJuSxd+ystllNbIY+/uNpFkq58/f6APi3p/Bg==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "is-actual-promise": "^1.0.1"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/before-each": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/before-each/-/before-each-3.0.3.tgz",
-      "integrity": "sha512-da1l+rh29x/E+HS6lJBSaHtiuwatFHaHgIBE4/8osU7yTFTZRaA2MjDEfb6gT3/bVZEAae1sVzDkyFhGoMCBkg==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/before-each/-/before-each-4.0.1.tgz",
+      "integrity": "sha512-7eO98gxd0H7aI1K2whVJyBFrMXNUewPbBJgCPPdzYgY06CcI+cyZE136d8ZZcbAHmOWfEmzzcQtTzCNx3IuawQ==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "function-loop": "^4.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/chdir": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/chdir/-/chdir-2.0.3.tgz",
-      "integrity": "sha512-WromiRwubX4K941tGWK0WBOPSu5tRd6JLSUo73ZPDPT48HIypjFG+TBKEiDAjsCcPQ/DUE0fefqVIeJPy+RVIQ==",
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/chdir/-/chdir-3.0.1.tgz",
+      "integrity": "sha512-TnmMC96E4CW6OhntAouc4HxQym0zpu7KT5/b7rUn49eCdlnYIZmGUPTigWFzxIWfgD22008QUelgjp+ifYpLlA==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/config": {
-      "version": "4.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/config/-/config-4.0.3.tgz",
-      "integrity": "sha512-9az/JQ3pqcutanbUPcBNdV0UAZJtajA7r+m6YQ66IPriUM9TUa68+p3iwK5OP0wkEVaY3dS811DiVtkZ4m63bg==",
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/config/-/config-5.0.1.tgz",
+      "integrity": "sha512-P4rv1gJGEUUTC1FiazUXZGggij3kxzCTQVVx+uULBBR+Oz3irELOM5EbkMVKpW7vEkQXt+hQaLeHRNQceawuEw==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "@tapjs/core": "3.0.3",
-        "@tapjs/test": "3.0.3",
+        "@tapjs/core": "4.0.1",
+        "@tapjs/test": "4.0.1",
         "chalk": "^5.2.0",
-        "jackspeak": "^3.4.0",
+        "jackspeak": "^4.0.1",
         "polite-json": "^5.0.0",
-        "tap-yaml": "3.0.0",
-        "walk-up-path": "^3.0.1"
+        "tap-yaml": "4.0.0",
+        "walk-up-path": "^4.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3",
-        "@tapjs/test": "3.0.3"
+        "@tapjs/core": "4.0.1",
+        "@tapjs/test": "4.0.1"
       }
     },
     "node_modules/@tapjs/core": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/core/-/core-3.0.3.tgz",
-      "integrity": "sha512-Vgg1UpE+pNTylXKoxK7k+LOYVLGis14wxzH7+vTMT5H57aF9NAyGJN1kenHyOFA/ML45TofgKsQY2e6EM8whzA==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/core/-/core-4.0.1.tgz",
+      "integrity": "sha512-gJq1Y/4kqnb7+FDl1RbaiEQ1/g9MrnUUwGnqGo2CNJturb+q9AhgYKjlEXFCnsdy1nXQgqeKSToEPU66LepZJw==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "@tapjs/processinfo": "^3.1.8",
-        "@tapjs/stack": "3.0.0",
-        "@tapjs/test": "3.0.3",
+        "@tapjs/stack": "4.0.0",
+        "@tapjs/test": "4.0.1",
         "async-hook-domain": "^4.0.1",
         "diff": "^5.2.0",
         "is-actual-promise": "^1.0.1",
         "minipass": "^7.0.4",
         "signal-exit": "4.1",
-        "tap-parser": "17.0.0",
-        "tap-yaml": "3.0.0",
-        "tcompare": "8.0.0",
+        "tap-parser": "18.0.0",
+        "tap-yaml": "4.0.0",
+        "tcompare": "9.0.0",
         "trivial-deferred": "^2.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       }
     },
     "node_modules/@tapjs/error-serdes": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/@tapjs/error-serdes/-/error-serdes-3.0.0.tgz",
-      "integrity": "sha512-+dVgpnD412aKGhu0w6ND2nSRHytClNR68jdeO7ww2NXv0bCroqEF+1uGLsiqnocwlAL2yheaF04zY+bthTfOgA==",
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/@tapjs/error-serdes/-/error-serdes-4.0.0.tgz",
+      "integrity": "sha512-jO0CvhL7lyGcDzyPeumyXirBv/vxRuhg8SdyLwjNqO7aelckxZzY/dCchtov7PfKK7wc/iB55W2++PE9waFaWw==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "minipass": "^7.0.4"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       }
     },
     "node_modules/@tapjs/filter": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/filter/-/filter-3.0.3.tgz",
-      "integrity": "sha512-7qcFmsR906AgC71APjpOXnwVCqWsaACCnkTClaprP1owrVmoeCOIRqSH6qkfp5sE1cbNwr5tamaPUBFwqH6xWw==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/filter/-/filter-4.0.1.tgz",
+      "integrity": "sha512-XDIi60GGljwxec/fHaC3agiHW/K4u1JV9b2xwkA0FreVYncIgWOMugnQ87tMLnfrSO9clNcBcJ4e4VDcBnPzFg==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/fixture": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/fixture/-/fixture-3.0.3.tgz",
-      "integrity": "sha512-wnVqaduQiERRQS7bqKEvBEwhAITOfj8rKjYuEsuNFCRpgTFwXopp8u3c7YONSmJljXCU6lMSXBV3+4zjBlXlJA==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/fixture/-/fixture-4.0.1.tgz",
+      "integrity": "sha512-ToCBArTQJ08DJrIUDTSGmzVmBtgTY6ppVhWrGdT/r0hC3dYsl8vLYKX1qJTGJmE88kNkwpjeDXh3QB0A/x03PQ==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "mkdirp": "^3.0.0",
-        "rimraf": "^5.0.5"
+        "rimraf": "^6.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/intercept": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/intercept/-/intercept-3.0.3.tgz",
-      "integrity": "sha512-axAkkf3Cc5dsC5cGVvlU5gjV63uSEjUv3WpctDeqPDof1Ryx50sXMWazu7s58kevAvtu3CBQXmbBR6hqpls74g==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/intercept/-/intercept-4.0.1.tgz",
+      "integrity": "sha512-nIkYtYAQU/OPbYnT5E0iXSMaDaEVayHhDozA8yje/OTyXZP5GPPsbrrKrdvFojYQ4CsXw0sqYyJim5zzxucdpA==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "@tapjs/after": "2.0.3",
-        "@tapjs/stack": "3.0.0"
+        "@tapjs/after": "3.0.1",
+        "@tapjs/stack": "4.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/mock": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/mock/-/mock-3.0.3.tgz",
-      "integrity": "sha512-Uyopi0mWivBvPvKlrH1n6GxCtJrq38wwuGH78EaHPOocsC/hmMlJYqzvtjXE3R/cJXSrgAxHjaD4JshsmEPN6Q==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/mock/-/mock-4.0.1.tgz",
+      "integrity": "sha512-OjuLr1+0CUMZiFCmxTAy3iSefurrI7vyAqB9lm+XHOJ8Qway10SjeCQTl1kiljXSswZRSheI+dh7EkL7J5LOgQ==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "@tapjs/after": "2.0.3",
-        "@tapjs/stack": "3.0.0",
-        "resolve-import": "^1.4.5",
-        "walk-up-path": "^3.0.1"
+        "@tapjs/after": "3.0.1",
+        "@tapjs/stack": "4.0.0",
+        "resolve-import": "^2.0.0",
+        "walk-up-path": "^4.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/node-serialize": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/node-serialize/-/node-serialize-3.0.3.tgz",
-      "integrity": "sha512-pOKGzdly9fe4PT5ztrouuLLliB5RPOdrmsIJi7OwE0jlBXigkGxqv4PgTX4nAv7QbcDlyCX6AKKLRoqEQVyPXA==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/node-serialize/-/node-serialize-4.0.1.tgz",
+      "integrity": "sha512-XsyRkCZGyugENnI67kRy50h+H7Om94VEyCSCIYLtCH7R514tkmdjw/otFewUE7y+wgndZ3yE7RfJp9zzk5ubiA==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "@tapjs/error-serdes": "3.0.0",
-        "@tapjs/stack": "3.0.0",
-        "tap-parser": "17.0.0"
+        "@tapjs/error-serdes": "4.0.0",
+        "@tapjs/stack": "4.0.0",
+        "tap-parser": "18.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/processinfo": {
@@ -1145,14 +1308,14 @@
       }
     },
     "node_modules/@tapjs/reporter": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/reporter/-/reporter-3.0.3.tgz",
-      "integrity": "sha512-7Hy7KOzFodcVstMbh7IdaRbeukMSFJsimlTIisdv/Fm+N3ljWhi1OvOZgZVtspO506rw+ZCPZ0/Y8ynYZUo7QA==",
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/@tapjs/reporter/-/reporter-4.0.2.tgz",
+      "integrity": "sha512-0o3Slf7OBL+to6aIB//gH8V0DEtn/Dw9KiroMJkEkWUTVgJ1v5YbrQH7HSc/57BZw10n5ov0kPba1sLLScuQ2Q==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "@tapjs/config": "4.0.3",
-        "@tapjs/stack": "3.0.0",
+        "@tapjs/config": "5.0.1",
+        "@tapjs/stack": "4.0.0",
         "chalk": "^5.2.0",
         "ink": "^5.0.1",
         "minipass": "^7.0.4",
@@ -1161,51 +1324,52 @@
         "prismjs-terminal": "^1.2.3",
         "react": "^18.2.0",
         "string-length": "^6.0.0",
-        "tap-parser": "17.0.0",
-        "tap-yaml": "3.0.0",
-        "tcompare": "8.0.0"
+        "tap-parser": "18.0.0",
+        "tap-yaml": "4.0.0",
+        "tcompare": "9.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/run": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/run/-/run-3.0.3.tgz",
-      "integrity": "sha512-Xcci3PNf8mmRc+3ULglduB2utJ+tGeKRXOze0FkzSYVj7ZX5Kv2nSTqIXzy/de3BeCtDY09g/H0qeGvcgHPb4w==",
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/@tapjs/run/-/run-4.0.2.tgz",
+      "integrity": "sha512-rq77+jyHmwsQsFv6N1FmG0SL/Z9mhJ5DgYoiPMDMA4GzCblxl18f1gGDd+HzWk+p05+6VB80E8lr2sblLhyg4g==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "@tapjs/after": "2.0.3",
-        "@tapjs/before": "3.0.3",
-        "@tapjs/config": "4.0.3",
+        "@tapjs/after": "3.0.1",
+        "@tapjs/before": "4.0.1",
+        "@tapjs/config": "5.0.1",
         "@tapjs/processinfo": "^3.1.8",
-        "@tapjs/reporter": "3.0.3",
-        "@tapjs/spawn": "3.0.3",
-        "@tapjs/stdin": "3.0.3",
-        "@tapjs/test": "3.0.3",
+        "@tapjs/reporter": "4.0.2",
+        "@tapjs/spawn": "4.0.1",
+        "@tapjs/stdin": "4.0.1",
+        "@tapjs/test": "4.0.1",
         "c8": "^10.1.2",
         "chalk": "^5.3.0",
         "chokidar": "^3.6.0",
         "foreground-child": "^3.1.1",
-        "glob": "^10.3.16",
+        "glob": "^11.0.0",
         "minipass": "^7.0.4",
         "mkdirp": "^3.0.1",
         "opener": "^1.5.2",
         "pacote": "^18.0.6",
-        "resolve-import": "^1.4.5",
-        "rimraf": "^5.0.5",
+        "path-scurry": "^2.0.0",
+        "resolve-import": "^2.0.0",
+        "rimraf": "^6.0.0",
         "semver": "^7.6.0",
         "signal-exit": "^4.1.0",
-        "tap-parser": "17.0.0",
-        "tap-yaml": "3.0.0",
-        "tcompare": "8.0.0",
+        "tap-parser": "18.0.0",
+        "tap-yaml": "4.0.0",
+        "tcompare": "9.0.0",
         "trivial-deferred": "^2.0.0",
         "which": "^4.0.0"
       },
@@ -1213,187 +1377,175 @@
         "tap-run": "dist/esm/index.js"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/snapshot": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/snapshot/-/snapshot-3.0.3.tgz",
-      "integrity": "sha512-3Z5sgNnb2kX+evjHwlcOew8r+Z9yJfN4kxs0N6EQpW6FxpD6/sE9oVgHMEIFAw4HzezL3DlBjlJF1VLpZmuogg==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/snapshot/-/snapshot-4.0.1.tgz",
+      "integrity": "sha512-Py7JTRdu6mjtDGMu3BjamGxgnNFRzDVHb9c2Bp0po403GmEGHOgdj17PxWhqa61uHmdzr3XH0BUWANYYp0JRrg==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "is-actual-promise": "^1.0.1",
-        "tcompare": "8.0.0",
+        "tcompare": "9.0.0",
         "trivial-deferred": "^2.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/spawn": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/spawn/-/spawn-3.0.3.tgz",
-      "integrity": "sha512-PbOzjxqSP/H9SY5HmM2NN0s8YxcG3xTXUBIpCN31LxVvVGj/B/R1R8ard8AUxwJVb8kS1nqKEwEotvNIm4CGVA==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/spawn/-/spawn-4.0.1.tgz",
+      "integrity": "sha512-ztF1Klv3pSK1YCslYaPBQtrydBiBntQe8BaKbFmVipWc7Dlogpnh7aCF16yjNOe7jL6kz5/2xvhY2XOUuAaymg==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/stack": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/@tapjs/stack/-/stack-3.0.0.tgz",
-      "integrity": "sha512-TrwR50bVb5Q6Vzc2XSoGwpkTchqcL3RU146jyEIG6GMfcg0WVNCtZaNu4e6wGFBnXvbRXbQ994bSpcBBSy3OBw==",
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/@tapjs/stack/-/stack-4.0.0.tgz",
+      "integrity": "sha512-uj6BvHXvLf1qILvcpYit9D6JX7pg4eSbaxm1MhWpi8wdhSQyUAOe4gxCMTfJpW0ekB48N4QN3S3vaq7rWtFctw==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       }
     },
     "node_modules/@tapjs/stdin": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/stdin/-/stdin-3.0.3.tgz",
-      "integrity": "sha512-ETyKj7twhxIdJky0SDpjA2niy1LIvPU/tr3tgw30IV+9LXC7pinCwbLLIoNDHSODfKSDQ0+QwRQLmlgugL3fUg==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/stdin/-/stdin-4.0.1.tgz",
+      "integrity": "sha512-25ZZgFaKkDtEPpAO1QkwWpAY1+7TXPn7JvlN4BeLNlymekFu7zSO8H+bpr/sKRKbKKrvRjdijYZrHc0J8dLkyw==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/test": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/test/-/test-3.0.3.tgz",
-      "integrity": "sha512-RB0Ca6MG4PEUUkGofYz0HWAaGoqgTFsfpRd15g/ax3+GaA2umZL3iHjhcpTt2TM1uUdN8bzUyOUlk6r1k/P3fQ==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/test/-/test-4.0.1.tgz",
+      "integrity": "sha512-Nl/tG7ZYWb3y7GvGp3qWHqgdGYTyTuV8CDCvMufj8g+DwSG0Lkek2KrRr6V8lBhhxyq1jZ5DEKBeOip1sxas7g==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "@isaacs/ts-node-temp-fork-for-pr-2009": "^10.9.7",
-        "@tapjs/after": "2.0.3",
-        "@tapjs/after-each": "3.0.3",
-        "@tapjs/asserts": "3.0.3",
-        "@tapjs/before": "3.0.3",
-        "@tapjs/before-each": "3.0.3",
-        "@tapjs/chdir": "2.0.3",
-        "@tapjs/filter": "3.0.3",
-        "@tapjs/fixture": "3.0.3",
-        "@tapjs/intercept": "3.0.3",
-        "@tapjs/mock": "3.0.3",
-        "@tapjs/node-serialize": "3.0.3",
-        "@tapjs/snapshot": "3.0.3",
-        "@tapjs/spawn": "3.0.3",
-        "@tapjs/stdin": "3.0.3",
-        "@tapjs/typescript": "2.0.3",
-        "@tapjs/worker": "3.0.3",
-        "glob": "^10.3.16",
-        "jackspeak": "^3.4.0",
+        "@tapjs/after": "3.0.1",
+        "@tapjs/after-each": "4.0.1",
+        "@tapjs/asserts": "4.0.1",
+        "@tapjs/before": "4.0.1",
+        "@tapjs/before-each": "4.0.1",
+        "@tapjs/chdir": "3.0.1",
+        "@tapjs/filter": "4.0.1",
+        "@tapjs/fixture": "4.0.1",
+        "@tapjs/intercept": "4.0.1",
+        "@tapjs/mock": "4.0.1",
+        "@tapjs/node-serialize": "4.0.1",
+        "@tapjs/snapshot": "4.0.1",
+        "@tapjs/spawn": "4.0.1",
+        "@tapjs/stdin": "4.0.1",
+        "@tapjs/typescript": "3.1.0",
+        "@tapjs/worker": "4.0.1",
+        "glob": "11",
+        "jackspeak": "^4.0.1",
         "mkdirp": "^3.0.0",
         "package-json-from-dist": "^1.0.0",
-        "resolve-import": "^1.4.5",
-        "rimraf": "^5.0.5",
-        "sync-content": "^1.0.1",
-        "tap-parser": "17.0.0",
-        "tshy": "^1.16.1",
+        "resolve-import": "^2.0.0",
+        "rimraf": "^6.0.0",
+        "sync-content": "^2.0.1",
+        "tap-parser": "18.0.0",
+        "tshy": "^3.0.2",
         "typescript": "5.5",
-        "walk-up-path": "^3.0.1"
+        "walk-up-path": "^4.0.0"
       },
       "bin": {
         "generate-tap-test-class": "dist/esm/build.mjs"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
-    "node_modules/@tapjs/test/node_modules/tshy": {
-      "version": "1.18.0",
-      "resolved": "https://registry.npmjs.org/tshy/-/tshy-1.18.0.tgz",
-      "integrity": "sha512-FQudIujBazHRu7CVPHKQE9/Xq1Wc7lezxD/FCnTXx2PTcnoSN32DVpb/ZXvzV2NJBTDB3XKjqX8Cdm+2UK1DlQ==",
+    "node_modules/@tapjs/test/node_modules/typescript": {
+      "version": "5.5.4",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.5.4.tgz",
+      "integrity": "sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==",
       "dev": true,
-      "license": "BlueOak-1.0.0",
-      "dependencies": {
-        "chalk": "^5.3.0",
-        "chokidar": "^3.6.0",
-        "foreground-child": "^3.1.1",
-        "minimatch": "^9.0.4",
-        "mkdirp": "^3.0.1",
-        "polite-json": "^5.0.0",
-        "resolve-import": "^1.4.5",
-        "rimraf": "^5.0.1",
-        "sync-content": "^1.0.2",
-        "typescript": "5",
-        "walk-up-path": "^3.0.1"
-      },
+      "license": "Apache-2.0",
       "bin": {
-        "tshy": "dist/esm/index.js"
+        "tsc": "bin/tsc",
+        "tsserver": "bin/tsserver"
       },
       "engines": {
-        "node": "16 >=16.17 || 18 >=18.15.0 || >=20.6.1"
+        "node": ">=14.17"
       }
     },
     "node_modules/@tapjs/typescript": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/typescript/-/typescript-2.0.3.tgz",
-      "integrity": "sha512-rakQwZtAcfOIrRxLV4H2ugseKLTHbjJfVwkMXQbhgmAHiwRazJwVyZTdAdL+IX9+SN1vimtWw/JImufMdgBTPg==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/@tapjs/typescript/-/typescript-3.1.0.tgz",
+      "integrity": "sha512-rucUjdT0bNyKneyzX0pwHD0QeKRKyGSf7ctYr/qfxpiXG50/BX9heksTj62CWFS9mc6bGGD/KahdRUarEL5yTw==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "@isaacs/ts-node-temp-fork-for-pr-2009": "^10.9.7"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tapjs/worker": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@tapjs/worker/-/worker-3.0.3.tgz",
-      "integrity": "sha512-Or8B0yyMRd8A6cvckTXitc9Dvw6um15sGCv2ICR4QZzTdahjlL2uiG+FUfIOd1oSSOM0E3aCVk53sGVVViEjuQ==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@tapjs/worker/-/worker-4.0.1.tgz",
+      "integrity": "sha512-/vt26VFrrsKRqRzqFzdXtZkVnT3JT+xImRSgIwFXZ/0Gr8x88tmstPbDfPujSI1zXdaW1OLu2iib8UY3Uls9Cw==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "peerDependencies": {
-        "@tapjs/core": "3.0.3"
+        "@tapjs/core": "4.0.1"
       }
     },
     "node_modules/@tsconfig/node14": {
-      "version": "14.1.2",
-      "resolved": "https://registry.npmjs.org/@tsconfig/node14/-/node14-14.1.2.tgz",
-      "integrity": "sha512-1vncsbfCZ3TBLPxesRYz02Rn7SNJfbLoDVkcZ7F/ixOV6nwxwgdhD1mdPcc5YQ413qBJ8CvMxXMFfJ7oawjo7Q==",
+      "version": "14.1.4",
+      "resolved": "https://registry.npmjs.org/@tsconfig/node14/-/node14-14.1.4.tgz",
+      "integrity": "sha512-S5G+j19uQt/7wiXFqGapQ1cSYHlAoxYreObGkOmawAknegyUjx8EXngqy6vAitLHqCFu3rzluPlk77pWMD4n1Q==",
       "dev": true,
       "license": "MIT"
     },
     "node_modules/@tsconfig/node16": {
-      "version": "16.1.3",
-      "resolved": "https://registry.npmjs.org/@tsconfig/node16/-/node16-16.1.3.tgz",
-      "integrity": "sha512-9nTOUBn+EMKO6rtSZJk+DcqsfgtlERGT9XPJ5PRj/HNENPCBY1yu/JEj5wT6GLtbCLBO2k46SeXDaY0pjMqypw==",
+      "version": "16.1.4",
+      "resolved": "https://registry.npmjs.org/@tsconfig/node16/-/node16-16.1.4.tgz",
+      "integrity": "sha512-tkWPDtk18K2qJK/DhU010f03iDlw+C8qjXvhwZ4KKpJQC4QFOG3r8tIf2q6aWD0mz9N7RcZcaD9SPlrVLKiDoQ==",
       "dev": true,
       "license": "MIT"
     },
@@ -1405,9 +1557,9 @@
       "license": "MIT"
     },
     "node_modules/@tsconfig/node20": {
-      "version": "20.1.4",
-      "resolved": "https://registry.npmjs.org/@tsconfig/node20/-/node20-20.1.4.tgz",
-      "integrity": "sha512-sqgsT69YFeLWf5NtJ4Xq/xAF8p4ZQHlmGW74Nu2tD4+g5fAsposc4ZfaaPixVu4y01BEiDCWLRDCvDM5JOsRxg==",
+      "version": "20.1.6",
+      "resolved": "https://registry.npmjs.org/@tsconfig/node20/-/node20-20.1.6.tgz",
+      "integrity": "sha512-sz+Hqx9zwZDpZIV871WSbUzSqNIsXzghZydypnfgzPKLltVJfkINfUeTct31n/tTSa9ZE1ZOfKdRre1uHHquYQ==",
       "dev": true,
       "license": "MIT"
     },
@@ -1435,6 +1587,22 @@
         "node": "^16.14.0 || >=18.0.0"
       }
     },
+    "node_modules/@tufjs/models/node_modules/minimatch": {
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "brace-expansion": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.17"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
     "node_modules/@types/brace-expansion": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/@types/brace-expansion/-/brace-expansion-1.1.2.tgz",
@@ -1460,19 +1628,19 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "20.14.10",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.14.10.tgz",
-      "integrity": "sha512-MdiXf+nDuMvY0gJKxyfZ7/6UFsETO7mGKF54MVD/ekJS6HdFtpZFBgrh6Pseu64XTb2MLyFPlbW6hj8HYRQNOQ==",
+      "version": "24.0.3",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.0.3.tgz",
+      "integrity": "sha512-R4I/kzCYAdRLzfiCabn9hxWfbuHS573x+r0dJMkkzThEa7pbrcDWK+9zu3e7aBOouf+rQAciqPFMnxwr0aWgKg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "undici-types": "~5.26.4"
+        "undici-types": "~7.8.0"
       }
     },
     "node_modules/@types/unist": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/@types/unist/-/unist-3.0.2.tgz",
-      "integrity": "sha512-dqId9J8K/vGi5Zr7oo212BGii5m3q5Hxlkwy3WpYuKPklmBEvsbMYYyLxAQpSffdLl/gdW0XUpKWFvYmyoWCoQ==",
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/@types/unist/-/unist-3.0.3.tgz",
+      "integrity": "sha512-ko/gIFJRv177XgZsZcBwnqJN5x/Gien8qNOn0D5bQU/zAzVf9Zt3BlcUiLqhV9y4ARk0GbT3tnUiPNgnTXzc/Q==",
       "dev": true,
       "license": "MIT"
     },
@@ -1487,9 +1655,9 @@
       }
     },
     "node_modules/acorn": {
-      "version": "8.12.1",
-      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.12.1.tgz",
-      "integrity": "sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg==",
+      "version": "8.15.0",
+      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz",
+      "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
       "dev": true,
       "license": "MIT",
       "bin": {
@@ -1500,9 +1668,9 @@
       }
     },
     "node_modules/acorn-walk": {
-      "version": "8.3.3",
-      "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.3.tgz",
-      "integrity": "sha512-MxXdReSRhGO7VlFe1bRG/oI7/mdLV9B9JJT0N8vZOhF7gFRR5l3M8W9G8JxmKV+JC5mGqJ0QvqfSOLsCPa4nUw==",
+      "version": "8.3.4",
+      "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.4.tgz",
+      "integrity": "sha512-ueEepnujpqee2o5aIYnvHU6C0A42MNdsIDeqy5BydrkuC5R1ZuUFnm27EeFJGoEHJQgn3uleRvmTXaJgfXbt4g==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -1513,14 +1681,11 @@
       }
     },
     "node_modules/agent-base": {
-      "version": "7.1.1",
-      "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.1.tgz",
-      "integrity": "sha512-H0TSyFNDMomMNJQBn8wFV5YC/2eJ+VXECwOadZJT554xP6cODZHPX3H9QMQECxvrgiSOP1pHjy1sMWQVYJOUOA==",
+      "version": "7.1.3",
+      "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz",
+      "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==",
       "dev": true,
       "license": "MIT",
-      "dependencies": {
-        "debug": "^4.3.4"
-      },
       "engines": {
         "node": ">= 14"
       }
@@ -1566,9 +1731,9 @@
       }
     },
     "node_modules/ansi-regex": {
-      "version": "6.0.1",
-      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz",
-      "integrity": "sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==",
+      "version": "6.1.0",
+      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz",
+      "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -1646,6 +1811,7 @@
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
       "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==",
+      "dev": true,
       "license": "MIT"
     },
     "node_modules/binary-extensions": {
@@ -1662,9 +1828,10 @@
       }
     },
     "node_modules/brace-expansion": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-      "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+      "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+      "dev": true,
       "license": "MIT",
       "dependencies": {
         "balanced-match": "^1.0.0"
@@ -1684,13 +1851,13 @@
       }
     },
     "node_modules/c8": {
-      "version": "10.1.2",
-      "resolved": "https://registry.npmjs.org/c8/-/c8-10.1.2.tgz",
-      "integrity": "sha512-Qr6rj76eSshu5CgRYvktW0uM0CFY0yi4Fd5D0duDXO6sYinyopmftUiJVuzBQxQcwQLor7JWDVRP+dUfCmzgJw==",
+      "version": "10.1.3",
+      "resolved": "https://registry.npmjs.org/c8/-/c8-10.1.3.tgz",
+      "integrity": "sha512-LvcyrOAaOnrrlMpW22n690PUvxiq4Uf9WMhQwNJ9vgagkL/ph1+D4uvjvDA5XCbykrc0sx+ay6pVi9YZ1GnhyA==",
       "dev": true,
       "license": "ISC",
       "dependencies": {
-        "@bcoe/v8-coverage": "^0.2.3",
+        "@bcoe/v8-coverage": "^1.0.1",
         "@istanbuljs/schema": "^0.1.3",
         "find-up": "^5.0.0",
         "foreground-child": "^3.1.1",
@@ -1741,10 +1908,80 @@
         "node": "^16.14.0 || >=18.0.0"
       }
     },
+    "node_modules/cacache/node_modules/glob": {
+      "version": "10.4.5",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
+      "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "foreground-child": "^3.1.0",
+        "jackspeak": "^3.1.2",
+        "minimatch": "^9.0.4",
+        "minipass": "^7.1.2",
+        "package-json-from-dist": "^1.0.0",
+        "path-scurry": "^1.11.1"
+      },
+      "bin": {
+        "glob": "dist/esm/bin.mjs"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/cacache/node_modules/jackspeak": {
+      "version": "3.4.3",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
+      "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
+      "dev": true,
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "@isaacs/cliui": "^8.0.2"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      },
+      "optionalDependencies": {
+        "@pkgjs/parseargs": "^0.11.0"
+      }
+    },
+    "node_modules/cacache/node_modules/minimatch": {
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "brace-expansion": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.17"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/cacache/node_modules/path-scurry": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
+      "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
+      "dev": true,
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "lru-cache": "^10.2.0",
+        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.18"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
     "node_modules/chalk": {
-      "version": "5.3.0",
-      "resolved": "https://registry.npmjs.org/chalk/-/chalk-5.3.0.tgz",
-      "integrity": "sha512-dLitG79d+GV1Nb/VYcCDFivJeK1hiukt9QjRNVOsUtTy1rR1YJsmpGGTZ3qJos+uw7WmWF4wUwBd9jxjocFC2w==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/chalk/-/chalk-5.4.1.tgz",
+      "integrity": "sha512-zgVZuo2WcZgfUEmsn6eO3kINexW8RAE4maiQ8QNs8CtpPCSyMiYsULR3HQYkm3w8FIA3SberyMJMSldGsW+U3w==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -2017,9 +2254,9 @@
       }
     },
     "node_modules/cross-spawn": {
-      "version": "7.0.3",
-      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
-      "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
+      "version": "7.0.6",
+      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
+      "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -2055,13 +2292,13 @@
       }
     },
     "node_modules/debug": {
-      "version": "4.3.5",
-      "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz",
-      "integrity": "sha512-pt0bNEmneDIvdL1Xsd9oDQ/wrQRkXDT4AUWlNZNPKvW5x/jyO9VFXkJUP07vQ2upmw5PlaITaPKc31jK13V+jg==",
+      "version": "4.4.1",
+      "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz",
+      "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "ms": "2.1.2"
+        "ms": "^2.1.3"
       },
       "engines": {
         "node": ">=6.0"
@@ -2072,13 +2309,6 @@
         }
       }
     },
-    "node_modules/debug/node_modules/ms": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
-      "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
-      "dev": true,
-      "license": "MIT"
-    },
     "node_modules/diff": {
       "version": "5.2.0",
       "resolved": "https://registry.npmjs.org/diff/-/diff-5.2.0.tgz",
@@ -2097,9 +2327,9 @@
       "license": "MIT"
     },
     "node_modules/emoji-regex": {
-      "version": "10.3.0",
-      "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-10.3.0.tgz",
-      "integrity": "sha512-QpLs9D9v9kArv4lfDEgg1X/gN5XLnf/A6l9cs8SPZLRZR3ZkY9+kwIQTxm+fsSej5UMYGE8fdoaZVIBlqG0XTw==",
+      "version": "10.4.0",
+      "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-10.4.0.tgz",
+      "integrity": "sha512-EC+0oUMY1Rqm4O6LLrgjtYDvcVYTy7chDnM4Q7030tP4Kwj3u/pR6gP9ygnp2CJMK5Gq+9Q2oqmrFJAz01DXjw==",
       "dev": true,
       "license": "MIT"
     },
@@ -2157,10 +2387,21 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/es-toolkit": {
+      "version": "1.39.4",
+      "resolved": "https://registry.npmjs.org/es-toolkit/-/es-toolkit-1.39.4.tgz",
+      "integrity": "sha512-hHqQ0yJERMNrJUyYHnf02qDuIxjRnnJlx1CFdR9Ia6tw6jPA7kXmb+tWzc7trJDHwMsc393hZ/m2XMxYXGAfqQ==",
+      "dev": true,
+      "license": "MIT",
+      "workspaces": [
+        "docs",
+        "benchmarks"
+      ]
+    },
     "node_modules/esbuild": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.23.0.tgz",
-      "integrity": "sha512-1lvV17H2bMYda/WaFb2jLPeHU3zml2k4/yagNMG8Q/YtfMjCwEUZa2eXXMgZTVSL5q1n4H7sQ0X6CdJDqqeCFA==",
+      "version": "0.25.5",
+      "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.5.tgz",
+      "integrity": "sha512-P8OtKZRv/5J5hhz0cUAdu/cLuPIKXpQl1R9pZtvmHWQvrAUVd0UNIPT4IB4W3rNOqVO0rlqHmCIbSwxh/c9yUQ==",
       "dev": true,
       "hasInstallScript": true,
       "license": "MIT",
@@ -2171,36 +2412,37 @@
         "node": ">=18"
       },
       "optionalDependencies": {
-        "@esbuild/aix-ppc64": "0.23.0",
-        "@esbuild/android-arm": "0.23.0",
-        "@esbuild/android-arm64": "0.23.0",
-        "@esbuild/android-x64": "0.23.0",
-        "@esbuild/darwin-arm64": "0.23.0",
-        "@esbuild/darwin-x64": "0.23.0",
-        "@esbuild/freebsd-arm64": "0.23.0",
-        "@esbuild/freebsd-x64": "0.23.0",
-        "@esbuild/linux-arm": "0.23.0",
-        "@esbuild/linux-arm64": "0.23.0",
-        "@esbuild/linux-ia32": "0.23.0",
-        "@esbuild/linux-loong64": "0.23.0",
-        "@esbuild/linux-mips64el": "0.23.0",
-        "@esbuild/linux-ppc64": "0.23.0",
-        "@esbuild/linux-riscv64": "0.23.0",
-        "@esbuild/linux-s390x": "0.23.0",
-        "@esbuild/linux-x64": "0.23.0",
-        "@esbuild/netbsd-x64": "0.23.0",
-        "@esbuild/openbsd-arm64": "0.23.0",
-        "@esbuild/openbsd-x64": "0.23.0",
-        "@esbuild/sunos-x64": "0.23.0",
-        "@esbuild/win32-arm64": "0.23.0",
-        "@esbuild/win32-ia32": "0.23.0",
-        "@esbuild/win32-x64": "0.23.0"
+        "@esbuild/aix-ppc64": "0.25.5",
+        "@esbuild/android-arm": "0.25.5",
+        "@esbuild/android-arm64": "0.25.5",
+        "@esbuild/android-x64": "0.25.5",
+        "@esbuild/darwin-arm64": "0.25.5",
+        "@esbuild/darwin-x64": "0.25.5",
+        "@esbuild/freebsd-arm64": "0.25.5",
+        "@esbuild/freebsd-x64": "0.25.5",
+        "@esbuild/linux-arm": "0.25.5",
+        "@esbuild/linux-arm64": "0.25.5",
+        "@esbuild/linux-ia32": "0.25.5",
+        "@esbuild/linux-loong64": "0.25.5",
+        "@esbuild/linux-mips64el": "0.25.5",
+        "@esbuild/linux-ppc64": "0.25.5",
+        "@esbuild/linux-riscv64": "0.25.5",
+        "@esbuild/linux-s390x": "0.25.5",
+        "@esbuild/linux-x64": "0.25.5",
+        "@esbuild/netbsd-arm64": "0.25.5",
+        "@esbuild/netbsd-x64": "0.25.5",
+        "@esbuild/openbsd-arm64": "0.25.5",
+        "@esbuild/openbsd-x64": "0.25.5",
+        "@esbuild/sunos-x64": "0.25.5",
+        "@esbuild/win32-arm64": "0.25.5",
+        "@esbuild/win32-ia32": "0.25.5",
+        "@esbuild/win32-x64": "0.25.5"
       }
     },
     "node_modules/escalade": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.2.tgz",
-      "integrity": "sha512-ErCHMCae19vR8vQGe50xIsVomy19rg6gFu3+r3jkEO46suLMWBksvVyoGgQV+jOfl84ZSOSlmv6Gxa89PmTGmA==",
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz",
+      "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -2228,9 +2470,9 @@
       }
     },
     "node_modules/exponential-backoff": {
-      "version": "3.1.1",
-      "resolved": "https://registry.npmjs.org/exponential-backoff/-/exponential-backoff-3.1.1.tgz",
-      "integrity": "sha512-dX7e/LHVJ6W3DE1MHWi9S1EYzDESENfLrYohG2G++ovZrYOkm4Knwa0mc1cn84xJOR4KEU0WSchhLbd0UklbHw==",
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/exponential-backoff/-/exponential-backoff-3.1.2.tgz",
+      "integrity": "sha512-8QxYTVXUkuy7fIIoitQkPwGonB8F3Zj8eEO8Sqg9Zv/bkI7RJAzowee4gr81Hak/dUTpA2Z7VfQgoijjPNlUZA==",
       "dev": true,
       "license": "Apache-2.0"
     },
@@ -2265,13 +2507,13 @@
       }
     },
     "node_modules/foreground-child": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.2.1.tgz",
-      "integrity": "sha512-PXUUyLqrR2XCWICfv6ukppP96sdFwWbNEnfEMt7jNsISjMsvaLNinAHNDYyvkyU+SZG2BTSbT5NjG+vZslfGTA==",
+      "version": "3.3.1",
+      "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.1.tgz",
+      "integrity": "sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==",
       "dev": true,
       "license": "ISC",
       "dependencies": {
-        "cross-spawn": "^7.0.0",
+        "cross-spawn": "^7.0.6",
         "signal-exit": "^4.0.1"
       },
       "engines": {
@@ -2348,9 +2590,9 @@
       }
     },
     "node_modules/get-east-asian-width": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/get-east-asian-width/-/get-east-asian-width-1.2.0.tgz",
-      "integrity": "sha512-2nk+7SIVb14QrgXFHcm84tD4bKQz0RxPuMT8Ag5KPOq7J5fEmAg0UbXdTOSHqNuHSU28k55qnceesxXRZGzKWA==",
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/get-east-asian-width/-/get-east-asian-width-1.3.0.tgz",
+      "integrity": "sha512-vpeMIQKxczTD/0s2CdEWHcb0eeJe6TFjxb+J5xgX7hScxqrGuyjmv4c1D4A/gelKfyox0gJJwIHF+fLjeaM8kQ==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -2361,22 +2603,25 @@
       }
     },
     "node_modules/glob": {
-      "version": "10.4.5",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
-      "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
+      "version": "11.0.3",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-11.0.3.tgz",
+      "integrity": "sha512-2Nim7dha1KVkaiF4q6Dj+ngPPMdfvLJEOpZk/jKiUAkqKebpGAWQXAq9z1xu9HKu5lWfqw/FASuccEjyznjPaA==",
       "dev": true,
       "license": "ISC",
       "dependencies": {
-        "foreground-child": "^3.1.0",
-        "jackspeak": "^3.1.2",
-        "minimatch": "^9.0.4",
+        "foreground-child": "^3.3.1",
+        "jackspeak": "^4.1.1",
+        "minimatch": "^10.0.3",
         "minipass": "^7.1.2",
         "package-json-from-dist": "^1.0.0",
-        "path-scurry": "^1.11.1"
+        "path-scurry": "^2.0.0"
       },
       "bin": {
         "glob": "dist/esm/bin.mjs"
       },
+      "engines": {
+        "node": "20 || >=22"
+      },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       }
@@ -2432,9 +2677,9 @@
       "license": "MIT"
     },
     "node_modules/http-cache-semantics": {
-      "version": "4.1.1",
-      "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz",
-      "integrity": "sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ==",
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.2.0.tgz",
+      "integrity": "sha512-dTxcvPXqPvXBQpq5dUr6mEMJX4oIEFv6bwom3FDwKRDsuIjjJGANqhBuoAn9c1RQJIdAKav33ED65E2ys+87QQ==",
       "dev": true,
       "license": "BSD-2-Clause"
     },
@@ -2453,13 +2698,13 @@
       }
     },
     "node_modules/https-proxy-agent": {
-      "version": "7.0.5",
-      "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.5.tgz",
-      "integrity": "sha512-1e4Wqeblerz+tMKPIq2EMGiiWW1dIjZOksyHWSUm1rmuvw/how9hBHZ38lAGj5ID4Ik6EdkOw7NmWPy6LAwalw==",
+      "version": "7.0.6",
+      "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.6.tgz",
+      "integrity": "sha512-vK9P5/iUfdl95AI+JVyUuIcVtd4ofvtrOr3HNtM2yxC9bnMbEdp3x01OhQNnjb8IJYi38VlTE3mBXwcfvywuSw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "agent-base": "^7.0.2",
+        "agent-base": "^7.1.2",
         "debug": "4"
       },
       "engines": {
@@ -2493,6 +2738,22 @@
         "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
       }
     },
+    "node_modules/ignore-walk/node_modules/minimatch": {
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "brace-expansion": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.17"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
     "node_modules/imurmurhash": {
       "version": "0.1.4",
       "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz",
@@ -2527,9 +2788,9 @@
       }
     },
     "node_modules/ink": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/ink/-/ink-5.0.1.tgz",
-      "integrity": "sha512-ae4AW/t8jlkj/6Ou21H2av0wxTk8vrGzXv+v2v7j4in+bl1M5XRMVbfNghzhBokV++FjF8RBDJvYo+ttR9YVRg==",
+      "version": "5.2.1",
+      "resolved": "https://registry.npmjs.org/ink/-/ink-5.2.1.tgz",
+      "integrity": "sha512-BqcUyWrG9zq5HIwW6JcfFHsIYebJkWWb4fczNah1goUO0vv5vneIlfwuS85twyJ5hYR/y18FlAYUxrO9ChIWVg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -2542,21 +2803,21 @@
         "cli-cursor": "^4.0.0",
         "cli-truncate": "^4.0.0",
         "code-excerpt": "^4.0.0",
+        "es-toolkit": "^1.22.0",
         "indent-string": "^5.0.0",
-        "is-in-ci": "^0.1.0",
-        "lodash": "^4.17.21",
+        "is-in-ci": "^1.0.0",
         "patch-console": "^2.0.0",
         "react-reconciler": "^0.29.0",
         "scheduler": "^0.23.0",
         "signal-exit": "^3.0.7",
         "slice-ansi": "^7.1.0",
         "stack-utils": "^2.0.6",
-        "string-width": "^7.0.0",
-        "type-fest": "^4.8.3",
+        "string-width": "^7.2.0",
+        "type-fest": "^4.27.0",
         "widest-line": "^5.0.0",
         "wrap-ansi": "^9.0.0",
-        "ws": "^8.15.0",
-        "yoga-wasm-web": "~0.3.3"
+        "ws": "^8.18.0",
+        "yoga-layout": "~3.2.1"
       },
       "engines": {
         "node": ">=18"
@@ -2653,9 +2914,9 @@
       }
     },
     "node_modules/is-in-ci": {
-      "version": "0.1.0",
-      "resolved": "https://registry.npmjs.org/is-in-ci/-/is-in-ci-0.1.0.tgz",
-      "integrity": "sha512-d9PXLEY0v1iJ64xLiQMJ51J128EYHAaOR4yZqQi8aHGfw6KgifM3/Viw1oZZ1GCVmb3gBuyhLyHj0HgR2DhSXQ==",
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/is-in-ci/-/is-in-ci-1.0.0.tgz",
+      "integrity": "sha512-eUuAjybVTHMYWm/U+vBO1sY/JOCgoPCXRxzdju0K+K0BiGW0SChEL1MLC0PoCIR1OlPo5YAp8HuQoUlsWEICwg==",
       "dev": true,
       "license": "MIT",
       "bin": {
@@ -2745,19 +3006,19 @@
       }
     },
     "node_modules/jackspeak": {
-      "version": "3.4.3",
-      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
-      "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.1.1.tgz",
+      "integrity": "sha512-zptv57P3GpL+O0I7VdMJNBZCu+BPHVQUk55Ft8/QCJjTVxrnJHuVuX/0Bl2A6/+2oyR/ZMEuFKwmzqqZ/U5nPQ==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "@isaacs/cliui": "^8.0.2"
       },
+      "engines": {
+        "node": "20 || >=22"
+      },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
-      },
-      "optionalDependencies": {
-        "@pkgjs/parseargs": "^0.11.0"
       }
     },
     "node_modules/js-tokens": {
@@ -2820,13 +3081,6 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
-    "node_modules/lodash": {
-      "version": "4.17.21",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
-      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
-      "dev": true,
-      "license": "MIT"
-    },
     "node_modules/loose-envify": {
       "version": "1.4.0",
       "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz",
@@ -2937,16 +3191,16 @@
       }
     },
     "node_modules/minimatch": {
-      "version": "9.0.5",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
-      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+      "version": "10.0.3",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.0.3.tgz",
+      "integrity": "sha512-IPZ167aShDZZUMdRk66cyQAW3qr0WzbHkPdMYa8bzZhlHhO3jALbKdxcaak7W9FfT2rZNpQuUu4Od7ILEpXSaw==",
       "dev": true,
       "license": "ISC",
       "dependencies": {
-        "brace-expansion": "^2.0.1"
+        "@isaacs/brace-expansion": "^5.0.0"
       },
       "engines": {
-        "node": ">=16 || 14 >=14.17"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
@@ -3122,9 +3376,9 @@
       "license": "MIT"
     },
     "node_modules/negotiator": {
-      "version": "0.6.3",
-      "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz",
-      "integrity": "sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg==",
+      "version": "0.6.4",
+      "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.4.tgz",
+      "integrity": "sha512-myRT3DiWPHqho5PrJaIRyaMv2kgYf0mUVgBNOYMuCH5Ki1yEiQaf/ZJuQ62nvpc44wL5WDbTX7yGJi1Neevw8w==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -3132,9 +3386,9 @@
       }
     },
     "node_modules/node-gyp": {
-      "version": "10.2.0",
-      "resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-10.2.0.tgz",
-      "integrity": "sha512-sp3FonBAaFe4aYTcFdZUn2NYkbP7xroPGYvQmP4Nl5PxamznItBnNCgjrVTKrEfQynInMsJvZrdmqUnysCJ8rw==",
+      "version": "10.3.1",
+      "resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-10.3.1.tgz",
+      "integrity": "sha512-Pp3nFHBThHzVtNY7U6JfPjvT/DTE8+o/4xKsLQtBoU+j2HLsGlhcfzflAoUreaJbNmYnX+LlLi0qjV8kpyO6xQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -3156,6 +3410,76 @@
         "node": "^16.14.0 || >=18.0.0"
       }
     },
+    "node_modules/node-gyp/node_modules/glob": {
+      "version": "10.4.5",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
+      "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "foreground-child": "^3.1.0",
+        "jackspeak": "^3.1.2",
+        "minimatch": "^9.0.4",
+        "minipass": "^7.1.2",
+        "package-json-from-dist": "^1.0.0",
+        "path-scurry": "^1.11.1"
+      },
+      "bin": {
+        "glob": "dist/esm/bin.mjs"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/node-gyp/node_modules/jackspeak": {
+      "version": "3.4.3",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
+      "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
+      "dev": true,
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "@isaacs/cliui": "^8.0.2"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      },
+      "optionalDependencies": {
+        "@pkgjs/parseargs": "^0.11.0"
+      }
+    },
+    "node_modules/node-gyp/node_modules/minimatch": {
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "brace-expansion": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.17"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/node-gyp/node_modules/path-scurry": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
+      "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
+      "dev": true,
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "lru-cache": "^10.2.0",
+        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.18"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
     "node_modules/nopt": {
       "version": "7.2.1",
       "resolved": "https://registry.npmjs.org/nopt/-/nopt-7.2.1.tgz",
@@ -3234,9 +3558,9 @@
       }
     },
     "node_modules/npm-package-arg": {
-      "version": "11.0.2",
-      "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-11.0.2.tgz",
-      "integrity": "sha512-IGN0IAwmhDJwy13Wc8k+4PEbTPhpJnMtfR53ZbOyjkvmEcLS4nCwp6mvMWjS5sUjeiW3mpx6cHmuhKEu9XmcQw==",
+      "version": "11.0.3",
+      "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-11.0.3.tgz",
+      "integrity": "sha512-sHGJy8sOC1YraBywpzQlIKBE4pBbGbiF95U6Auspzyem956E0+FtDtsx1ZxlOJkQCZ1AFXAY/yuvtFYrOxF+Bw==",
       "dev": true,
       "license": "ISC",
       "dependencies": {
@@ -3373,9 +3697,9 @@
       }
     },
     "node_modules/package-json-from-dist": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.0.tgz",
-      "integrity": "sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw==",
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz",
+      "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==",
       "dev": true,
       "license": "BlueOak-1.0.0"
     },
@@ -3442,22 +3766,32 @@
       }
     },
     "node_modules/path-scurry": {
-      "version": "1.11.1",
-      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
-      "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-2.0.0.tgz",
+      "integrity": "sha512-ypGJsmGtdXUOeM5u93TyeIEfEhM6s+ljAhrk5vAvSx8uyY/02OvrZnA0YNGUrPXfpJMgI1ODd3nwz8Npx4O4cg==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "lru-cache": "^10.2.0",
-        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
+        "lru-cache": "^11.0.0",
+        "minipass": "^7.1.2"
       },
       "engines": {
-        "node": ">=16 || 14 >=14.18"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       }
     },
+    "node_modules/path-scurry/node_modules/lru-cache": {
+      "version": "11.1.0",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.1.0.tgz",
+      "integrity": "sha512-QIXZUBJUx+2zHUdQujWejBkcD9+cs94tLn0+YL8UrCh+D5sCXZ4c7LaEH48pNwRY3MLDgqUFyhlCyjJPf1WP0A==",
+      "dev": true,
+      "license": "ISC",
+      "engines": {
+        "node": "20 || >=22"
+      }
+    },
     "node_modules/picomatch": {
       "version": "2.3.1",
       "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
@@ -3472,9 +3806,9 @@
       }
     },
     "node_modules/pirates": {
-      "version": "4.0.6",
-      "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz",
-      "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==",
+      "version": "4.0.7",
+      "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.7.tgz",
+      "integrity": "sha512-TfySrs/5nm8fQJDcBDuUng3VOUKsd7S+zqvbOTiGXHfxX4wK31ard+hoNuvkicM/2YFzlpDgABOevKSsB4G/FA==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -3495,9 +3829,9 @@
       }
     },
     "node_modules/prettier": {
-      "version": "3.3.3",
-      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.3.tgz",
-      "integrity": "sha512-i2tDNA0O5IrMO757lfrdQZCc2jPNDVntV0m/+4whiDfWaTKfMNgR7Qz0NAeGz/nRqF4m5/6CLzbP4/liHt12Ew==",
+      "version": "3.5.3",
+      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.5.3.tgz",
+      "integrity": "sha512-QQtaxnoDJeAkDvDKWCLiwIXkTgRhwYDEQCghU9Z6q03iyek/rxRh/2lC3HB7P8sWT2xC/y5JDctPLBIGzHKbhw==",
       "dev": true,
       "license": "MIT",
       "bin": {
@@ -3511,9 +3845,9 @@
       }
     },
     "node_modules/prismjs": {
-      "version": "1.29.0",
-      "resolved": "https://registry.npmjs.org/prismjs/-/prismjs-1.29.0.tgz",
-      "integrity": "sha512-Kx/1w86q/epKcmte75LNrEoT+lX8pBpavuAbvJWRXar7Hz8jrtF+e3vY751p0R8H9HdArwaCTNDDzHg/ScJK1Q==",
+      "version": "1.30.0",
+      "resolved": "https://registry.npmjs.org/prismjs/-/prismjs-1.30.0.tgz",
+      "integrity": "sha512-DEvV2ZF2r2/63V+tK8hQvrR2ZGn10srHbXviTlcv7Kpzw8jWiNTqbVgjO3IY8RxrrOUF8VPMQQFysYYYv0YZxw==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -3549,9 +3883,9 @@
       }
     },
     "node_modules/process-on-spawn": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/process-on-spawn/-/process-on-spawn-1.0.0.tgz",
-      "integrity": "sha512-1WsPDsUSMmZH5LeMLegqkPDrsGgsWwk1Exipy2hvB0o/F0ASzbpIctSCcZIK1ykJvtTJULEH+20WOFjMvGnCTg==",
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/process-on-spawn/-/process-on-spawn-1.1.0.tgz",
+      "integrity": "sha512-JOnOPQ/8TZgjs1JIH/m9ni7FfimjNa/PRx7y/Wb5qdItsnhO0jE4AT7fC0HjC28DUQWDr50dwSYZLdRMlqDq3Q==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -3684,17 +4018,17 @@
       }
     },
     "node_modules/resolve-import": {
-      "version": "1.4.6",
-      "resolved": "https://registry.npmjs.org/resolve-import/-/resolve-import-1.4.6.tgz",
-      "integrity": "sha512-CIw9e64QcKcCFUj9+KxUCJPy8hYofv6eVfo3U9wdhCm2E4IjvFnZ6G4/yIC4yP3f11+h6uU5b3LdS7O64LgqrA==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/resolve-import/-/resolve-import-2.0.0.tgz",
+      "integrity": "sha512-jpKjLibLuc8D1XEV2+7zb0aqN7I8d12u89g/v6IsgCzdVlccMQJq4TKkPw5fbhHdxhm7nbVtN+KvOTnjFf+nEA==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "glob": "^10.3.3",
-        "walk-up-path": "^3.0.1"
+        "glob": "^11.0.0",
+        "walk-up-path": "^4.0.0"
       },
       "engines": {
-        "node": "16 >=16.17.0 || 18 >= 18.6.0 || >=20"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
@@ -3735,19 +4069,20 @@
       }
     },
     "node_modules/rimraf": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.9.tgz",
-      "integrity": "sha512-3i7b8OcswU6CpU8Ej89quJD4O98id7TtVM5U4Mybh84zQXdrFmDLouWBEEaD/QfO3gDDfH+AGFCGsR7kngzQnA==",
+      "version": "6.0.1",
+      "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-6.0.1.tgz",
+      "integrity": "sha512-9dkvaxAsk/xNXSJzMgFqqMCuFgt2+KsOFek3TMLfo8NCPfWpBmqwyNn5Y+NX56QUYfCtsyhF3ayiboEoUmJk/A==",
       "dev": true,
       "license": "ISC",
       "dependencies": {
-        "glob": "^10.3.7"
+        "glob": "^11.0.0",
+        "package-json-from-dist": "^1.0.0"
       },
       "bin": {
         "rimraf": "dist/esm/bin.mjs"
       },
       "engines": {
-        "node": "14 >=14.20 || 16 >=16.20 || >=18"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
@@ -3772,9 +4107,9 @@
       }
     },
     "node_modules/semver": {
-      "version": "7.6.2",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.2.tgz",
-      "integrity": "sha512-FNAIBWCx9qcRhoHcgcJ0gvU7SN1lYU2ZXuSfl04bSC5OpvDHFyJCjdNHomPXxjQlCBU67YW64PzY7/VIEH7F2w==",
+      "version": "7.7.2",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz",
+      "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==",
       "dev": true,
       "license": "ISC",
       "bin": {
@@ -3807,17 +4142,6 @@
         "node": ">=8"
       }
     },
-    "node_modules/shiki": {
-      "version": "1.10.3",
-      "resolved": "https://registry.npmjs.org/shiki/-/shiki-1.10.3.tgz",
-      "integrity": "sha512-eneCLncGuvPdTutJuLyUGS8QNPAVFO5Trvld2wgEq1e002mwctAhJKeMGWtWVXOIEzmlcLRqcgPSorR6AVzOmQ==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "@shikijs/core": "1.10.3",
-        "@types/hast": "^3.0.4"
-      }
-    },
     "node_modules/signal-exit": {
       "version": "4.1.0",
       "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz",
@@ -3894,9 +4218,9 @@
       }
     },
     "node_modules/socks": {
-      "version": "2.8.3",
-      "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.3.tgz",
-      "integrity": "sha512-l5x7VUUWbjVFbafGLxPWkYsHIhEvmF85tbIeFZWc8ZPtoMyybuEhL7Jye/ooC4/d48FgOjSJXgsF/AJPYCW8Zw==",
+      "version": "2.8.5",
+      "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz",
+      "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -3909,13 +4233,13 @@
       }
     },
     "node_modules/socks-proxy-agent": {
-      "version": "8.0.4",
-      "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.4.tgz",
-      "integrity": "sha512-GNAq/eg8Udq2x0eNiFkr9gRg5bA7PXEWagQdeRX4cPSG+X/8V38v637gim9bjFptMk1QWsCTr0ttrJEiXbNnRw==",
+      "version": "8.0.5",
+      "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz",
+      "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "agent-base": "^7.1.1",
+        "agent-base": "^7.1.2",
         "debug": "^4.3.4",
         "socks": "^2.8.3"
       },
@@ -3953,9 +4277,9 @@
       }
     },
     "node_modules/spdx-license-ids": {
-      "version": "3.0.18",
-      "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.18.tgz",
-      "integrity": "sha512-xxRs31BqRYHwiMzudOrpSiHtZ8i/GeionCBDSilhYRj+9gIcI8wCZTlXZKu9vZIVqViP3dcp9qE5G6AlIaD+TQ==",
+      "version": "3.0.21",
+      "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.21.tgz",
+      "integrity": "sha512-Bvg/8F5XephndSK3JffaRqdT+gyhfqIPwDHpX80tJrF8QQRYMo8sNMeaZ2Dp5+jhwKnUmIOyFFQfHRkjJm5nXg==",
       "dev": true,
       "license": "CC0-1.0"
     },
@@ -4136,94 +4460,95 @@
       }
     },
     "node_modules/sync-content": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/sync-content/-/sync-content-1.0.2.tgz",
-      "integrity": "sha512-znd3rYiiSxU3WteWyS9a6FXkTA/Wjk8WQsOyzHbineeL837dLn3DA4MRhsIX3qGcxDMH6+uuFV4axztssk7wEQ==",
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/sync-content/-/sync-content-2.0.1.tgz",
+      "integrity": "sha512-NI1mo514yFhr8pV/5Etvgh+pSBUIpoAKoiBIUwALVlQQNAwb40bTw8hhPFaip/dvv0GhpHVOq0vq8iY02ppLTg==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "glob": "^10.2.6",
+        "glob": "^11.0.0",
         "mkdirp": "^3.0.1",
-        "path-scurry": "^1.9.2",
-        "rimraf": "^5.0.1"
+        "path-scurry": "^2.0.0",
+        "rimraf": "^6.0.0",
+        "tshy": "^3.0.0"
       },
       "bin": {
-        "sync-content": "dist/mjs/bin.mjs"
+        "sync-content": "dist/esm/bin.mjs"
       },
       "engines": {
-        "node": ">=14"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       }
     },
     "node_modules/tap": {
-      "version": "20.0.3",
-      "resolved": "https://registry.npmjs.org/tap/-/tap-20.0.3.tgz",
-      "integrity": "sha512-1D9pFte9MvmBsDxtCMYaWF7qtJj848lyFkhtLef945c1MEK8i8o/pwaU1cZzhK5DCfQihhDaCPahyBwnCAEMJQ==",
+      "version": "21.1.0",
+      "resolved": "https://registry.npmjs.org/tap/-/tap-21.1.0.tgz",
+      "integrity": "sha512-O01H/+6SOB8Fai2eehPjOLpQamG/lCkBe+eTq7aNQbIxF8BzZMTc77iyaWM+q5PP/rU2pQ+nc5jyySybwbv6ZA==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "@tapjs/after": "2.0.3",
-        "@tapjs/after-each": "3.0.3",
-        "@tapjs/asserts": "3.0.3",
-        "@tapjs/before": "3.0.3",
-        "@tapjs/before-each": "3.0.3",
-        "@tapjs/chdir": "2.0.3",
-        "@tapjs/core": "3.0.3",
-        "@tapjs/filter": "3.0.3",
-        "@tapjs/fixture": "3.0.3",
-        "@tapjs/intercept": "3.0.3",
-        "@tapjs/mock": "3.0.3",
-        "@tapjs/node-serialize": "3.0.3",
-        "@tapjs/run": "3.0.3",
-        "@tapjs/snapshot": "3.0.3",
-        "@tapjs/spawn": "3.0.3",
-        "@tapjs/stdin": "3.0.3",
-        "@tapjs/test": "3.0.3",
-        "@tapjs/typescript": "2.0.3",
-        "@tapjs/worker": "3.0.3",
-        "resolve-import": "^1.4.5"
+        "@tapjs/after": "3.0.1",
+        "@tapjs/after-each": "4.0.1",
+        "@tapjs/asserts": "4.0.1",
+        "@tapjs/before": "4.0.1",
+        "@tapjs/before-each": "4.0.1",
+        "@tapjs/chdir": "3.0.1",
+        "@tapjs/core": "4.0.1",
+        "@tapjs/filter": "4.0.1",
+        "@tapjs/fixture": "4.0.1",
+        "@tapjs/intercept": "4.0.1",
+        "@tapjs/mock": "4.0.1",
+        "@tapjs/node-serialize": "4.0.1",
+        "@tapjs/run": "4.0.2",
+        "@tapjs/snapshot": "4.0.1",
+        "@tapjs/spawn": "4.0.1",
+        "@tapjs/stdin": "4.0.1",
+        "@tapjs/test": "4.0.1",
+        "@tapjs/typescript": "3.1.0",
+        "@tapjs/worker": "4.0.1",
+        "resolve-import": "2"
       },
       "bin": {
         "tap": "dist/esm/run.mjs"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       }
     },
     "node_modules/tap-parser": {
-      "version": "17.0.0",
-      "resolved": "https://registry.npmjs.org/tap-parser/-/tap-parser-17.0.0.tgz",
-      "integrity": "sha512-Na7kB4ML7T77abJtYIlXh/aJcz54Azv0iAtOaDnLqsL4uWjU40uNFIFnZ5IvnGTuCIk5M6vjx7ZsceNGc1mcag==",
+      "version": "18.0.0",
+      "resolved": "https://registry.npmjs.org/tap-parser/-/tap-parser-18.0.0.tgz",
+      "integrity": "sha512-RM3Lp5LNCYcepRqPMuDFg8S3uYV8MDmgxUOjx2Q7f2z5QuB88u92ViBwyp3MuQ/DVMR7v48HrJfV2scXRQYf5A==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "events-to-array": "^2.0.3",
-        "tap-yaml": "3.0.0"
+        "tap-yaml": "4.0.0"
       },
       "bin": {
         "tap-parser": "bin/cmd.cjs"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       }
     },
     "node_modules/tap-yaml": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/tap-yaml/-/tap-yaml-3.0.0.tgz",
-      "integrity": "sha512-qtbgXJqE9xdWqlE520y+vG4c1lgqWrDHN7Y2YcrV1XudLuc2Y5aMXhAyPBGl57h8MNoprvL/mAJiISUIadvS9w==",
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/tap-yaml/-/tap-yaml-4.0.0.tgz",
+      "integrity": "sha512-CjMbq8hhT5TvzyvHRnzbGp00wmb4TZjSscCRCCJCdCzRb+Pb56HaMlBHNBn1/GZ6UqwUgDKdF18+9VAFnQ4F0g==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "yaml": "^2.4.1",
-        "yaml-types": "^0.3.0"
+        "yaml-types": "^0.4.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       }
     },
     "node_modules/tar": {
@@ -4294,9 +4619,9 @@
       }
     },
     "node_modules/tcompare": {
-      "version": "8.0.0",
-      "resolved": "https://registry.npmjs.org/tcompare/-/tcompare-8.0.0.tgz",
-      "integrity": "sha512-sKu3LKg6WM6/pVmhPL/kTlXZKksQkKAhoqQ6JEtJ3FNY0BJ0H37M5zPcU5QcMkRUm4im9vppda0PyWzSCfgCig==",
+      "version": "9.0.0",
+      "resolved": "https://registry.npmjs.org/tcompare/-/tcompare-9.0.0.tgz",
+      "integrity": "sha512-qOliew2xDAqIUbIamIFZ+pz80s9T+8IywzQPIt7YX30ojsBqk86jcD6ouygqt5lHURTxFxWjzbUmIe7Cts4bsA==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
@@ -4304,7 +4629,7 @@
         "react-element-to-jsx-string": "^15.0.0"
       },
       "engines": {
-        "node": ">= 18.6.0"
+        "node": "20 || >=22"
       }
     },
     "node_modules/test-exclude": {
@@ -4322,6 +4647,76 @@
         "node": ">=18"
       }
     },
+    "node_modules/test-exclude/node_modules/glob": {
+      "version": "10.4.5",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
+      "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "foreground-child": "^3.1.0",
+        "jackspeak": "^3.1.2",
+        "minimatch": "^9.0.4",
+        "minipass": "^7.1.2",
+        "package-json-from-dist": "^1.0.0",
+        "path-scurry": "^1.11.1"
+      },
+      "bin": {
+        "glob": "dist/esm/bin.mjs"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/test-exclude/node_modules/jackspeak": {
+      "version": "3.4.3",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
+      "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
+      "dev": true,
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "@isaacs/cliui": "^8.0.2"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      },
+      "optionalDependencies": {
+        "@pkgjs/parseargs": "^0.11.0"
+      }
+    },
+    "node_modules/test-exclude/node_modules/minimatch": {
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "brace-expansion": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.17"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/test-exclude/node_modules/path-scurry": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
+      "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
+      "dev": true,
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "lru-cache": "^10.2.0",
+        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.18"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
     "node_modules/to-regex-range": {
       "version": "5.0.1",
       "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
@@ -4346,29 +4741,29 @@
       }
     },
     "node_modules/tshy": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/tshy/-/tshy-2.0.1.tgz",
-      "integrity": "sha512-U5fC+3pMaGfmULhPTVpxKMd62AcX13yfsFrjhAP/daTLG6LFRLIuxqYOmkejJ4MT/s5bEa29+1Jy/9mXkMiMfA==",
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/tshy/-/tshy-3.0.2.tgz",
+      "integrity": "sha512-8GkWnAfmNXxl8iDTZ1o2H4jdaj9H7HeDKkr5qd0ZhQBCNA41D3xqTyg2Ycs51VCfmjJ5e+0v9AUmD6ylAI9Bgw==",
       "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "chalk": "^5.3.0",
         "chokidar": "^3.6.0",
         "foreground-child": "^3.1.1",
-        "minimatch": "^9.0.4",
+        "minimatch": "^10.0.0",
         "mkdirp": "^3.0.1",
         "polite-json": "^5.0.0",
-        "resolve-import": "^1.4.5",
-        "rimraf": "^5.0.1",
-        "sync-content": "^1.0.2",
-        "typescript": "5",
-        "walk-up-path": "^3.0.1"
+        "resolve-import": "^2.0.0",
+        "rimraf": "^6.0.0",
+        "sync-content": "^2.0.1",
+        "typescript": "^5.5.3",
+        "walk-up-path": "^4.0.0"
       },
       "bin": {
         "tshy": "dist/esm/index.js"
       },
       "engines": {
-        "node": "16 >=16.17 || 18 >=18.15.0 || >=20.6.1"
+        "node": "20 || >=22"
       }
     },
     "node_modules/tuf-js": {
@@ -4387,9 +4782,9 @@
       }
     },
     "node_modules/type-fest": {
-      "version": "4.21.0",
-      "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-4.21.0.tgz",
-      "integrity": "sha512-ADn2w7hVPcK6w1I0uWnM//y1rLXZhzB9mr0a3OirzclKF1Wp6VzevUmzz/NRAWunOT6E8HrnpGY7xOfc6K57fA==",
+      "version": "4.41.0",
+      "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-4.41.0.tgz",
+      "integrity": "sha512-TeTSQ6H5YHvpqVwBRcnLDCBnDOHWYu7IvGbHT6N8AOymcr9PJGjc1GTtiWZTYg0NCgYwvnYWEkVChQAr9bjfwA==",
       "dev": true,
       "license": "(MIT OR CC0-1.0)",
       "engines": {
@@ -4400,32 +4795,49 @@
       }
     },
     "node_modules/typedoc": {
-      "version": "0.26.4",
-      "resolved": "https://registry.npmjs.org/typedoc/-/typedoc-0.26.4.tgz",
-      "integrity": "sha512-FlW6HpvULDKgc3rK04V+nbFyXogPV88hurarDPOjuuB5HAwuAlrCMQ5NeH7Zt68a/ikOKu6Z/0hFXAeC9xPccQ==",
+      "version": "0.28.5",
+      "resolved": "https://registry.npmjs.org/typedoc/-/typedoc-0.28.5.tgz",
+      "integrity": "sha512-5PzUddaA9FbaarUzIsEc4wNXCiO4Ot3bJNeMF2qKpYlTmM9TTaSHQ7162w756ERCkXER/+o2purRG6YOAv6EMA==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
+        "@gerrit0/mini-shiki": "^3.2.2",
         "lunr": "^2.3.9",
         "markdown-it": "^14.1.0",
         "minimatch": "^9.0.5",
-        "shiki": "^1.9.1",
-        "yaml": "^2.4.5"
+        "yaml": "^2.7.1"
       },
       "bin": {
         "typedoc": "bin/typedoc"
       },
       "engines": {
-        "node": ">= 18"
+        "node": ">= 18",
+        "pnpm": ">= 10"
       },
       "peerDependencies": {
-        "typescript": "4.6.x || 4.7.x || 4.8.x || 4.9.x || 5.0.x || 5.1.x || 5.2.x || 5.3.x || 5.4.x || 5.5.x"
+        "typescript": "5.0.x || 5.1.x || 5.2.x || 5.3.x || 5.4.x || 5.5.x || 5.6.x || 5.7.x || 5.8.x"
+      }
+    },
+    "node_modules/typedoc/node_modules/minimatch": {
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "brace-expansion": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.17"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
       }
     },
     "node_modules/typescript": {
-      "version": "5.5.3",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.5.3.tgz",
-      "integrity": "sha512-/hreyEujaB0w76zKo6717l3L0o/qEUtRgdvUBvlkhoWeOVMjMuHNHk0BRBzikzuGDqNmPQbg5ifMEqsHLiIUcQ==",
+      "version": "5.8.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz",
+      "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==",
       "dev": true,
       "license": "Apache-2.0",
       "bin": {
@@ -4444,9 +4856,9 @@
       "license": "MIT"
     },
     "node_modules/undici-types": {
-      "version": "5.26.5",
-      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-      "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==",
+      "version": "7.8.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.8.0.tgz",
+      "integrity": "sha512-9UJ2xGDvQ43tYyVMpuHlsgApydB8ZKfVYTsLDhXkFL/6gfkp+U8xTGdh8pMJv1SpZna0zxG1DwsKZsreLbXBxw==",
       "dev": true,
       "license": "MIT"
     },
@@ -4541,11 +4953,14 @@
       }
     },
     "node_modules/walk-up-path": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/walk-up-path/-/walk-up-path-3.0.1.tgz",
-      "integrity": "sha512-9YlCL/ynK3CTlrSRrDxZvUauLzAswPCrsaCgilqFevUYpeEW0/3ScEjaa3kbW/T0ghhkEr7mv+fpjqn1Y1YuTA==",
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/walk-up-path/-/walk-up-path-4.0.0.tgz",
+      "integrity": "sha512-3hu+tD8YzSLGuFYtPRb48vdhKMi0KQV5sn+uWr8+7dMEq/2G/dtLrdDinkLjqq5TIbIBjYJ4Ax/n3YiaW7QM8A==",
       "dev": true,
-      "license": "ISC"
+      "license": "ISC",
+      "engines": {
+        "node": "20 || >=22"
+      }
     },
     "node_modules/which": {
       "version": "4.0.0",
@@ -4688,9 +5103,9 @@
       }
     },
     "node_modules/ws": {
-      "version": "8.18.0",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz",
-      "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==",
+      "version": "8.18.2",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz",
+      "integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -4727,22 +5142,22 @@
       "license": "ISC"
     },
     "node_modules/yaml": {
-      "version": "2.4.5",
-      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.4.5.tgz",
-      "integrity": "sha512-aBx2bnqDzVOyNKfsysjA2ms5ZlnjSAW2eG3/L5G/CSujfjLJTJsEw1bGw8kCf04KodQWk1pxlGnZ56CRxiawmg==",
+      "version": "2.8.0",
+      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.0.tgz",
+      "integrity": "sha512-4lLa/EcQCB0cJkyts+FpIRx5G/llPxfP6VQU5KByHEhLxY3IJCH0f0Hy1MHI8sClTvsIb8qwRJ6R/ZdlDJ/leQ==",
       "dev": true,
       "license": "ISC",
       "bin": {
         "yaml": "bin.mjs"
       },
       "engines": {
-        "node": ">= 14"
+        "node": ">= 14.6"
       }
     },
     "node_modules/yaml-types": {
-      "version": "0.3.0",
-      "resolved": "https://registry.npmjs.org/yaml-types/-/yaml-types-0.3.0.tgz",
-      "integrity": "sha512-i9RxAO/LZBiE0NJUy9pbN5jFz5EasYDImzRkj8Y81kkInTi1laia3P3K/wlMKzOxFQutZip8TejvQP/DwgbU7A==",
+      "version": "0.4.0",
+      "resolved": "https://registry.npmjs.org/yaml-types/-/yaml-types-0.4.0.tgz",
+      "integrity": "sha512-XfbA30NUg4/LWUiplMbiufUiwYhgB9jvBhTWel7XQqjV+GaB79c2tROu/8/Tu7jO0HvDvnKWtBk5ksWRrhQ/0g==",
       "dev": true,
       "license": "ISC",
       "engines": {
@@ -4850,10 +5265,10 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
-    "node_modules/yoga-wasm-web": {
-      "version": "0.3.3",
-      "resolved": "https://registry.npmjs.org/yoga-wasm-web/-/yoga-wasm-web-0.3.3.tgz",
-      "integrity": "sha512-N+d4UJSJbt/R3wqY7Coqs5pcV0aUj2j9IaQ3rNj9bVCLld8tTGKRa2USARjnvZJWVx1NDmQev8EknoczaOQDOA==",
+    "node_modules/yoga-layout": {
+      "version": "3.2.1",
+      "resolved": "https://registry.npmjs.org/yoga-layout/-/yoga-layout-3.2.1.tgz",
+      "integrity": "sha512-0LPOt3AxKqMdFBZA3HBAt/t/8vIKq7VaQYbuA8WxCgung+p9TVyKRYdpvCb80HcdTN2NkbIKbhNwKUfm3tQywQ==",
       "dev": true,
       "license": "MIT"
     }
diff --git a/deps/minimatch/package.json b/deps/minimatch/package.json
index 74b49fdc36c4ee..0bbf2363ef5153 100644
--- a/deps/minimatch/package.json
+++ b/deps/minimatch/package.json
@@ -2,7 +2,7 @@
   "author": "Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me)",
   "name": "minimatch",
   "description": "a glob matcher in javascript",
-  "version": "10.0.1",
+  "version": "10.0.3",
   "repository": {
     "type": "git",
     "url": "git://github.com/isaacs/minimatch.git"
@@ -53,19 +53,15 @@
   "engines": {
     "node": "20 || >=22"
   },
-  "dependencies": {
-    "brace-expansion": "^2.0.1"
-  },
   "devDependencies": {
     "@types/brace-expansion": "^1.1.2",
-    "@types/node": "^20.14.10",
-    "esbuild": "^0.23.0",
+    "@types/node": "^24.0.0",
+    "esbuild": "^0.25.5",
     "mkdirp": "^3.0.1",
     "prettier": "^3.3.2",
-    "tap": "^20.0.3",
-    "tshy": "^2.0.1",
-    "typedoc": "^0.26.3",
-    "typescript": "^5.5.3"
+    "tap": "^21.1.0",
+    "tshy": "^3.0.2",
+    "typedoc": "^0.28.5"
   },
   "funding": {
     "url": "https://github.com/sponsors/isaacs"
@@ -78,5 +74,8 @@
     }
   },
   "type": "module",
-  "module": "./dist/esm/index.js"
+  "module": "./dist/esm/index.js",
+  "dependencies": {
+    "@isaacs/brace-expansion": "^5.0.0"
+  }
 }

From ae1148101185e6f362e31ec208e055ea8b59d845 Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Fri, 14 Mar 2025 04:37:50 -0400
Subject: [PATCH 010/138] deps: update acorn to 8.14.1
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/57382
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
---
 deps/acorn/acorn/CHANGELOG.md   | 12 +++++++
 deps/acorn/acorn/dist/acorn.js  | 57 +++++++++++++++++++--------------
 deps/acorn/acorn/dist/acorn.mjs | 57 +++++++++++++++++++--------------
 deps/acorn/acorn/package.json   |  2 +-
 src/acorn_version.h             |  2 +-
 5 files changed, 80 insertions(+), 50 deletions(-)

diff --git a/deps/acorn/acorn/CHANGELOG.md b/deps/acorn/acorn/CHANGELOG.md
index 313718616b575a..8b9ae8c4ed60c8 100644
--- a/deps/acorn/acorn/CHANGELOG.md
+++ b/deps/acorn/acorn/CHANGELOG.md
@@ -1,3 +1,15 @@
+## 8.14.1 (2025-03-05)
+
+### Bug fixes
+
+Fix an issue where `await` expressions in class field initializers were inappropriately allowed.
+
+Properly allow await inside an async arrow function inside a class field initializer.
+
+Mention the source file name in syntax error messages when given.
+
+Properly add an empty `attributes` property to every form of `ExportNamedDeclaration`.
+
 ## 8.14.0 (2024-10-27)
 
 ### New features
diff --git a/deps/acorn/acorn/dist/acorn.js b/deps/acorn/acorn/dist/acorn.js
index 2bfc15b5ef2204..aacf9749a69ebb 100644
--- a/deps/acorn/acorn/dist/acorn.js
+++ b/deps/acorn/acorn/dist/acorn.js
@@ -493,6 +493,7 @@
       SCOPE_SUPER = 64,
       SCOPE_DIRECT_SUPER = 128,
       SCOPE_CLASS_STATIC_BLOCK = 256,
+      SCOPE_CLASS_FIELD_INIT = 512,
       SCOPE_VAR = SCOPE_TOP | SCOPE_FUNCTION | SCOPE_CLASS_STATIC_BLOCK;
 
   function functionFlags(async, generator) {
@@ -603,15 +604,16 @@
 
   prototypeAccessors.inFunction.get = function () { return (this.currentVarScope().flags & SCOPE_FUNCTION) > 0 };
 
-  prototypeAccessors.inGenerator.get = function () { return (this.currentVarScope().flags & SCOPE_GENERATOR) > 0 && !this.currentVarScope().inClassFieldInit };
+  prototypeAccessors.inGenerator.get = function () { return (this.currentVarScope().flags & SCOPE_GENERATOR) > 0 };
 
-  prototypeAccessors.inAsync.get = function () { return (this.currentVarScope().flags & SCOPE_ASYNC) > 0 && !this.currentVarScope().inClassFieldInit };
+  prototypeAccessors.inAsync.get = function () { return (this.currentVarScope().flags & SCOPE_ASYNC) > 0 };
 
   prototypeAccessors.canAwait.get = function () {
     for (var i = this.scopeStack.length - 1; i >= 0; i--) {
-      var scope = this.scopeStack[i];
-      if (scope.inClassFieldInit || scope.flags & SCOPE_CLASS_STATIC_BLOCK) { return false }
-      if (scope.flags & SCOPE_FUNCTION) { return (scope.flags & SCOPE_ASYNC) > 0 }
+      var ref = this.scopeStack[i];
+        var flags = ref.flags;
+      if (flags & (SCOPE_CLASS_STATIC_BLOCK | SCOPE_CLASS_FIELD_INIT)) { return false }
+      if (flags & SCOPE_FUNCTION) { return (flags & SCOPE_ASYNC) > 0 }
     }
     return (this.inModule && this.options.ecmaVersion >= 13) || this.options.allowAwaitOutsideFunction
   };
@@ -619,8 +621,7 @@
   prototypeAccessors.allowSuper.get = function () {
     var ref = this.currentThisScope();
       var flags = ref.flags;
-      var inClassFieldInit = ref.inClassFieldInit;
-    return (flags & SCOPE_SUPER) > 0 || inClassFieldInit || this.options.allowSuperOutsideMethod
+    return (flags & SCOPE_SUPER) > 0 || this.options.allowSuperOutsideMethod
   };
 
   prototypeAccessors.allowDirectSuper.get = function () { return (this.currentThisScope().flags & SCOPE_DIRECT_SUPER) > 0 };
@@ -628,10 +629,13 @@
   prototypeAccessors.treatFunctionsAsVar.get = function () { return this.treatFunctionsAsVarInScope(this.currentScope()) };
 
   prototypeAccessors.allowNewDotTarget.get = function () {
-    var ref = this.currentThisScope();
-      var flags = ref.flags;
-      var inClassFieldInit = ref.inClassFieldInit;
-    return (flags & (SCOPE_FUNCTION | SCOPE_CLASS_STATIC_BLOCK)) > 0 || inClassFieldInit
+    for (var i = this.scopeStack.length - 1; i >= 0; i--) {
+      var ref = this.scopeStack[i];
+        var flags = ref.flags;
+      if (flags & (SCOPE_CLASS_STATIC_BLOCK | SCOPE_CLASS_FIELD_INIT) ||
+          ((flags & SCOPE_FUNCTION) && !(flags & SCOPE_ARROW))) { return true }
+    }
+    return false
   };
 
   prototypeAccessors.inClassStaticBlock.get = function () {
@@ -1558,11 +1562,9 @@
 
     if (this.eat(types$1.eq)) {
       // To raise SyntaxError if 'arguments' exists in the initializer.
-      var scope = this.currentThisScope();
-      var inClassFieldInit = scope.inClassFieldInit;
-      scope.inClassFieldInit = true;
+      this.enterScope(SCOPE_CLASS_FIELD_INIT | SCOPE_SUPER);
       field.value = this.parseMaybeAssign();
-      scope.inClassFieldInit = inClassFieldInit;
+      this.exitScope();
     } else {
       field.value = null;
     }
@@ -1704,6 +1706,8 @@
         { this.checkExport(exports, node.declaration.id, node.declaration.id.start); }
       node.specifiers = [];
       node.source = null;
+      if (this.options.ecmaVersion >= 16)
+        { node.attributes = []; }
     } else { // export { x, y as z } [from '...']
       node.declaration = null;
       node.specifiers = this.parseExportSpecifiers(exports);
@@ -1727,6 +1731,8 @@
         }
 
         node.source = null;
+        if (this.options.ecmaVersion >= 16)
+          { node.attributes = []; }
       }
       this.semicolon();
     }
@@ -3306,9 +3312,10 @@
   };
 
   pp$5.parseGetterSetter = function(prop) {
-    prop.kind = prop.key.name;
+    var kind = prop.key.name;
     this.parsePropertyName(prop);
     prop.value = this.parseMethod(false);
+    prop.kind = kind;
     var paramCount = prop.kind === "get" ? 0 : 1;
     if (prop.value.params.length !== paramCount) {
       var start = prop.value.start;
@@ -3331,9 +3338,9 @@
       prop.kind = "init";
     } else if (this.options.ecmaVersion >= 6 && this.type === types$1.parenL) {
       if (isPattern) { this.unexpected(); }
-      prop.kind = "init";
       prop.method = true;
       prop.value = this.parseMethod(isGenerator, isAsync);
+      prop.kind = "init";
     } else if (!isPattern && !containsEsc &&
                this.options.ecmaVersion >= 5 && !prop.computed && prop.key.type === "Identifier" &&
                (prop.key.name === "get" || prop.key.name === "set") &&
@@ -3345,7 +3352,6 @@
       this.checkUnreserved(prop.key);
       if (prop.key.name === "await" && !this.awaitIdentPos)
         { this.awaitIdentPos = startPos; }
-      prop.kind = "init";
       if (isPattern) {
         prop.value = this.parseMaybeDefault(startPos, startLoc, this.copyNode(prop.key));
       } else if (this.type === types$1.eq && refDestructuringErrors) {
@@ -3355,6 +3361,7 @@
       } else {
         prop.value = this.copyNode(prop.key);
       }
+      prop.kind = "init";
       prop.shorthand = true;
     } else { this.unexpected(); }
   };
@@ -3530,7 +3537,7 @@
       { this.raiseRecoverable(start, "Cannot use 'yield' as identifier inside a generator"); }
     if (this.inAsync && name === "await")
       { this.raiseRecoverable(start, "Cannot use 'await' as identifier inside an async function"); }
-    if (this.currentThisScope().inClassFieldInit && name === "arguments")
+    if (!(this.currentThisScope().flags & SCOPE_VAR) && name === "arguments")
       { this.raiseRecoverable(start, "Cannot use 'arguments' in class field initializer"); }
     if (this.inClassStaticBlock && (name === "arguments" || name === "await"))
       { this.raise(start, ("Cannot use " + name + " in class static initialization block")); }
@@ -3643,6 +3650,9 @@
   pp$4.raise = function(pos, message) {
     var loc = getLineInfo(this.input, pos);
     message += " (" + loc.line + ":" + loc.column + ")";
+    if (this.sourceFile) {
+      message += " in " + this.sourceFile;
+    }
     var err = new SyntaxError(message);
     err.pos = pos; err.loc = loc; err.raisedAt = this.pos;
     throw err
@@ -3666,8 +3676,6 @@
     this.lexical = [];
     // A list of lexically-declared FunctionDeclaration names in the current lexical scope
     this.functions = [];
-    // A switch to disallow the identifier reference 'arguments'
-    this.inClassFieldInit = false;
   };
 
   // The functions in this module keep track of declared variables in the current scope in order to detect duplicate variable names.
@@ -3737,7 +3745,7 @@
   pp$3.currentVarScope = function() {
     for (var i = this.scopeStack.length - 1;; i--) {
       var scope = this.scopeStack[i];
-      if (scope.flags & SCOPE_VAR) { return scope }
+      if (scope.flags & (SCOPE_VAR | SCOPE_CLASS_FIELD_INIT | SCOPE_CLASS_STATIC_BLOCK)) { return scope }
     }
   };
 
@@ -3745,7 +3753,8 @@
   pp$3.currentThisScope = function() {
     for (var i = this.scopeStack.length - 1;; i--) {
       var scope = this.scopeStack[i];
-      if (scope.flags & SCOPE_VAR && !(scope.flags & SCOPE_ARROW)) { return scope }
+      if (scope.flags & (SCOPE_VAR | SCOPE_CLASS_FIELD_INIT | SCOPE_CLASS_STATIC_BLOCK) &&
+          !(scope.flags & SCOPE_ARROW)) { return scope }
     }
   };
 
@@ -6099,7 +6108,7 @@
   // [walk]: util/walk.js
 
 
-  var version = "8.14.0";
+  var version = "8.14.1";
 
   Parser.acorn = {
     Parser: Parser,
diff --git a/deps/acorn/acorn/dist/acorn.mjs b/deps/acorn/acorn/dist/acorn.mjs
index 43e58efe7f03e1..05004ece0ef028 100644
--- a/deps/acorn/acorn/dist/acorn.mjs
+++ b/deps/acorn/acorn/dist/acorn.mjs
@@ -487,6 +487,7 @@ var
     SCOPE_SUPER = 64,
     SCOPE_DIRECT_SUPER = 128,
     SCOPE_CLASS_STATIC_BLOCK = 256,
+    SCOPE_CLASS_FIELD_INIT = 512,
     SCOPE_VAR = SCOPE_TOP | SCOPE_FUNCTION | SCOPE_CLASS_STATIC_BLOCK;
 
 function functionFlags(async, generator) {
@@ -597,15 +598,16 @@ Parser.prototype.parse = function parse () {
 
 prototypeAccessors.inFunction.get = function () { return (this.currentVarScope().flags & SCOPE_FUNCTION) > 0 };
 
-prototypeAccessors.inGenerator.get = function () { return (this.currentVarScope().flags & SCOPE_GENERATOR) > 0 && !this.currentVarScope().inClassFieldInit };
+prototypeAccessors.inGenerator.get = function () { return (this.currentVarScope().flags & SCOPE_GENERATOR) > 0 };
 
-prototypeAccessors.inAsync.get = function () { return (this.currentVarScope().flags & SCOPE_ASYNC) > 0 && !this.currentVarScope().inClassFieldInit };
+prototypeAccessors.inAsync.get = function () { return (this.currentVarScope().flags & SCOPE_ASYNC) > 0 };
 
 prototypeAccessors.canAwait.get = function () {
   for (var i = this.scopeStack.length - 1; i >= 0; i--) {
-    var scope = this.scopeStack[i];
-    if (scope.inClassFieldInit || scope.flags & SCOPE_CLASS_STATIC_BLOCK) { return false }
-    if (scope.flags & SCOPE_FUNCTION) { return (scope.flags & SCOPE_ASYNC) > 0 }
+    var ref = this.scopeStack[i];
+      var flags = ref.flags;
+    if (flags & (SCOPE_CLASS_STATIC_BLOCK | SCOPE_CLASS_FIELD_INIT)) { return false }
+    if (flags & SCOPE_FUNCTION) { return (flags & SCOPE_ASYNC) > 0 }
   }
   return (this.inModule && this.options.ecmaVersion >= 13) || this.options.allowAwaitOutsideFunction
 };
@@ -613,8 +615,7 @@ prototypeAccessors.canAwait.get = function () {
 prototypeAccessors.allowSuper.get = function () {
   var ref = this.currentThisScope();
     var flags = ref.flags;
-    var inClassFieldInit = ref.inClassFieldInit;
-  return (flags & SCOPE_SUPER) > 0 || inClassFieldInit || this.options.allowSuperOutsideMethod
+  return (flags & SCOPE_SUPER) > 0 || this.options.allowSuperOutsideMethod
 };
 
 prototypeAccessors.allowDirectSuper.get = function () { return (this.currentThisScope().flags & SCOPE_DIRECT_SUPER) > 0 };
@@ -622,10 +623,13 @@ prototypeAccessors.allowDirectSuper.get = function () { return (this.currentThis
 prototypeAccessors.treatFunctionsAsVar.get = function () { return this.treatFunctionsAsVarInScope(this.currentScope()) };
 
 prototypeAccessors.allowNewDotTarget.get = function () {
-  var ref = this.currentThisScope();
-    var flags = ref.flags;
-    var inClassFieldInit = ref.inClassFieldInit;
-  return (flags & (SCOPE_FUNCTION | SCOPE_CLASS_STATIC_BLOCK)) > 0 || inClassFieldInit
+  for (var i = this.scopeStack.length - 1; i >= 0; i--) {
+    var ref = this.scopeStack[i];
+      var flags = ref.flags;
+    if (flags & (SCOPE_CLASS_STATIC_BLOCK | SCOPE_CLASS_FIELD_INIT) ||
+        ((flags & SCOPE_FUNCTION) && !(flags & SCOPE_ARROW))) { return true }
+  }
+  return false
 };
 
 prototypeAccessors.inClassStaticBlock.get = function () {
@@ -1552,11 +1556,9 @@ pp$8.parseClassField = function(field) {
 
   if (this.eat(types$1.eq)) {
     // To raise SyntaxError if 'arguments' exists in the initializer.
-    var scope = this.currentThisScope();
-    var inClassFieldInit = scope.inClassFieldInit;
-    scope.inClassFieldInit = true;
+    this.enterScope(SCOPE_CLASS_FIELD_INIT | SCOPE_SUPER);
     field.value = this.parseMaybeAssign();
-    scope.inClassFieldInit = inClassFieldInit;
+    this.exitScope();
   } else {
     field.value = null;
   }
@@ -1698,6 +1700,8 @@ pp$8.parseExport = function(node, exports) {
       { this.checkExport(exports, node.declaration.id, node.declaration.id.start); }
     node.specifiers = [];
     node.source = null;
+    if (this.options.ecmaVersion >= 16)
+      { node.attributes = []; }
   } else { // export { x, y as z } [from '...']
     node.declaration = null;
     node.specifiers = this.parseExportSpecifiers(exports);
@@ -1721,6 +1725,8 @@ pp$8.parseExport = function(node, exports) {
       }
 
       node.source = null;
+      if (this.options.ecmaVersion >= 16)
+        { node.attributes = []; }
     }
     this.semicolon();
   }
@@ -3300,9 +3306,10 @@ pp$5.parseProperty = function(isPattern, refDestructuringErrors) {
 };
 
 pp$5.parseGetterSetter = function(prop) {
-  prop.kind = prop.key.name;
+  var kind = prop.key.name;
   this.parsePropertyName(prop);
   prop.value = this.parseMethod(false);
+  prop.kind = kind;
   var paramCount = prop.kind === "get" ? 0 : 1;
   if (prop.value.params.length !== paramCount) {
     var start = prop.value.start;
@@ -3325,9 +3332,9 @@ pp$5.parsePropertyValue = function(prop, isPattern, isGenerator, isAsync, startP
     prop.kind = "init";
   } else if (this.options.ecmaVersion >= 6 && this.type === types$1.parenL) {
     if (isPattern) { this.unexpected(); }
-    prop.kind = "init";
     prop.method = true;
     prop.value = this.parseMethod(isGenerator, isAsync);
+    prop.kind = "init";
   } else if (!isPattern && !containsEsc &&
              this.options.ecmaVersion >= 5 && !prop.computed && prop.key.type === "Identifier" &&
              (prop.key.name === "get" || prop.key.name === "set") &&
@@ -3339,7 +3346,6 @@ pp$5.parsePropertyValue = function(prop, isPattern, isGenerator, isAsync, startP
     this.checkUnreserved(prop.key);
     if (prop.key.name === "await" && !this.awaitIdentPos)
       { this.awaitIdentPos = startPos; }
-    prop.kind = "init";
     if (isPattern) {
       prop.value = this.parseMaybeDefault(startPos, startLoc, this.copyNode(prop.key));
     } else if (this.type === types$1.eq && refDestructuringErrors) {
@@ -3349,6 +3355,7 @@ pp$5.parsePropertyValue = function(prop, isPattern, isGenerator, isAsync, startP
     } else {
       prop.value = this.copyNode(prop.key);
     }
+    prop.kind = "init";
     prop.shorthand = true;
   } else { this.unexpected(); }
 };
@@ -3524,7 +3531,7 @@ pp$5.checkUnreserved = function(ref) {
     { this.raiseRecoverable(start, "Cannot use 'yield' as identifier inside a generator"); }
   if (this.inAsync && name === "await")
     { this.raiseRecoverable(start, "Cannot use 'await' as identifier inside an async function"); }
-  if (this.currentThisScope().inClassFieldInit && name === "arguments")
+  if (!(this.currentThisScope().flags & SCOPE_VAR) && name === "arguments")
     { this.raiseRecoverable(start, "Cannot use 'arguments' in class field initializer"); }
   if (this.inClassStaticBlock && (name === "arguments" || name === "await"))
     { this.raise(start, ("Cannot use " + name + " in class static initialization block")); }
@@ -3637,6 +3644,9 @@ var pp$4 = Parser.prototype;
 pp$4.raise = function(pos, message) {
   var loc = getLineInfo(this.input, pos);
   message += " (" + loc.line + ":" + loc.column + ")";
+  if (this.sourceFile) {
+    message += " in " + this.sourceFile;
+  }
   var err = new SyntaxError(message);
   err.pos = pos; err.loc = loc; err.raisedAt = this.pos;
   throw err
@@ -3660,8 +3670,6 @@ var Scope = function Scope(flags) {
   this.lexical = [];
   // A list of lexically-declared FunctionDeclaration names in the current lexical scope
   this.functions = [];
-  // A switch to disallow the identifier reference 'arguments'
-  this.inClassFieldInit = false;
 };
 
 // The functions in this module keep track of declared variables in the current scope in order to detect duplicate variable names.
@@ -3731,7 +3739,7 @@ pp$3.currentScope = function() {
 pp$3.currentVarScope = function() {
   for (var i = this.scopeStack.length - 1;; i--) {
     var scope = this.scopeStack[i];
-    if (scope.flags & SCOPE_VAR) { return scope }
+    if (scope.flags & (SCOPE_VAR | SCOPE_CLASS_FIELD_INIT | SCOPE_CLASS_STATIC_BLOCK)) { return scope }
   }
 };
 
@@ -3739,7 +3747,8 @@ pp$3.currentVarScope = function() {
 pp$3.currentThisScope = function() {
   for (var i = this.scopeStack.length - 1;; i--) {
     var scope = this.scopeStack[i];
-    if (scope.flags & SCOPE_VAR && !(scope.flags & SCOPE_ARROW)) { return scope }
+    if (scope.flags & (SCOPE_VAR | SCOPE_CLASS_FIELD_INIT | SCOPE_CLASS_STATIC_BLOCK) &&
+        !(scope.flags & SCOPE_ARROW)) { return scope }
   }
 };
 
@@ -6093,7 +6102,7 @@ pp.readWord = function() {
 // [walk]: util/walk.js
 
 
-var version = "8.14.0";
+var version = "8.14.1";
 
 Parser.acorn = {
   Parser: Parser,
diff --git a/deps/acorn/acorn/package.json b/deps/acorn/acorn/package.json
index 795cf83eff64d7..3c00dbac0163d9 100644
--- a/deps/acorn/acorn/package.json
+++ b/deps/acorn/acorn/package.json
@@ -16,7 +16,7 @@
     ],
     "./package.json": "./package.json"
   },
-  "version": "8.14.0",
+  "version": "8.14.1",
   "engines": {
     "node": ">=0.4.0"
   },
diff --git a/src/acorn_version.h b/src/acorn_version.h
index b4e18696f8b6db..5a58b89d0561d8 100644
--- a/src/acorn_version.h
+++ b/src/acorn_version.h
@@ -2,5 +2,5 @@
 // Refer to tools/dep_updaters/update-acorn.sh
 #ifndef SRC_ACORN_VERSION_H_
 #define SRC_ACORN_VERSION_H_
-#define ACORN_VERSION "8.14.0"
+#define ACORN_VERSION "8.14.1"
 #endif  // SRC_ACORN_VERSION_H_

From b76bca6f3808f377ecba603f7ed0653462a30310 Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Mon, 23 Jun 2025 16:35:29 -0400
Subject: [PATCH 011/138] deps: update acorn to 8.15.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58711
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 deps/acorn/acorn/CHANGELOG.md     |  14 ++++
 deps/acorn/acorn/dist/acorn.d.mts |  23 ++++++-
 deps/acorn/acorn/dist/acorn.d.ts  |  23 ++++++-
 deps/acorn/acorn/dist/acorn.js    | 109 ++++++++++++++++++++++++++----
 deps/acorn/acorn/dist/acorn.mjs   | 109 ++++++++++++++++++++++++++----
 deps/acorn/acorn/dist/bin.js      |   2 +-
 deps/acorn/acorn/package.json     |   2 +-
 src/acorn_version.h               |   2 +-
 8 files changed, 245 insertions(+), 39 deletions(-)

diff --git a/deps/acorn/acorn/CHANGELOG.md b/deps/acorn/acorn/CHANGELOG.md
index 8b9ae8c4ed60c8..c86068cd71ab47 100644
--- a/deps/acorn/acorn/CHANGELOG.md
+++ b/deps/acorn/acorn/CHANGELOG.md
@@ -1,3 +1,17 @@
+## 8.15.0 (2025-06-08)
+
+### New features
+
+Support `using` and `await using` syntax.
+
+The `AnyNode` type is now defined in such a way that plugins can extend it.
+
+### Bug fixes
+
+Fix an issue where the `bigint` property of literal nodes for non-decimal bigints had the wrong format.
+
+The `acorn` CLI tool no longer crashes when emitting a tree that contains a bigint.
+
 ## 8.14.1 (2025-03-05)
 
 ### Bug fixes
diff --git a/deps/acorn/acorn/dist/acorn.d.mts b/deps/acorn/acorn/dist/acorn.d.mts
index 81f4e38fdbf4c9..f2ec5243bcb262 100644
--- a/deps/acorn/acorn/dist/acorn.d.mts
+++ b/deps/acorn/acorn/dist/acorn.d.mts
@@ -169,7 +169,7 @@ export interface FunctionDeclaration extends Function {
 export interface VariableDeclaration extends Node {
   type: "VariableDeclaration"
   declarations: Array<VariableDeclarator>
-  kind: "var" | "let" | "const"
+  kind: "var" | "let" | "const" | "using" | "await using"
 }
 
 export interface VariableDeclarator extends Node {
@@ -572,7 +572,24 @@ export type ModuleDeclaration =
 | ExportDefaultDeclaration
 | ExportAllDeclaration
 
-export type AnyNode = Statement | Expression | Declaration | ModuleDeclaration | Literal | Program | SwitchCase | CatchClause | Property | Super | SpreadElement | TemplateElement | AssignmentProperty | ObjectPattern | ArrayPattern | RestElement | AssignmentPattern | ClassBody | MethodDefinition | MetaProperty | ImportAttribute | ImportSpecifier | ImportDefaultSpecifier | ImportNamespaceSpecifier | ExportSpecifier | AnonymousFunctionDeclaration | AnonymousClassDeclaration | PropertyDefinition | PrivateIdentifier | StaticBlock | VariableDeclarator
+/**
+  * This interface is only used for defining {@link AnyNode}.
+  * It exists so that it can be extended by plugins:
+  *
+  * @example
+  * ```typescript
+  * declare module 'acorn' {
+  *   interface NodeTypes {
+  *     pluginName: FirstNode | SecondNode | ThirdNode | ... | LastNode
+  *   }
+  * }
+  * ```
+  */
+interface NodeTypes {
+  core: Statement | Expression | Declaration | ModuleDeclaration | Literal | Program | SwitchCase | CatchClause | Property | Super | SpreadElement | TemplateElement | AssignmentProperty | ObjectPattern | ArrayPattern | RestElement | AssignmentPattern | ClassBody | MethodDefinition | MetaProperty | ImportAttribute | ImportSpecifier | ImportDefaultSpecifier | ImportNamespaceSpecifier | ExportSpecifier | AnonymousFunctionDeclaration | AnonymousClassDeclaration | PropertyDefinition | PrivateIdentifier | StaticBlock | VariableDeclarator
+}
+
+export type AnyNode = NodeTypes[keyof NodeTypes]
 
 export function parse(input: string, options: Options): Program
 
@@ -583,7 +600,7 @@ export function tokenizer(input: string, options: Options): {
   [Symbol.iterator](): Iterator<Token>
 }
 
-export type ecmaVersion = 3 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021 | 2022 | 2023 | 2024 | 2025 | "latest"
+export type ecmaVersion = 3 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021 | 2022 | 2023 | 2024 | 2025 | 2026 | "latest"
 
 export interface Options {
   /**
diff --git a/deps/acorn/acorn/dist/acorn.d.ts b/deps/acorn/acorn/dist/acorn.d.ts
index 81f4e38fdbf4c9..f2ec5243bcb262 100644
--- a/deps/acorn/acorn/dist/acorn.d.ts
+++ b/deps/acorn/acorn/dist/acorn.d.ts
@@ -169,7 +169,7 @@ export interface FunctionDeclaration extends Function {
 export interface VariableDeclaration extends Node {
   type: "VariableDeclaration"
   declarations: Array<VariableDeclarator>
-  kind: "var" | "let" | "const"
+  kind: "var" | "let" | "const" | "using" | "await using"
 }
 
 export interface VariableDeclarator extends Node {
@@ -572,7 +572,24 @@ export type ModuleDeclaration =
 | ExportDefaultDeclaration
 | ExportAllDeclaration
 
-export type AnyNode = Statement | Expression | Declaration | ModuleDeclaration | Literal | Program | SwitchCase | CatchClause | Property | Super | SpreadElement | TemplateElement | AssignmentProperty | ObjectPattern | ArrayPattern | RestElement | AssignmentPattern | ClassBody | MethodDefinition | MetaProperty | ImportAttribute | ImportSpecifier | ImportDefaultSpecifier | ImportNamespaceSpecifier | ExportSpecifier | AnonymousFunctionDeclaration | AnonymousClassDeclaration | PropertyDefinition | PrivateIdentifier | StaticBlock | VariableDeclarator
+/**
+  * This interface is only used for defining {@link AnyNode}.
+  * It exists so that it can be extended by plugins:
+  *
+  * @example
+  * ```typescript
+  * declare module 'acorn' {
+  *   interface NodeTypes {
+  *     pluginName: FirstNode | SecondNode | ThirdNode | ... | LastNode
+  *   }
+  * }
+  * ```
+  */
+interface NodeTypes {
+  core: Statement | Expression | Declaration | ModuleDeclaration | Literal | Program | SwitchCase | CatchClause | Property | Super | SpreadElement | TemplateElement | AssignmentProperty | ObjectPattern | ArrayPattern | RestElement | AssignmentPattern | ClassBody | MethodDefinition | MetaProperty | ImportAttribute | ImportSpecifier | ImportDefaultSpecifier | ImportNamespaceSpecifier | ExportSpecifier | AnonymousFunctionDeclaration | AnonymousClassDeclaration | PropertyDefinition | PrivateIdentifier | StaticBlock | VariableDeclarator
+}
+
+export type AnyNode = NodeTypes[keyof NodeTypes]
 
 export function parse(input: string, options: Options): Program
 
@@ -583,7 +600,7 @@ export function tokenizer(input: string, options: Options): {
   [Symbol.iterator](): Iterator<Token>
 }
 
-export type ecmaVersion = 3 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021 | 2022 | 2023 | 2024 | 2025 | "latest"
+export type ecmaVersion = 3 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021 | 2022 | 2023 | 2024 | 2025 | 2026 | "latest"
 
 export interface Options {
   /**
diff --git a/deps/acorn/acorn/dist/acorn.js b/deps/acorn/acorn/dist/acorn.js
index aacf9749a69ebb..cb5628bf83cf0b 100644
--- a/deps/acorn/acorn/dist/acorn.js
+++ b/deps/acorn/acorn/dist/acorn.js
@@ -887,6 +887,49 @@
        !(isIdentifierChar(after = this.input.charCodeAt(next + 8)) || after > 0xd7ff && after < 0xdc00))
   };
 
+  pp$8.isUsingKeyword = function(isAwaitUsing, isFor) {
+    if (this.options.ecmaVersion < 17 || !this.isContextual(isAwaitUsing ? "await" : "using"))
+      { return false }
+
+    skipWhiteSpace.lastIndex = this.pos;
+    var skip = skipWhiteSpace.exec(this.input);
+    var next = this.pos + skip[0].length;
+
+    if (lineBreak.test(this.input.slice(this.pos, next))) { return false }
+
+    if (isAwaitUsing) {
+      var awaitEndPos = next + 5 /* await */, after;
+      if (this.input.slice(next, awaitEndPos) !== "using" ||
+        awaitEndPos === this.input.length ||
+        isIdentifierChar(after = this.input.charCodeAt(awaitEndPos)) ||
+        (after > 0xd7ff && after < 0xdc00)
+      ) { return false }
+
+      skipWhiteSpace.lastIndex = awaitEndPos;
+      var skipAfterUsing = skipWhiteSpace.exec(this.input);
+      if (skipAfterUsing && lineBreak.test(this.input.slice(awaitEndPos, awaitEndPos + skipAfterUsing[0].length))) { return false }
+    }
+
+    if (isFor) {
+      var ofEndPos = next + 2 /* of */, after$1;
+      if (this.input.slice(next, ofEndPos) === "of") {
+        if (ofEndPos === this.input.length ||
+          (!isIdentifierChar(after$1 = this.input.charCodeAt(ofEndPos)) && !(after$1 > 0xd7ff && after$1 < 0xdc00))) { return false }
+      }
+    }
+
+    var ch = this.input.charCodeAt(next);
+    return isIdentifierStart(ch, true) || ch === 92 // '\'
+  };
+
+  pp$8.isAwaitUsing = function(isFor) {
+    return this.isUsingKeyword(true, isFor)
+  };
+
+  pp$8.isUsing = function(isFor) {
+    return this.isUsingKeyword(false, isFor)
+  };
+
   // Parse a single statement.
   //
   // If expecting a statement and finding a slash operator, parse a
@@ -963,6 +1006,23 @@
         return this.parseFunctionStatement(node, true, !context)
       }
 
+      var usingKind = this.isAwaitUsing(false) ? "await using" : this.isUsing(false) ? "using" : null;
+      if (usingKind) {
+        if (topLevel && this.options.sourceType === "script") {
+          this.raise(this.start, "Using declaration cannot appear in the top level when source type is `script`");
+        }
+        if (usingKind === "await using") {
+          if (!this.canAwait) {
+            this.raise(this.start, "Await using cannot appear outside of async function");
+          }
+          this.next();
+        }
+        this.next();
+        this.parseVar(node, false, usingKind);
+        this.semicolon();
+        return this.finishNode(node, "VariableDeclaration")
+      }
+
       var maybeName = this.value, expr = this.parseExpression();
       if (starttype === types$1.name && expr.type === "Identifier" && this.eat(types$1.colon))
         { return this.parseLabeledStatement(node, maybeName, expr, context) }
@@ -1038,18 +1098,19 @@
       this.next();
       this.parseVar(init$1, true, kind);
       this.finishNode(init$1, "VariableDeclaration");
-      if ((this.type === types$1._in || (this.options.ecmaVersion >= 6 && this.isContextual("of"))) && init$1.declarations.length === 1) {
-        if (this.options.ecmaVersion >= 9) {
-          if (this.type === types$1._in) {
-            if (awaitAt > -1) { this.unexpected(awaitAt); }
-          } else { node.await = awaitAt > -1; }
-        }
-        return this.parseForIn(node, init$1)
-      }
-      if (awaitAt > -1) { this.unexpected(awaitAt); }
-      return this.parseFor(node, init$1)
+      return this.parseForAfterInit(node, init$1, awaitAt)
     }
     var startsWithLet = this.isContextual("let"), isForOf = false;
+
+    var usingKind = this.isUsing(true) ? "using" : this.isAwaitUsing(true) ? "await using" : null;
+    if (usingKind) {
+      var init$2 = this.startNode();
+      this.next();
+      if (usingKind === "await using") { this.next(); }
+      this.parseVar(init$2, true, usingKind);
+      this.finishNode(init$2, "VariableDeclaration");
+      return this.parseForAfterInit(node, init$2, awaitAt)
+    }
     var containsEsc = this.containsEsc;
     var refDestructuringErrors = new DestructuringErrors;
     var initPos = this.start;
@@ -1075,6 +1136,20 @@
     return this.parseFor(node, init)
   };
 
+  // Helper method to parse for loop after variable initialization
+  pp$8.parseForAfterInit = function(node, init, awaitAt) {
+    if ((this.type === types$1._in || (this.options.ecmaVersion >= 6 && this.isContextual("of"))) && init.declarations.length === 1) {
+      if (this.options.ecmaVersion >= 9) {
+        if (this.type === types$1._in) {
+          if (awaitAt > -1) { this.unexpected(awaitAt); }
+        } else { node.await = awaitAt > -1; }
+      }
+      return this.parseForIn(node, init)
+    }
+    if (awaitAt > -1) { this.unexpected(awaitAt); }
+    return this.parseFor(node, init)
+  };
+
   pp$8.parseFunctionStatement = function(node, isAsync, declarationPosition) {
     this.next();
     return this.parseFunction(node, FUNC_STATEMENT | (declarationPosition ? 0 : FUNC_HANGING_STATEMENT), false, isAsync)
@@ -1331,6 +1406,8 @@
         decl.init = this.parseMaybeAssign(isFor);
       } else if (!allowMissingInitializer && kind === "const" && !(this.type === types$1._in || (this.options.ecmaVersion >= 6 && this.isContextual("of")))) {
         this.unexpected();
+      } else if (!allowMissingInitializer && (kind === "using" || kind === "await using") && this.options.ecmaVersion >= 17 && this.type !== types$1._in && !this.isContextual("of")) {
+        this.raise(this.lastTokEnd, ("Missing initializer in " + kind + " declaration"));
       } else if (!allowMissingInitializer && decl.id.type !== "Identifier" && !(isFor && (this.type === types$1._in || this.isContextual("of")))) {
         this.raise(this.lastTokEnd, "Complex binding patterns require an initialization value");
       } else {
@@ -1343,7 +1420,10 @@
   };
 
   pp$8.parseVarId = function(decl, kind) {
-    decl.id = this.parseBindingAtom();
+    decl.id = kind === "using" || kind === "await using"
+      ? this.parseIdent()
+      : this.parseBindingAtom();
+
     this.checkLValPattern(decl.id, kind === "var" ? BIND_VAR : BIND_LEXICAL, false);
   };
 
@@ -3074,7 +3154,8 @@
     var node = this.startNode();
     node.value = value;
     node.raw = this.input.slice(this.start, this.end);
-    if (node.raw.charCodeAt(node.raw.length - 1) === 110) { node.bigint = node.raw.slice(0, -1).replace(/_/g, ""); }
+    if (node.raw.charCodeAt(node.raw.length - 1) === 110)
+      { node.bigint = node.value != null ? node.value.toString() : node.raw.slice(0, -1).replace(/_/g, ""); }
     this.next();
     return this.finishNode(node, "Literal")
   };
@@ -6104,11 +6185,9 @@
   // Please use the [github bug tracker][ghbt] to report issues.
   //
   // [ghbt]: https://github.com/acornjs/acorn/issues
-  //
-  // [walk]: util/walk.js
 
 
-  var version = "8.14.1";
+  var version = "8.15.0";
 
   Parser.acorn = {
     Parser: Parser,
diff --git a/deps/acorn/acorn/dist/acorn.mjs b/deps/acorn/acorn/dist/acorn.mjs
index 05004ece0ef028..74d5fc431be2b5 100644
--- a/deps/acorn/acorn/dist/acorn.mjs
+++ b/deps/acorn/acorn/dist/acorn.mjs
@@ -881,6 +881,49 @@ pp$8.isAsyncFunction = function() {
      !(isIdentifierChar(after = this.input.charCodeAt(next + 8)) || after > 0xd7ff && after < 0xdc00))
 };
 
+pp$8.isUsingKeyword = function(isAwaitUsing, isFor) {
+  if (this.options.ecmaVersion < 17 || !this.isContextual(isAwaitUsing ? "await" : "using"))
+    { return false }
+
+  skipWhiteSpace.lastIndex = this.pos;
+  var skip = skipWhiteSpace.exec(this.input);
+  var next = this.pos + skip[0].length;
+
+  if (lineBreak.test(this.input.slice(this.pos, next))) { return false }
+
+  if (isAwaitUsing) {
+    var awaitEndPos = next + 5 /* await */, after;
+    if (this.input.slice(next, awaitEndPos) !== "using" ||
+      awaitEndPos === this.input.length ||
+      isIdentifierChar(after = this.input.charCodeAt(awaitEndPos)) ||
+      (after > 0xd7ff && after < 0xdc00)
+    ) { return false }
+
+    skipWhiteSpace.lastIndex = awaitEndPos;
+    var skipAfterUsing = skipWhiteSpace.exec(this.input);
+    if (skipAfterUsing && lineBreak.test(this.input.slice(awaitEndPos, awaitEndPos + skipAfterUsing[0].length))) { return false }
+  }
+
+  if (isFor) {
+    var ofEndPos = next + 2 /* of */, after$1;
+    if (this.input.slice(next, ofEndPos) === "of") {
+      if (ofEndPos === this.input.length ||
+        (!isIdentifierChar(after$1 = this.input.charCodeAt(ofEndPos)) && !(after$1 > 0xd7ff && after$1 < 0xdc00))) { return false }
+    }
+  }
+
+  var ch = this.input.charCodeAt(next);
+  return isIdentifierStart(ch, true) || ch === 92 // '\'
+};
+
+pp$8.isAwaitUsing = function(isFor) {
+  return this.isUsingKeyword(true, isFor)
+};
+
+pp$8.isUsing = function(isFor) {
+  return this.isUsingKeyword(false, isFor)
+};
+
 // Parse a single statement.
 //
 // If expecting a statement and finding a slash operator, parse a
@@ -957,6 +1000,23 @@ pp$8.parseStatement = function(context, topLevel, exports) {
       return this.parseFunctionStatement(node, true, !context)
     }
 
+    var usingKind = this.isAwaitUsing(false) ? "await using" : this.isUsing(false) ? "using" : null;
+    if (usingKind) {
+      if (topLevel && this.options.sourceType === "script") {
+        this.raise(this.start, "Using declaration cannot appear in the top level when source type is `script`");
+      }
+      if (usingKind === "await using") {
+        if (!this.canAwait) {
+          this.raise(this.start, "Await using cannot appear outside of async function");
+        }
+        this.next();
+      }
+      this.next();
+      this.parseVar(node, false, usingKind);
+      this.semicolon();
+      return this.finishNode(node, "VariableDeclaration")
+    }
+
     var maybeName = this.value, expr = this.parseExpression();
     if (starttype === types$1.name && expr.type === "Identifier" && this.eat(types$1.colon))
       { return this.parseLabeledStatement(node, maybeName, expr, context) }
@@ -1032,18 +1092,19 @@ pp$8.parseForStatement = function(node) {
     this.next();
     this.parseVar(init$1, true, kind);
     this.finishNode(init$1, "VariableDeclaration");
-    if ((this.type === types$1._in || (this.options.ecmaVersion >= 6 && this.isContextual("of"))) && init$1.declarations.length === 1) {
-      if (this.options.ecmaVersion >= 9) {
-        if (this.type === types$1._in) {
-          if (awaitAt > -1) { this.unexpected(awaitAt); }
-        } else { node.await = awaitAt > -1; }
-      }
-      return this.parseForIn(node, init$1)
-    }
-    if (awaitAt > -1) { this.unexpected(awaitAt); }
-    return this.parseFor(node, init$1)
+    return this.parseForAfterInit(node, init$1, awaitAt)
   }
   var startsWithLet = this.isContextual("let"), isForOf = false;
+
+  var usingKind = this.isUsing(true) ? "using" : this.isAwaitUsing(true) ? "await using" : null;
+  if (usingKind) {
+    var init$2 = this.startNode();
+    this.next();
+    if (usingKind === "await using") { this.next(); }
+    this.parseVar(init$2, true, usingKind);
+    this.finishNode(init$2, "VariableDeclaration");
+    return this.parseForAfterInit(node, init$2, awaitAt)
+  }
   var containsEsc = this.containsEsc;
   var refDestructuringErrors = new DestructuringErrors;
   var initPos = this.start;
@@ -1069,6 +1130,20 @@ pp$8.parseForStatement = function(node) {
   return this.parseFor(node, init)
 };
 
+// Helper method to parse for loop after variable initialization
+pp$8.parseForAfterInit = function(node, init, awaitAt) {
+  if ((this.type === types$1._in || (this.options.ecmaVersion >= 6 && this.isContextual("of"))) && init.declarations.length === 1) {
+    if (this.options.ecmaVersion >= 9) {
+      if (this.type === types$1._in) {
+        if (awaitAt > -1) { this.unexpected(awaitAt); }
+      } else { node.await = awaitAt > -1; }
+    }
+    return this.parseForIn(node, init)
+  }
+  if (awaitAt > -1) { this.unexpected(awaitAt); }
+  return this.parseFor(node, init)
+};
+
 pp$8.parseFunctionStatement = function(node, isAsync, declarationPosition) {
   this.next();
   return this.parseFunction(node, FUNC_STATEMENT | (declarationPosition ? 0 : FUNC_HANGING_STATEMENT), false, isAsync)
@@ -1325,6 +1400,8 @@ pp$8.parseVar = function(node, isFor, kind, allowMissingInitializer) {
       decl.init = this.parseMaybeAssign(isFor);
     } else if (!allowMissingInitializer && kind === "const" && !(this.type === types$1._in || (this.options.ecmaVersion >= 6 && this.isContextual("of")))) {
       this.unexpected();
+    } else if (!allowMissingInitializer && (kind === "using" || kind === "await using") && this.options.ecmaVersion >= 17 && this.type !== types$1._in && !this.isContextual("of")) {
+      this.raise(this.lastTokEnd, ("Missing initializer in " + kind + " declaration"));
     } else if (!allowMissingInitializer && decl.id.type !== "Identifier" && !(isFor && (this.type === types$1._in || this.isContextual("of")))) {
       this.raise(this.lastTokEnd, "Complex binding patterns require an initialization value");
     } else {
@@ -1337,7 +1414,10 @@ pp$8.parseVar = function(node, isFor, kind, allowMissingInitializer) {
 };
 
 pp$8.parseVarId = function(decl, kind) {
-  decl.id = this.parseBindingAtom();
+  decl.id = kind === "using" || kind === "await using"
+    ? this.parseIdent()
+    : this.parseBindingAtom();
+
   this.checkLValPattern(decl.id, kind === "var" ? BIND_VAR : BIND_LEXICAL, false);
 };
 
@@ -3068,7 +3148,8 @@ pp$5.parseLiteral = function(value) {
   var node = this.startNode();
   node.value = value;
   node.raw = this.input.slice(this.start, this.end);
-  if (node.raw.charCodeAt(node.raw.length - 1) === 110) { node.bigint = node.raw.slice(0, -1).replace(/_/g, ""); }
+  if (node.raw.charCodeAt(node.raw.length - 1) === 110)
+    { node.bigint = node.value != null ? node.value.toString() : node.raw.slice(0, -1).replace(/_/g, ""); }
   this.next();
   return this.finishNode(node, "Literal")
 };
@@ -6098,11 +6179,9 @@ pp.readWord = function() {
 // Please use the [github bug tracker][ghbt] to report issues.
 //
 // [ghbt]: https://github.com/acornjs/acorn/issues
-//
-// [walk]: util/walk.js
 
 
-var version = "8.14.1";
+var version = "8.15.0";
 
 Parser.acorn = {
   Parser: Parser,
diff --git a/deps/acorn/acorn/dist/bin.js b/deps/acorn/acorn/dist/bin.js
index 0bf3e5f8d12bda..c7d9b9f8ed88fe 100644
--- a/deps/acorn/acorn/dist/bin.js
+++ b/deps/acorn/acorn/dist/bin.js
@@ -77,7 +77,7 @@ function run(codeList) {
     console.error(fileMode ? e.message.replace(/\(\d+:\d+\)$/, function (m) { return m.slice(0, 1) + inputFilePaths[fileIdx] + " " + m.slice(1); }) : e.message);
     process.exit(1);
   }
-  if (!silent) { console.log(JSON.stringify(result, null, compact ? null : 2)); }
+  if (!silent) { console.log(JSON.stringify(result, function (_, value) { return typeof value === "bigint" ? null : value; }, compact ? null : 2)); }
 }
 
 if (fileMode = inputFilePaths.length && (forceFileName || !inputFilePaths.includes("-") || inputFilePaths.length !== 1)) {
diff --git a/deps/acorn/acorn/package.json b/deps/acorn/acorn/package.json
index 3c00dbac0163d9..6f63ddbf620a19 100644
--- a/deps/acorn/acorn/package.json
+++ b/deps/acorn/acorn/package.json
@@ -16,7 +16,7 @@
     ],
     "./package.json": "./package.json"
   },
-  "version": "8.14.1",
+  "version": "8.15.0",
   "engines": {
     "node": ">=0.4.0"
   },
diff --git a/src/acorn_version.h b/src/acorn_version.h
index 5a58b89d0561d8..a8af314b687206 100644
--- a/src/acorn_version.h
+++ b/src/acorn_version.h
@@ -2,5 +2,5 @@
 // Refer to tools/dep_updaters/update-acorn.sh
 #ifndef SRC_ACORN_VERSION_H_
 #define SRC_ACORN_VERSION_H_
-#define ACORN_VERSION "8.14.1"
+#define ACORN_VERSION "8.15.0"
 #endif  // SRC_ACORN_VERSION_H_

From 91282ff16b798bb3b4003bb199991568a103a298 Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Thu, 5 Jun 2025 05:15:00 -0400
Subject: [PATCH 012/138] deps: update corepack to 0.33.0

PR-URL: https://github.com/nodejs/node/pull/58566
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
---
 deps/corepack/CHANGELOG.md          | 13 +++++++++++++
 deps/corepack/README.md             |  4 ++--
 deps/corepack/dist/lib/corepack.cjs | 24 ++++++++++++++++++------
 deps/corepack/package.json          |  8 ++++----
 4 files changed, 37 insertions(+), 12 deletions(-)

diff --git a/deps/corepack/CHANGELOG.md b/deps/corepack/CHANGELOG.md
index ad0bba51c6b83f..e4f0b185a73616 100644
--- a/deps/corepack/CHANGELOG.md
+++ b/deps/corepack/CHANGELOG.md
@@ -1,5 +1,18 @@
 # Changelog
 
+## [0.33.0](https://github.com/nodejs/corepack/compare/v0.32.0...v0.33.0) (2025-06-02)
+
+
+### Features
+
+* Adds guard to avoid stepping on Yarn's feet ([#714](https://github.com/nodejs/corepack/issues/714)) ([5fc3691](https://github.com/nodejs/corepack/commit/5fc3691354eb5bdeca17a9495b234584353f0151))
+* update package manager versions ([#671](https://github.com/nodejs/corepack/issues/671)) ([b45b3a3](https://github.com/nodejs/corepack/commit/b45b3a3244bacfbaf65188ae8c04209a1e98307d))
+
+
+### Bug Fixes
+
+* debug text typo ([#698](https://github.com/nodejs/corepack/issues/698)) ([0b94797](https://github.com/nodejs/corepack/commit/0b94797f96e30e46e466873fe7d437d0471cd92c))
+
 ## [0.32.0](https://github.com/nodejs/corepack/compare/v0.31.0...v0.32.0) (2025-02-28)
 
 
diff --git a/deps/corepack/README.md b/deps/corepack/README.md
index 67d396d5ca9642..079746ee796366 100644
--- a/deps/corepack/README.md
+++ b/deps/corepack/README.md
@@ -286,8 +286,8 @@ same major line. Should you need to upgrade to a new major, use an explicit
   package manager, and to not update the Last Known Good version when it
   downloads a new version of the same major line.
 
-- `COREPACK_ENABLE_AUTO_PIN` can be set to `0` to prevent Corepack from
-  updating the `packageManager` field when it detects that the local package
+- `COREPACK_ENABLE_AUTO_PIN` can be set to `1` to instruct Corepack to
+  update the `packageManager` field when it detects that the local package
   doesn't list it. In general we recommend to always list a `packageManager`
   field (which you can easily set through `corepack use [name]@[version]`), as
   it ensures that your project installs are always deterministic.
diff --git a/deps/corepack/dist/lib/corepack.cjs b/deps/corepack/dist/lib/corepack.cjs
index 7a098cbe250aab..c6854077d0fa6b 100644
--- a/deps/corepack/dist/lib/corepack.cjs
+++ b/deps/corepack/dist/lib/corepack.cjs
@@ -21683,7 +21683,7 @@ function String2(descriptor, ...args) {
 }
 
 // package.json
-var version = "0.32.0";
+var version = "0.33.0";
 
 // sources/Engine.ts
 var import_fs9 = __toESM(require("fs"));
@@ -21697,7 +21697,7 @@ var import_valid4 = __toESM(require_valid2());
 var config_default = {
   definitions: {
     npm: {
-      default: "11.1.0+sha1.dba08f7d0f5301ebedaf968b4f74b2282f97a750",
+      default: "11.4.1+sha1.80350af543069991de20657ebcd07d9624cfad06",
       fetchLatestFrom: {
         type: "npm",
         package: "npm"
@@ -21734,7 +21734,7 @@ var config_default = {
       }
     },
     pnpm: {
-      default: "10.5.2+sha1.ca68c0441df195b7e2992f1d1cb12fb731f82d78",
+      default: "10.11.0+sha1.4048eeefd564ff1ab248fac3e2854d38245fe2f1",
       fetchLatestFrom: {
         type: "npm",
         package: "pnpm"
@@ -21798,7 +21798,7 @@ var config_default = {
         package: "yarn"
       },
       transparent: {
-        default: "4.6.0+sha224.acd0786f07ffc6c933940eb65fc1d627131ddf5455bddcc295dc90fd",
+        default: "4.9.1+sha224.4285002185abb91fe2b781f27fd1e078086c37a7b095f6ea4ee25971",
         commands: [
           [
             "yarn",
@@ -22105,6 +22105,10 @@ async function getProxyAgent(input) {
 }
 
 // sources/corepackUtils.ts
+var YARN_SWITCH_REGEX = /[/\\]switch[/\\]bin[/\\]/;
+function isYarnSwitchPath(p) {
+  return YARN_SWITCH_REGEX.test(p);
+}
 function getRegistryFromPackageManagerSpec(spec) {
   return process.env.COREPACK_NPM_REGISTRY ? spec.npmRegistry ?? spec.registry : spec.registry;
 }
@@ -22896,7 +22900,7 @@ var Engine = class {
         case `NoSpec`: {
           if (typeof locator.reference === `function`)
             fallbackDescriptor.range = await locator.reference();
-          if (import_process3.default.env.COREPACK_ENABLE_AUTO_PIN !== `0`) {
+          if (import_process3.default.env.COREPACK_ENABLE_AUTO_PIN === `1`) {
             const resolved = await this.resolveDescriptor(fallbackDescriptor, { allowTags: true });
             if (resolved === null)
               throw new UsageError(`Failed to successfully resolve '${fallbackDescriptor.range}' to a valid ${fallbackDescriptor.name} release`);
@@ -22906,7 +22910,7 @@ var Engine = class {
             console.error();
             await setLocalPackageManager(import_path9.default.dirname(result.target), installSpec);
           }
-          log(`Falling back to ${fallbackDescriptor.name}@${fallbackDescriptor.range} in the absence of "packageManage" field in ${result.target}`);
+          log(`Falling back to ${fallbackDescriptor.name}@${fallbackDescriptor.range} in the absence of "packageManager" field in ${result.target}`);
           return fallbackDescriptor;
         }
         case `Found`: {
@@ -23070,6 +23074,10 @@ var DisableCommand = class extends Command {
   async removePosixLink(installDirectory, binName) {
     const file = import_path10.default.join(installDirectory, binName);
     try {
+      if (binName.includes(`yarn`) && isYarnSwitchPath(await import_fs11.default.promises.realpath(file))) {
+        console.warn(`${binName} is already installed in ${file} and points to a Yarn Switch install - skipping`);
+        return;
+      }
       await import_fs11.default.promises.unlink(file);
     } catch (err) {
       if (err.code !== `ENOENT`) {
@@ -23147,6 +23155,10 @@ var EnableCommand = class extends Command {
     const symlink = import_path11.default.relative(installDirectory, import_path11.default.join(distFolder, `${binName}.js`));
     if (import_fs12.default.existsSync(file)) {
       const currentSymlink = await import_fs12.default.promises.readlink(file);
+      if (binName.includes(`yarn`) && isYarnSwitchPath(await import_fs12.default.promises.realpath(file))) {
+        console.warn(`${binName} is already installed in ${file} and points to a Yarn Switch install - skipping`);
+        return;
+      }
       if (currentSymlink !== symlink) {
         await import_fs12.default.promises.unlink(file);
       } else {
diff --git a/deps/corepack/package.json b/deps/corepack/package.json
index 75f5725328a605..7bf3d9e6604a50 100644
--- a/deps/corepack/package.json
+++ b/deps/corepack/package.json
@@ -1,6 +1,6 @@
 {
   "name": "corepack",
-  "version": "0.32.0",
+  "version": "0.33.0",
   "homepage": "https://github.com/nodejs/corepack#readme",
   "bugs": {
     "url": "https://github.com/nodejs/corepack/issues"
@@ -16,21 +16,21 @@
     "./package.json": "./package.json"
   },
   "license": "MIT",
-  "packageManager": "yarn@4.6.0+sha512.5383cc12567a95f1d668fbe762dfe0075c595b4bfff433be478dbbe24e05251a8e8c3eb992a986667c1d53b6c3a9c85b8398c35a960587fbd9fa3a0915406728",
+  "packageManager": "yarn@4.9.0+sha224.dce6c5df199861784bd9b0eecb2a228df97e3f18a02b1bb75ff98383",
   "devDependencies": {
     "@types/debug": "^4.1.5",
     "@types/node": "^20.4.6",
     "@types/proxy-from-env": "^1",
     "@types/semver": "^7.1.0",
     "@types/which": "^3.0.0",
-    "@yarnpkg/eslint-config": "^2.0.0",
+    "@yarnpkg/eslint-config": "^3.0.0",
     "@yarnpkg/fslib": "^3.0.0-rc.48",
     "@zkochan/cmd-shim": "^6.0.0",
     "better-sqlite3": "^11.7.2",
     "clipanion": "patch:clipanion@npm%3A3.2.1#~/.yarn/patches/clipanion-npm-3.2.1-fc9187f56c.patch",
     "debug": "^4.1.1",
     "esbuild": "^0.25.0",
-    "eslint": "^8.57.0",
+    "eslint": "^9.22.0",
     "proxy-from-env": "^1.1.0",
     "semver": "^7.6.3",
     "supports-color": "^10.0.0",

From 43e3f9b26b3cdf1dd9995db05ed775fa96d991c7 Mon Sep 17 00:00:00 2001
From: Michael Dawson <midawson@redhat.com>
Date: Tue, 4 Feb 2025 08:12:33 -0500
Subject: [PATCH 013/138] deps: update cjs-module-lexer to 2.0.0

Signed-off-by: Michael Dawson <mdawson@devrus.com>
PR-URL: https://github.com/nodejs/node/pull/56855
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
---
 deps/cjs-module-lexer/LICENSE                 |   20 +-
 deps/cjs-module-lexer/README.md               |  926 ++++----
 deps/cjs-module-lexer/dist/lexer-external.js  |   91 -
 deps/cjs-module-lexer/dist/lexer.js           |    2 +-
 deps/cjs-module-lexer/dist/lexer.mjs          |    4 +-
 deps/cjs-module-lexer/lexer.js                |    0
 deps/cjs-module-lexer/src/.babelrc            |   10 +
 deps/cjs-module-lexer/src/CHANGELOG.md        |   40 +
 deps/cjs-module-lexer/src/LICENSE             |   10 +
 deps/cjs-module-lexer/src/Makefile            |   16 +
 deps/cjs-module-lexer/src/README.md           |  464 ++++
 deps/cjs-module-lexer/src/build.js            |   25 +
 deps/cjs-module-lexer/src/build/Makefile      |   13 +
 deps/cjs-module-lexer/src/build/wasm.js       |   54 +
 .../src/include-wasm/cjs-module-lexer.h       |  238 +++
 deps/cjs-module-lexer/src/lexer.d.mts         |    1 +
 deps/cjs-module-lexer/{ => src}/lexer.d.ts    |   16 +-
 deps/cjs-module-lexer/src/lexer.js            | 1443 +++++++++++++
 deps/cjs-module-lexer/src/lib/lexer.wasm      |  Bin 0 -> 22164 bytes
 deps/cjs-module-lexer/src/package-lock.json   | 1901 +++++++++++++++++
 deps/cjs-module-lexer/{ => src}/package.json  |   96 +-
 deps/cjs-module-lexer/src/src/lexer.c         | 1516 +++++++++++++
 .../lexer-external.mjs => src/src/lexer.js}   |  223 +-
 doc/api/esm.md                                |    2 +-
 src/cjs_module_lexer_version.h                |    2 +-
 test/parallel/test-process-versions.js        |    2 +-
 tools/dep_updaters/update-cjs-module-lexer.sh |   53 +-
 27 files changed, 6432 insertions(+), 736 deletions(-)
 delete mode 100644 deps/cjs-module-lexer/dist/lexer-external.js
 mode change 100644 => 100755 deps/cjs-module-lexer/lexer.js
 create mode 100755 deps/cjs-module-lexer/src/.babelrc
 create mode 100644 deps/cjs-module-lexer/src/CHANGELOG.md
 create mode 100755 deps/cjs-module-lexer/src/LICENSE
 create mode 100755 deps/cjs-module-lexer/src/Makefile
 create mode 100755 deps/cjs-module-lexer/src/README.md
 create mode 100755 deps/cjs-module-lexer/src/build.js
 create mode 100755 deps/cjs-module-lexer/src/build/Makefile
 create mode 100644 deps/cjs-module-lexer/src/build/wasm.js
 create mode 100755 deps/cjs-module-lexer/src/include-wasm/cjs-module-lexer.h
 create mode 100644 deps/cjs-module-lexer/src/lexer.d.mts
 rename deps/cjs-module-lexer/{ => src}/lexer.d.ts (96%)
 mode change 100644 => 100755
 create mode 100755 deps/cjs-module-lexer/src/lexer.js
 create mode 100755 deps/cjs-module-lexer/src/lib/lexer.wasm
 create mode 100644 deps/cjs-module-lexer/src/package-lock.json
 rename deps/cjs-module-lexer/{ => src}/package.json (95%)
 mode change 100644 => 100755
 create mode 100755 deps/cjs-module-lexer/src/src/lexer.c
 rename deps/cjs-module-lexer/{dist/lexer-external.mjs => src/src/lexer.js} (84%)
 mode change 100644 => 100755

diff --git a/deps/cjs-module-lexer/LICENSE b/deps/cjs-module-lexer/LICENSE
index b31c17aa33cdd9..935b357962d08b 100644
--- a/deps/cjs-module-lexer/LICENSE
+++ b/deps/cjs-module-lexer/LICENSE
@@ -1,10 +1,10 @@
-MIT License
------------
-
-Copyright (C) 2018-2020 Guy Bedford
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+MIT License
+-----------
+
+Copyright (C) 2018-2020 Guy Bedford
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/deps/cjs-module-lexer/README.md b/deps/cjs-module-lexer/README.md
index 2af01279ed2f38..cc7ca50cc72243 100644
--- a/deps/cjs-module-lexer/README.md
+++ b/deps/cjs-module-lexer/README.md
@@ -1,462 +1,464 @@
-# CJS Module Lexer
-
-[![Build Status][travis-image]][travis-url]
-
-A [very fast](#benchmarks) JS CommonJS module syntax lexer used to detect the most likely list of named exports of a CommonJS module.
-
-Outputs the list of named exports (`exports.name = ...`) and possible module reexports (`module.exports = require('...')`), including the common transpiler variations of these cases.
-
-Forked from https://github.com/guybedford/es-module-lexer.
-
-_Comprehensively handles the JS language grammar while remaining small and fast. - ~90ms per MB of JS cold and ~15ms per MB of JS warm, [see benchmarks](#benchmarks) for more info._
-
-### Project Status
-
-This project is used in Node.js core for detecting the named exports available when importing a CJS module into ESM, and is maintained for this purpose.
-
-PRs will be accepted and upstreamed for parser bugs, performance improvements or new syntax support only.
-
-_Detection patterns for this project are **frozen**_. This is because adding any new export detection patterns would result in fragmented backwards-compatibility. Specifically, it would be very difficult to figure out why an ES module named export for CommonJS might work in newer Node.js versions but not older versions. This problem would only be discovered downstream of module authors, with the fix for module authors being to then have to understand which patterns in this project provide full backwards-compatibily. Rather, by fully freezing the detected patterns, if it works in any Node.js version it will work in any other. Build tools can also reliably treat the supported syntax for this project as a part of their output target for ensuring syntax support.
-
-### Usage
-
-```
-npm install cjs-module-lexer
-```
-
-For use in CommonJS:
-
-```js
-const { parse } = require('cjs-module-lexer');
-
-// `init` return a promise for parity with the ESM API, but you do not have to call it
-
-const { exports, reexports } = parse(`
-  // named exports detection
-  module.exports.a = 'a';
-  (function () {
-    exports.b = 'b';
-  })();
-  Object.defineProperty(exports, 'c', { value: 'c' });
-  /* exports.d = 'not detected'; */
-
-  // reexports detection
-  if (maybe) module.exports = require('./dep1.js');
-  if (another) module.exports = require('./dep2.js');
-
-  // literal exports assignments
-  module.exports = { a, b: c, d, 'e': f }
-
-  // __esModule detection
-  Object.defineProperty(module.exports, '__esModule', { value: true })
-`);
-
-// exports === ['a', 'b', 'c', '__esModule']
-// reexports === ['./dep1.js', './dep2.js']
-```
-
-When using the ESM version, Wasm is supported instead:
-
-```js
-import { parse, init } from 'cjs-module-lexer';
-// init() needs to be called and waited upon, or use initSync() to compile
-// Wasm blockingly and synchronously.
-await init();
-const { exports, reexports } = parse(source);
-```
-
-The Wasm build is around 1.5x faster and without a cold start.
-
-### Grammar
-
-CommonJS exports matches are run against the source token stream.
-
-The token grammar is:
-
-```
-IDENTIFIER: As defined by ECMA-262, without support for identifier `\` escapes, filtered to remove strict reserved words:
-            "implements", "interface", "let", "package", "private", "protected", "public", "static", "yield", "enum"
-
-STRING_LITERAL: A `"` or `'` bounded ECMA-262 string literal.
-
-MODULE_EXPORTS: `module` `.` `exports`
-
-EXPORTS_IDENTIFIER: MODULE_EXPORTS_IDENTIFIER | `exports`
-
-EXPORTS_DOT_ASSIGN: EXPORTS_IDENTIFIER `.` IDENTIFIER `=`
-
-EXPORTS_LITERAL_COMPUTED_ASSIGN: EXPORTS_IDENTIFIER `[` STRING_LITERAL `]` `=`
-
-EXPORTS_LITERAL_PROP: (IDENTIFIER  (`:` IDENTIFIER)?) | (STRING_LITERAL `:` IDENTIFIER)
-
-EXPORTS_SPREAD: `...` (IDENTIFIER | REQUIRE)
-
-EXPORTS_MEMBER: EXPORTS_DOT_ASSIGN | EXPORTS_LITERAL_COMPUTED_ASSIGN
-
-EXPORTS_DEFINE: `Object` `.` `defineProperty `(` EXPORTS_IDENFITIER `,` STRING_LITERAL
-
-EXPORTS_DEFINE_VALUE: EXPORTS_DEFINE `, {`
-  (`enumerable: true,`)?
-  (
-    `value:` |
-    `get` (`: function` IDENTIFIER? )?  `() {` return IDENTIFIER (`.` IDENTIFIER | `[` STRING_LITERAL `]`)? `;`? `}` `,`?
-  )
-  `})`
-
-EXPORTS_LITERAL: MODULE_EXPORTS `=` `{` (EXPORTS_LITERAL_PROP | EXPORTS_SPREAD) `,`)+ `}`
-
-REQUIRE: `require` `(` STRING_LITERAL `)`
-
-EXPORTS_ASSIGN: (`var` | `const` | `let`) IDENTIFIER `=` (`_interopRequireWildcard (`)? REQUIRE
-
-MODULE_EXPORTS_ASSIGN: MODULE_EXPORTS `=` REQUIRE
-
-EXPORT_STAR: (`__export` | `__exportStar`) `(` REQUIRE
-
-EXPORT_STAR_LIB: `Object.keys(` IDENTIFIER$1 `).forEach(function (` IDENTIFIER$2 `) {`
-  (
-    (
-      `if (` IDENTIFIER$2 `===` ( `'default'` | `"default"` ) `||` IDENTIFIER$2 `===` ( '__esModule' | `"__esModule"` ) `) return` `;`?
-      (
-        (`if (Object` `.prototype`? `.hasOwnProperty.call(`  IDENTIFIER `, ` IDENTIFIER$2 `)) return` `;`?)?
-        (`if (` IDENTIFIER$2 `in` EXPORTS_IDENTIFIER `&&` EXPORTS_IDENTIFIER `[` IDENTIFIER$2 `] ===` IDENTIFIER$1 `[` IDENTIFIER$2 `]) return` `;`)?
-      )?
-    ) |
-    `if (` IDENTIFIER$2 `!==` ( `'default'` | `"default"` ) (`&& !` (`Object` `.prototype`? `.hasOwnProperty.call(`  IDENTIFIER `, ` IDENTIFIER$2 `)` | IDENTIFIER `.hasOwnProperty(` IDENTIFIER$2 `)`))? `)`
-  )
-  (
-    EXPORTS_IDENTIFIER `[` IDENTIFIER$2 `] =` IDENTIFIER$1 `[` IDENTIFIER$2 `]` `;`? |
-    `Object.defineProperty(` EXPORTS_IDENTIFIER `, ` IDENTIFIER$2 `, { enumerable: true, get` (`: function` IDENTIFIER? )?  `() { return ` IDENTIFIER$1 `[` IDENTIFIER$2 `]` `;`? `}` `,`? `})` `;`?
-  )
-  `})`
-```
-
-Spacing between tokens is taken to be any ECMA-262 whitespace, ECMA-262 block comment or ECMA-262 line comment.
-
-* The returned export names are taken to be the combination of:
-  1. All `IDENTIFIER` and `STRING_LITERAL` slots for `EXPORTS_MEMBER` and `EXPORTS_LITERAL` matches.
-  2. The first `STRING_LITERAL` slot for all `EXPORTS_DEFINE_VALUE` matches where that same string is not an `EXPORTS_DEFINE` match that is not also an `EXPORTS_DEFINE_VALUE` match.
-* The reexport specifiers are taken to be the combination of:
-  1. The `REQUIRE` matches of the last matched of either `MODULE_EXPORTS_ASSIGN` or `EXPORTS_LITERAL`.
-  2. All _top-level_ `EXPORT_STAR` `REQUIRE` matches and `EXPORTS_ASSIGN` matches whose `IDENTIFIER` also matches the first `IDENTIFIER` in `EXPORT_STAR_LIB`.
-
-### Parsing Examples
-
-#### Named Exports Parsing
-
-The basic matching rules for named exports are `exports.name`, `exports['name']` or `Object.defineProperty(exports, 'name', ...)`. This matching is done without scope analysis and regardless of the expression position:
-
-```js
-// DETECTS EXPORTS: a, b
-(function (exports) {
-  exports.a = 'a'; 
-  exports['b'] = 'b';
-})(exports);
-```
-
-Because there is no scope analysis, the above detection may overclassify:
-
-```js
-// DETECTS EXPORTS: a, b, c
-(function (exports, Object) {
-  exports.a = 'a';
-  exports['b'] = 'b';
-  if (false)
-    exports.c = 'c';
-})(NOT_EXPORTS, NOT_OBJECT);
-```
-
-It will in turn underclassify in cases where the identifiers are renamed:
-
-```js
-// DETECTS: NO EXPORTS
-(function (e) {
-  e.a = 'a';
-  e['b'] = 'b';
-})(exports);
-```
-
-#### Getter Exports Parsing
-
-`Object.defineProperty` is detected for specifically value and getter forms returning an identifier or member expression:
-
-```js
-// DETECTS: a, b, c, d, __esModule
-Object.defineProperty(exports, 'a', {
-  enumerable: true,
-  get: function () {
-    return q.p;
-  }
-});
-Object.defineProperty(exports, 'b', {
-  enumerable: true,
-  get: function () {
-    return q['p'];
-  }
-});
-Object.defineProperty(exports, 'c', {
-  enumerable: true,
-  get () {
-    return b;
-  }
-});
-Object.defineProperty(exports, 'd', { value: 'd' });
-Object.defineProperty(exports, '__esModule', { value: true });
-```
-
-Value properties are also detected specifically:
-
-```js
-Object.defineProperty(exports, 'a', {
-  value: 'no problem'
-});
-```
-
-To avoid matching getters that have side effects, any getter for an export name that does not support the forms above will
-opt-out of the getter matching:
-
-```js
-// DETECTS: NO EXPORTS
-Object.defineProperty(exports, 'a', {
-  get () {
-    return 'nope';
-  }
-});
-
-if (false) {
-  Object.defineProperty(module.exports, 'a', {
-    get () {
-      return dynamic();
-    }
-  })
-}
-```
-
-Alternative object definition structures or getter function bodies are not detected:
-
-```js
-// DETECTS: NO EXPORTS
-Object.defineProperty(exports, 'a', {
-  enumerable: false,
-  get () {
-    return p;
-  }
-});
-Object.defineProperty(exports, 'b', {
-  configurable: true,
-  get () {
-    return p;
-  }
-});
-Object.defineProperty(exports, 'c', {
-  get: () => p
-});
-Object.defineProperty(exports, 'd', {
-  enumerable: true,
-  get: function () {
-    return dynamic();
-  }
-});
-Object.defineProperty(exports, 'e', {
-  enumerable: true,
-  get () {
-    return 'str';
-  }
-});
-```
-
-`Object.defineProperties` is also not supported.
-
-#### Exports Object Assignment
-
-A best-effort is made to detect `module.exports` object assignments, but because this is not a full parser, arbitrary expressions are not handled in the
-object parsing process.
-
-Simple object definitions are supported:
-
-```js
-// DETECTS EXPORTS: a, b, c
-module.exports = {
-  a,
-  'b': b,
-  c: c,
-  ...d
-};
-```
-
-Object properties that are not identifiers or string expressions will bail out of the object detection, while spreads are ignored:
-
-```js
-// DETECTS EXPORTS: a, b
-module.exports = {
-  a,
-  ...d,
-  b: require('c'),
-  c: "not detected since require('c') above bails the object detection"
-}
-```
-
-`Object.defineProperties` is not currently supported either.
-
-#### module.exports reexport assignment
-
-Any `module.exports = require('mod')` assignment is detected as a reexport, but only the last one is returned:
-
-```js
-// DETECTS REEXPORTS: c
-module.exports = require('a');
-(module => module.exports = require('b'))(NOT_MODULE);
-if (false) module.exports = require('c');
-```
-
-This is to avoid over-classification in Webpack bundles with externals which include `module.exports = require('external')` in their source for every external dependency.
-
-In exports object assignment, any spread of `require()` are detected as multiple separate reexports:
-
-```js
-// DETECTS REEXPORTS: a, b
-module.exports = require('ignored');
-module.exports = {
-  ...require('a'),
-  ...require('b')
-};
-```
-
-#### Transpiler Re-exports
-
-For named exports, transpiler output works well with the rules described above.
-
-But for star re-exports, special care is taken to support common patterns of transpiler outputs from Babel and TypeScript as well as bundlers like RollupJS.
-These reexport and star reexport patterns are restricted to only be detected at the top-level as provided by the direct output of these tools.
-
-For example, `export * from 'external'` is output by Babel as:
-
-```js
-"use strict";
-
-exports.__esModule = true;
-
-var _external = require("external");
-
-Object.keys(_external).forEach(function (key) {
-  if (key === "default" || key === "__esModule") return;
-  exports[key] = _external[key];
-});
-```
-
-Where the `var _external = require("external")` is specifically detected as well as the `Object.keys(_external)` statement, down to the exact
-for of that entire expression including minor variations of the output. The `_external` and `key` identifiers are carefully matched in this
-detection.
-
-Similarly for TypeScript, `export * from 'external'` is output as:
-
-```js
-"use strict";
-function __export(m) {
-    for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
-}
-Object.defineProperty(exports, "__esModule", { value: true });
-__export(require("external"));
-```
-
-Where the `__export(require("external"))` statement is explicitly detected as a reexport, including variations `tslib.__export` and `__exportStar`.
-
-### Environment Support
-
-Node.js 10+, and [all browsers with Web Assembly support](https://caniuse.com/#feat=wasm).
-
-### JS Grammar Support
-
-* Token state parses all line comments, block comments, strings, template strings, blocks, parens and punctuators.
-* Division operator / regex token ambiguity is handled via backtracking checks against punctuator prefixes, including closing brace or paren backtracking.
-* Always correctly parses valid JS source, but may parse invalid JS source without errors.
-
-### Benchmarks
-
-Benchmarks can be run with `npm run bench`.
-
-Current results:
-
-JS Build:
-
-```
-Module load time
-> 4ms
-Cold Run, All Samples
-test/samples/*.js (3635 KiB)
-> 299ms
-
-Warm Runs (average of 25 runs)
-test/samples/angular.js (1410 KiB)
-> 13.96ms
-test/samples/angular.min.js (303 KiB)
-> 4.72ms
-test/samples/d3.js (553 KiB)
-> 6.76ms
-test/samples/d3.min.js (250 KiB)
-> 4ms
-test/samples/magic-string.js (34 KiB)
-> 0.64ms
-test/samples/magic-string.min.js (20 KiB)
-> 0ms
-test/samples/rollup.js (698 KiB)
-> 8.48ms
-test/samples/rollup.min.js (367 KiB)
-> 5.36ms
-
-Warm Runs, All Samples (average of 25 runs)
-test/samples/*.js (3635 KiB)
-> 40.28ms
-```
-
-Wasm Build:
-```
-Module load time
-> 10ms
-Cold Run, All Samples
-test/samples/*.js (3635 KiB)
-> 43ms
-
-Warm Runs (average of 25 runs)
-test/samples/angular.js (1410 KiB)
-> 9.32ms
-test/samples/angular.min.js (303 KiB)
-> 3.16ms
-test/samples/d3.js (553 KiB)
-> 5ms
-test/samples/d3.min.js (250 KiB)
-> 2.32ms
-test/samples/magic-string.js (34 KiB)
-> 0.16ms
-test/samples/magic-string.min.js (20 KiB)
-> 0ms
-test/samples/rollup.js (698 KiB)
-> 6.28ms
-test/samples/rollup.min.js (367 KiB)
-> 3.6ms
-
-Warm Runs, All Samples (average of 25 runs)
-test/samples/*.js (3635 KiB)
-> 27.76ms
-```
-
-### Wasm Build Steps
-
-To build download the WASI SDK from https://github.com/WebAssembly/wasi-sdk/releases.
-
-The Makefile assumes the existence of "wasi-sdk-11.0" and "wabt" (optional) as sibling folders to this project.
-
-The build through the Makefile is then run via `make lib/lexer.wasm`, which can also be triggered via `npm run build-wasm` to create `dist/lexer.js`.
-
-On Windows it may be preferable to use the Linux subsystem.
-
-After the Web Assembly build, the CJS build can be triggered via `npm run build`.
-
-Optimization passes are run with [Binaryen](https://github.com/WebAssembly/binaryen) prior to publish to reduce the Web Assembly footprint.
-
-### License
-
-MIT
-
-[travis-url]: https://travis-ci.org/guybedford/es-module-lexer
-[travis-image]: https://travis-ci.org/guybedford/es-module-lexer.svg?branch=master
+# CJS Module Lexer
+
+[![Build Status][travis-image]][travis-url]
+
+A [very fast](#benchmarks) JS CommonJS module syntax lexer used to detect the most likely list of named exports of a CommonJS module.
+
+Outputs the list of named exports (`exports.name = ...`) and possible module reexports (`module.exports = require('...')`), including the common transpiler variations of these cases.
+
+Forked from https://github.com/guybedford/es-module-lexer.
+
+_Comprehensively handles the JS language grammar while remaining small and fast. - ~90ms per MB of JS cold and ~15ms per MB of JS warm, [see benchmarks](#benchmarks) for more info._
+
+### Project Status
+
+This project is used in Node.js core for detecting the named exports available when importing a CJS module into ESM, and is maintained for this purpose.
+
+PRs will be accepted and upstreamed for parser bugs, performance improvements or new syntax support only.
+
+_Detection patterns for this project are **frozen**_. This is because adding any new export detection patterns would result in fragmented backwards-compatibility. Specifically, it would be very difficult to figure out why an ES module named export for CommonJS might work in newer Node.js versions but not older versions. This problem would only be discovered downstream of module authors, with the fix for module authors being to then have to understand which patterns in this project provide full backwards-compatibily. Rather, by fully freezing the detected patterns, if it works in any Node.js version it will work in any other. Build tools can also reliably treat the supported syntax for this project as a part of their output target for ensuring syntax support.
+
+### Usage
+
+```
+npm install cjs-module-lexer
+```
+
+For use in CommonJS:
+
+```js
+const { parse } = require('cjs-module-lexer');
+
+// `init` return a promise for parity with the ESM API, but you do not have to call it
+
+const { exports, reexports } = parse(`
+  // named exports detection
+  module.exports.a = 'a';
+  (function () {
+    exports.b = 'b';
+  })();
+  Object.defineProperty(exports, 'c', { value: 'c' });
+  /* exports.d = 'not detected'; */
+
+  // reexports detection
+  if (maybe) module.exports = require('./dep1.js');
+  if (another) module.exports = require('./dep2.js');
+
+  // literal exports assignments
+  module.exports = { a, b: c, d, 'e': f }
+
+  // __esModule detection
+  Object.defineProperty(module.exports, '__esModule', { value: true })
+`);
+
+// exports === ['a', 'b', 'c', '__esModule']
+// reexports === ['./dep1.js', './dep2.js']
+```
+
+When using the ESM version, Wasm is supported instead:
+
+```js
+import { parse, init } from 'cjs-module-lexer';
+// init() needs to be called and waited upon, or use initSync() to compile
+// Wasm blockingly and synchronously.
+await init();
+const { exports, reexports } = parse(source);
+```
+
+The Wasm build is around 1.5x faster and without a cold start.
+
+### Grammar
+
+CommonJS exports matches are run against the source token stream.
+
+The token grammar is:
+
+```
+IDENTIFIER: As defined by ECMA-262, without support for identifier `\` escapes, filtered to remove strict reserved words:
+            "implements", "interface", "let", "package", "private", "protected", "public", "static", "yield", "enum"
+
+STRING_LITERAL: A `"` or `'` bounded ECMA-262 string literal.
+
+MODULE_EXPORTS: `module` `.` `exports`
+
+EXPORTS_IDENTIFIER: MODULE_EXPORTS_IDENTIFIER | `exports`
+
+EXPORTS_DOT_ASSIGN: EXPORTS_IDENTIFIER `.` IDENTIFIER `=`
+
+EXPORTS_LITERAL_COMPUTED_ASSIGN: EXPORTS_IDENTIFIER `[` STRING_LITERAL `]` `=`
+
+EXPORTS_LITERAL_PROP: (IDENTIFIER  (`:` IDENTIFIER)?) | (STRING_LITERAL `:` IDENTIFIER)
+
+EXPORTS_SPREAD: `...` (IDENTIFIER | REQUIRE)
+
+EXPORTS_MEMBER: EXPORTS_DOT_ASSIGN | EXPORTS_LITERAL_COMPUTED_ASSIGN
+
+EXPORTS_DEFINE: `Object` `.` `defineProperty `(` EXPORTS_IDENFITIER `,` STRING_LITERAL
+
+EXPORTS_DEFINE_VALUE: EXPORTS_DEFINE `, {`
+  (`enumerable: true,`)?
+  (
+    `value:` |
+    `get` (`: function` IDENTIFIER? )?  `() {` return IDENTIFIER (`.` IDENTIFIER | `[` STRING_LITERAL `]`)? `;`? `}` `,`?
+  )
+  `})`
+
+EXPORTS_LITERAL: MODULE_EXPORTS `=` `{` (EXPORTS_LITERAL_PROP | EXPORTS_SPREAD) `,`)+ `}`
+
+REQUIRE: `require` `(` STRING_LITERAL `)`
+
+EXPORTS_ASSIGN: (`var` | `const` | `let`) IDENTIFIER `=` (`_interopRequireWildcard (`)? REQUIRE
+
+MODULE_EXPORTS_ASSIGN: MODULE_EXPORTS `=` REQUIRE
+
+EXPORT_STAR: (`__export` | `__exportStar`) `(` REQUIRE
+
+EXPORT_STAR_LIB: `Object.keys(` IDENTIFIER$1 `).forEach(function (` IDENTIFIER$2 `) {`
+  (
+    (
+      `if (` IDENTIFIER$2 `===` ( `'default'` | `"default"` ) `||` IDENTIFIER$2 `===` ( '__esModule' | `"__esModule"` ) `) return` `;`?
+      (
+        (`if (Object` `.prototype`? `.hasOwnProperty.call(`  IDENTIFIER `, ` IDENTIFIER$2 `)) return` `;`?)?
+        (`if (` IDENTIFIER$2 `in` EXPORTS_IDENTIFIER `&&` EXPORTS_IDENTIFIER `[` IDENTIFIER$2 `] ===` IDENTIFIER$1 `[` IDENTIFIER$2 `]) return` `;`)?
+      )?
+    ) |
+    `if (` IDENTIFIER$2 `!==` ( `'default'` | `"default"` ) (`&& !` (`Object` `.prototype`? `.hasOwnProperty.call(`  IDENTIFIER `, ` IDENTIFIER$2 `)` | IDENTIFIER `.hasOwnProperty(` IDENTIFIER$2 `)`))? `)`
+  )
+  (
+    EXPORTS_IDENTIFIER `[` IDENTIFIER$2 `] =` IDENTIFIER$1 `[` IDENTIFIER$2 `]` `;`? |
+    `Object.defineProperty(` EXPORTS_IDENTIFIER `, ` IDENTIFIER$2 `, { enumerable: true, get` (`: function` IDENTIFIER? )?  `() { return ` IDENTIFIER$1 `[` IDENTIFIER$2 `]` `;`? `}` `,`? `})` `;`?
+  )
+  `})`
+```
+
+Spacing between tokens is taken to be any ECMA-262 whitespace, ECMA-262 block comment or ECMA-262 line comment.
+
+* The returned export names are taken to be the combination of:
+  1. All `IDENTIFIER` and `STRING_LITERAL` slots for `EXPORTS_MEMBER` and `EXPORTS_LITERAL` matches.
+  2. The first `STRING_LITERAL` slot for all `EXPORTS_DEFINE_VALUE` matches where that same string is not an `EXPORTS_DEFINE` match that is not also an `EXPORTS_DEFINE_VALUE` match.
+* The reexport specifiers are taken to be the combination of:
+  1. The `REQUIRE` matches of the last matched of either `MODULE_EXPORTS_ASSIGN` or `EXPORTS_LITERAL`.
+  2. All _top-level_ `EXPORT_STAR` `REQUIRE` matches and `EXPORTS_ASSIGN` matches whose `IDENTIFIER` also matches the first `IDENTIFIER` in `EXPORT_STAR_LIB`.
+
+### Parsing Examples
+
+#### Named Exports Parsing
+
+The basic matching rules for named exports are `exports.name`, `exports['name']` or `Object.defineProperty(exports, 'name', ...)`. This matching is done without scope analysis and regardless of the expression position:
+
+```js
+// DETECTS EXPORTS: a, b
+(function (exports) {
+  exports.a = 'a'; 
+  exports['b'] = 'b';
+})(exports);
+```
+
+Because there is no scope analysis, the above detection may overclassify:
+
+```js
+// DETECTS EXPORTS: a, b, c
+(function (exports, Object) {
+  exports.a = 'a';
+  exports['b'] = 'b';
+  if (false)
+    exports.c = 'c';
+})(NOT_EXPORTS, NOT_OBJECT);
+```
+
+It will in turn underclassify in cases where the identifiers are renamed:
+
+```js
+// DETECTS: NO EXPORTS
+(function (e) {
+  e.a = 'a';
+  e['b'] = 'b';
+})(exports);
+```
+
+#### Getter Exports Parsing
+
+`Object.defineProperty` is detected for specifically value and getter forms returning an identifier or member expression:
+
+```js
+// DETECTS: a, b, c, d, __esModule
+Object.defineProperty(exports, 'a', {
+  enumerable: true,
+  get: function () {
+    return q.p;
+  }
+});
+Object.defineProperty(exports, 'b', {
+  enumerable: true,
+  get: function () {
+    return q['p'];
+  }
+});
+Object.defineProperty(exports, 'c', {
+  enumerable: true,
+  get () {
+    return b;
+  }
+});
+Object.defineProperty(exports, 'd', { value: 'd' });
+Object.defineProperty(exports, '__esModule', { value: true });
+```
+
+Value properties are also detected specifically:
+
+```js
+Object.defineProperty(exports, 'a', {
+  value: 'no problem'
+});
+```
+
+To avoid matching getters that have side effects, any getter for an export name that does not support the forms above will
+opt-out of the getter matching:
+
+```js
+// DETECTS: NO EXPORTS
+Object.defineProperty(exports, 'a', {
+  get () {
+    return 'nope';
+  }
+});
+
+if (false) {
+  Object.defineProperty(module.exports, 'a', {
+    get () {
+      return dynamic();
+    }
+  })
+}
+```
+
+Alternative object definition structures or getter function bodies are not detected:
+
+```js
+// DETECTS: NO EXPORTS
+Object.defineProperty(exports, 'a', {
+  enumerable: false,
+  get () {
+    return p;
+  }
+});
+Object.defineProperty(exports, 'b', {
+  configurable: true,
+  get () {
+    return p;
+  }
+});
+Object.defineProperty(exports, 'c', {
+  get: () => p
+});
+Object.defineProperty(exports, 'd', {
+  enumerable: true,
+  get: function () {
+    return dynamic();
+  }
+});
+Object.defineProperty(exports, 'e', {
+  enumerable: true,
+  get () {
+    return 'str';
+  }
+});
+```
+
+`Object.defineProperties` is also not supported.
+
+#### Exports Object Assignment
+
+A best-effort is made to detect `module.exports` object assignments, but because this is not a full parser, arbitrary expressions are not handled in the
+object parsing process.
+
+Simple object definitions are supported:
+
+```js
+// DETECTS EXPORTS: a, b, c
+module.exports = {
+  a,
+  'b': b,
+  c: c,
+  ...d
+};
+```
+
+Object properties that are not identifiers or string expressions will bail out of the object detection, while spreads are ignored:
+
+```js
+// DETECTS EXPORTS: a, b
+module.exports = {
+  a,
+  ...d,
+  b: require('c'),
+  c: "not detected since require('c') above bails the object detection"
+}
+```
+
+`Object.defineProperties` is not currently supported either.
+
+#### module.exports reexport assignment
+
+Any `module.exports = require('mod')` assignment is detected as a reexport, but only the last one is returned:
+
+```js
+// DETECTS REEXPORTS: c
+module.exports = require('a');
+(module => module.exports = require('b'))(NOT_MODULE);
+if (false) module.exports = require('c');
+```
+
+This is to avoid over-classification in Webpack bundles with externals which include `module.exports = require('external')` in their source for every external dependency.
+
+In exports object assignment, any spread of `require()` are detected as multiple separate reexports:
+
+```js
+// DETECTS REEXPORTS: a, b
+module.exports = require('ignored');
+module.exports = {
+  ...require('a'),
+  ...require('b')
+};
+```
+
+#### Transpiler Re-exports
+
+For named exports, transpiler output works well with the rules described above.
+
+But for star re-exports, special care is taken to support common patterns of transpiler outputs from Babel and TypeScript as well as bundlers like RollupJS.
+These reexport and star reexport patterns are restricted to only be detected at the top-level as provided by the direct output of these tools.
+
+For example, `export * from 'external'` is output by Babel as:
+
+```js
+"use strict";
+
+exports.__esModule = true;
+
+var _external = require("external");
+
+Object.keys(_external).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  exports[key] = _external[key];
+});
+```
+
+Where the `var _external = require("external")` is specifically detected as well as the `Object.keys(_external)` statement, down to the exact
+for of that entire expression including minor variations of the output. The `_external` and `key` identifiers are carefully matched in this
+detection.
+
+Similarly for TypeScript, `export * from 'external'` is output as:
+
+```js
+"use strict";
+function __export(m) {
+    for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
+}
+Object.defineProperty(exports, "__esModule", { value: true });
+__export(require("external"));
+```
+
+Where the `__export(require("external"))` statement is explicitly detected as a reexport, including variations `tslib.__export` and `__exportStar`.
+
+### Environment Support
+
+Node.js 10+, and [all browsers with Web Assembly support](https://caniuse.com/#feat=wasm).
+
+### JS Grammar Support
+
+* Token state parses all line comments, block comments, strings, template strings, blocks, parens and punctuators.
+* Division operator / regex token ambiguity is handled via backtracking checks against punctuator prefixes, including closing brace or paren backtracking.
+* Always correctly parses valid JS source, but may parse invalid JS source without errors.
+
+### Benchmarks
+
+Benchmarks can be run with `npm run bench`.
+
+Current results:
+
+JS Build:
+
+```
+Module load time
+> 4ms
+Cold Run, All Samples
+test/samples/*.js (3635 KiB)
+> 299ms
+
+Warm Runs (average of 25 runs)
+test/samples/angular.js (1410 KiB)
+> 13.96ms
+test/samples/angular.min.js (303 KiB)
+> 4.72ms
+test/samples/d3.js (553 KiB)
+> 6.76ms
+test/samples/d3.min.js (250 KiB)
+> 4ms
+test/samples/magic-string.js (34 KiB)
+> 0.64ms
+test/samples/magic-string.min.js (20 KiB)
+> 0ms
+test/samples/rollup.js (698 KiB)
+> 8.48ms
+test/samples/rollup.min.js (367 KiB)
+> 5.36ms
+
+Warm Runs, All Samples (average of 25 runs)
+test/samples/*.js (3635 KiB)
+> 40.28ms
+```
+
+Wasm Build:
+```
+Module load time
+> 10ms
+Cold Run, All Samples
+test/samples/*.js (3635 KiB)
+> 43ms
+
+Warm Runs (average of 25 runs)
+test/samples/angular.js (1410 KiB)
+> 9.32ms
+test/samples/angular.min.js (303 KiB)
+> 3.16ms
+test/samples/d3.js (553 KiB)
+> 5ms
+test/samples/d3.min.js (250 KiB)
+> 2.32ms
+test/samples/magic-string.js (34 KiB)
+> 0.16ms
+test/samples/magic-string.min.js (20 KiB)
+> 0ms
+test/samples/rollup.js (698 KiB)
+> 6.28ms
+test/samples/rollup.min.js (367 KiB)
+> 3.6ms
+
+Warm Runs, All Samples (average of 25 runs)
+test/samples/*.js (3635 KiB)
+> 27.76ms
+```
+
+### Wasm Build Steps
+
+The build uses docker and make, they must be installed first.
+
+To build the lexer wasm run `npm run build-wasm`.
+
+Optimization passes are run with [Binaryen](https://github.com/WebAssembly/binaryen)
+prior to publish to reduce the Web Assembly footprint.
+
+After building the lexer wasm, build the final distribution components
+(lexer.js and lexer.mjs) by running `npm run build`.
+
+If you need to build lib/lexer.wat (optional) you must first install
+[wabt](https://github.com/WebAssembly/wabt) as a sibling folder to this
+project. The wat file is then build by running `make lib/lexer.wat`
+
+### License
+
+MIT
+
+[travis-url]: https://travis-ci.org/guybedford/es-module-lexer
+[travis-image]: https://travis-ci.org/guybedford/es-module-lexer.svg?branch=master
diff --git a/deps/cjs-module-lexer/dist/lexer-external.js b/deps/cjs-module-lexer/dist/lexer-external.js
deleted file mode 100644
index 1e5f49de6221c1..00000000000000
--- a/deps/cjs-module-lexer/dist/lexer-external.js
+++ /dev/null
@@ -1,91 +0,0 @@
-"use strict";
-
-exports.init = init;
-exports.parse = parse;
-let wasm;
-const isLE = new Uint8Array(new Uint16Array([1]).buffer)[0] === 1;
-function parse(source, name = '@') {
-  if (!wasm) throw new Error('Not initialized');
-  const len = source.length + 1;
-
-  // need 2 bytes per code point plus analysis space so we double again
-  const extraMem = (wasm.__heap_base.value || wasm.__heap_base) + len * 4 - wasm.memory.buffer.byteLength;
-  if (extraMem > 0) wasm.memory.grow(Math.ceil(extraMem / 65536));
-  const addr = wasm.sa(len);
-  (isLE ? copyLE : copyBE)(source, new Uint16Array(wasm.memory.buffer, addr, len));
-  const err_code = wasm.parseCJS(addr, source.length, 0, 0, 0);
-  if (err_code) {
-    const err = new Error(`Parse error ${name}${wasm.e()}:${source.slice(0, wasm.e()).split('\n').length}:${wasm.e() - source.lastIndexOf('\n', wasm.e() - 1)}`);
-    Object.assign(err, {
-      idx: wasm.e()
-    });
-    if (err_code === 5 || err_code === 6 || err_code === 7) Object.assign(err, {
-      code: 'ERR_LEXER_ESM_SYNTAX'
-    });
-    throw err;
-  }
-  let exports = new Set(),
-    reexports = new Set(),
-    unsafeGetters = new Set();
-  while (wasm.rre()) {
-    const reexptStr = decode(source.slice(wasm.res(), wasm.ree()));
-    if (reexptStr) reexports.add(reexptStr);
-  }
-  while (wasm.ru()) unsafeGetters.add(decode(source.slice(wasm.us(), wasm.ue())));
-  while (wasm.re()) {
-    let exptStr = decode(source.slice(wasm.es(), wasm.ee()));
-    if (exptStr !== undefined && !unsafeGetters.has(exptStr)) exports.add(exptStr);
-  }
-  return {
-    exports: [...exports],
-    reexports: [...reexports]
-  };
-}
-function decode(str) {
-  if (str[0] === '"' || str[0] === '\'') {
-    try {
-      const decoded = (0, eval)(str);
-      // Filter to exclude non-matching UTF-16 surrogate strings
-      for (let i = 0; i < decoded.length; i++) {
-        const surrogatePrefix = decoded.charCodeAt(i) & 0xFC00;
-        if (surrogatePrefix < 0xD800) {
-          // Not a surrogate
-          continue;
-        } else if (surrogatePrefix === 0xD800) {
-          // Validate surrogate pair
-          if ((decoded.charCodeAt(++i) & 0xFC00) !== 0xDC00) return;
-        } else {
-          // Out-of-range surrogate code (above 0xD800)
-          return;
-        }
-      }
-      return decoded;
-    } catch {}
-  } else {
-    return str;
-  }
-}
-function copyBE(src, outBuf16) {
-  const len = src.length;
-  let i = 0;
-  while (i < len) {
-    const ch = src.charCodeAt(i);
-    outBuf16[i++] = (ch & 0xff) << 8 | ch >>> 8;
-  }
-}
-function copyLE(src, outBuf16) {
-  const len = src.length;
-  let i = 0;
-  while (i < len) outBuf16[i] = src.charCodeAt(i++);
-}
-let initPromise;
-function init() {
-  if (initPromise) return initPromise;
-  return initPromise = (async () => {
-    const compiled = await WebAssembly.compile((await import('node:fs')).readFileSync(new URL(import.meta.resolve('../lib/lexer.wasm'))));
-    const {
-      exports
-    } = await WebAssembly.instantiate(compiled);
-    wasm = exports;
-  })();
-}
\ No newline at end of file
diff --git a/deps/cjs-module-lexer/dist/lexer.js b/deps/cjs-module-lexer/dist/lexer.js
index 7c9b7124ae224d..d59aaf1bc47851 100644
--- a/deps/cjs-module-lexer/dist/lexer.js
+++ b/deps/cjs-module-lexer/dist/lexer.js
@@ -1 +1 @@
-"use strict";exports.init=init;exports.initSync=initSync;exports.parse=parse;let A;const Q=1===new Uint8Array(new Uint16Array([1]).buffer)[0];function parse(g,I="@"){if(!A)throw new Error("Not initialized");const D=g.length+1,N=(A.__heap_base.value||A.__heap_base)+4*D-A.memory.buffer.byteLength;N>0&&A.memory.grow(Math.ceil(N/65536));const k=A.sa(D);(Q?C:E)(g,new Uint16Array(A.memory.buffer,k,D));const w=A.parseCJS(k,g.length,0,0,0);if(w){const Q=new Error(`Parse error ${I}${A.e()}:${g.slice(0,A.e()).split("\n").length}:${A.e()-g.lastIndexOf("\n",A.e()-1)}`);throw Object.assign(Q,{idx:A.e()}),5!==w&&6!==w&&7!==w||Object.assign(Q,{code:"ERR_LEXER_ESM_SYNTAX"}),Q}let H=new Set,J=new Set,o=new Set;for(;A.rre();){const Q=B(g.slice(A.res(),A.ree()));Q&&J.add(Q)}for(;A.ru();)o.add(B(g.slice(A.us(),A.ue())));for(;A.re();){let Q=B(g.slice(A.es(),A.ee()));void 0===Q||o.has(Q)||H.add(Q)}return{exports:[...H],reexports:[...J]}}function B(A){if('"'!==A[0]&&"'"!==A[0])return A;try{const Q=(0,eval)(A);for(let A=0;A<Q.length;A++){const B=64512&Q.charCodeAt(A);if(!(B<55296)){if(55296!==B)return;if(56320!=(64512&Q.charCodeAt(++A)))return}}return Q}catch{}}function E(A,Q){const B=A.length;let E=0;for(;E<B;){const B=A.charCodeAt(E);Q[E++]=(255&B)<<8|B>>>8}}function C(A,Q){const B=A.length;let E=0;for(;E<B;)Q[E]=A.charCodeAt(E++)}function g(){const A="AGFzbQEAAAABrAERYAJ/fwBgAABgAX8Bf2AAAX9gBn9/f39/fwF/YAF/AGAXf39/f39/f39/f39/f39/f39/f39/f38Bf2AIf39/f39/f38Bf2AHf39/f39/fwF/YAN/f38Bf2AFf39/f38Bf2AOf39/f39/f39/f39/f38Bf2AKf39/f39/f39/fwF/YAt/f39/f39/f39/fwF/YAJ/fwF/YAR/f39/AX9gCX9/f39/f39/fwF/A0NCAgMDAwMDAwMDAwMAAAABBAICBQQBBgcBBQEFBQUBAQICAgIBAQIIAwICAgkKAgELAgwNDgQPCA4HAgICAhACAgMJBAUBcAEFBQUDAQABBg8CfwFB0JgCC38AQdCYAgsHXA4GbWVtb3J5AgACc2EAAAFlAAECZXMAAgJlZQADA3JlcwAEA3JlZQAFAnVzAAYCdWUABwJyZQAIA3JyZQAJAnJ1AAoIcGFyc2VDSlMADwtfX2hlYXBfYmFzZQMBCQoBAEEBCwQLDA0OCt2fAUJ4AQF/QQAoApgfIgEgAEEBdGoiAEEAOwEAQQAgAEECaiIANgLkH0EAIAA2AugfQQBBADYCwB9BAEEANgLIH0EAQQA2AsQfQQBBADYCzB9BAEEANgLUH0EAQQA2AtAfQQBBADYC2B9BAEEANgLgH0EAQQA2AtwfIAELCABBACgC7B8LFQBBACgCxB8oAgBBACgCmB9rQQF1CxUAQQAoAsQfKAIEQQAoApgfa0EBdQsVAEEAKALQHygCAEEAKAKYH2tBAXULFQBBACgC0B8oAgRBACgCmB9rQQF1CxUAQQAoAtwfKAIAQQAoApgfa0EBdQsVAEEAKALcHygCBEEAKAKYH2tBAXULJQEBf0EAQQAoAsQfIgBBCGpBwB8gABsoAgAiADYCxB8gAEEARwslAQF/QQBBACgC0B8iAEEIakHMHyAAGygCACIANgLQHyAAQQBHCyUBAX9BAEEAKALcHyIAQQhqQdgfIAAbKAIAIgA2AtwfIABBAEcLSAEBf0EAKALIHyICQQhqQcAfIAIbQQAoAugfIgI2AgBBACACNgLIH0EAIAJBDGo2AugfIAJBADYCCCACIAE2AgQgAiAANgIAC0gBAX9BACgC1B8iAkEIakHMHyACG0EAKALoHyICNgIAQQAgAjYC1B9BACACQQxqNgLoHyACQQA2AgggAiABNgIEIAIgADYCAAtIAQF/QQAoAuAfIgJBCGpB2B8gAhtBACgC6B8iAjYCAEEAIAI2AuAfQQAgAkEMajYC6B8gAkEANgIIIAIgATYCBCACIAA2AgALEgBBAEEANgLMH0EAQQA2AtQfC50PAEEAIAE2AoBAQQAgADYCmB8CQCACRQ0AQQAgAjYCnB8LAkAgA0UNAEEAIAM2AqAfCwJAIARFDQBBACAENgKkHwtBAEH//wM7AYhAQQBBoMAANgKgYEEAQbDgADYCsKABQQBBgCA2ArSgAUEAQQAoAqwfNgKMQEEAIABBfmoiAjYCvKABQQAgAiABQQF0aiIDNgLAoAFBAEEAOwGGQEEAQQA7AYRAQQBBADoAkEBBAEEANgLsH0EAQQA2AvAfQQBBADoAuKABAkACQCAALwEAQSNHDQAgAC8BAkEhRw0AQQAhAiABQQJGDQFBACAAQQJqNgK8oAEgAEEEaiEAAkADQCAAIgJBfmogA08NASACQQJqIQAgAi8BAEF2ag4EAQAAAQALC0EAIAI2ArygAQsDQEEAIAJBAmoiADYCvKABAkACQAJAAkACQAJAIAIgA08NAAJAIAAvAQAiAUF3aiIDQRdLDQBBASADdEGfgIAEcQ0GCwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkBBAC8BhkAiAw0AAkACQAJAIAFBoX9qDg8CEBUVBhUFFRUVARUVFQQACwJAIAFBWWoOCQ4ICRUVFRUVDwALAkAgAUGFf2oOAwsVDAALIAFBIkYNDSABQc8ARg0GIAFB8gBHDRQCQEEAEBBFDQAgABARRQ0AIAIQEgtBAEEAKAK8oAE2AoxADBULAkAgAkEEakHtAEHwAEHvAEHyAEH0ABATRQ0AIAAQEUUNABAUQQAoArygASEAC0EAIAA2AoxADBQLAkACQCACQQRqIgNB6QBB7gBB9ABB5QBB8gBB7wBB8ABB0gBB5QBB8QBB9QBB6QBB8gBB5QBB1wBB6QBB7ABB5ABB4wBB4QBB8gBB5AAQFUUNAAJAIAAQEQ0AIAIvAQBBLkcNAQtBACACQTBqNgK8oAEgAi8BMEEoRw0BQQAgAkEyajYCvKABQQBBATsBhkBBACgCsKABQQAoAoxANgIAQQAQEEUNASAAEBFFDQEgAhASDAELIANB3wBB5QBB+ABB8ABB7wBB8gBB9AAQFkUNAAJAIAAQEQ0AIAIvAQBBLkcNAQtBACACQRJqNgK8oAECQCACLwESIgNB0wBHDQAgAi8BFEH0AEcNASACLwEWQeEARw0BIAIvARhB8gBHDQFBACACQRpqNgK8oAEgAi8BGiEDCyADQf//A3FBKEcNAEEAKAKwoAFBACgCjEA2AgBBAEEBOwGGQEEAQQAoArygASICQQJqNgK8oAEgAi8BAkHyAEcNAEECEBAaC0EAQQAoArygATYCjEAMEwsCQCABQVlqDgkLBQcSEhISEgwACwJAIAFBoH9qDgYNEhIDEgIACwJAIAFBhX9qDgMIEgoACyABQSJGDQogAUHPAEYNAyABQe0ARw0RCyACQQRqQe8AQeQAQfUAQewAQeUAEBNFDRAgABARRQ0QEBcMEAsgAkEEakH4AEHwAEHvAEHyAEH0ABATRQ0PIAAQEUUNDwJAIAIvAQ5B8wBHDQBBABAYDBALIAMNDxAZDA8LIAAQEUUNDiACLwEEQewARw0OIAIvAQZB4QBHDQ4gAi8BCEHzAEcNDiACLwEKQfMARw0OIAIvAQwiA0F3aiICQRdLDQxBASACdEGfgIAEcUUNDAwNCyACQQRqQeIAQeoAQeUAQeMAQfQAEBNFDQ0gABARRQ0NIANFEBoMDQtBACADQQFqOwGGQEEAKAKwoAEgA0ECdGpBACgCjEA2AgAMDAtBCBAbQQAoAvAfDwtBACADQX9qOwGGQAwKCyADQdCgAWpBAC0AuKABOgAAQQAgA0EBajsBhkBBACgCsKABIANBAnRqQQAoAoxANgIAQQBBADoAuKABDAkLQQIQG0EADwtBACADQX9qIgA7AYZAAkAgA0EALwGIQCICRw0AQQBBAC8BhEBBf2oiAjsBhEBBAEEAKAKgYCACQf//A3FBAXRqLwEAOwGIQAwFCyACQf//A0YNByAAQf//A3EgAk8NB0EDEBtBACgC8B8PCyABEBwMBgsCQAJAIAIvAQQiAkEqRg0AIAJBL0cNARAdDAgLEB4MBwsCQAJAAkACQEEAKAKMQCIALwEAIgIQH0UNAAJAAkACQCACQVVqDgQBBQIABQsgAEF+ai8BAEFQakH//wNxQQpJDQMMBAsgAEF+ai8BAEErRg0CDAMLIABBfmovAQBBLUYNAQwCCwJAAkAgAkH9AEYNACACQS9GDQEgAkEpRw0CQQAoArCgASADQQJ0aigCABAgRQ0CDAMLQQAoArCgASADQQJ0aigCABAhDQIgA0HQoAFqLQAARQ0BDAILQQAtAJBADQELIAAQIiEDIAJFDQBBASECIANFDQELECNBACECC0EAIAI6AJBADAULQQAvAYhAQf7/A0cNAUEEEBtBACgC8B8PC0EAIQICQAJAQQAvAYhAQf//A0YNAEEAKALwHyEDDAELQQAoAvAfIQNBAC8BhkANACADRQ0HCyADIQIMBgsQJAwCCyADQaABRw0BC0EAQQE6ALigAQtBAEEAKAK8oAE2AoxAC0EAKALAoAEhA0EAKAK8oAEhAgwACwsgAgvuAQEEf0EAIQECQEEAKAK8oAEiAkECakHlAEHxAEH1AEHpAEHyAEHlABAmRQ0AQQAhAUEAIAJBDmo2ArygAQJAECdBKEcNAEEAQQAoArygAUECajYCvKABECchA0EAKAK8oAEhBAJAIANBJ0YNACADQSJHDQELIAMQHEEAQQAoArygAUECaiIDNgK8oAEQJ0EpRw0AAkACQAJAIABBf2oOAgEAAgsgBCADQQAoAqAfEQAAQQEPCyAEIANBACgCoB8RAABBAQ8LQQAoArSgASAENgIAQQAoArSgASADNgIEQQEPC0EAIAI2ArygAQsgAQsdAAJAQQAoApgfIABHDQBBAQ8LIABBfmovAQAQJQv1AgEEf0EAKAKYHyEBAkADQCAAQX5qIQIgAC8BACIDQSBHDQEgACABSyEEIAIhACAEDQALCwJAIANBPUcNAAJAA0AgAkF+aiEAIAIvAQBBIEcNASACIAFLIQQgACECIAQNAAsLIABBAmohAiAAQQRqIQNBACEEAkADQCACECghACACIAFNDQEgAEUNASAAQdwARg0CIAAQKUUNASACQX5BfCAAQYCABEkbaiECIAAQKiEEDAALCyAEQQFxRQ0AIAIvAQBBIEcNAEEAKAK0oAEiBEEAKAKwH0YNACAEIAM2AgwgBCACQQJqNgIIIAJBfmohAEEgIQICQANAIABBAmogAU0NASACQf//A3FBIEcNASAALwEAIQIgAEF+aiEADAALCwJAAkACQCACQf//A3FBjn9qDgMAAwEDCyAAQfYAQeEAECsNAQwCCyAAQewAQeUAECsNACAAQeMAQe8AQe4AQfMAECxFDQELQQAgBEEQajYCtKABCws/AQF/QQAhBgJAIAAvAQAgAUcNACAALwECIAJHDQAgAC8BBCADRw0AIAAvAQYgBEcNACAALwEIIAVGIQYLIAYLowEBA39BAEEAKAK8oAEiAEEMaiIBNgK8oAECQAJAAkACQAJAAkACQBAnIgJBWWoOCAIDAQIBAQEEAAsgAkEiRg0BIAJB+wBGDQELQQAoArygASABRg0EC0EALwGGQEUNAkEAQQAoArygAUF+ajYCvKABDwtBAEEALwGGQCICQQFqOwGGQEEAKAKwoAEgAkECdGogADYCAA8LQQUQGw8LQQYQGwsL6QEBAX9BACEXAkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZHDQAgAC8BDCAHRw0AIAAvAQ4gCEcNACAALwEQIAlHDQAgAC8BEiAKRw0AIAAvARQgC0cNACAALwEWIAxHDQAgAC8BGCANRw0AIAAvARogDkcNACAALwEcIA9HDQAgAC8BHiAQRw0AIAAvASAgEUcNACAALwEiIBJHDQAgAC8BJCATRw0AIAAvASYgFEcNACAALwEoIBVHDQAgAC8BKiAWRiEXCyAXC1MBAX9BACEIAkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZHDQAgAC8BDCAHRiEICyAIC2wBAX9BAEEAKAK8oAEiAEEMajYCvKABAkAQJ0EuRw0AQQBBACgCvKABQQJqNgK8oAEQJ0HlAEcNAEEAKAK8oAFBAmpB+ABB8ABB7wBB8gBB9ABB8wAQJkUNAEEBEBgPC0EAIABBCmo2ArygAQu2AgECf0EAQQAoArygASIBQQ5qNgK8oAECQAJAAkAQJyICQdsARg0AIAJBPUYNASACQS5HDQJBAEEAKAK8oAFBAmo2ArygARAnIQJBACgCvKABIQAgAhAtRQ0CQQAoArygASECECdBPUcNAiAAIAJBACgCnB8RAAAPC0EAQQAoArygAUECajYCvKABAkAQJyICQSdGDQAgAkEiRw0CC0EAKAK8oAEhACACEBxBAEEAKAK8oAFBAmoiAjYCvKABECdB3QBHDQFBAEEAKAK8oAFBAmo2ArygARAnQT1HDQEgACACQQAoApwfEQAADAELIABFDQBBACgCqB8RAQBBAEEAKAK8oAFBAmo2ArygAQJAECciAkHyAEYNACACQfsARw0BEC4PC0EBEBAaC0EAIAFBDGo2ArygAQs4AQJ/QQBBACgCvKABQQxqIgA2ArygARAnIQECQAJAQQAoArygASAARw0AIAEQP0UNAQtBBxAbCwukJgEIf0EAQQAoArygASIBQQxqNgK8oAEgAUEKaiEBAkAQJ0EuRw0AQQBBACgCvKABQQJqNgK8oAECQAJAECciAkHkAEcNAEEAKAK8oAEiAEECakHlAEHmAEHpAEHuAEHlAEHQAEHyAEHvAEHwAEHlAEHyAEH0AEH5ABAvRQ0CQQAgAEEcajYCvKABIABBGmohARAnQShHDQJBAEEAKAK8oAFBAmo2ArygARAnEDBFDQIQJ0EsRw0CQQBBACgCvKABQQJqNgK8oAECQBAnIgBBJ0YNACAAQSJHDQMLQQAoArygASECIAAQHEEAQQAoArygAUECaiIANgK8oAEQJ0EsRw0BQQBBACgCvKABQQJqNgK8oAEQJ0H7AEcNAUEAQQAoArygAUECajYCvKABAkAQJyIDQeUARw0AQQAoArygASIDQQJqQe4AQfUAQe0AQeUAQfIAQeEAQeIAQewAQeUAEDFFDQJBACADQRRqNgK8oAEQJ0E6Rw0CQQBBACgCvKABQQJqNgK8oAEQJ0H0AEcNAkEAKAK8oAEiAy8BAkHyAEcNAiADLwEEQfUARw0CIAMvAQZB5QBHDQJBACADQQhqNgK8oAEQJ0EsRw0CQQBBACgCvKABQQJqNgK8oAEQJyEDCwJAIANB5wBGDQAgA0H2AEcNAkEAKAK8oAEiAy8BAkHhAEcNAiADLwEEQewARw0CIAMvAQZB9QBHDQIgAy8BCEHlAEcNAkEAIANBCmo2ArygARAnQTpHDQIgAiAAQQAoApwfEQAAQQAgATYCvKABDwtBACgCvKABIgMvAQJB5QBHDQEgAy8BBEH0AEcNAUEAIANBBmo2ArygAQJAECciA0E6Rw0AQQBBACgCvKABQQJqNgK8oAEQJ0HmAEcNAkEAKAK8oAEiA0ECakH1AEHuAEHjAEH0AEHpAEHvAEHuABAWRQ0CQQAgA0EQaiIDNgK8oAECQBAnIgRBKEYNACADQQAoArygAUYNAyAEEC1FDQMLECchAwsgA0EoRw0BQQBBACgCvKABQQJqNgK8oAEQJ0EpRw0BQQBBACgCvKABQQJqNgK8oAEQJ0H7AEcNAUEAQQAoArygAUECajYCvKABECdB8gBHDQFBACgCvKABIgNBAmpB5QBB9ABB9QBB8gBB7gAQE0UNAUEAIANBDGo2ArygARAnEC1FDQECQAJAAkAQJyIDQdsARg0AIANBLkcNAkEAQQAoArygAUECajYCvKABECcQLQ0BDAQLQQBBACgCvKABQQJqNgK8oAECQBAnIgNBJ0YNACADQSJHDQQLIAMQHEEAQQAoArygAUECajYCvKABECdB3QBHDQNBAEEAKAK8oAFBAmo2ArygAQsQJyEDCwJAIANBO0cNAEEAQQAoArygAUECajYCvKABECchAwsgA0H9AEcNAUEAQQAoArygAUECajYCvKABAkAQJyIDQSxHDQBBAEEAKAK8oAFBAmo2ArygARAnIQMLIANB/QBHDQFBAEEAKAK8oAFBAmo2ArygARAnQSlHDQEgAiAAQQAoApwfEQAADwsgAkHrAEcNASAARQ0BQQAoArygASIALwECQeUARw0BIAAvAQRB+QBHDQEgAC8BBkHzAEcNASAAQQZqIQFBACAAQQhqNgK8oAEQJ0EoRw0BQQBBACgCvKABQQJqNgK8oAEQJyEAQQAoArygASECIAAQLUUNAUEAKAK8oAEhABAnQSlHDQFBAEEAKAK8oAEiAUECajYCvKABECdBLkcNAUEAQQAoArygAUECajYCvKABECdB5gBHDQFBACgCvKABIgNBAmpB7wBB8gBBxQBB4QBB4wBB6AAQJkUNAUEAIANBDmo2ArygARAnIQNBACgCvKABIgRBfmohASADQShHDQFBACAEQQJqNgK8oAEQJ0HmAEcNAUEAKAK8oAEiA0ECakH1AEHuAEHjAEH0AEHpAEHvAEHuABAWRQ0BQQAgA0EQajYCvKABECdBKEcNAUEAQQAoArygAUECajYCvKABECchA0EAKAK8oAEhBCADEC1FDQFBACgCvKABIQMQJ0EpRw0BQQBBACgCvKABQQJqNgK8oAEQJ0H7AEcNAUEAQQAoArygAUECajYCvKABECdB6QBHDQFBACgCvKABIgUvAQJB5gBHDQFBACAFQQRqNgK8oAEQJ0EoRw0BQQBBACgCvKABQQJqNgK8oAEQJxpBACgCvKABIgUgBCADIARrIgMQQQ0BIAAgAmsiBkEBdSEHQQAgBSADQQF1IghBAXRqNgK8oAECQAJAAkAQJyIAQSFGDQAgAEE9Rw0EQQAoArygASIALwECQT1HDQQgAC8BBEE9Rw0EQQAgAEEGajYCvKABAkAQJyIAQSdGDQAgAEEiRw0FC0EAKAK8oAEiBUECakHkAEHlAEHmAEHhAEH1AEHsAEH0ABAWRQ0EQQAgBUEQajYCvKABECcgAEcNBEEAQQAoArygAUECajYCvKABECdB/ABHDQRBACgCvKABIgAvAQJB/ABHDQRBACAAQQRqNgK8oAEQJxpBACgCvKABIgAgBCADEEENBEEAIAAgCEEBdGo2ArygARAnQT1HDQRBACgCvKABIgAvAQJBPUcNBCAALwEEQT1HDQRBACAAQQZqNgK8oAECQBAnIgBBJ0YNACAAQSJHDQULQQAoArygASIFQQJqQd8AQd8AQeUAQfMAQc0AQe8AQeQAQfUAQewAQeUAEDJFDQRBACAFQRZqNgK8oAEQJyAARw0EQQBBACgCvKABQQJqNgK8oAEQJ0EpRw0EQQBBACgCvKABQQJqNgK8oAEQJ0HyAEcNBEEAKAK8oAEiAEECakHlAEH0AEH1AEHyAEHuABATRQ0EQQAgAEEMajYCvKABAkAQJ0E7Rw0AQQBBACgCvKABQQJqNgK8oAELECciAEHpAEcNAkHpACEAQQAoArygASIFLwECQeYARw0CQQAgBUEEajYCvKABECdBKEcNBEEAQQAoArygAUECaiIANgK8oAECQCAEIAgQM0UNABAnQSlHDQVBAEEAKAK8oAFBAmo2ArygARAnQfIARw0FQQAoArygASIAQQJqQeUAQfQAQfUAQfIAQe4AEBNFDQVBACAAQQxqNgK8oAECQBAnQTtHDQBBAEEAKAK8oAFBAmo2ArygAQsQJyIAQekARw0DQekAIQBBACgCvKABIgUvAQJB5gBHDQNBACAFQQRqNgK8oAEQJ0EoRw0FQQAoArygAUECaiEAC0EAIAA2ArygASAAIAQgAxBBDQRBACAAIAhBAXRqNgK8oAEQJ0HpAEcNBEEAKAK8oAEiAC8BAkHuAEcNBCAALwEEQSBHDQRBACAAQQZqNgK8oAEQJxAwRQ0EECdBJkcNBEEAKAK8oAEiAC8BAkEmRw0EQQAgAEEEajYCvKABECcQMEUNBBAnQdsARw0EQQBBACgCvKABQQJqNgK8oAEQJxpBACgCvKABIgAgBCADEEENBEEAIAAgCEEBdGo2ArygARAnQd0ARw0EQQBBACgCvKABQQJqNgK8oAEQJ0E9Rw0EQQAoArygASIALwECQT1HDQQgAC8BBEE9Rw0EQQAgAEEGajYCvKABECcaQQAoArygASIAIAIgBhBBDQRBACAAIAdBAXRqNgK8oAEQJ0HbAEcNBEEAQQAoArygAUECajYCvKABECcaQQAoArygASIAIAQgAxBBDQRBACAAIAhBAXRqNgK8oAEQJ0HdAEcNBEEAQQAoArygAUECajYCvKABECdBKUcNBEEAQQAoArygAUECajYCvKABECdB8gBHDQRBACgCvKABIgBBAmpB5QBB9ABB9QBB8gBB7gAQE0UNBEEAIABBDGo2ArygARAnQTtHDQFBAEEAKAK8oAFBAmo2ArygAQwBC0EAKAK8oAEiAC8BAkE9Rw0DIAAvAQRBPUcNA0EAIABBBmo2ArygAQJAECciAEEnRg0AIABBIkcNBAtBACgCvKABIgVBAmpB5ABB5QBB5gBB4QBB9QBB7ABB9AAQFkUNA0EAIAVBEGo2ArygARAnIABHDQNBAEEAKAK8oAFBAmo2ArygAQJAECciAEEmRw0AQQAoArygASIALwECQSZHDQRBACAAQQRqNgK8oAEQJ0EhRw0EQQBBACgCvKABQQJqNgK8oAECQAJAECciAEHPAEcNAEEAKAK8oAFBAmpB4gBB6gBB5QBB4wBB9ABBLhAmRQ0AIAQgCBAzRQ0GDAELIAAQLUUNABAnQS5HDQVBAEEAKAK8oAFBAmo2ArygARAnQegARw0FQQAoArygASIAQQJqQeEAQfMAQc8AQfcAQe4AQdAAQfIAQe8AQfAAQeUAQfIAQfQAQfkAEC9FDQVBACAAQRxqNgK8oAEQJ0EoRw0FQQBBACgCvKABQQJqNgK8oAEQJxpBACgCvKABIgAgBCADEEENBUEAIAAgCEEBdGo2ArygARAnQSlHDQVBAEEAKAK8oAFBAmo2ArygAQsQJyEACyAAQSlHDQNBAEEAKAK8oAFBAmo2ArygAQsQJyEACwJAAkACQCAAEDBFDQAQJ0HbAEcNBEEAQQAoArygAUECajYCvKABECcaQQAoArygASIAIAQgAxBBDQRBACAAIAhBAXRqNgK8oAEQJ0HdAEcNBEEAQQAoArygAUECajYCvKABECdBPUcNBEEAQQAoArygAUECajYCvKABECcaQQAoArygASIAIAIgBhBBDQRBACAAIAdBAXRqNgK8oAEQJ0HbAEcNBEEAQQAoArygAUECajYCvKABECcaQQAoArygASIAIAQgAxBBDQRBACAAIAhBAXRqNgK8oAEQJ0HdAEcNBEEAQQAoArygAUECajYCvKABECciAEE7Rw0CQQBBACgCvKABQQJqNgK8oAEMAQsgAEHPAEcNA0EAKAK8oAEiAEECakHiAEHqAEHlAEHjAEH0ABATRQ0DQQAgAEEMajYCvKABECdBLkcNA0EAQQAoArygAUECajYCvKABECdB5ABHDQNBACgCvKABIgBBAmpB5QBB5gBB6QBB7gBB5QBB0ABB8gBB7wBB8ABB5QBB8gBB9ABB+QAQL0UNA0EAIABBHGo2ArygARAnQShHDQNBAEEAKAK8oAFBAmo2ArygARAnEDBFDQMQJ0EsRw0DQQBBACgCvKABQQJqNgK8oAEQJxpBACgCvKABIgAgBCADEEENA0EAIAAgCEEBdGo2ArygARAnQSxHDQNBAEEAKAK8oAFBAmo2ArygARAnQfsARw0DQQBBACgCvKABQQJqNgK8oAEQJ0HlAEcNA0EAKAK8oAEiAEECakHuAEH1AEHtAEHlAEHyAEHhAEHiAEHsAEHlABAxRQ0DQQAgAEEUajYCvKABECdBOkcNA0EAQQAoArygAUECajYCvKABECchBUEAKAK8oAEhAAJAIAVB9ABGDQAgAC8BAkHyAEcNBCAALwEEQfUARw0EIAAvAQZB5QBHDQQLQQAgAEEIajYCvKABECdBLEcNA0EAQQAoArygAUECajYCvKABECdB5wBHDQNBACgCvKABIgAvAQJB5QBHDQMgAC8BBEH0AEcNA0EAIABBBmo2ArygAQJAECciAEE6Rw0AQQBBACgCvKABQQJqNgK8oAEQJ0HmAEcNBEEAKAK8oAEiAEECakH1AEHuAEHjAEH0AEHpAEHvAEHuABAWRQ0EQQAgAEEQaiIANgK8oAECQBAnIgVBKEYNACAAQQAoArygAUYNBSAFEC1FDQULECchAAsgAEEoRw0DQQBBACgCvKABQQJqNgK8oAEQJ0EpRw0DQQBBACgCvKABQQJqNgK8oAEQJ0H7AEcNA0EAQQAoArygAUECajYCvKABECdB8gBHDQNBACgCvKABIgBBAmpB5QBB9ABB9QBB8gBB7gAQE0UNA0EAIABBDGo2ArygARAnGkEAKAK8oAEiACACIAYQQQ0DQQAgACAHQQF0ajYCvKABECdB2wBHDQNBAEEAKAK8oAFBAmo2ArygARAnGkEAKAK8oAEiACAEIAMQQQ0DQQAgACAIQQF0ajYCvKABECdB3QBHDQNBAEEAKAK8oAFBAmo2ArygAQJAECciAEE7Rw0AQQBBACgCvKABQQJqNgK8oAEQJyEACyAAQf0ARw0DQQBBACgCvKABQQJqNgK8oAECQBAnIgBBLEcNAEEAQQAoArygAUECajYCvKABECchAAsgAEH9AEcNA0EAQQAoArygAUECajYCvKABECdBKUcNA0EAQQAoArygAUECajYCvKABECciAEE7Rw0BQQBBACgCvKABQQJqNgK8oAELECchAAsgAEH9AEcNAUEAQQAoArygAUECajYCvKABECdBKUcNAUEAKAK0oAEhBEGAICEAA0ACQAJAIAQgAEYNACAHIABBDGooAgAgAEEIaigCACIDa0EBdUcNASACIAMgBhBBDQEgACgCACAAQQRqKAIAQQAoAqAfEQAAQQAgATYCvKABCw8LIABBEGohAAwACwsgAiAAQQAoAqQfEQAAC0EAIAE2ArygAQtBAAJAQQAoAvAfDQBBACAANgLwHwtBACgCvKABIQBBAEEAKALAoAFBAmo2ArygAUEAIABBACgCmB9rQQF1NgLsHwuOAQEEf0EAKAK8oAEhAUEAKALAoAEhAgJAAkADQCABIgNBAmohASADIAJPDQEgAS8BACIEIABGDQICQCAEQdwARg0AIARBdmoOBAIBAQIBCyADQQRqIQEgAy8BBEENRw0AIANBBmogASADLwEGQQpGGyEBDAALC0EAIAE2ArygAUEJEBsPC0EAIAE2ArygAQtKAQN/QQAoArygAUECaiEAQQAoAsCgASEBAkADQCAAIgJBfmogAU8NASACQQJqIQAgAi8BAEF2ag4EAQAAAQALC0EAIAI2ArygAQt8AQJ/QQBBACgCvKABIgBBAmo2ArygASAAQQZqIQBBACgCwKABIQEDQAJAAkACQCAAQXxqIAFPDQAgAEF+ai8BAEEqRw0CIAAvAQBBL0cNAkEAIABBfmo2ArygAQwBCyAAQX5qIQALQQAgADYCvKABDwsgAEECaiEADAALC2wBAX8CQAJAIABBX2oiAUEFSw0AQQEgAXRBMXENAQsgAEFGakH//wNxQQZJDQAgAEEpRyAAQVhqQf//A3FBB0lxDQACQCAAQaV/ag4EAQAAAQALIABB/QBHIABBhX9qQf//A3FBBElxDwtBAQs9AQF/QQEhAQJAIABB9wBB6ABB6QBB7ABB5QAQNA0AIABB5gBB7wBB8gAQNQ0AIABB6QBB5gAQKyEBCyABC5sBAQJ/QQEhAQJAAkACQAJAAkACQCAALwEAIgJBRWoOBAUEBAEACwJAIAJBm39qDgQDBAQCAAsgAkEpRg0EIAJB+QBHDQMgAEF+akHmAEHpAEHuAEHhAEHsAEHsABA2DwsgAEF+ai8BAEE9Rg8LIABBfmpB4wBB4QBB9ABB4wAQLA8LIABBfmpB5QBB7ABB8wAQNQ8LQQAhAQsgAQvSAwECf0EAIQECQAJAAkACQAJAAkACQAJAAkAgAC8BAEGcf2oOFAABAggICAgICAgDBAgIBQgGCAgHCAsCQAJAIABBfmovAQBBl39qDgQACQkBCQsgAEF8akH2AEHvABArDwsgAEF8akH5AEHpAEHlABA1DwsCQAJAIABBfmovAQBBjX9qDgIAAQgLAkAgAEF8ai8BACICQeEARg0AIAJB7ABHDQggAEF6akHlABA3DwsgAEF6akHjABA3DwsgAEF8akHkAEHlAEHsAEHlABAsDwsgAEF+ai8BAEHvAEcNBSAAQXxqLwEAQeUARw0FAkAgAEF6ai8BACICQfAARg0AIAJB4wBHDQYgAEF4akHpAEHuAEHzAEH0AEHhAEHuABA2DwsgAEF4akH0AEH5ABArDwtBASEBIABBfmoiAEHpABA3DQQgAEHyAEHlAEH0AEH1AEHyABA0DwsgAEF+akHkABA3DwsgAEF+akHkAEHlAEHiAEH1AEHnAEHnAEHlABA4DwsgAEF+akHhAEH3AEHhAEHpABAsDwsCQCAAQX5qLwEAIgJB7wBGDQAgAkHlAEcNASAAQXxqQe4AEDcPCyAAQXxqQfQAQegAQfIAEDUhAQsgAQt2AQJ/AkACQANAQQBBACgCvKABIgBBAmoiATYCvKABIABBACgCwKABTw0BAkACQAJAIAEvAQAiAUGlf2oOAgECAAsCQCABQXZqDgQEAwMEAAsgAUEvRw0CDAQLEEAaDAELQQAgAEEEajYCvKABDAALC0ELEBsLC8YBAQR/QQAoArygASEAQQAoAsCgASEBAkACQANAIAAiAkECaiEAIAIgAU8NAQJAAkAgAC8BACIDQaR/ag4FAQICAgQACyADQSRHDQEgAi8BBEH7AEcNAUEAQQAvAYRAIgBBAWo7AYRAQQAoAqBgIABBAXRqQQAvAYhAOwEAQQAgAkEEajYCvKABQQBBAC8BhkBBAWoiADsBiEBBACAAOwGGQA8LIAJBBGohAAwACwtBACAANgK8oAFBCBAbDwtBACAANgK8oAELNAEBf0EBIQECQCAAQXdqQf//A3FBBUkNACAAQYABckGgAUYNACAAQS5HIAAQP3EhAQsgAQtJAQF/QQAhBwJAIAAvAQAgAUcNACAALwECIAJHDQAgAC8BBCADRw0AIAAvAQYgBEcNACAALwEIIAVHDQAgAC8BCiAGRiEHCyAHC3oBA39BACgCvKABIQACQANAAkAgAC8BACIBQXdqQQVJDQAgAUEgRg0AIAFBoAFGDQAgAUEvRw0CAkAgAC8BAiIAQSpGDQAgAEEvRw0DEB0MAQsQHgtBAEEAKAK8oAEiAkECaiIANgK8oAEgAkEAKALAoAFJDQALCyABCzkBAX8CQCAALwEAIgFBgPgDcUGAuANHDQAgAEF+ai8BAEH/B3FBCnQgAUH/B3FyQYCABGohAQsgAQt9AQF/AkAgAEEvSw0AIABBJEYPCwJAIABBOkkNAEEAIQECQCAAQcEASQ0AIABB2wBJDQECQCAAQeAASw0AIABB3wBGDwsgAEH7AEkNAQJAIABB//8DSw0AIABBqgFJDQEgABA5DwtBASEBIAAQOg0AIAAQOyEBCyABDwtBAQtjAQF/AkAgAEHAAEsNACAAQSRGDwtBASEBAkAgAEHbAEkNAAJAIABB4ABLDQAgAEHfAEYPCyAAQfsASQ0AAkAgAEH//wNLDQBBACEBIABBqgFJDQEgABA8DwsgABA6IQELIAELTAEDf0EAIQMCQCAAQX5qIgRBACgCmB8iBUkNACAELwEAIAFHDQAgAC8BACACRw0AAkAgBCAFRw0AQQEPCyAAQXxqLwEAECUhAwsgAwtmAQN/QQAhBQJAIABBemoiBkEAKAKYHyIHSQ0AIAYvAQAgAUcNACAAQXxqLwEAIAJHDQAgAEF+ai8BACADRw0AIAAvAQAgBEcNAAJAIAYgB0cNAEEBDwsgAEF4ai8BABAlIQULIAULhQEBAn8gABA+IgAQKiEBAkACQCAAQdwARg0AQQAhAiABRQ0BC0EAKAK8oAFBAkEEIABBgIAESRtqIQACQANAQQAgADYCvKABIAAvAQAQPiIBRQ0BAkAgARApRQ0AIABBAkEEIAFBgIAESRtqIQAMAQsLQQAhAiABQdwARg0BC0EBIQILIAIL2gMBBH9BACgCvKABIgBBfmohAQNAQQAgAEECajYCvKABAkACQAJAIABBACgCwKABTw0AECchAEEAKAK8oAEhAgJAAkAgABAtRQ0AQQAoArygASEDAkACQBAnIgBBOkcNAEEAQQAoArygAUECajYCvKABECcQLUUNAUEAKAK8oAEvAQAhAAsgAiADQQAoApwfEQAADAILQQAgATYCvKABDwsCQAJAIABBIkYNACAAQS5GDQEgAEEnRw0EC0EAKAK8oAEhAiAAEBxBAEEAKAK8oAFBAmoiAzYCvKABECciAEE6Rw0BQQBBACgCvKABQQJqNgK8oAECQBAnEC1FDQBBACgCvKABLwEAIQAgAiADQQAoApwfEQAADAILQQAgATYCvKABDwtBACgCvKABIgAvAQJBLkcNAiAALwEEQS5HDQJBACAAQQZqNgK8oAECQAJAAkAgAC8BBiIAQfIARw0AQQEQECEAQQAoArygASECIAANASACLwEAIQALIABB//8DcRAtDQFBACABNgK8oAEPC0EAIAJBAmo2ArygAQsQJyEACyAAQf//A3EiAEEsRg0CIABB/QBGDQBBACABNgK8oAELDwtBACABNgK8oAEPC0EAKAK8oAEhAAwACwuPAQEBf0EAIQ4CQCAALwEAIAFHDQAgAC8BAiACRw0AIAAvAQQgA0cNACAALwEGIARHDQAgAC8BCCAFRw0AIAAvAQogBkcNACAALwEMIAdHDQAgAC8BDiAIRw0AIAAvARAgCUcNACAALwESIApHDQAgAC8BFCALRw0AIAAvARYgDEcNACAALwEYIA1GIQ4LIA4LqAEBAn9BACEBQQAoArygASECAkACQCAAQe0ARw0AIAJBAmpB7wBB5ABB9QBB7ABB5QAQE0UNAUEAIAJBDGo2ArygAQJAECdBLkYNAEEAIQEMAgtBAEEAKAK8oAFBAmo2ArygARAnIQALIABB5QBHDQBBACgCvKABIgBBDmogAiAAQQJqQfgAQfAAQe8AQfIAQfQAQfMAECYiARshAgtBACACNgK8oAEgAQtnAQF/QQAhCgJAIAAvAQAgAUcNACAALwECIAJHDQAgAC8BBCADRw0AIAAvAQYgBEcNACAALwEIIAVHDQAgAC8BCiAGRw0AIAAvAQwgB0cNACAALwEOIAhHDQAgAC8BECAJRiEKCyAKC3EBAX9BACELAkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZHDQAgAC8BDCAHRw0AIAAvAQ4gCEcNACAALwEQIAlHDQAgAC8BEiAKRiELCyALC4MEAQJ/QQAhAgJAECdBzwBHDQBBACECQQAoArygASIDQQJqQeIAQeoAQeUAQeMAQfQAEBNFDQBBACECQQAgA0EMajYCvKABECdBLkcNAEEAQQAoArygAUECajYCvKABAkAQJyIDQfAARw0AQQAhAkEAKAK8oAEiA0ECakHyAEHvAEH0AEHvAEH0AEH5AEHwAEHlABA9RQ0BQQAhAkEAIANBEmo2ArygARAnQS5HDQFBAEEAKAK8oAFBAmo2ArygARAnIQMLQQAhAiADQegARw0AQQAhAkEAKAK8oAEiA0ECakHhAEHzAEHPAEH3AEHuAEHQAEHyAEHvAEHwAEHlAEHyAEH0AEH5ABAvRQ0AQQAhAkEAIANBHGo2ArygARAnQS5HDQBBACECQQBBACgCvKABQQJqNgK8oAEQJ0HjAEcNAEEAIQJBACgCvKABIgMvAQJB4QBHDQAgAy8BBEHsAEcNACADLwEGQewARw0AQQAhAkEAIANBCGo2ArygARAnQShHDQBBACECQQBBACgCvKABQQJqNgK8oAEQJxAtRQ0AECdBLEcNAEEAIQJBAEEAKAK8oAFBAmo2ArygARAnGkEAKAK8oAEiAyAAIAFBAXQiARBBDQBBACECQQAgAyABajYCvKABECdBKUcNAEEAQQAoArygAUECajYCvKABQQEhAgsgAgtJAQN/QQAhBgJAIABBeGoiB0EAKAKYHyIISQ0AIAcgASACIAMgBCAFEBNFDQACQCAHIAhHDQBBAQ8LIABBdmovAQAQJSEGCyAGC1kBA39BACEEAkAgAEF8aiIFQQAoApgfIgZJDQAgBS8BACABRw0AIABBfmovAQAgAkcNACAALwEAIANHDQACQCAFIAZHDQBBAQ8LIABBemovAQAQJSEECyAEC0sBA39BACEHAkAgAEF2aiIIQQAoApgfIglJDQAgCCABIAIgAyAEIAUgBhAmRQ0AAkAgCCAJRw0AQQEPCyAAQXRqLwEAECUhBwsgBws9AQJ/QQAhAgJAQQAoApgfIgMgAEsNACAALwEAIAFHDQACQCADIABHDQBBAQ8LIABBfmovAQAQJSECCyACC00BA39BACEIAkAgAEF0aiIJQQAoApgfIgpJDQAgCSABIAIgAyAEIAUgBiAHEBZFDQACQCAJIApHDQBBAQ8LIABBcmovAQAQJSEICyAIC64SAQN/AkAgABA8DQAgAEH0v39qQQJJDQAgAEG3AUYNACAAQYB6akHwAEkNACAAQf12akEFSQ0AIABBhwdGDQAgAEHvdGpBLUkNAAJAIABBwXRqIgFBCEsNAEEBIAF0Qe0CcQ0BCyAAQfBzakELSQ0AIABBtXNqQR9JDQACQCAAQapyaiIBQRJLDQBBASABdEH//BlxDQELIABB8AxGDQAgAEGWcmpBBEkNACAAQcBwakEKSQ0AIABB2nBqQQtJDQAgAEHQcWpBG0kNACAAQZEORg0AIABBkHJqQQpJDQAgAEHCbWpBEkkNACAAQcZtakEDSQ0AIABBnW5qQSFJDQAgAEGtbmpBD0kNACAAQadvakEDSQ0AIABB129qQQVJDQAgAEHbb2pBA0kNACAAQeVvakEJSQ0AIABB6m9qQQRJDQAgAEH9D0YNACAAQZVwakEJSQ0AAkAgAEGvbWoiAUESSw0AQQEgAXRB/4AYcQ0BCyAAQZptakEKSQ0AAkACQCAAQcRsag4oAgECAgICAgICAQECAgEBAgICAQEBAQEBAQEBAgEBAQEBAQEBAQECAgALIABB/2xqQQNJDQELIABB/hNGDQAgAEGabGpBCkkNAAJAIABBxGtqIgFBFUsNAEEBIAF0Qf2wjgFxDQELIABB/2tqQQNJDQAgAEH1FEYNACAAQZprakEMSQ0AAkACQCAAQcRqag4oAgECAgICAgICAgECAgIBAgICAQEBAQEBAQEBAQEBAQEBAQEBAQECAgALIABB/2pqQQNJDQELIABBmmpqQQpJDQAgAEGGampBBkkNAAJAAkAgAEHEaWoOKAIBAgICAgICAgEBAgIBAQICAgEBAQEBAQEBAgIBAQEBAQEBAQEBAgIACyAAQf9pakEDSQ0BCyAAQZppakEKSQ0AAkAgAEHCaGoiAUEZSw0AQQEgAXRBn+6DEHENAQsgAEGCF0YNACAAQZpoakEKSQ0AAkACQCAAQcJnag4mAgICAgICAgECAgIBAgICAgEBAQEBAQECAgEBAQEBAQEBAQEBAgIACyAAQYBoakEFSQ0BCyAAQZpnakEKSQ0AAkACQCAAQcRmag4oAgECAgICAgICAQICAgECAgICAQEBAQEBAQICAQEBAQEBAQEBAQECAgALIABB/2ZqQQNJDQELIABBmmZqQQpJDQAgAEF8cSIBQYAaRg0AAkAgAEHFZWoOKQEBAAEBAQEBAQEAAQEBAAEBAQEAAAAAAAAAAAABAAAAAAAAAAAAAAEBAAsgAEGaZWpBCkkNAAJAIABBtmRqIgJBDEsNAEEBIAJ0QeEvcQ0BCyAAQf5kakECSQ0AIABBeHFB2BtGDQAgAEGaZGpBCkkNAAJAIABBz2NqIgJBHUsNAEEBIAJ0QfmHgP4DcQ0BCyAAQY5kakECSQ0AIABBsR1GDQAgAEGwY2pBCkkNAAJAIABBzGJqIgJBCEsNACACQQZHDQELIABBuGJqQQZJDQAgAEHgYWpBCkkNACAAQX5xIgJBmB5GDQAgAEGwYmpBCkkNAAJAIABBy2FqIgNBCksNAEEBIAN0QZUMcQ0BCyAAQfNgakELSQ0AIAJBhh9GDQAgAEGPYWpBFEkNACAAQe5RakEDSQ0AIABBl1lqQQlJDQAgAEGjWWpBA0kNACAAQfFeakEPSQ0AIABB/l5qQQxJDQAgAEGPX2pBBEkNACAAQZlfakEHSQ0AIABBnl9qQQNJDQAgAEGiX2pBA0kNACAAQapfakEESQ0AIABBwF9qQQpJDQAgAEHVX2pBFEkNACAAQcYfRg0AIABB52BqQSRJDQAgAEHOUWpBA0kNACAAQa5RakECSQ0AIABBjlFqQQJJDQAgAEH1T2pBA0kNACAAQaBQakEKSQ0AIABB3S9GDQAgAEHMUGpBIEkNACAAQbBGakEDSQ0AIABBsEdqQQpJDQAgAEHAR2pBCkkNACAAQdxHakEUSQ0AIABBmkhqQQ5JDQAgAEHQSGpBCkkNACAAQd9IakENSQ0AIABBgElqQQNJDQAgAEGVSWpBCUkNACAAQbBJakEKSQ0AIABBzElqQRFJDQAgAEGASmpBBUkNACAAQdBKakEOSQ0AIABB8EpqQQpJDQAgAEGBS2pBC0kNACAAQaBLakEdSQ0AIABBq0tqQQpJDQAgAEHpS2pBBUkNACAAQbBMakELSQ0AIABBuk1qQQpJDQAgAEHQTWpBDEkNACAAQeBNakEMSQ0AIABBqTFGDQAgAEHwT2pBCkkNACAAQcBEakE6SQ0AIABBiUZqQQNJDQAgAEGORmpBA0kNACAAQe05Rg0AIABBrEZqQRVJDQAgAEGFRGpBBUkNAAJAIABBwb9/aiICQRVLDQBBASACdEGDgIABcQ0BCyAAQZu+f2pBDEkNACAAQeHBAEYNACAAQbC+f2pBDUkNACAAQZGmf2pBA0kNACAAQf/aAEYNACAAQWBxQeDbAEYNACAAQdaff2pBBkkNACAAQeeef2pBAkkNACAAQYyzfWpBCkkNACAAQe/MAkYNACAAQeCzfWpBCkkNAAJAIABB9a99aiICQRxLDQBBASACdEGBgID4AXENAQsgAEHisn1qQQJJDQAgAEGQsn1qQQJJDQACQAJAIABB/q99ag4FAgEBAQIACyAAQYCvfWpBAkkNAQsgAEHNrH1qQQ5JDQAgAUGA0wJGDQAgAEG5rX1qQQ1JDQAgAEHarX1qQQhJDQAgAEGBrn1qQQtJDQAgAEGgrn1qQRJJDQAgAEHMrn1qQRJJDQAgAEGwrn1qQQpJDQAgAEHXq31qQQ5JDQAgAEHl0wJGDQAgAEFfcUGwrH1qQQpJDQACQCAAQb2rfWoiAUEKSw0AQQEgAXRBgQxxDQELIABBsKt9akEKSQ0AAkAgAEGdqH1qIgFBCksNACABQQhHDQELAkAgAEHQqn1qIgFBEUsNAEEBIAF0QZ2DC3ENAQsCQCAAQZWqfWoiAUELSw0AQQEgAXRBnxhxDQELIABBhat9akEDSQ0AIABBcHEiAUGA/ANGDQAgAEGe9gNGDQAgAEGQqH1qQQpJDQAgAEG//gNGIABB8IF8akEKSSAAQbODfGpBA0kgAEHNg3xqQQJJIAFBoPwDRnJycnIPC0EBC1wBBH9BgIAEIQFBkAghAkF+IQMCQANAQQAhBCADQQJqIgNB5wNLDQEgAigCACABaiIBIABLDQEgAkEEaiEEIAJBCGohAiAEKAIAIAFqIgEgAEkNAAtBASEECyAEC1wBBH9BgIAEIQFBsBchAkF+IQMCQANAQQAhBCADQQJqIgNB+QFLDQEgAigCACABaiIBIABLDQEgAkEEaiEEIAJBCGohAiAEKAIAIAFqIgEgAEkNAAtBASEECyAEC8YfAQZ/AkACQAJAAkACQAJAIABB1n5qIgFBEEsNAEEBIAF0QYGQBHENAQsgAEG6empBDEkNACAAQYh+akHKA0kNACAAQcB+akEXSQ0AIABBqH5qQR9JDQACQCAAQZB5aiIBQRxLDQBBASABdEHf+YK6AXENAQsCQCAAQaB6aiIBQQ5LDQBBASABdEGfoAFxDQELIABB9nZqQaYBSQ0AIABBiXhqQYsBSQ0AIABB8nhqQRRJDQAgAEHdeGpB0wBJDQAgAEGRdGpBBEkNACAAQbB0akEbSQ0AIABBoHVqQSlJDQAgAEHZCkYNACAAQc91akEmSQ0AIABBj3NqQeMASQ0AIABBfnEiAkHuDEYNACAAQeBzakErSQ0AAkAgAEGrcmoiAUE8Tw0AQoGAjLCAnIGACCABrYhCAYNQRQ0BCyAAQe5xakEeSQ0AIABBtnBqQSFJDQAgAEGxD0YNACAAQbNxakHZAEkNAAJAIABBjHBqIgFBBksNAEEBIAF0QcMAcQ0BCyAAQYBwakEWSQ0AQQEhAQJAAkAgAEHcb2oOBQUBAQEFAAsgAEGaEEYNAQsgAEH8bWpBNkkNACAAQcpuakEISQ0AIABB4G5qQRVJDQAgAEHAb2pBGUkNACAAQaBvakELSQ0AIABBvRJGDQAgAEHQEkYNACAAQahtakEKSQ0AIABBj21qQRBJDQACQCAAQftsaiIDQQxPDQBBASEBQf8ZIANB//8DcXZBAXENBAsgAEHtbGpBFkkNAAJAIABBhGxqIgFBFEsNAEEBIAF0QYH84QBxDQELIABB1mxqQQdJDQACQCAAQc5saiIBQRxLDQBBASABdEHxkYCAAXENAQsCQCAAQaRsaiIBQRVLDQBBASABdEG7gMABcQ0BCyAAQe1rakEWSQ0AAkAgAEHWa2oiAUE1Tw0AQv+2g4CAgOALIAGtiEIBg1BFDQELIABB7WpqQRZJDQAgAEHxampBA0kNACAAQY5rakEDSQ0AIABB+2pqQQlJDQBBASEBAkACQCAAQdZqag4nBQUFBQUFBQEFBQEFBQUFBQEBAQUBAQEBAQEBAQEBAQEBAQEBAQEFAAsCQCAAQYdqaiIBQRdLDQBBASABdEGB4L8GcQ0CCyAAQaBqakECSQ0BCyAAQe1pakEWSQ0AQQEhAQJAAkAgAEGPaWoONAUBAQEBAQEBAQEBAQEBAQEBAQUBBQUFBQUFAQEBBQUFAQUFBQUBAQEFBQEFAQUFAQEBBQUACwJAIABB1mlqIgFBE0sNAEEBIAF0Qf/2I3ENAgsgAEGkaWoiAUEFSw0AIAFBAkcNAQsgAEHYaGpBA0kNACAAQe5nakEXSQ0AIABB8mdqQQNJDQAgAEH7Z2pBCEkNACAAQdAXRg0AIABB0mhqQQxJDQAgAEG9GEYNACAAQdZnakEQSQ0AAkAgAEGoZ2oiAUEpTw0AQoeGgICAICABrYhCAYNQRQ0BCyAAQdZmakEKSQ0AIABB7mZqQRdJDQAgAEH7ZmpBCEkNACAAQfJmakEDSQ0AAkAgAEH7ZWoiAUELSw0AIAFBCEcNAQsCQCAAQctmaiIBQQhLDQBBASABdEGfAnENAQsCQCAAQaJmaiIBQRRLDQBBASABdEGNgOAAcQ0BCyAAQe5lakEpSQ0AIABBvRpGDQAgAEHOGkYNACAAQc1kakEJSQ0AIABB5mRqQRhJDQAgAEH7ZGpBEkkNACAAQYZlakEGSQ0AIABBrGVqQQNJDQAgAEGhZWpBA0kNAAJAIABBw2RqIgNBCk8NAEEBIQFB+QcgA0H//wNxdkEBcQ0ECyACQbIcRg0AIABB/2NqQTBJDQAgAEHAY2pBB0kNAAJAIABB/2JqIgFBDEsNAEEBIAF0QcslcQ0BCyAAQXxxIgNBlB1GDQAgAEHnYmpBB0kNAAJAIABB32JqIgFBJk8NAELX7JuA+QUgAa2IQgGDUEUNAQsgAEGAYGpBK0kNACAAQfhgakEFSQ0AIABBt2FqQSRJDQAgAEF4cSIEQcAeRg0AIABBgB5GDQAgA0HcHUYNAAJAIABBwV9qIgFBKE8NAEKBgPjDxxggAa2IQgGDUEUNAQsgAEGSX2pBA0kNACAAQeBeakEmSQ0AIABBjiFGDQAgAEGLX2pBDUkNACAAQcchRg0AIABBzSFGDQAgAEG2W2pBBEkNACAAQbBeakErSQ0AIABBhF5qQc0CSQ0AAkAgAEGwW2oiBUEJTw0AQQEhAUH/AiAFQf//A3F2QQFxDQQLIABBzlpqQQRJDQAgAEHwWmpBIUkNACAAQfZaakEESQ0AIABBpltqQQRJDQAgAEGgW2pBKUkNAAJAIABByFpqIgVBCU8NAEEBIQFB/wIgBUH//wNxdkEBcQ0ECyAAQYBRakE0SQ0AIABBklFqQQNJDQAgAEGgUWpBDUkNACAAQcBRakESSQ0AIABB4FFqQRJJDQAgAEHyUWpBBEkNACAAQYBSakENSQ0AIABBklJqQQtJDQAgAEHgUmpBywBJDQAgAEH/UmpBGkkNACAAQZFTakERSQ0AIABB/1dqQewESQ0AIABBiFhqQQZJDQAgAEHgWGpB1gBJDQAgAEFwcSIFQYAnRg0AIABB6FlqQcMASQ0AIABB7llqQQRJDQAgAEGoWmpBOUkNACAAQb5aakEESQ0AIABBuFpqQQ9JDQAgAEHXL0YNACAAQdwvRg0AIABB4E9qQdkASQ0AIABBgExqQRdJDQAgAEHQTGpBGkkNACAAQYBNakEsSQ0AIABBkE1qQQVJDQAgAEGwTWpBHkkNACAAQYBOakEfSQ0AIABB0E5qQcYASQ0AIABBqjFGDQQgAEGAT2pBKUkNBCAAQbtJakEHSQ0EIABB+0lqQS9JDQQgAEGnNUYNBCAAQeBLakE1SQ0EIABBl0ZqQQRJDQQgAEHDRmpBA0kNBCAAQfBGakErSQ0EIABBgEdqQQlJDQQgAEGmR2pBJEkNBCAAQbNHakEDSQ0EIABBgEhqQSRJDQQgAEHGSGpBLEkNBCACQa43Rg0EIABB/UhqQR5JDQQgAEGSRmoiBkEJSQ0BDAILQQEhAQwCC0EBIQFBjwMgBkH//wNxdkEBcQ0BCyAEQdA+Rg0BIABBuEFqQQZJDQEgAEHgQWpBJkkNASAAQehBakEGSQ0BIABBgEZqQcABSQ0BIABBgERqQZYCSQ0BAkAgAEGnQWoiAUEESw0AQQEgAXRBFXENAgsgAEGhQWpBH0kNASAAQYBBakE1SQ0BAkAgAEHKQGoiBEEJTw0AQQEhAUH/AiAEQf//A3F2QQFxDQELIABBjkBqQQNJDQEgAEGgQGpBDUkNASAAQapAakEGSQ0BIANB0D9GDQEgAEG+QGpBA0kNASAAQbpAakEHSQ0BIABBikBqQQdJDQEgAEHxwABGDQEgAEH/wABGDQEgAEHwvn9qQQ1JDQEgAEGCwgBGDQEgAEGHwgBGDQEgAEGVwgBGDQEgAEH2vX9qQQpJDQECQCAAQei9f2oiBEERTw0AQQEhAUG/oAUgBHZBAXENAQsgAEHWvX9qQRBJDQEgA0G8wgBGDQECQCAAQbu9f2oiBEEKTw0AQQEhAUGfBCAEQf//A3F2QQFxDQELIABBoKd/akGFAUkNASAAQdCnf2pBL0kNASAAQaC9f2pBKUkNASAAQYCof2pBL0kNAQJAIABBlaZ/aiIEQQlPDQBBASEBQY8DIARB//8DcXZBAXENAQsgAEGApn9qQSZJDQEgAEGn2gBGDQEgAEGt2gBGDQEgAEGAtn1qQY0CSQ0BIABBsLZ9akEuSQ0BIABBgMB9akGNCUkNASAAQYDkfmpB8KMBSQ0BIABBgJh/akG2M0kNASAFQfDjAEYNASAAQeCcf2pBG0kNASAAQc+df2pB3gBJDQEgAEH7nX9qQStJDQEgA0H84QBGDQEgAEHfnn9qQdoASQ0BIABB5Z5/akEFSQ0BIABBv59/akHWAEkNASAAQciff2pBBUkNASAAQc+ff2pBBUkNASAAQd+ff2pBCUkNASAAQfuff2pBA0kNASAAQaikf2pBB0kNASAAQbCkf2pBB0kNASAAQbikf2pBB0kNASAAQcCkf2pBB0kNASAAQcikf2pBB0kNASAAQdCkf2pBB0kNASAAQdikf2pBB0kNASAAQeCkf2pBB0kNASAAQYClf2pBF0kNASAAQe/aAEYNASAAQdClf2pBOEkNASAAQf6ufWpBMkkNASAAQcCvfWpBNEkNASAAQfSvfWpBF0kNASAAQfmvfWpBBEkNASAAQf2vfWpBA0kNASAAQYmwfWpBC0kNASAAQfWwfWpBL0kNASAAQd6xfWpB5wBJDQEgAEHpsX1qQQlJDQEgAEHgsn1qQdAASQ0BIABBgbN9akEfSQ0BIABBwLN9akEvSQ0BIAJBqswCRg0BIAVBkMwCRg0BAkAgAEGOrn1qIgJBDU8NAEEBIQFBvzQgAkH//wNxdkEBcQ0BCyAAQaCtfWpBHUkNASAAQfatfWpBHEkNASAAQdCtfWpBF0kNASAAQbyrfWpBCEkNASAAQcCrfWpBA0kNASAAQYCsfWpBKUkNASAAQYasfWpBBUkNASAAQZqsfWpBCkkNASAAQaCsfWpBBUkNASAAQc/TAkYNASAAQfysfWpBL0kNASAAQYKrfWpBMkkNASAAQfrUAkYNASAAQaCrfWpBF0kNAQJAIABBz6p9aiICQRJPDQBBASEBQbG+CiACdkEBcQ0BCyAAQYCKfGpBB0kNASAAQZCLfGpB6gBJDQEgAEGAjnxqQe4CSQ0BIABBtdB8akExSQ0BIABB0NB8akEXSQ0BIABBgKh9akGk1wBJDQEgAEGQqX1qQfMASQ0BIABBpKl9akEKSQ0BIABB0Kl9akErSQ0BIABB2Kl9akEHSQ0BIABB4Kl9akEHSQ0BIABB76l9akEGSQ0BIABBd3FB/6l9akEGSQ0BIABBjqp9akEDSQ0BIABBpap9akEDSQ0BIABBoKp9akELSQ0BAkAgAEHtiXxqIgJBC08NAEEBIQFBnwggAkH//wNxdkEBcQ0BCyAAQeGJfGpBCkkNASAAQdaJfGpBDUkNAQJAIABByIl8aiICQQ1PDQBBASEBQd82IAJB//8DcXZBAXENAQsgAEGugHxqQQZJDQEgAEG2gHxqQQZJDQEgAEG+gHxqQQZJDQEgAEGagXxqQdkASQ0BIABBv4F8akEaSQ0BIABB34F8akEaSQ0BIABBioN8akGHAUkNASAAQZCDfGpBBUkNASAAQZCEfGpBDEkNASAAQe6EfGpBNkkNASAAQbCFfGpBwABJDQEgAEG6iXxqQewASQ0BQQEhASAAQa2IfGpB6wJJDQAgAEGmgHxqQQNJDwsgAQ8LQQELXQEBf0EAIQkCQCAALwEAIAFHDQAgAC8BAiACRw0AIAAvAQQgA0cNACAALwEGIARHDQAgAC8BCCAFRw0AIAAvAQogBkcNACAALwEMIAdHDQAgAC8BDiAIRiEJCyAJCzUAAkAgAEGA+ANxQYCwA0cNACAAQQp0QYD4P3FBACgCvKABLwECQf8HcXJBgIAEaiEACyAAC2gBAn9BASEBAkACQCAAQV9qIgJBBUsNAEEBIAJ0QTFxDQELIABB+P8DcUEoRg0AIABBRmpB//8DcUEGSQ0AAkAgAEGlf2oiAkEDSw0AIAJBAUcNAQsgAEGFf2pB//8DcUEESSEBCyABC3gBBH9BACgCvKABIQBBACgCwKABIQECQAJAA0AgAEECaiECIAAgAU8NAQJAAkAgAi8BACIDQaR/ag4CAQQACyACIQAgA0F2ag4EAgEBAgELIABBBGohAAwACwtBACACNgK8oAFBChAbQQAPC0EAIAI2ArygAUHdAAtJAQN/QQAhAwJAIAJFDQACQANAIAAtAAAiBCABLQAAIgVHDQEgAUEBaiEBIABBAWohACACQX9qIgINAAwCCwsgBCAFayEDCyADCwvCFwIAQYAIC5gXAAAAAAAAAAAAAAAAAAAAAAAAAAALAAAAAgAAABkAAAACAAAAEgAAAAIAAAABAAAAAgAAAA4AAAADAAAADQAAACMAAAB6AAAARgAAADQAAAAMAQAAHAAAAAQAAAAwAAAAMAAAAB8AAAAOAAAAHQAAAAYAAAAlAAAACwAAAB0AAAADAAAAIwAAAAUAAAAHAAAAAgAAAAQAAAArAAAAnQAAABMAAAAjAAAABQAAACMAAAAFAAAAJwAAAAkAAAAzAAAAnQAAADYBAAAKAAAAFQAAAAsAAAAHAAAAmQAAAAUAAAADAAAAAAAAAAIAAAArAAAAAgAAAAEAAAAEAAAAAAAAAAMAAAAWAAAACwAAABYAAAAKAAAAHgAAAEIAAAASAAAAAgAAAAEAAAALAAAAFQAAAAsAAAAZAAAARwAAADcAAAAHAAAAAQAAAEEAAAAAAAAAEAAAAAMAAAACAAAAAgAAAAIAAAAcAAAAKwAAABwAAAAEAAAAHAAAACQAAAAHAAAAAgAAABsAAAAcAAAANQAAAAsAAAAVAAAACwAAABIAAAAOAAAAEQAAAG8AAABIAAAAOAAAADIAAAAOAAAAMgAAAA4AAAAjAAAAXQEAACkAAAAHAAAAAQAAAE8AAAAcAAAACwAAAAAAAAAJAAAAFQAAAGsAAAAUAAAAHAAAABYAAAANAAAANAAAAEwAAAAsAAAAIQAAABgAAAAbAAAAIwAAAB4AAAAAAAAAAwAAAAAAAAAJAAAAIgAAAAQAAAAAAAAADQAAAC8AAAAPAAAAAwAAABYAAAAAAAAAAgAAAAAAAAAkAAAAEQAAAAIAAAAYAAAAVQAAAAYAAAACAAAAAAAAAAIAAAADAAAAAgAAAA4AAAACAAAACQAAAAgAAAAuAAAAJwAAAAcAAAADAAAAAQAAAAMAAAAVAAAAAgAAAAYAAAACAAAAAQAAAAIAAAAEAAAABAAAAAAAAAATAAAAAAAAAA0AAAAEAAAAnwAAADQAAAATAAAAAwAAABUAAAACAAAAHwAAAC8AAAAVAAAAAQAAAAIAAAAAAAAAuQAAAC4AAAAqAAAAAwAAACUAAAAvAAAAFQAAAAAAAAA8AAAAKgAAAA4AAAAAAAAASAAAABoAAADmAAAAKwAAAHUAAAA/AAAAIAAAAAcAAAADAAAAAAAAAAMAAAAHAAAAAgAAAAEAAAACAAAAFwAAABAAAAAAAAAAAgAAAAAAAABfAAAABwAAAAMAAAAmAAAAEQAAAAAAAAACAAAAAAAAAB0AAAAAAAAACwAAACcAAAAIAAAAAAAAABYAAAAAAAAADAAAAC0AAAAUAAAAAAAAACMAAAA4AAAACAEAAAgAAAACAAAAJAAAABIAAAAAAAAAMgAAAB0AAABxAAAABgAAAAIAAAABAAAAAgAAACUAAAAWAAAAAAAAABoAAAAFAAAAAgAAAAEAAAACAAAAHwAAAA8AAAAAAAAASAEAABIAAAC+AAAAAAAAAFAAAACZAwAAZwAAAG4AAAASAAAAwwAAAL0KAAAuBAAA0g8AAEYCAAC6IQAAOAIAAAgAAAAeAAAAcgAAAB0AAAATAAAALwAAABEAAAADAAAAIAAAABQAAAAGAAAAEgAAALECAAA/AAAAgQAAAEoAAAAGAAAAAAAAAEMAAAAMAAAAQQAAAAEAAAACAAAAAAAAAB0AAAD3FwAACQAAANUEAAArAAAACAAAAPgiAAAeAQAAMgAAAAIAAAASAAAAAwAAAAkAAACLAQAABQkAAGoAAAAGAAAADAAAAAQAAAAIAAAACAAAAAkAAABnFwAAVAAAAAIAAABGAAAAAgAAAAEAAAADAAAAAAAAAAMAAAABAAAAAwAAAAMAAAACAAAACwAAAAIAAAAAAAAAAgAAAAYAAAACAAAAQAAAAAIAAAADAAAAAwAAAAcAAAACAAAABgAAAAIAAAAbAAAAAgAAAAMAAAACAAAABAAAAAIAAAAAAAAABAAAAAYAAAACAAAAUwEAAAMAAAAYAAAAAgAAABgAAAACAAAAHgAAAAIAAAAYAAAAAgAAAB4AAAACAAAAGAAAAAIAAAAeAAAAAgAAABgAAAACAAAAHgAAAAIAAAAYAAAAAgAAAAcAAAA1CQAALAAAAAsAAAAGAAAAEQAAAAAAAAByAQAAKwAAABUFAADEAAAAPAAAAEMAAAAIAAAAAAAAALUEAAADAAAAAgAAABoAAAACAAAAAQAAAAIAAAAAAAAAAwAAAAAAAAACAAAACQAAAAIAAAADAAAAAgAAAAAAAAACAAAAAAAAAAcAAAAAAAAABQAAAAAAAAACAAAAAAAAAAIAAAAAAAAAAgAAAAIAAAACAAAAAQAAAAIAAAAAAAAAAwAAAAAAAAACAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAABAAAAAgAAAAAAAAADAAAAAwAAAAIAAAAGAAAAAgAAAAMAAAACAAAAAwAAAAIAAAAAAAAAAgAAAAkAAAACAAAAEAAAAAYAAAACAAAAAgAAAAQAAAACAAAAEAAAAEURAADdpgAAIwAAADQQAAAMAAAA3QAAAAMAAACBFgAADwAAADAdAAAgDAAAHQIAAOMFAABKEwAA/QEAAAAAAADjAAAAAAAAAJYAAAAEAAAAJgEAAAkAAABYBQAAAgAAAAIAAAABAAAABgAAAAMAAAApAAAAAgAAAAUAAAAAAAAApgAAAAEAAAA+AgAAAwAAAAkAAAAJAAAAcgEAAAEAAACaAAAACgAAALAAAAACAAAANgAAAA4AAAAgAAAACQAAABAAAAADAAAALgAAAAoAAAA2AAAACQAAAAcAAAACAAAAJQAAAA0AAAACAAAACQAAAAYAAAABAAAALQAAAAAAAAANAAAAAgAAADEAAAANAAAACQAAAAMAAAACAAAACwAAAFMAAAALAAAABwAAAAAAAAChAAAACwAAAAYAAAAJAAAABwAAAAMAAAA4AAAAAQAAAAIAAAAGAAAAAwAAAAEAAAADAAAAAgAAAAoAAAAAAAAACwAAAAEAAAADAAAABgAAAAQAAAAEAAAAwQAAABEAAAAKAAAACQAAAAUAAAAAAAAAUgAAABMAAAANAAAACQAAANYAAAAGAAAAAwAAAAgAAAAcAAAAAQAAAFMAAAAQAAAAEAAAAAkAAABSAAAADAAAAAkAAAAJAAAAVAAAAA4AAAAFAAAACQAAAPMAAAAOAAAApgAAAAkAAABHAAAABQAAAAIAAAABAAAAAwAAAAMAAAACAAAAAAAAAAIAAAABAAAADQAAAAkAAAB4AAAABgAAAAMAAAAGAAAABAAAAAAAAAAdAAAACQAAACkAAAAGAAAAAgAAAAMAAAAJAAAAAAAAAAoAAAAKAAAALwAAAA8AAACWAQAABwAAAAIAAAAHAAAAEQAAAAkAAAA5AAAAFQAAAAIAAAANAAAAewAAAAUAAAAEAAAAAAAAAAIAAAABAAAAAgAAAAYAAAACAAAAAAAAAAkAAAAJAAAAMQAAAAQAAAACAAAAAQAAAAIAAAAEAAAACQAAAAkAAABKAQAAAwAAAGpLAAAJAAAAhwAAAAQAAAA8AAAABgAAABoAAAAJAAAA9gMAAAAAAAACAAAANgAAAAgAAAADAAAAUgAAAAAAAAAMAAAAAQAAAKxMAAABAAAAxxQAAAQAAAAEAAAABQAAAAkAAAAHAAAAAwAAAAYAAAAfAAAAAwAAAJUAAAACAAAAigUAADEAAAABAgAANgAAAAUAAAAxAAAACQAAAAAAAAAPAAAAAAAAABcAAAAEAAAAAgAAAA4AAABRBQAABgAAAAIAAAAQAAAAAwAAAAYAAAACAAAAAQAAAAIAAAAEAAAABgEAAAYAAAAKAAAACQAAAKMBAAANAAAA1wUAAAYAAABuAAAABgAAAAYAAAAJAAAAlxIAAAkAAAAHBQwA7wAAAABBmB8LHFCMAAABAAAAAgAAAAMAAAAEAAAAAAQAAPAfAAA=";return"undefined"!=typeof Buffer?Buffer.from(A,"base64"):Uint8Array.from(atob(A),A=>A.charCodeAt(0))}let I;function init(){return I||(I=(async()=>{const Q=await WebAssembly.compile(g()),{exports:B}=await WebAssembly.instantiate(Q);A=B})())}function initSync(){if(A)return;const Q=new WebAssembly.Module(g()),{exports:B}=new WebAssembly.Instance(Q);A=B}
\ No newline at end of file
+"use strict";exports.init=init;exports.initSync=initSync;exports.parse=parse;let A;const B=1===new Uint8Array(new Uint16Array([1]).buffer)[0];function parse(I,C="@"){if(!A)throw new Error("Not initialized");const w=I.length+1,D=(A.__heap_base.value||A.__heap_base)+4*w-A.memory.buffer.byteLength;D>0&&A.memory.grow(Math.ceil(D/65536));const G=A.sa(w);(B?g:E)(I,new Uint16Array(A.memory.buffer,G,w));const S=A.parseCJS(G,I.length,0,0,0);if(S){const B=new Error(`Parse error ${C}${A.e()}:${I.slice(0,A.e()).split("\n").length}:${A.e()-I.lastIndexOf("\n",A.e()-1)}`);throw Object.assign(B,{idx:A.e()}),5!==S&&6!==S&&7!==S||Object.assign(B,{code:"ERR_LEXER_ESM_SYNTAX"}),B}let R=new Set,o=new Set,H=new Set;for(;A.rre();){const B=Q(I.slice(A.res(),A.ree()));B&&o.add(B)}for(;A.ru();)H.add(Q(I.slice(A.us(),A.ue())));for(;A.re();){let B=Q(I.slice(A.es(),A.ee()));void 0===B||H.has(B)||R.add(B)}return{exports:[...R],reexports:[...o]}}function Q(A){if('"'!==A[0]&&"'"!==A[0])return A;try{const B=(0,eval)(A);for(let A=0;A<B.length;A++){const Q=64512&B.charCodeAt(A);if(!(Q<55296)){if(55296!==Q)return;if(56320!=(64512&B.charCodeAt(++A)))return}}return B}catch{}}function E(A,B){const Q=A.length;let E=0;for(;E<Q;){const Q=A.charCodeAt(E);B[E++]=(255&Q)<<8|Q>>>8}}function g(A,B){const Q=A.length;let E=0;for(;E<Q;)B[E]=A.charCodeAt(E++)}function I(){const A="AGFzbQEAAAABXA1gAX8Bf2ACf38AYAABf2AAAGABfwBgBn9/f39/fwF/YAJ/fwF/YAd/f39/f39/AX9gA39/fwF/YAh/f39/f39/fwF/YAV/f39/fwF/YAR/f39/AX9gBH9/f38AAzMyAQEBAwAABAUJBAAEBAMDAAcCAAAICgAFAAAGBQsHBgAAAAAIAAICAgICAgICAgIFDAYEBQFwAQUFBQMBAAEGCAF/AEHQmAILB1wOBm1lbW9yeQIAC19faGVhcF9iYXNlAwACc2EAJAFlACUCZXMAJgJlZQAnA3JlcwAoA3JlZQApAnVzACoCdWUAKwJyZQAsA3JyZQAtAnJ1AC4IcGFyc2VDSlMALwkKAQBBAQsEAAECAwrJkwEyDgAgACABQcgfQcAfEDALDgAgACABQdQfQcwfEDALDgAgACABQeAfQdgfEDALEgBBzB9BADYCAEHUH0EANgIAC8wBAQN/AkBBvKABKAIAIgNBAmpB5QBB8QBB9QBB6QBB8gBB5QAQEARAQbygASADQQ5qNgIAAkAQEUEoRw0AQbygAUG8oAEoAgBBAmo2AgAQESEBQbygASgCACECIAFBJ0cgAUEiR3ENACABEAxBvKABQbygASgCAEECaiIBNgIAEBFBKUcNAAJAIABBAWsOAgMDAAtBtKABKAIAIAI2AgBBtKABKAIAIAE2AgRBAQ8LQbygASADNgIAC0EADwsgAiABQaAfKAIAEQEAQQELGwAgAEGYHygCAEYEQEEBDwsgAEECay8BABAPC/8CAQV/QZgfKAIAIQQDQAJAIABBAmshASAALwEAIgJBIEcNACAAIARLIAEhAA0BCwsCQCACQT1HDQADQAJAIAFBAmshACABLwEAQSBHDQAgASAESyAAIQENAQsLIABBAmohASAAQQRqIQNBACECA0ACQCABLwEAIgBBgPgDcUGAuANGBEAgAEH/B3EgAUECay8BAEH/B3FBCnRyQYCABGohAAsgAEUgASAETXINACAAQdwARg0CIAAQEkUNACABQX5BfCAAQYCABEkbaiEBIAAQEyECDAELCyACQQFxRQ0AIAEvAQBBIEcNAEG0oAEoAgAiAkGwHygCAEYNACACIAM2AgwgAiABQQJqNgIIA0ACQCABQQJrIQAgAS8BACIDQSBHDQAgASAESyAAIQENAQsLAkACQAJAIANB8gBrDgMAAwEDCyAAQfYAQeEAEBQNAQwCCyAAQewAQeUAEBQNACAAQeMAQe8AQe4AQfMAEBVFDQELQbSgASACQRBqNgIACws7AQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUYhBgsgBgtPAQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZHDQAgAC8BDCAHRiEICyAIC7MFAQN/QbygAUG8oAEoAgAiAkEOajYCAAJAAkAQESIBQdsARwRAIAFBPUYNASABQS5HDQJBvKABQbygASgCAEECajYCABARQbygASgCACEBEBZFDQJBvKABKAIAIQAQEUE9Rw0CIAEgAEGcHygCABEBAA8LQbygAUG8oAEoAgBBAmo2AgAQESIAQSdHIABBIkdxDQFBvKABKAIAIAAQDEG8oAFBvKABKAIAQQJqIgA2AgAQEUHdAEcNAUG8oAFBvKABKAIAQQJqNgIAEBFBPUcNASAAQZwfKAIAEQEADAELIABFDQBBqB8oAgARAwBBvKABQbygASgCAEECajYCABARIgBB8gBHBEAgAEH7AEcNAUG8oAEoAgBBAmshAQJAAkADQEG8oAFBvKABKAIAIgBBAmo2AgAgAEHAoAEoAgBPDQIQESEAQbygASgCACECAkAgABAWBEBBvKABKAIAIQMQESIAQTpGBEBBvKABQbygASgCAEECajYCABAREBZFDQRBvKABKAIALwEAIQALIAIgA0GcHygCABEBAAwBCwJAIABBIkcEQCAAQS5GDQEgAEEnRw0EC0G8oAEoAgAgABAMQbygAUG8oAEoAgBBAmoiAzYCABARIgBBOkcNAUG8oAFBvKABKAIAQQJqNgIAEBEQFkUNA0G8oAEoAgAvAQAhACADQZwfKAIAEQEADAELQbygASgCACIALwECQS5HDQIgAC8BBEEuRw0CQbygASAAQQZqNgIAAkACQCAALwEGIgBB8gBGBH9BARAEQbygASgCACEADQEgAC8BAAUgAAtB//8DcRAWRQ0EDAELQbygASAAQQJqNgIACxARIQALIABB//8DcSIAQSxGDQALIABB/QBGDQELQbygASABNgIACw8LQQEQBBoLQbygASACQQxqNgIACywBAX8gAEGgAUYgAEEJayIBQRdNQQBBASABdEGfgIAEcRtyRQRAQQAPC0EBC0AAQfAfKAIARQRAQfAfIAA2AgALQbygASgCACEAQbygAUHAoAEoAgBBAmo2AgBB7B8gAEGYHygCAGtBAXU2AgALjAEBBH9BvKABKAIAIQFBwKABKAIAIQQCQANAAkAgASICQQJqIQEgAiAETw0AIAEvAQAiAyAARg0CIANB3ABHBEAgA0EKaw4EAQICAQILIAJBBGohASACLwEEQQ1HDQEgAkEGaiABIAIvAQZBCkYbIQEMAQsLQbygASABNgIAQQkQCw8LQbygASABNgIAC0oBA39BvKABKAIAQQJqIQFBwKABKAIAIQIDQAJAIAEiAEECayACTw0AIABBAmohASAALwEAQQprDgQAAQEAAQsLQbygASAANgIAC2EBAn9BvKABKAIAQQZqIQBBwKABKAIAIQEDQAJAAkAgASAAQQRrSwRAIABBAmsvAQBBKkcNAiAALwEAQS9HDQIMAQsgAEECayEAC0G8oAEgADYCAA8LIABBAmohAAwACwALNAEBfyAAQaABRiAAQQlrIgFBF01BAEEBIAF0QZ+AgARxG3JFBEAgABAiIABBLkdxDwtBAQtFAQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZGIQcLIAcLaQEDf0G8oAEoAgAhAANAAkACQCAALwEAIgFBL0YEQCAALwECIgBBKkcEQCAAQS9HDQMQDQwCCxAODAELIAEQCkUNAQtBvKABQbygASgCACICQQJqIgA2AgAgAkHAoAEoAgBJDQELCyABC4ETAQR/IABBL00EQCAAQSRGDwsCQCAAQTpJDQACQCAAQcEASQ0AIABB2wBJDQEgAEHgAE0EQCAAQd8ARg8LIABB+wBJDQEgAEH//wNNBEAgAEGqAUkNAQJ/AkAgABAgIABBjMAAa0ECSXIgAEG3AUYgAEGABmtB8ABJcnIgAEGHB0YgAEGDCWtBBUlyIABBkQtrQS1JcnINAAJAAkAgAEG/C2siAUEJSUHtAiABdkEBcXENACAAQZAMa0ELSSAAQcsMa0EfSXINAiAAQfAMRiAAQeoNa0EESXIgAEHWDWsiAUESTUEAQQEgAXRB//wZcRtyIABBwA9rQQpJIABBpg9rQQtJciAAQZEORiAAQbAOa0EbSXJyciAAQfANa0EKSSAAQb4Sa0ESSXIgAEG6EmtBA0kgAEHjEWtBIUlyciAAQdMRa0EPSSAAQdkQa0EDSXIgAEGpEGtBBUkgAEGlEGtBA0lycnJyIABBmxBrQQlJIABBlhBrQQRJciAAQf0PRiAAQesPa0EJSXJycg0CAkAgAEHREmsiAUETTwRAIABB5hJrQQpJDQQMAQtB/4AYIAF2QQFxIABB5hJrQQpJcg0BCwJAAkAgAEG8E2sOKAIBAgICAgICAgEBAgIBAQICAgEBAQEBAQEBAQIBAQEBAQEBAQEBAgIACyAAQYETa0EDSQ0DCyAAQf4TRiAAQeYTa0EKSXINAiAAQfUURiAAQYEUa0EDSXIgAEG8FGsiAUEVTUEAQQEgAXRB/bCOAXEbciAAQeYUa0EMSXINAgJAAkAgAEG8FWsOKAIBAgICAgICAgIBAgICAQICAgEBAQEBAQEBAQEBAQEBAQEBAQEBAgIACyAAQYEVa0EDSQ0DCyAAQeYVa0EKSSAAQfoVa0EGSXINAgJAAkAgAEG8FmsOKAIBAgICAgICAgEBAgIBAQICAgEBAQEBAQEBAgIBAQEBAQEBAQEBAgIACyAAQYEWa0EDSQ0DCyAAQeYWa0EKSQ0CIABBghdGIABB5hdrQQpJciAAQb4XayIBQRlNQQBBASABdEGf7oMQcRtyDQICQAJAIABBvhhrDiYCAgICAgICAQICAgECAgICAQEBAQEBAQICAQEBAQEBAQEBAQECAgALIABBgBhrQQVJDQMLIABB5hhrQQpJDQICQAJAIABBvBlrDigCAQICAgICAgIBAgICAQICAgIBAQEBAQEBAgIBAQEBAQEBAQEBAQICAAsgAEGBGWtBA0kNAwsgAEHmGWtBCkkNAiAAQXxxIgFBgBpGDQICQCAAQbsaayICQSlPBEAgAEHmGmtBCkkNBAwBC0L7956AgTAgAq2Ip0EBcSAAQeYaa0EKSXINAQsgAEF4cUHYG0YgAEGCG2tBAklyIABByhtrIgJBDE1BAEEBIAJ0QeEvcRtyIABB5htrQQpJcg0CIABBsR1GIABB8htrQQJJciAAQbEcayICQR1NQQBBASACdEH5h4D+A3EbciAAQdAca0EKSXINAgJAIABBtB1rIgJBCU8EQCAAQcgda0EGSQ0EDAELQb8DIAJ2QQFxIABByB1rQQZJcg0BCyAAQaAea0EKSSAAQdAda0EKSXINAiAAQX5xIgJBmB5GDQIgAEG1HmsiA0ELSUGVDCADdkEBcXENACAAQY0fa0ELSSAAQfEea0EUSXIgAkGGH0YgAEGSLmtBA0lyciAAQekma0EJSSAAQd0ma0EDSXIgAEGPIWtBD0kgAEGCIWtBDElycnIgAEHxIGtBBEkgAEHnIGtBB0lyIABB4iBrQQNJIABB3iBrQQNJcnIgAEHWIGtBBEkgAEHAIGtBCklyIABBxh9GIABBqyBrQRRJcnJyciAAQZkfa0EkSSAAQbIua0EDSXIgAEHSLmtBAkkgAEHyLmtBAklyciAAQYswa0EDSSAAQeAva0EKSXIgAEHdL0YgAEG0L2tBIElycnIgAEHQOWtBA0kgAEFucUHAOGtBCklyIABBpDhrQRRJIABB5jdrQQ5JcnIgAEGwN2tBCkkgAEGhN2tBDUlyIABBgDdrQQNJIABB6zZrQQlJcnJycnIgAEHQNmtBCkkgAEG0NmtBEUlyIABBgDZrQQVJIABBsDVrQQ5JcnIgAEGQNWtBCkkgAEH/NGtBC0lyIABB4DRrQR1JIABB1TRrQQpJcnJyIABBlzRrQQVJIABB0DNrQQtJciAAQakxRiAAQcYya0EKSXJyIABBkDBrQQpJIABBbHFBoDJrQQxJciAAQcA7a0E6SSAAQfc5a0EDSXJycnIgAEHtOUYgAEHyOWtBA0lyIABB1DlrQRVJIABB+ztrQQVJcnJycg0CIABB4cEARiAAQeXBAGtBDElyIABBv8AAayICQRVNQQBBASACdEGDgIABcRtyIABB0MEAa0ENSSAAQe/ZAGtBA0lyIABB/9oARiAAQWBxQeDbAEZycnIgAEGq4ABrQQZJIABBmeEAa0ECSXIgAEHvzAJGIABB9MwCa0EKSXJyIABBoMwCa0EKSXJyDQIgAEGezQJrQQJJIABB8M0Ca0ECSXIgAEGL0AJrIgJBHE1BAEEBIAJ0QYGAgPgBcRtyDQICQAJAIABBgtACaw4FAgEBAQIACyAAQYDRAmtBAkkNAwsgAUGA0wJGIABBs9MCa0EOSXIgAEHH0gJrQQ1JIABBptICa0EISXJyIABB/9ECa0ELSSAAQeDRAmtBEklyIABBtNECa0ESSSAAQdDRAmtBCklycnIgAEHl0wJGIABBqdQCa0EOSXJyDQIgAEFecUHQ0wJrQQpJDQEgAEHQ1AJrQQpJIABBw9QCayIBQQpNQQBBASABdEGBDHEbcg0BIABB49cCayIBQQpNIAFBCEdxDQEgAEGw1QJrIgFBEU1BAEEBIAF0QZ2DC3EbDQEgAEH71AJrQQNJIABB69UCayIBQQtNQQBBASABdEGfGHEbcg0BIABBcHEiAUGA/ANGIABBnvYDRnINASAAQfDXAmtBCkkNACABQaD8A0YgAEGz/ANrQQJJciAAQc38A2tBA0lyIABBkP4Da0EKSXIgAEG//gNGcgwDC0EBDAILQQEMAQtBAQsPC0EBIQEgABAfDQBBACEBQYCABCEEQX4hA0GwFyECAkADQCADQQJqIgNB+QFLDQEgACACKAIAIARqIgRJBEBBACEBDAILIAJBBGohASACQQhqIQIgASgCACAEaiIEIABJDQALQQEhAQsgA0H6AUkgAXEhAQsgAQ8LQQELXQEBfyAAQcAATQRAIABBJEYPC0EBIQECQCAAQdsASQ0AIABB4ABNBEAgAEHfAEYPCyAAQfsASQ0AIABB//8DTQRAQQAhASAAQaoBSQ0BIAAQIA8LIAAQHyEBCyABC0YBA38CQCAAQQJrIgRBmB8oAgAiBUkNACAELwEAIAFHDQAgAC8BACACRw0AIAQgBUYEQEEBDwsgAEEEay8BABAPIQMLIAMLYAEDfwJAIABBBmsiBkGYHygCACIHSQ0AIAYvAQAgAUcNACAAQQRrLwEAIAJHDQAgAEECay8BACADRw0AIAAvAQAgBEcNACAGIAdGBEBBAQ8LIABBCGsvAQAQDyEFCyAFC3oBAX8gABAhIgEQEyEAAn8gAUHcAEcEQEEAIABFDQEaC0G8oAEoAgBBAkEEIAFBgIAESRtqIQACQANAQbygASAANgIAIAAvAQAQISIBRQ0BIAEQEgRAIABBAkEEIAFBgIAESRtqIQAMAQsLQQAgAUHcAEYNARoLQQELC5MBAQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKQdAARw0AIAAvAQxB8gBHDQAgAC8BDkHvAEcNACAALwEQQfAARw0AIAAvARJB5QBHDQAgAC8BFEHyAEcNACAALwEWQfQARw0AIAAvARhB+QBGIQYLIAYLmwEBAn9BvKABKAIAIQECQCAAQe0ARgR/IAFBAmpB7wBB5ABB9QBB7ABB5QAQB0UNAUG8oAEgAUEMajYCABARQS5HBEAMAgtBvKABQbygASgCAEECajYCABARBSAAC0HlAEcNAEG8oAEoAgAiAEEOaiABIABBAmpB+ABB8ABB7wBB8gBB9ABB8wAQECICGyEBC0G8oAEgATYCACACC2wBAX8CQCAALwEAQe4ARw0AIAAvAQJB9QBHDQAgAC8BBEHtAEcNACAALwEGQeUARw0AIAAvAQhB8gBHDQAgAC8BCkHhAEcNACAALwEMQeIARw0AIAAvAQ5B7ABHDQAgAC8BEEHlAEYhAQsgAQvzAwEEfwJAEBFBzwBHDQBBvKABKAIAIgJBAmpB4gBB6gBB5QBB4wBB9AAQB0UNAEG8oAEgAkEMajYCABARQS5HDQBBvKABQbygASgCAEECajYCABARIgJB8ABGBH8CQEG8oAEoAgAiBEECaiICLwEAQfIARw0AIAIvAQJB7wBHDQAgAi8BBEH0AEcNACACLwEGQe8ARw0AIAIvAQhB9ABHDQAgAi8BCkH5AEcNACACLwEMQfAARw0AIAIvAQ5B5QBGIQMLIANFDQFBvKABIARBEmo2AgAQEUEuRw0BQbygAUG8oAEoAgBBAmo2AgAQEQUgAgtB6ABHDQBBvKABKAIAIgJBAmpB4QBB8wBBzwBB9wBB7gAQF0UNAEG8oAEgAkEcajYCABARQS5HDQBBvKABQbygASgCAEECajYCABARQeMARw0AQbygASgCACICLwECQeEARw0AIAIvAQRB7ABHDQAgAi8BBkHsAEcNAEG8oAEgAkEIajYCABARQShHDQBBvKABQbygASgCAEECajYCABAREBZFDQAQEUEsRw0AQbygAUG8oAEoAgBBAmo2AgAQERpBvKABKAIAIgIgACABQQF0IgAQIw0AQbygASAAIAJqNgIAEBFBKUcNAEG8oAFBvKABKAIAQQJqNgIAQQEhBQsgBQtDAQN/AkAgAEEIayIHQZgfKAIAIghJDQAgByABIAIgAyAEIAUQB0UNACAHIAhGBEBBAQ8LIABBCmsvAQAQDyEGCyAGC1MBA38CQCAAQQRrIgVBmB8oAgAiBkkNACAFLwEAIAFHDQAgAEECay8BACACRw0AIAAvAQAgA0cNACAFIAZGBEBBAQ8LIABBBmsvAQAQDyEECyAEC0UBA38CQCAAQQprIghBmB8oAgAiCUkNACAIIAEgAiADIAQgBSAGEBBFDQAgCCAJRgRAQQEPCyAAQQxrLwEAEA8hBwsgBws3AQJ/AkBBmB8oAgAiAyAASw0AIAAvAQAgAUcNACAAIANGBEBBAQ8LIABBAmsvAQAQDyECCyACC2YBBH9BgIAEIQFBfiEEQZAIIQICQANAIARBAmoiBEHnA0sNASAAIAIoAgAgAWoiAUkEQEEAIQMMAgsgAkEEaiEDIAJBCGohAiADKAIAIAFqIgEgAEkNAAtBASEDCyAEQegDSSADcQv/GwEFfwJAIABBxgVrQQxJIABB+AFrQcoDSXIgAEGqAWsiAUEQTUEAQQEgAXRBgZAEcRtyIABBwAFrQRdJIABB2AFrQR9JcnINACAAQfAGayIBQRxNQQBBASABdEHf+YK6AXEbDQAgAEGKCWtBpgFJIABB9wdrQYsBSXIgAEHgBWsiAUEOTUEAQQEgAXRBn6ABcRtyIABBjgdrQRRJIABBowdrQdMASXIgAEHvC2tBBEkgAEHQC2tBG0lycnINACAAQdkKRiAAQeAKa0EpSXIgAEGxCmtBJkkgAEHxDGtB4wBJcnIgAEGgDGtBK0lyDQAgAEF+cSIEQe4MRg0AAkACQAJAIABB1Q1rIgFBPE8EQCAAQZIOa0EeSQ0EDAELQoGAjLCAnIGACCABrYinQQFxIABBkg5rQR5Jcg0BCyAAQbEPRiAAQcoPa0EhSXIgAEHNDmtB2QBJcg0CIABBgBBrQRZJIABB9A9rIgFBBk1BAEEBIAF0QcMAcRtyDQICQAJAIABBpBBrDgUCAQEBAgALIABBmhBGDQMLIABBhBJrQTZJIABBthFrQQhJciAAQaARa0EVSSAAQcAQa0EZSXJyIABBvRJGIABB4BBrQQtJciAAQdASRiAAQdgSa0EKSXJycg0CIABB8RJrQRBJDQICQCAAQYUTayIBQQxPBEAgAEGTE2tBFkkNBAwBC0H/GSABdkEBcSAAQZMTa0EWSXINAQsgAEGqE2tBB0kgAEH8E2siAUEUTUEAQQEgAXRBgfzhAHEbcg0CIABBshNrIgFBHE1BAEEBIAF0QfGRgIABcRsNAiAAQZMUa0EWSSAAQdwTayIBQRVNQQBBASABdEG7gMABcRtyDQIgAEGqFGsiAUE1SUL/toOAgIDgCyABrYhCAYNQRXEgAEGTFWtBFkkgAEGPFWtBA0lyciAAQfIUa0EDSSAAQYUVa0EJSXJyDQICQAJAIABBqhVrDicCAgICAgICAQICAQICAgICAQEBAgEBAQEBAQEBAQEBAQEBAQEBAQIACyAAQeAVa0ECSSAAQfkVayIBQRdNQQBBASABdEGB4L8GcRtyDQMLIABBkxZrQRZJDQICQAJAIABB8RZrDjQCAQEBAQEBAQEBAQEBAQEBAQECAQICAgICAgEBAQICAgECAgICAQEBAgIBAgECAgEBAQICAAsgAEGqFmsiAUETTUEAQQEgAXRB//YjcRsNAyAAQdwWayIBQQVLDQAgAUECRw0DCyAAQagXa0EDSSAAQZIYa0EXSXIgAEGOGGtBA0kgAEGFGGtBCElyciAAQdAXRiAAQa4Xa0EMSXIgAEG9GEYgAEGqGGtBEElycnINAiAAQdgYayIBQSlJQoeGgICAICABrYhCAYNQRXEgAEGqGWtBCkkgAEGSGWtBF0lyciAAQYUZa0EISSAAQY4Za0EDSXJyDQIgAEGFGmsiAUELTSABQQhHcQ0CIABBtRlrIgFBCE1BAEEBIAF0QZ8CcRsNAiAAQb0aRiAAQZIaa0EpSXIgAEHeGWsiAUEUTUEAQQEgAXRBjYDgAHEbciAAQc4aRiAAQbMba0EJSXIgAEGaG2tBGEkgAEGFG2tBEklycnINAiAAQfoaa0EGSSAAQdQaa0EDSXIgAEHfGmtBA0lyDQIgAEG9G2siAUEKSUH5ByABdkEBcXENACAEQbIcRiAAQYEca0EwSXIgAEHAHGtBB0lyDQIgAEGBHWsiAUEMTUEAQQEgAXRByyVxGw0CIABBfHEiAUGUHUYgAEGZHWtBB0lyDQIgAEGhHWsiAkEmSULX7JuA+QUgAq2IQgGDUEVxIABBgCBrQStJIABBiB9rQQVJcnIgAEHJHmtBJElyDQIgAEF4cSIDQcAeRiAAQYAeRnIgAUHcHUZyDQICQCAAQb8gayICQShPBEAgAEHuIGtBA0kNBAwBC0KBgPjDxxggAq2Ip0EBcSAAQe4ga0EDSXINAQsgAEGOIUYgAEGgIWtBJklyIABBxyFGIABB9SBrQQ1JcnIgAEHNIUYgAEHKJGtBBElyIABB0CFrQStJIABB/CFrQc0CSXJycg0CIABB0CRrIgJBCUlB/wIgAnZBAXFxDQAgAEGyJWtBBEkgAEGQJWtBIUlyIABBiiVrQQRJIABB2iRrQQRJcnIgAEHgJGtBKUlyDQIgAEG4JWsiAkEJSUH/AiACdkEBcXENACAAQYAva0E0SSAAQe4ua0EDSXIgAEHgLmtBDUkgAEHALmtBEklyciAAQaAua0ESSSAAQY4ua0EESXIgAEGALmtBDUkgAEHuLWtBC0lycnINAiAAQaAta0HLAEkgAEGBLWtBGklyIABB7yxrQRFJIABBgShrQewESXJyIABB+CdrQQZJIABBoCdrQdYASXJyDQIgAEFwcSICQYAnRiAAQZgma0HDAElyIABBkiZrQQRJIABB2CVrQTlJcnIgAEHCJWtBBEkgAEHIJWtBD0lyIABB1y9GIABB3C9GcnJyDQIgAEGgMGtB2QBJIABBgDRrQRdJciAAQbAza0EaSSAAQYAza0EsSXJyIABB8DJrQQVJcg0CIABB0DJrQR5JIABBgDJrQR9JciAAQaoxRiAAQbAxa0HGAElyciAAQYAxa0EpSSAAQcU2a0EHSXIgAEGnNUYgAEGFNmtBL0lycnINASAAQaA0a0E1SSAAQek5a0EESXIgAEG9OWtBA0kgAEGQOWtBK0lyciAAQYA5a0EJSSAAQdo4a0EkSXIgAEHNOGtBA0kgAEGAOGtBJElycnINASAAQbo3a0EsSSAAQYM3a0EeSXIgBEGuN0ZyDQEgAEHuOWsiBUEJSUGPAyAFdkEBcXENACAAQcg+a0EGSSAAQaA+a0EmSXIgAEGYPmtBBkkgAEGAOmtBwAFJcnIgAEGAPGtBlgJJIABBgD9rQTVJciAAQd0+RiAAQd8+a0EfSXJycg0BIANB0D5GIABBfXFB2T5Gcg0BIABBtj9rIgNBCUlB/wIgA3ZBAXFxDQAgAEHyP2tBA0kgAEHgP2tBDUlyIAFB0D9GIABB1j9rQQZJcnIgAEHCP2tBA0kgAEHGP2tBB0lyIABB8cAARiAAQfY/a0EHSXJycg0BIABB/8AARiAAQZDBAGtBDUlyIABBgsIARiAAQYfCAEZyciAAQZXCAEYgAEGKwgBrQQpJcnINASAAQZjCAGsiA0ERSUG/oAUgA3ZBAXFxDQAgAUG8wgBGIABBqsIAa0EQSXINASAAQcXCAGsiA0EKSUGfBCADdkEBcXENACAAQeDYAGtBhQFJIABBsNgAa0EvSXIgAEHgwgBrQSlJIABBgNgAa0EvSXJyDQECQCAAQevZAGsiA0EJTwRAIABBgNoAa0EmSQ0DDAELQY8DIAN2QQFxIABBgNoAa0EmSXINAQsgAEGn2gBGIABBrdoARnIgAEGAygJrQY0CSSAAQdDJAmtBLklyciAAQYDAAmtBjQlJIABBgJwBa0HwowFJciACQfDjAEYgAEGA6ABrQbYzSXJycg0BIABBoOMAa0EbSSAAQbHiAGtB3gBJciABQfzhAEYgAEGF4gBrQStJcnIgAEGh4QBrQdoASSAAQZvhAGtBBUlyIABBweAAa0HWAEkgAEG44ABrQQVJcnJyDQEgAEGx4ABrQQVJIABBoeAAa0EJSXIgAEGF4ABrQQNJcg0BIABBZ3EiAUHA2wBrQQdJIAFBoNsAa0EHSXIgAEHv2gBGIABBgNsAa0EXSXJyIABBsNoAa0E4SSAAQYLRAmtBMklyIABBwNACa0E0SSAAQYzQAmtBF0lycnINASAAQYfQAmtBBEkgAEGD0AJrQQNJciAAQffPAmtBC0kgAEGLzwJrQS9JcnIgAEGizgJrQecASSAAQZfOAmtBCUlyIABBoM0Ca0HQAEkgAEH/zAJrQR9JcnJyDQEgAkGQzAJGIABBwMwCa0EvSXIgBEGqzAJGcg0BIABB8tECayIBQQ1JQb80IAF2QQFxcQ0AIABB4NICa0EdSSAAQYrSAmtBHElyIABBsNICa0EXSSAAQcTUAmtBCElyciAAQcDUAmtBA0kgAEGA1AJrQSlJciAAQfrTAmtBBUkgAEHm0wJrQQpJcnJyDQEgAEHP0wJGIABB4NMCa0EFSXIgAEGE0wJrQS9JIABB/tQCa0EySXJyIABB+tQCRiAAQeDUAmtBF0lycg0BIABBsdUCayIBQRJJQbG+CiABdkEBcXENACAAQYD2A2tBB0kgAEHw9ANrQeoASXIgAEGA8gNrQe4CSSAAQcuvA2tBMUlyciAAQbCvA2tBF0kgAEGA2AJrQaTXAElyIABB8NYCa0HzAEkgAEHc1gJrQQpJcnJyDQEgAEGw1gJrQStJDQEgAEF3cSIBQaDWAmtBB0kgAEGR1gJrQQZJciABQYHWAmtBBkkgAEHy1QJrQQNJcnIgAEHb1QJrQQNJIABB4NUCa0ELSXJyDQEgAEGT9gNrIgFBC0lBnwggAXZBAXFxDQAgAEGf9gNrQQpJIABBqvYDa0ENSXINASAAQbj2A2siAUENSUHfNiABdkEBcXENACAAQdL/A2tBBkkgAEF2cUHC/wNrQQZJciAAQeb+A2tB2QBJIABBwf4Da0EaSXJyIABBof4Da0EaSSAAQfb8A2tBhwFJciAAQfD8A2tBBUkgAEHw+wNrQQxJcnJyDQEgAEGS+wNrQTZJIABB0PoDa0HAAElyIABBxvYDa0HsAElyDQEgAEHT9wNrQesCSQ0AIABB2v8Da0EDSQ8LQQEPC0EBDwtBAQsyACAAQYD4A3FBgLADRgR/IABBCnRBgPg/cUG8oAEoAgAvAQJB/wdxckGAgARqBSAACwtdAQF/AkAgAEH4/wNxQShGIABBIWsiAUEFTUEAQQEgAXRBMXEbckUEQCAAQTprIgFB//8DcUElT0K/gICAoAMgAa2IQgGDUHINAQtBAQ8LIABB+wBrQf//A3FBBEkLQwEDfwJAIAJFDQADQCAALQAAIgQgAS0AACIFRgRAIAFBAWohASAAQQFqIQAgAkEBayICDQEMAgsLIAQgBWshAwsgAwt4AQF/QZgfKAIAIgEgAEEBdGoiAEEAOwEAQeQfIABBAmoiADYCAEHoHyAANgIAQcAfQQA2AgBByB9BADYCAEHEH0EANgIAQcwfQQA2AgBB1B9BADYCAEHQH0EANgIAQdgfQQA2AgBB4B9BADYCAEHcH0EANgIAIAELCABB7B8oAgALFQBBxB8oAgAoAgBBmB8oAgBrQQF1CxUAQcQfKAIAKAIEQZgfKAIAa0EBdQsVAEHQHygCACgCAEGYHygCAGtBAXULFQBB0B8oAgAoAgRBmB8oAgBrQQF1CxUAQdwfKAIAKAIAQZgfKAIAa0EBdQsVAEHcHygCACgCBEGYHygCAGtBAXULCgBBwB9BxB8QMQsKAEHMH0HQHxAxCwoAQdgfQdwfEDEL0UEBBX8Cf0GAwAAgATYCAEGYHyAANgIAIAIEQEGcHyACNgIACyADBEBBoB8gAzYCAAsgBARAQaQfIAQ2AgALQYjAAEH//wM7AQBBoOAAQaDAADYCAEGwoAFBsOAANgIAQbSgAUGAIDYCAEGMwABBrB8oAgA2AgBBvKABIABBAmsiAjYCAEHAoAEgAiABQQF0aiIDNgIAQYbAAEEAOwEAQYTAAEEAOwEAQZDAAEEAOgAAQewfQQA2AgBB8B9BADYCAEG4oAFBADoAAAJAAkAgAC8BAEEjRw0AIAAvAQJBIUcNAEEAIQIgAUECRg0BIABBBGohAANAIAAiAkECayADTw0BIABBAmohACACLwEAQQprDgQBAAABAAsACwNAQbygASACQQJqIgA2AgACQAJAAkAgAiADSQRAIAAvAQAiA0EJayIBQRdNQQBBASABdEGfgIAEcRsNAwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAQYbAAC8BACIFRQRAAkACQAJAIANB3wBrDg8CEBMTBhMFExMTARMTEwQACwJAIANBJ2sOCQ4ICRMTExMTDwALAkAgA0H7AGsOAwsTDAALIANBIkYNDSADQc8ARg0GIANB8gBHDRICQEEAEARFDQAgABAFRQ0AIAIQBgtBjMAAQbygASgCADYCAAwTCwJAIAJBBGpB7QBB8ABB7wBB8gBB9AAQB0UNACAAEAVFDQBBvKABQbygASgCACIBQQxqIgA2AgACQAJAAkACQAJAAkACQBARIgJBJ2sOCAIDAQIBAQEEAAsgAkEiRiACQfsARnINAQtBvKABKAIAIABGDQQLQYbAAC8BAEUNAkG8oAFBvKABKAIAQQJrNgIADAMLQYbAAEGGwAAvAQAiAEEBajsBAEGwoAEoAgAgAEECdGogATYCAAwCC0EFEAsMAQtBBhALC0G8oAEoAgAhAAtBjMAAIAA2AgAMEgtBACEDAkAgAkEEaiIBLwEAQekARw0AIAEvAQJB7gBHDQAgAS8BBEH0AEcNACABLwEGQeUARw0AIAEvAQhB8gBHDQAgAS8BCkHvAEcNACABLwEMQfAARw0AIAEvAQ5B0gBHDQAgAS8BEEHlAEcNACABLwESQfEARw0AIAEvARRB9QBHDQAgAS8BFkHpAEcNACABLwEYQfIARw0AIAEvARpB5QBHDQAgAS8BHEHXAEcNACABLwEeQekARw0AIAEvASBB7ABHDQAgAS8BIkHkAEcNACABLwEkQeMARw0AIAEvASZB4QBHDQAgAS8BKEHyAEcNACABLwEqQeQARiEDCwJAAkAgA0UNACAAEAVFBEAgAi8BAEEuRw0BC0G8oAEgAkEwajYCACACLwEwQShHDQFBvKABIAJBMmo2AgBBhsAAQQE7AQBBsKABKAIAQYzAACgCADYCAEEAEARFDQEgABAFRQ0BIAIQBgwBCyABQd8AQeUAQfgAQfAAQe8AQfIAQfQAEAhFDQAgABAFRQRAIAIvAQBBLkcNAQtBvKABIAJBEmo2AgAgAi8BEiIAQdMARgR/IAIvARRB9ABHDQEgAi8BFkHhAEcNASACLwEYQfIARw0BQbygASACQRpqNgIAIAIvARoFIAALQf//A3FBKEcNAEGwoAEoAgBBjMAAKAIANgIAQYbAAEEBOwEAQbygAUG8oAEoAgAiAEECajYCACAALwECQfIARw0AQQIQBBoLQYzAAEG8oAEoAgA2AgAMEQsCQCADQSdrDgkLBQcQEBAQEAwACwJAIANB4ABrDgYNEBADEAIACwJAIANB+wBrDgMIEAoACyADQSJGDQogA0HPAEYNAyADQe0ARw0PCyACQQRqQe8AQeQAQfUAQewAQeUAEAdFDQ4gABAFRQ0OQbygAUG8oAEoAgAiAEEMajYCAAJAAkAQEUEuRw0AQbygAUG8oAEoAgBBAmo2AgAQEUHlAEcNAEG8oAEoAgBBAmpB+ABB8ABB7wBB8gBB9ABB8wAQEEUNAEEBEAkMAQtBvKABIABBCmo2AgALDA4LIAJBBGpB+ABB8ABB7wBB8gBB9AAQB0UNDSAAEAVFDQ0gAi8BDkHzAEYEQEEAEAkMDgsgBQ0NQbygAUG8oAEoAgBBDGoiATYCABARIQACQCABQbygASgCAEYEQCAAECJFDQELQQcQCwsMDQsgABAFRQ0MIAIvAQRB7ABHDQwgAi8BBkHhAEcNDCACLwEIQfMARw0MIAIvAQpB8wBHDQwgAi8BDBAKRQ0MQbigAUEBOgAADAwLIAJBBGpB4gBB6gBB5QBB4wBB9AAQB0UNCyAAEAVFDQsgBUUhAUG8oAFBvKABKAIAIgBBDGo2AgAgAEEKaiECAkACQBARQS5HDQBBvKABQbygASgCAEECajYCAAJAEBEiAEHkAEYEQEG8oAEoAgAiAEECakHlAEHmAEHpAEHuAEHlABAXRQ0CQbygASAAQRxqNgIAIABBGmohAhARQShHDQJBvKABQbygASgCAEECajYCABAREBhFDQIQEUEsRw0CQbygAUG8oAEoAgBBAmo2AgAQESIAQSdHIABBIkdxDQJBvKABKAIAIQQgABAMQbygAUG8oAEoAgBBAmoiAzYCABARQSxHDQFBvKABQbygASgCAEECajYCABARQfsARw0BQbygAUG8oAEoAgBBAmo2AgAQESIAQeUARgRAQbygASgCACIAQQJqEBlFDQJBvKABIABBFGo2AgAQEUE6Rw0CQbygAUG8oAEoAgBBAmo2AgAQEUH0AEcNAkG8oAEoAgAiAC8BAkHyAEcNAiAALwEEQfUARw0CIAAvAQZB5QBHDQJBvKABIABBCGo2AgAQEUEsRw0CQbygAUG8oAEoAgBBAmo2AgAQESEACyAAQecARwRAIABB9gBHDQJBvKABKAIAIgAvAQJB4QBHDQIgAC8BBEHsAEcNAiAALwEGQfUARw0CIAAvAQhB5QBHDQJBvKABIABBCmo2AgAQEUE6Rw0CIAQgA0GcHygCABEBAEG8oAEgAjYCAAwEC0G8oAEoAgAiAC8BAkHlAEcNASAALwEEQfQARw0BQbygASAAQQZqNgIAEBEiAEE6RgR/QbygAUG8oAEoAgBBAmo2AgAQEUHmAEcNAkG8oAEoAgAiAEECakH1AEHuAEHjAEH0AEHpAEHvAEHuABAIRQ0CQbygASAAQRBqIgE2AgAQESIAQShHBEAgAUG8oAEoAgBGDQMgABAWRQ0DCxARBSAAC0EoRw0BQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0BQbygAUG8oAEoAgBBAmo2AgAQEUH7AEcNAUG8oAFBvKABKAIAQQJqNgIAEBFB8gBHDQFBvKABKAIAIgBBAmpB5QBB9ABB9QBB8gBB7gAQB0UNAUG8oAEgAEEMajYCABAREBZFDQECQAJAEBEiAEHbAEcEQCAAQS5HDQJBvKABQbygASgCAEECajYCABAREBYNAQwEC0G8oAFBvKABKAIAQQJqNgIAEBEiAEEnRyAAQSJHcQ0DIAAQDEG8oAFBvKABKAIAQQJqNgIAEBFB3QBHDQNBvKABQbygASgCAEECajYCAAsQESEACyAAQTtGBH9BvKABQbygASgCAEECajYCABARBSAAC0H9AEcNAUG8oAFBvKABKAIAQQJqNgIAEBEiAEEsRgR/QbygAUG8oAEoAgBBAmo2AgAQEQUgAAtB/QBHDQFBvKABQbygASgCAEECajYCABARQSlHDQEgBCADQZwfKAIAEQEADAMLIAFFIABB6wBHcg0BQbygASgCACIALwECQeUARw0BIAAvAQRB+QBHDQEgAC8BBkHzAEcNASAAQQZqIQJBvKABIABBCGo2AgAQEUEoRw0BQbygAUG8oAEoAgBBAmo2AgAQEUG8oAEoAgAhBhAWRQ0BQbygASgCABARQSlHDQFBvKABQbygASgCACICQQJqNgIAEBFBLkcNAUG8oAFBvKABKAIAQQJqNgIAEBFB5gBHDQFBvKABKAIAIgBBAmpB7wBB8gBBxQBB4QBB4wBB6AAQEEUNAUG8oAEgAEEOajYCABARQbygASgCACIAQQJrIQJBKEcNAUG8oAEgAEECajYCABARQeYARw0BQbygASgCACIAQQJqQfUAQe4AQeMAQfQAQekAQe8AQe4AEAhFDQFBvKABIABBEGo2AgAQEUEoRw0BQbygAUG8oAEoAgBBAmo2AgAQEUG8oAEoAgAhBxAWRQ0BQbygASgCACEBEBFBKUcNAUG8oAFBvKABKAIAQQJqNgIAEBFB+wBHDQFBvKABQbygASgCAEECajYCABARQekARw0BQbygASgCACIALwECQeYARw0BQbygASAAQQRqNgIAEBFBKEcNAUG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgASAHayIJECMNASAGayIFQQF1IQRBvKABIAAgCUEBdSIIQQF0ajYCAAJAAkACQBARIgBBIUcEQCAAQT1HDQVBvKABKAIAIgAvAQJBPUcNBSAALwEEQT1HDQVBvKABIABBBmo2AgAQESIBQSdHIAFBIkdxDQVBvKABKAIAIgBBAmpB5ABB5QBB5gBB4QBB9QBB7ABB9AAQCEUNBUG8oAEgAEEQajYCABARIAFHDQVBvKABQbygASgCAEECajYCABARQfwARw0FQbygASgCACIALwECQfwARw0FQbygASAAQQRqNgIAEBEaQbygASgCACIAIAcgCRAjDQVBvKABIAAgCEEBdGo2AgAQEUE9Rw0FQbygASgCACIALwECQT1HDQUgAC8BBEE9Rw0FQbygASAAQQZqNgIAEBEiA0EnRyADQSJHcQ0FQQAhAQJAQbygASgCACIAQQJqIgovAQBB3wBHDQAgCi8BAkHfAEcNACAKLwEEQeUARw0AIAovAQZB8wBHDQAgCi8BCEHNAEcNACAKLwEKQe8ARw0AIAovAQxB5ABHDQAgCi8BDkH1AEcNACAKLwEQQewARw0AIAovARJB5QBGIQELIAFFDQVBvKABIABBFmo2AgAQESADRw0FQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0FQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNBUG8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0FQbygASAAQQxqNgIAEBFBO0YEQEG8oAFBvKABKAIAQQJqNgIACxARIgBB6QBHDQNB6QAhAEG8oAEoAgAiAS8BAkHmAEcNA0G8oAEgAUEEajYCABARQShHDQVBvKABQbygASgCAEECaiIANgIAIAcgCBAaBEAQEUEpRw0GQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNBkG8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0GQbygASAAQQxqNgIAEBFBO0YEQEG8oAFBvKABKAIAQQJqNgIACxARIgBB6QBHDQRB6QAhAEG8oAEoAgAiAS8BAkHmAEcNBEG8oAEgAUEEajYCABARQShHDQZBvKABKAIAQQJqIQALQbygASAANgIAIAAgByAJECMNBUG8oAEgACAIQQF0ajYCABARQekARw0FQbygASgCACIALwECQe4ARw0FIAAvAQRBIEcNBUG8oAEgAEEGajYCABAREBhFDQUQEUEmRw0FQbygASgCACIALwECQSZHDQVBvKABIABBBGo2AgAQERAYRQ0FEBFB2wBHDQVBvKABQbygASgCAEECajYCABARGkG8oAEoAgAiACAHIAkQIw0FQbygASAAIAhBAXRqNgIAEBFB3QBHDQVBvKABQbygASgCAEECajYCABARQT1HDQVBvKABKAIAIgAvAQJBPUcNBSAALwEEQT1HDQVBvKABIABBBmo2AgAQERpBvKABKAIAIgAgBiAFECMNBUG8oAEgACAEQQF0ajYCABARQdsARw0FQbygAUG8oAEoAgBBAmo2AgAQERpBvKABKAIAIgAgByAJECMNBUG8oAEgACAIQQF0ajYCABARQd0ARw0FQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0FQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNBUG8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0FQbygASAAQQxqNgIAEBFBO0YNAQwCC0G8oAEoAgAiAC8BAkE9Rw0EIAAvAQRBPUcNBEG8oAEgAEEGajYCABARIgFBJ0cgAUEiR3ENBEG8oAEoAgAiAEECakHkAEHlAEHmAEHhAEH1AEHsAEH0ABAIRQ0EQbygASAAQRBqNgIAEBEgAUcNBEG8oAFBvKABKAIAQQJqNgIAEBEiAEEmRgR/QbygASgCACIALwECQSZHDQVBvKABIABBBGo2AgAQEUEhRw0FQbygAUG8oAEoAgBBAmo2AgACQAJAEBEiAEHPAEcNAEG8oAEoAgBBAmpB4gBB6gBB5QBB4wBB9ABBLhAQRQ0AIAcgCBAaRQ0HDAELIAAQFkUNABARQS5HDQZBvKABQbygASgCAEECajYCABARQegARw0GQbygASgCACIAQQJqQeEAQfMAQc8AQfcAQe4AEBdFDQZBvKABIABBHGo2AgAQEUEoRw0GQbygAUG8oAEoAgBBAmo2AgAQERpBvKABKAIAIgAgByAJECMNBkG8oAEgACAIQQF0ajYCABARQSlHDQZBvKABQbygASgCAEECajYCAAsQEQUgAAtBKUcNBAtBvKABQbygASgCAEECajYCAAsQESEACwJAAkAgABAYBEAQEUHbAEcNBEG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQRBvKABIAAgCEEBdGo2AgAQEUHdAEcNBEG8oAFBvKABKAIAQQJqNgIAEBFBPUcNBEG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAYgBRAjDQRBvKABIAAgBEEBdGo2AgAQEUHbAEcNBEG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQRBvKABIAAgCEEBdGo2AgAQEUHdAEcNBEG8oAFBvKABKAIAQQJqNgIAEBEiAEE7Rg0BDAILIABBzwBHDQNBvKABKAIAIgBBAmpB4gBB6gBB5QBB4wBB9AAQB0UNA0G8oAEgAEEMajYCABARQS5HDQNBvKABQbygASgCAEECajYCABARQeQARw0DQbygASgCACIAQQJqQeUAQeYAQekAQe4AQeUAEBdFDQNBvKABIABBHGo2AgAQEUEoRw0DQbygAUG8oAEoAgBBAmo2AgAQERAYRQ0DEBFBLEcNA0G8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQNBvKABIAAgCEEBdGo2AgAQEUEsRw0DQbygAUG8oAEoAgBBAmo2AgAQEUH7AEcNA0G8oAFBvKABKAIAQQJqNgIAEBFB5QBHDQNBvKABKAIAIgBBAmoQGUUNA0G8oAEgAEEUajYCABARQTpHDQNBvKABQbygASgCAEECajYCABARQbygASgCACEBQfQARwRAIAEvAQJB8gBHDQQgAS8BBEH1AEcNBCABLwEGQeUARw0EC0G8oAEgAUEIajYCABARQSxHDQNBvKABQbygASgCAEECajYCABARQecARw0DQbygASgCACIALwECQeUARw0DIAAvAQRB9ABHDQNBvKABIABBBmo2AgAQESIAQTpGBH9BvKABQbygASgCAEECajYCABARQeYARw0EQbygASgCACIAQQJqQfUAQe4AQeMAQfQAQekAQe8AQe4AEAhFDQRBvKABIABBEGoiATYCABARIgBBKEcEQCABQbygASgCAEYNBSAAEBZFDQULEBEFIAALQShHDQNBvKABQbygASgCAEECajYCABARQSlHDQNBvKABQbygASgCAEECajYCABARQfsARw0DQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNA0G8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0DQbygASAAQQxqNgIAEBEaQbygASgCACIAIAYgBRAjDQNBvKABIAAgBEEBdGo2AgAQEUHbAEcNA0G8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQNBvKABIAAgCEEBdGo2AgAQEUHdAEcNA0G8oAFBvKABKAIAQQJqNgIAEBEiAEE7RgR/QbygAUG8oAEoAgBBAmo2AgAQEQUgAAtB/QBHDQNBvKABQbygASgCAEECajYCABARIgBBLEYEf0G8oAFBvKABKAIAQQJqNgIAEBEFIAALQf0ARw0DQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0DQbygAUG8oAEoAgBBAmo2AgAQESIAQTtHDQELQbygAUG8oAEoAgBBAmo2AgAQESEACyAAQf0ARw0BQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0BQbSgASgCACEDQYAgIQADQAJAIAAgA0cEQCAEIABBDGooAgAgAEEIaigCACIBa0EBdUcNASAGIAEgBRAjDQEgACgCACAAQQRqKAIAQaAfKAIAEQEAQbygASACNgIACwwECyAAQRBqIQAMAAsACyAEIANBpB8oAgARAQALQbygASACNgIACwwLC0GGwAAgBUEBajsBAEGwoAEoAgAgBUECdGpBjMAAKAIANgIADAoLQQgQC0HwHygCAAwNC0GGwAAgBUEBazsBAAwICyAFQdCgAWpBuKABLQAAOgAAQYbAACAFQQFqOwEAQbCgASgCACAFQQJ0akGMwAAoAgA2AgBBuKABQQA6AAAMBwtBAhALQQAMCgtBhsAAIAVBAWsiADsBAEGIwAAvAQAiASAFRgRAQYTAAEGEwAAvAQBBAWsiADsBAEGIwABBoOAAKAIAIABB//8DcUEBdGovAQA7AQAMBQsgAUH//wNGIABB//8DcSABT3INBUEDEAtB8B8oAgAMCQsgAxAMDAQLAkAgAi8BBCIAQSpHBEAgAEEvRw0BEA0MBgsQDgwFC0GQwAACfwJAAkACfwJAQYzAACgCACIGLwEAIgRBKUcgBEEoa0H//wNxQQdJcSAEQSFrIgBBBU1BAEEBIAB0QTFxG3JFBEAgBEE6ayIAQf//A3FBJU9Cv4CAgKACIACtiEIBg1ByDQELQQEMAQsgBEH9AEcgBEH7AGtB//8DcUEESXELBEACQAJAAkAgBEEraw4EAQUCAAULIAZBAmsvAQBBMGtB//8DcUEKSQ0DDAQLIAZBAmsvAQBBK0YNAgwDCyAGQQJrLwEAQS1GDQEMAgsCQCAEQf0ARwRAIARBL0YNASAEQSlHDQJBASEDAkBBsKABKAIAIAVBAnRqKAIAIgBB9wBB6ABB6QBB7ABB5QAQGw0AIABB5gBB7wBB8gAQHA0AIABB6QBB5gAQFCEDCyADRQ0CDAMLAn9BASEAAkACQAJAAkACQAJAQbCgASgCACAFQQJ0aigCACICLwEAIgFBO2sOBAUEBAEACwJAIAFB5QBrDgQDBAQCAAsgAUEpRg0EIAFB+QBHDQMgAkECa0HmAEHpAEHuAEHhAEHsAEHsABAdDAULIAJBAmsvAQBBPUYMBAsgAkECa0HjAEHhAEH0AEHjABAVDAMLIAJBAmtB5QBB7ABB8wAQHAwCC0EAIQALIAALDQIgBUHQoAFqLQAARQ0BDAILQZDAAC0AAA0BCwJ/QQAhAwJAAkACQAJAAkACQAJAAkACQCAGLwEAQeQAaw4UAAECCAgICAgICAMECAgFCAYICAcICwJAAkAgBkECay8BAEHpAGsOBAAJCQEJCyAGQQRrQfYAQe8AEBQMCQsgBkEEa0H5AEHpAEHlABAcDAgLAkACQCAGQQJrLwEAQfMAaw4CAAEICyAGQQRrLwEAIgBB4QBHBEAgAEHsAEcNCCAGQQZrQeUAEB4MCQsgBkEGa0HjABAeDAgLIAZBBGtB5ABB5QBB7ABB5QAQFQwHCyAGQQJrLwEAQe8ARw0FIAZBBGsvAQBB5QBHDQUgBkEGay8BACIAQfAARwRAIABB4wBHDQYgBkEIa0HpAEHuAEHzAEH0AEHhAEHuABAdDAcLIAZBCGtB9ABB+QAQFAwGC0EBIQMgBkECayIAQekAEB4NBCAAQfIAQeUAQfQAQfUAQfIAEBsMBQsgBkECa0HkABAeDAQLAn8CQCAGQQJrIgFBDGsiAkGYHygCACIASQ0AIAJB5ABB5QBB4gBB9QBB5wBB5wBB5QAQCEUNAEEBIAAgAkYNARogAUEOay8BABAPIQMLIAMLDAMLIAZBAmtB4QBB9wBB4QBB6QAQFQwCCyAGQQJrLwEAIgBB7wBHBEAgAEHlAEcNASAGQQRrQe4AEB4MAgsgBkEEa0H0AEHoAEHyABAcIQMLIAMLIQAgBEUNAEEBIABFDQEaCwJAA0BBwKABKAIAIQJBvKABKAIAIQADQCAAQQJqIQECQAJAIAAgAk8NAAJAAkACQCABLwEAIgNB2wBrDgIBAgALIAEhACADQQprDgQCBAQCAwtBvKABIAE2AgBBvKABKAIAIQBBwKABKAIAIQMCQAJAA0ACQCAAQQJqIQEgACADTw0AAkACQCABLwEAIgJB3ABrDgIBBAALIAEhACACQQprDgQBAgIBAgsgAEEEaiEADAELC0G8oAEgATYCAEEKEAsMAQtBvKABIAE2AgALDAQLIABBBGohAAwCC0G8oAEgATYCAEELEAsMAwsgA0EvRw0ACwtBvKABIAE2AgALQQALOgAADAMLQYjAAC8BAEH+/wNHDQFBBBALQfAfKAIADAYLQYbAAC8BABpB8B8oAgAiACAAQYjAAC8BAEH//wNHGyECDAQLQbygASgCACEAQcCgASgCACEDAkACQANAAkAgACIBQQJqIQAgASADTw0AAkACQCAALwEAIgJB3ABrDgUBAwMDBAALIAJBJEcNAiABLwEEQfsARw0CQYTAAEGEwAAvAQAiAEEBajsBAEGg4AAoAgAgAEEBdGpBiMAALwEAOwEAQbygASABQQRqNgIAQYjAAEGGwAAvAQBBAWoiADsBAEGGwAAgADsBAAwECyABQQRqIQAMAQsLQbygASAANgIAQQgQCwwBC0G8oAEgADYCAAsLQYzAAEG8oAEoAgA2AgALQcCgASgCACEDQbygASgCACECDAALAAsgAgsLRQEBfyACKAIAIgRBCGogAyAEG0HoHygCACIENgIAIAIgBDYCAEHoHyAEQQxqNgIAIARBADYCCCAEIAE2AgQgBCAANgIACyIBAX8gASABKAIAIgJBCGogACACGygCACICNgIAIAJBAEcLC6kXAgBBlAgLgRcLAAAAAgAAABkAAAACAAAAEgAAAAIAAAABAAAAAgAAAA4AAAADAAAADQAAACMAAAB6AAAARgAAADQAAAAMAQAAHAAAAAQAAAAwAAAAMAAAAB8AAAAOAAAAHQAAAAYAAAAlAAAACwAAAB0AAAADAAAAIwAAAAUAAAAHAAAAAgAAAAQAAAArAAAAnQAAABMAAAAjAAAABQAAACMAAAAFAAAAJwAAAAkAAAAzAAAAnQAAADYBAAAKAAAAFQAAAAsAAAAHAAAAmQAAAAUAAAADAAAAAAAAAAIAAAArAAAAAgAAAAEAAAAEAAAAAAAAAAMAAAAWAAAACwAAABYAAAAKAAAAHgAAAEIAAAASAAAAAgAAAAEAAAALAAAAFQAAAAsAAAAZAAAARwAAADcAAAAHAAAAAQAAAEEAAAAAAAAAEAAAAAMAAAACAAAAAgAAAAIAAAAcAAAAKwAAABwAAAAEAAAAHAAAACQAAAAHAAAAAgAAABsAAAAcAAAANQAAAAsAAAAVAAAACwAAABIAAAAOAAAAEQAAAG8AAABIAAAAOAAAADIAAAAOAAAAMgAAAA4AAAAjAAAAXQEAACkAAAAHAAAAAQAAAE8AAAAcAAAACwAAAAAAAAAJAAAAFQAAAGsAAAAUAAAAHAAAABYAAAANAAAANAAAAEwAAAAsAAAAIQAAABgAAAAbAAAAIwAAAB4AAAAAAAAAAwAAAAAAAAAJAAAAIgAAAAQAAAAAAAAADQAAAC8AAAAPAAAAAwAAABYAAAAAAAAAAgAAAAAAAAAkAAAAEQAAAAIAAAAYAAAAVQAAAAYAAAACAAAAAAAAAAIAAAADAAAAAgAAAA4AAAACAAAACQAAAAgAAAAuAAAAJwAAAAcAAAADAAAAAQAAAAMAAAAVAAAAAgAAAAYAAAACAAAAAQAAAAIAAAAEAAAABAAAAAAAAAATAAAAAAAAAA0AAAAEAAAAnwAAADQAAAATAAAAAwAAABUAAAACAAAAHwAAAC8AAAAVAAAAAQAAAAIAAAAAAAAAuQAAAC4AAAAqAAAAAwAAACUAAAAvAAAAFQAAAAAAAAA8AAAAKgAAAA4AAAAAAAAASAAAABoAAADmAAAAKwAAAHUAAAA/AAAAIAAAAAcAAAADAAAAAAAAAAMAAAAHAAAAAgAAAAEAAAACAAAAFwAAABAAAAAAAAAAAgAAAAAAAABfAAAABwAAAAMAAAAmAAAAEQAAAAAAAAACAAAAAAAAAB0AAAAAAAAACwAAACcAAAAIAAAAAAAAABYAAAAAAAAADAAAAC0AAAAUAAAAAAAAACMAAAA4AAAACAEAAAgAAAACAAAAJAAAABIAAAAAAAAAMgAAAB0AAABxAAAABgAAAAIAAAABAAAAAgAAACUAAAAWAAAAAAAAABoAAAAFAAAAAgAAAAEAAAACAAAAHwAAAA8AAAAAAAAASAEAABIAAAC+AAAAAAAAAFAAAACZAwAAZwAAAG4AAAASAAAAwwAAAL0KAAAuBAAA0g8AAEYCAAC6IQAAOAIAAAgAAAAeAAAAcgAAAB0AAAATAAAALwAAABEAAAADAAAAIAAAABQAAAAGAAAAEgAAALECAAA/AAAAgQAAAEoAAAAGAAAAAAAAAEMAAAAMAAAAQQAAAAEAAAACAAAAAAAAAB0AAAD3FwAACQAAANUEAAArAAAACAAAAPgiAAAeAQAAMgAAAAIAAAASAAAAAwAAAAkAAACLAQAABQkAAGoAAAAGAAAADAAAAAQAAAAIAAAACAAAAAkAAABnFwAAVAAAAAIAAABGAAAAAgAAAAEAAAADAAAAAAAAAAMAAAABAAAAAwAAAAMAAAACAAAACwAAAAIAAAAAAAAAAgAAAAYAAAACAAAAQAAAAAIAAAADAAAAAwAAAAcAAAACAAAABgAAAAIAAAAbAAAAAgAAAAMAAAACAAAABAAAAAIAAAAAAAAABAAAAAYAAAACAAAAUwEAAAMAAAAYAAAAAgAAABgAAAACAAAAHgAAAAIAAAAYAAAAAgAAAB4AAAACAAAAGAAAAAIAAAAeAAAAAgAAABgAAAACAAAAHgAAAAIAAAAYAAAAAgAAAAcAAAA1CQAALAAAAAsAAAAGAAAAEQAAAAAAAAByAQAAKwAAABUFAADEAAAAPAAAAEMAAAAIAAAAAAAAALUEAAADAAAAAgAAABoAAAACAAAAAQAAAAIAAAAAAAAAAwAAAAAAAAACAAAACQAAAAIAAAADAAAAAgAAAAAAAAACAAAAAAAAAAcAAAAAAAAABQAAAAAAAAACAAAAAAAAAAIAAAAAAAAAAgAAAAIAAAACAAAAAQAAAAIAAAAAAAAAAwAAAAAAAAACAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAABAAAAAgAAAAAAAAADAAAAAwAAAAIAAAAGAAAAAgAAAAMAAAACAAAAAwAAAAIAAAAAAAAAAgAAAAkAAAACAAAAEAAAAAYAAAACAAAAAgAAAAQAAAACAAAAEAAAAEURAADdpgAAIwAAADQQAAAMAAAA3QAAAAMAAACBFgAADwAAADAdAAAgDAAAHQIAAOMFAABKEwAA/QEAAAAAAADjAAAAAAAAAJYAAAAEAAAAJgEAAAkAAABYBQAAAgAAAAIAAAABAAAABgAAAAMAAAApAAAAAgAAAAUAAAAAAAAApgAAAAEAAAA+AgAAAwAAAAkAAAAJAAAAcgEAAAEAAACaAAAACgAAALAAAAACAAAANgAAAA4AAAAgAAAACQAAABAAAAADAAAALgAAAAoAAAA2AAAACQAAAAcAAAACAAAAJQAAAA0AAAACAAAACQAAAAYAAAABAAAALQAAAAAAAAANAAAAAgAAADEAAAANAAAACQAAAAMAAAACAAAACwAAAFMAAAALAAAABwAAAAAAAAChAAAACwAAAAYAAAAJAAAABwAAAAMAAAA4AAAAAQAAAAIAAAAGAAAAAwAAAAEAAAADAAAAAgAAAAoAAAAAAAAACwAAAAEAAAADAAAABgAAAAQAAAAEAAAAwQAAABEAAAAKAAAACQAAAAUAAAAAAAAAUgAAABMAAAANAAAACQAAANYAAAAGAAAAAwAAAAgAAAAcAAAAAQAAAFMAAAAQAAAAEAAAAAkAAABSAAAADAAAAAkAAAAJAAAAVAAAAA4AAAAFAAAACQAAAPMAAAAOAAAApgAAAAkAAABHAAAABQAAAAIAAAABAAAAAwAAAAMAAAACAAAAAAAAAAIAAAABAAAADQAAAAkAAAB4AAAABgAAAAMAAAAGAAAABAAAAAAAAAAdAAAACQAAACkAAAAGAAAAAgAAAAMAAAAJAAAAAAAAAAoAAAAKAAAALwAAAA8AAACWAQAABwAAAAIAAAAHAAAAEQAAAAkAAAA5AAAAFQAAAAIAAAANAAAAewAAAAUAAAAEAAAAAAAAAAIAAAABAAAAAgAAAAYAAAACAAAAAAAAAAkAAAAJAAAAMQAAAAQAAAACAAAAAQAAAAIAAAAEAAAACQAAAAkAAABKAQAAAwAAAGpLAAAJAAAAhwAAAAQAAAA8AAAABgAAABoAAAAJAAAA9gMAAAAAAAACAAAANgAAAAgAAAADAAAAUgAAAAAAAAAMAAAAAQAAAKxMAAABAAAAxxQAAAQAAAAEAAAABQAAAAkAAAAHAAAAAwAAAAYAAAAfAAAAAwAAAJUAAAACAAAAigUAADEAAAABAgAANgAAAAUAAAAxAAAACQAAAAAAAAAPAAAAAAAAABcAAAAEAAAAAgAAAA4AAABRBQAABgAAAAIAAAAQAAAAAwAAAAYAAAACAAAAAQAAAAIAAAAEAAAABgEAAAYAAAAKAAAACQAAAKMBAAANAAAA1wUAAAYAAABuAAAABgAAAAYAAAAJAAAAlxIAAAkAAAAHBQwA7wBBmB8LGlCMAAABAAAAAgAAAAMAAAAEAAAAAAQAAPAf";return"undefined"!=typeof Buffer?Buffer.from(A,"base64"):Uint8Array.from(atob(A),A=>A.charCodeAt(0))}let C;function init(){return C||(C=(async()=>{const B=await WebAssembly.compile(I()),{exports:Q}=await WebAssembly.instantiate(B);A=Q})())}function initSync(){if(A)return;const B=new WebAssembly.Module(I()),{exports:Q}=new WebAssembly.Instance(B);A=Q}
\ No newline at end of file
diff --git a/deps/cjs-module-lexer/dist/lexer.mjs b/deps/cjs-module-lexer/dist/lexer.mjs
index 964b74cfa781b6..806bb46287259d 100644
--- a/deps/cjs-module-lexer/dist/lexer.mjs
+++ b/deps/cjs-module-lexer/dist/lexer.mjs
@@ -1,2 +1,2 @@
-/* cjs-module-lexer 1.4.1 */
-let A;const Q=1===new Uint8Array(new Uint16Array([1]).buffer)[0];export function parse(g,I="@"){if(!A)throw new Error("Not initialized");const D=g.length+1,N=(A.__heap_base.value||A.__heap_base)+4*D-A.memory.buffer.byteLength;N>0&&A.memory.grow(Math.ceil(N/65536));const k=A.sa(D);(Q?C:E)(g,new Uint16Array(A.memory.buffer,k,D));const w=A.parseCJS(k,g.length,0,0,0);if(w){const Q=new Error(`Parse error ${I}${A.e()}:${g.slice(0,A.e()).split("\n").length}:${A.e()-g.lastIndexOf("\n",A.e()-1)}`);throw Object.assign(Q,{idx:A.e()}),5!==w&&6!==w&&7!==w||Object.assign(Q,{code:"ERR_LEXER_ESM_SYNTAX"}),Q}let H=new Set,J=new Set,o=new Set;for(;A.rre();){const Q=B(g.slice(A.res(),A.ree()));Q&&J.add(Q)}for(;A.ru();)o.add(B(g.slice(A.us(),A.ue())));for(;A.re();){let Q=B(g.slice(A.es(),A.ee()));void 0===Q||o.has(Q)||H.add(Q)}return{exports:[...H],reexports:[...J]}}function B(A){if('"'!==A[0]&&"'"!==A[0])return A;try{const Q=(0,eval)(A);for(let A=0;A<Q.length;A++){const B=64512&Q.charCodeAt(A);if(!(B<55296)){if(55296!==B)return;if(56320!=(64512&Q.charCodeAt(++A)))return}}return Q}catch{}}function E(A,Q){const B=A.length;let E=0;for(;E<B;){const B=A.charCodeAt(E);Q[E++]=(255&B)<<8|B>>>8}}function C(A,Q){const B=A.length;let E=0;for(;E<B;)Q[E]=A.charCodeAt(E++)}function g(){const A="AGFzbQEAAAABrAERYAJ/fwBgAABgAX8Bf2AAAX9gBn9/f39/fwF/YAF/AGAXf39/f39/f39/f39/f39/f39/f39/f38Bf2AIf39/f39/f38Bf2AHf39/f39/fwF/YAN/f38Bf2AFf39/f38Bf2AOf39/f39/f39/f39/f38Bf2AKf39/f39/f39/fwF/YAt/f39/f39/f39/fwF/YAJ/fwF/YAR/f39/AX9gCX9/f39/f39/fwF/A0NCAgMDAwMDAwMDAwMAAAABBAICBQQBBgcBBQEFBQUBAQICAgIBAQIIAwICAgkKAgELAgwNDgQPCA4HAgICAhACAgMJBAUBcAEFBQUDAQABBg8CfwFB0JgCC38AQdCYAgsHXA4GbWVtb3J5AgACc2EAAAFlAAECZXMAAgJlZQADA3JlcwAEA3JlZQAFAnVzAAYCdWUABwJyZQAIA3JyZQAJAnJ1AAoIcGFyc2VDSlMADwtfX2hlYXBfYmFzZQMBCQoBAEEBCwQLDA0OCt2fAUJ4AQF/QQAoApgfIgEgAEEBdGoiAEEAOwEAQQAgAEECaiIANgLkH0EAIAA2AugfQQBBADYCwB9BAEEANgLIH0EAQQA2AsQfQQBBADYCzB9BAEEANgLUH0EAQQA2AtAfQQBBADYC2B9BAEEANgLgH0EAQQA2AtwfIAELCABBACgC7B8LFQBBACgCxB8oAgBBACgCmB9rQQF1CxUAQQAoAsQfKAIEQQAoApgfa0EBdQsVAEEAKALQHygCAEEAKAKYH2tBAXULFQBBACgC0B8oAgRBACgCmB9rQQF1CxUAQQAoAtwfKAIAQQAoApgfa0EBdQsVAEEAKALcHygCBEEAKAKYH2tBAXULJQEBf0EAQQAoAsQfIgBBCGpBwB8gABsoAgAiADYCxB8gAEEARwslAQF/QQBBACgC0B8iAEEIakHMHyAAGygCACIANgLQHyAAQQBHCyUBAX9BAEEAKALcHyIAQQhqQdgfIAAbKAIAIgA2AtwfIABBAEcLSAEBf0EAKALIHyICQQhqQcAfIAIbQQAoAugfIgI2AgBBACACNgLIH0EAIAJBDGo2AugfIAJBADYCCCACIAE2AgQgAiAANgIAC0gBAX9BACgC1B8iAkEIakHMHyACG0EAKALoHyICNgIAQQAgAjYC1B9BACACQQxqNgLoHyACQQA2AgggAiABNgIEIAIgADYCAAtIAQF/QQAoAuAfIgJBCGpB2B8gAhtBACgC6B8iAjYCAEEAIAI2AuAfQQAgAkEMajYC6B8gAkEANgIIIAIgATYCBCACIAA2AgALEgBBAEEANgLMH0EAQQA2AtQfC50PAEEAIAE2AoBAQQAgADYCmB8CQCACRQ0AQQAgAjYCnB8LAkAgA0UNAEEAIAM2AqAfCwJAIARFDQBBACAENgKkHwtBAEH//wM7AYhAQQBBoMAANgKgYEEAQbDgADYCsKABQQBBgCA2ArSgAUEAQQAoAqwfNgKMQEEAIABBfmoiAjYCvKABQQAgAiABQQF0aiIDNgLAoAFBAEEAOwGGQEEAQQA7AYRAQQBBADoAkEBBAEEANgLsH0EAQQA2AvAfQQBBADoAuKABAkACQCAALwEAQSNHDQAgAC8BAkEhRw0AQQAhAiABQQJGDQFBACAAQQJqNgK8oAEgAEEEaiEAAkADQCAAIgJBfmogA08NASACQQJqIQAgAi8BAEF2ag4EAQAAAQALC0EAIAI2ArygAQsDQEEAIAJBAmoiADYCvKABAkACQAJAAkACQAJAIAIgA08NAAJAIAAvAQAiAUF3aiIDQRdLDQBBASADdEGfgIAEcQ0GCwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAAkBBAC8BhkAiAw0AAkACQAJAIAFBoX9qDg8CEBUVBhUFFRUVARUVFQQACwJAIAFBWWoOCQ4ICRUVFRUVDwALAkAgAUGFf2oOAwsVDAALIAFBIkYNDSABQc8ARg0GIAFB8gBHDRQCQEEAEBBFDQAgABARRQ0AIAIQEgtBAEEAKAK8oAE2AoxADBULAkAgAkEEakHtAEHwAEHvAEHyAEH0ABATRQ0AIAAQEUUNABAUQQAoArygASEAC0EAIAA2AoxADBQLAkACQCACQQRqIgNB6QBB7gBB9ABB5QBB8gBB7wBB8ABB0gBB5QBB8QBB9QBB6QBB8gBB5QBB1wBB6QBB7ABB5ABB4wBB4QBB8gBB5AAQFUUNAAJAIAAQEQ0AIAIvAQBBLkcNAQtBACACQTBqNgK8oAEgAi8BMEEoRw0BQQAgAkEyajYCvKABQQBBATsBhkBBACgCsKABQQAoAoxANgIAQQAQEEUNASAAEBFFDQEgAhASDAELIANB3wBB5QBB+ABB8ABB7wBB8gBB9AAQFkUNAAJAIAAQEQ0AIAIvAQBBLkcNAQtBACACQRJqNgK8oAECQCACLwESIgNB0wBHDQAgAi8BFEH0AEcNASACLwEWQeEARw0BIAIvARhB8gBHDQFBACACQRpqNgK8oAEgAi8BGiEDCyADQf//A3FBKEcNAEEAKAKwoAFBACgCjEA2AgBBAEEBOwGGQEEAQQAoArygASICQQJqNgK8oAEgAi8BAkHyAEcNAEECEBAaC0EAQQAoArygATYCjEAMEwsCQCABQVlqDgkLBQcSEhISEgwACwJAIAFBoH9qDgYNEhIDEgIACwJAIAFBhX9qDgMIEgoACyABQSJGDQogAUHPAEYNAyABQe0ARw0RCyACQQRqQe8AQeQAQfUAQewAQeUAEBNFDRAgABARRQ0QEBcMEAsgAkEEakH4AEHwAEHvAEHyAEH0ABATRQ0PIAAQEUUNDwJAIAIvAQ5B8wBHDQBBABAYDBALIAMNDxAZDA8LIAAQEUUNDiACLwEEQewARw0OIAIvAQZB4QBHDQ4gAi8BCEHzAEcNDiACLwEKQfMARw0OIAIvAQwiA0F3aiICQRdLDQxBASACdEGfgIAEcUUNDAwNCyACQQRqQeIAQeoAQeUAQeMAQfQAEBNFDQ0gABARRQ0NIANFEBoMDQtBACADQQFqOwGGQEEAKAKwoAEgA0ECdGpBACgCjEA2AgAMDAtBCBAbQQAoAvAfDwtBACADQX9qOwGGQAwKCyADQdCgAWpBAC0AuKABOgAAQQAgA0EBajsBhkBBACgCsKABIANBAnRqQQAoAoxANgIAQQBBADoAuKABDAkLQQIQG0EADwtBACADQX9qIgA7AYZAAkAgA0EALwGIQCICRw0AQQBBAC8BhEBBf2oiAjsBhEBBAEEAKAKgYCACQf//A3FBAXRqLwEAOwGIQAwFCyACQf//A0YNByAAQf//A3EgAk8NB0EDEBtBACgC8B8PCyABEBwMBgsCQAJAIAIvAQQiAkEqRg0AIAJBL0cNARAdDAgLEB4MBwsCQAJAAkACQEEAKAKMQCIALwEAIgIQH0UNAAJAAkACQCACQVVqDgQBBQIABQsgAEF+ai8BAEFQakH//wNxQQpJDQMMBAsgAEF+ai8BAEErRg0CDAMLIABBfmovAQBBLUYNAQwCCwJAAkAgAkH9AEYNACACQS9GDQEgAkEpRw0CQQAoArCgASADQQJ0aigCABAgRQ0CDAMLQQAoArCgASADQQJ0aigCABAhDQIgA0HQoAFqLQAARQ0BDAILQQAtAJBADQELIAAQIiEDIAJFDQBBASECIANFDQELECNBACECC0EAIAI6AJBADAULQQAvAYhAQf7/A0cNAUEEEBtBACgC8B8PC0EAIQICQAJAQQAvAYhAQf//A0YNAEEAKALwHyEDDAELQQAoAvAfIQNBAC8BhkANACADRQ0HCyADIQIMBgsQJAwCCyADQaABRw0BC0EAQQE6ALigAQtBAEEAKAK8oAE2AoxAC0EAKALAoAEhA0EAKAK8oAEhAgwACwsgAgvuAQEEf0EAIQECQEEAKAK8oAEiAkECakHlAEHxAEH1AEHpAEHyAEHlABAmRQ0AQQAhAUEAIAJBDmo2ArygAQJAECdBKEcNAEEAQQAoArygAUECajYCvKABECchA0EAKAK8oAEhBAJAIANBJ0YNACADQSJHDQELIAMQHEEAQQAoArygAUECaiIDNgK8oAEQJ0EpRw0AAkACQAJAIABBf2oOAgEAAgsgBCADQQAoAqAfEQAAQQEPCyAEIANBACgCoB8RAABBAQ8LQQAoArSgASAENgIAQQAoArSgASADNgIEQQEPC0EAIAI2ArygAQsgAQsdAAJAQQAoApgfIABHDQBBAQ8LIABBfmovAQAQJQv1AgEEf0EAKAKYHyEBAkADQCAAQX5qIQIgAC8BACIDQSBHDQEgACABSyEEIAIhACAEDQALCwJAIANBPUcNAAJAA0AgAkF+aiEAIAIvAQBBIEcNASACIAFLIQQgACECIAQNAAsLIABBAmohAiAAQQRqIQNBACEEAkADQCACECghACACIAFNDQEgAEUNASAAQdwARg0CIAAQKUUNASACQX5BfCAAQYCABEkbaiECIAAQKiEEDAALCyAEQQFxRQ0AIAIvAQBBIEcNAEEAKAK0oAEiBEEAKAKwH0YNACAEIAM2AgwgBCACQQJqNgIIIAJBfmohAEEgIQICQANAIABBAmogAU0NASACQf//A3FBIEcNASAALwEAIQIgAEF+aiEADAALCwJAAkACQCACQf//A3FBjn9qDgMAAwEDCyAAQfYAQeEAECsNAQwCCyAAQewAQeUAECsNACAAQeMAQe8AQe4AQfMAECxFDQELQQAgBEEQajYCtKABCws/AQF/QQAhBgJAIAAvAQAgAUcNACAALwECIAJHDQAgAC8BBCADRw0AIAAvAQYgBEcNACAALwEIIAVGIQYLIAYLowEBA39BAEEAKAK8oAEiAEEMaiIBNgK8oAECQAJAAkACQAJAAkACQBAnIgJBWWoOCAIDAQIBAQEEAAsgAkEiRg0BIAJB+wBGDQELQQAoArygASABRg0EC0EALwGGQEUNAkEAQQAoArygAUF+ajYCvKABDwtBAEEALwGGQCICQQFqOwGGQEEAKAKwoAEgAkECdGogADYCAA8LQQUQGw8LQQYQGwsL6QEBAX9BACEXAkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZHDQAgAC8BDCAHRw0AIAAvAQ4gCEcNACAALwEQIAlHDQAgAC8BEiAKRw0AIAAvARQgC0cNACAALwEWIAxHDQAgAC8BGCANRw0AIAAvARogDkcNACAALwEcIA9HDQAgAC8BHiAQRw0AIAAvASAgEUcNACAALwEiIBJHDQAgAC8BJCATRw0AIAAvASYgFEcNACAALwEoIBVHDQAgAC8BKiAWRiEXCyAXC1MBAX9BACEIAkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZHDQAgAC8BDCAHRiEICyAIC2wBAX9BAEEAKAK8oAEiAEEMajYCvKABAkAQJ0EuRw0AQQBBACgCvKABQQJqNgK8oAEQJ0HlAEcNAEEAKAK8oAFBAmpB+ABB8ABB7wBB8gBB9ABB8wAQJkUNAEEBEBgPC0EAIABBCmo2ArygAQu2AgECf0EAQQAoArygASIBQQ5qNgK8oAECQAJAAkAQJyICQdsARg0AIAJBPUYNASACQS5HDQJBAEEAKAK8oAFBAmo2ArygARAnIQJBACgCvKABIQAgAhAtRQ0CQQAoArygASECECdBPUcNAiAAIAJBACgCnB8RAAAPC0EAQQAoArygAUECajYCvKABAkAQJyICQSdGDQAgAkEiRw0CC0EAKAK8oAEhACACEBxBAEEAKAK8oAFBAmoiAjYCvKABECdB3QBHDQFBAEEAKAK8oAFBAmo2ArygARAnQT1HDQEgACACQQAoApwfEQAADAELIABFDQBBACgCqB8RAQBBAEEAKAK8oAFBAmo2ArygAQJAECciAkHyAEYNACACQfsARw0BEC4PC0EBEBAaC0EAIAFBDGo2ArygAQs4AQJ/QQBBACgCvKABQQxqIgA2ArygARAnIQECQAJAQQAoArygASAARw0AIAEQP0UNAQtBBxAbCwukJgEIf0EAQQAoArygASIBQQxqNgK8oAEgAUEKaiEBAkAQJ0EuRw0AQQBBACgCvKABQQJqNgK8oAECQAJAECciAkHkAEcNAEEAKAK8oAEiAEECakHlAEHmAEHpAEHuAEHlAEHQAEHyAEHvAEHwAEHlAEHyAEH0AEH5ABAvRQ0CQQAgAEEcajYCvKABIABBGmohARAnQShHDQJBAEEAKAK8oAFBAmo2ArygARAnEDBFDQIQJ0EsRw0CQQBBACgCvKABQQJqNgK8oAECQBAnIgBBJ0YNACAAQSJHDQMLQQAoArygASECIAAQHEEAQQAoArygAUECaiIANgK8oAEQJ0EsRw0BQQBBACgCvKABQQJqNgK8oAEQJ0H7AEcNAUEAQQAoArygAUECajYCvKABAkAQJyIDQeUARw0AQQAoArygASIDQQJqQe4AQfUAQe0AQeUAQfIAQeEAQeIAQewAQeUAEDFFDQJBACADQRRqNgK8oAEQJ0E6Rw0CQQBBACgCvKABQQJqNgK8oAEQJ0H0AEcNAkEAKAK8oAEiAy8BAkHyAEcNAiADLwEEQfUARw0CIAMvAQZB5QBHDQJBACADQQhqNgK8oAEQJ0EsRw0CQQBBACgCvKABQQJqNgK8oAEQJyEDCwJAIANB5wBGDQAgA0H2AEcNAkEAKAK8oAEiAy8BAkHhAEcNAiADLwEEQewARw0CIAMvAQZB9QBHDQIgAy8BCEHlAEcNAkEAIANBCmo2ArygARAnQTpHDQIgAiAAQQAoApwfEQAAQQAgATYCvKABDwtBACgCvKABIgMvAQJB5QBHDQEgAy8BBEH0AEcNAUEAIANBBmo2ArygAQJAECciA0E6Rw0AQQBBACgCvKABQQJqNgK8oAEQJ0HmAEcNAkEAKAK8oAEiA0ECakH1AEHuAEHjAEH0AEHpAEHvAEHuABAWRQ0CQQAgA0EQaiIDNgK8oAECQBAnIgRBKEYNACADQQAoArygAUYNAyAEEC1FDQMLECchAwsgA0EoRw0BQQBBACgCvKABQQJqNgK8oAEQJ0EpRw0BQQBBACgCvKABQQJqNgK8oAEQJ0H7AEcNAUEAQQAoArygAUECajYCvKABECdB8gBHDQFBACgCvKABIgNBAmpB5QBB9ABB9QBB8gBB7gAQE0UNAUEAIANBDGo2ArygARAnEC1FDQECQAJAAkAQJyIDQdsARg0AIANBLkcNAkEAQQAoArygAUECajYCvKABECcQLQ0BDAQLQQBBACgCvKABQQJqNgK8oAECQBAnIgNBJ0YNACADQSJHDQQLIAMQHEEAQQAoArygAUECajYCvKABECdB3QBHDQNBAEEAKAK8oAFBAmo2ArygAQsQJyEDCwJAIANBO0cNAEEAQQAoArygAUECajYCvKABECchAwsgA0H9AEcNAUEAQQAoArygAUECajYCvKABAkAQJyIDQSxHDQBBAEEAKAK8oAFBAmo2ArygARAnIQMLIANB/QBHDQFBAEEAKAK8oAFBAmo2ArygARAnQSlHDQEgAiAAQQAoApwfEQAADwsgAkHrAEcNASAARQ0BQQAoArygASIALwECQeUARw0BIAAvAQRB+QBHDQEgAC8BBkHzAEcNASAAQQZqIQFBACAAQQhqNgK8oAEQJ0EoRw0BQQBBACgCvKABQQJqNgK8oAEQJyEAQQAoArygASECIAAQLUUNAUEAKAK8oAEhABAnQSlHDQFBAEEAKAK8oAEiAUECajYCvKABECdBLkcNAUEAQQAoArygAUECajYCvKABECdB5gBHDQFBACgCvKABIgNBAmpB7wBB8gBBxQBB4QBB4wBB6AAQJkUNAUEAIANBDmo2ArygARAnIQNBACgCvKABIgRBfmohASADQShHDQFBACAEQQJqNgK8oAEQJ0HmAEcNAUEAKAK8oAEiA0ECakH1AEHuAEHjAEH0AEHpAEHvAEHuABAWRQ0BQQAgA0EQajYCvKABECdBKEcNAUEAQQAoArygAUECajYCvKABECchA0EAKAK8oAEhBCADEC1FDQFBACgCvKABIQMQJ0EpRw0BQQBBACgCvKABQQJqNgK8oAEQJ0H7AEcNAUEAQQAoArygAUECajYCvKABECdB6QBHDQFBACgCvKABIgUvAQJB5gBHDQFBACAFQQRqNgK8oAEQJ0EoRw0BQQBBACgCvKABQQJqNgK8oAEQJxpBACgCvKABIgUgBCADIARrIgMQQQ0BIAAgAmsiBkEBdSEHQQAgBSADQQF1IghBAXRqNgK8oAECQAJAAkAQJyIAQSFGDQAgAEE9Rw0EQQAoArygASIALwECQT1HDQQgAC8BBEE9Rw0EQQAgAEEGajYCvKABAkAQJyIAQSdGDQAgAEEiRw0FC0EAKAK8oAEiBUECakHkAEHlAEHmAEHhAEH1AEHsAEH0ABAWRQ0EQQAgBUEQajYCvKABECcgAEcNBEEAQQAoArygAUECajYCvKABECdB/ABHDQRBACgCvKABIgAvAQJB/ABHDQRBACAAQQRqNgK8oAEQJxpBACgCvKABIgAgBCADEEENBEEAIAAgCEEBdGo2ArygARAnQT1HDQRBACgCvKABIgAvAQJBPUcNBCAALwEEQT1HDQRBACAAQQZqNgK8oAECQBAnIgBBJ0YNACAAQSJHDQULQQAoArygASIFQQJqQd8AQd8AQeUAQfMAQc0AQe8AQeQAQfUAQewAQeUAEDJFDQRBACAFQRZqNgK8oAEQJyAARw0EQQBBACgCvKABQQJqNgK8oAEQJ0EpRw0EQQBBACgCvKABQQJqNgK8oAEQJ0HyAEcNBEEAKAK8oAEiAEECakHlAEH0AEH1AEHyAEHuABATRQ0EQQAgAEEMajYCvKABAkAQJ0E7Rw0AQQBBACgCvKABQQJqNgK8oAELECciAEHpAEcNAkHpACEAQQAoArygASIFLwECQeYARw0CQQAgBUEEajYCvKABECdBKEcNBEEAQQAoArygAUECaiIANgK8oAECQCAEIAgQM0UNABAnQSlHDQVBAEEAKAK8oAFBAmo2ArygARAnQfIARw0FQQAoArygASIAQQJqQeUAQfQAQfUAQfIAQe4AEBNFDQVBACAAQQxqNgK8oAECQBAnQTtHDQBBAEEAKAK8oAFBAmo2ArygAQsQJyIAQekARw0DQekAIQBBACgCvKABIgUvAQJB5gBHDQNBACAFQQRqNgK8oAEQJ0EoRw0FQQAoArygAUECaiEAC0EAIAA2ArygASAAIAQgAxBBDQRBACAAIAhBAXRqNgK8oAEQJ0HpAEcNBEEAKAK8oAEiAC8BAkHuAEcNBCAALwEEQSBHDQRBACAAQQZqNgK8oAEQJxAwRQ0EECdBJkcNBEEAKAK8oAEiAC8BAkEmRw0EQQAgAEEEajYCvKABECcQMEUNBBAnQdsARw0EQQBBACgCvKABQQJqNgK8oAEQJxpBACgCvKABIgAgBCADEEENBEEAIAAgCEEBdGo2ArygARAnQd0ARw0EQQBBACgCvKABQQJqNgK8oAEQJ0E9Rw0EQQAoArygASIALwECQT1HDQQgAC8BBEE9Rw0EQQAgAEEGajYCvKABECcaQQAoArygASIAIAIgBhBBDQRBACAAIAdBAXRqNgK8oAEQJ0HbAEcNBEEAQQAoArygAUECajYCvKABECcaQQAoArygASIAIAQgAxBBDQRBACAAIAhBAXRqNgK8oAEQJ0HdAEcNBEEAQQAoArygAUECajYCvKABECdBKUcNBEEAQQAoArygAUECajYCvKABECdB8gBHDQRBACgCvKABIgBBAmpB5QBB9ABB9QBB8gBB7gAQE0UNBEEAIABBDGo2ArygARAnQTtHDQFBAEEAKAK8oAFBAmo2ArygAQwBC0EAKAK8oAEiAC8BAkE9Rw0DIAAvAQRBPUcNA0EAIABBBmo2ArygAQJAECciAEEnRg0AIABBIkcNBAtBACgCvKABIgVBAmpB5ABB5QBB5gBB4QBB9QBB7ABB9AAQFkUNA0EAIAVBEGo2ArygARAnIABHDQNBAEEAKAK8oAFBAmo2ArygAQJAECciAEEmRw0AQQAoArygASIALwECQSZHDQRBACAAQQRqNgK8oAEQJ0EhRw0EQQBBACgCvKABQQJqNgK8oAECQAJAECciAEHPAEcNAEEAKAK8oAFBAmpB4gBB6gBB5QBB4wBB9ABBLhAmRQ0AIAQgCBAzRQ0GDAELIAAQLUUNABAnQS5HDQVBAEEAKAK8oAFBAmo2ArygARAnQegARw0FQQAoArygASIAQQJqQeEAQfMAQc8AQfcAQe4AQdAAQfIAQe8AQfAAQeUAQfIAQfQAQfkAEC9FDQVBACAAQRxqNgK8oAEQJ0EoRw0FQQBBACgCvKABQQJqNgK8oAEQJxpBACgCvKABIgAgBCADEEENBUEAIAAgCEEBdGo2ArygARAnQSlHDQVBAEEAKAK8oAFBAmo2ArygAQsQJyEACyAAQSlHDQNBAEEAKAK8oAFBAmo2ArygAQsQJyEACwJAAkACQCAAEDBFDQAQJ0HbAEcNBEEAQQAoArygAUECajYCvKABECcaQQAoArygASIAIAQgAxBBDQRBACAAIAhBAXRqNgK8oAEQJ0HdAEcNBEEAQQAoArygAUECajYCvKABECdBPUcNBEEAQQAoArygAUECajYCvKABECcaQQAoArygASIAIAIgBhBBDQRBACAAIAdBAXRqNgK8oAEQJ0HbAEcNBEEAQQAoArygAUECajYCvKABECcaQQAoArygASIAIAQgAxBBDQRBACAAIAhBAXRqNgK8oAEQJ0HdAEcNBEEAQQAoArygAUECajYCvKABECciAEE7Rw0CQQBBACgCvKABQQJqNgK8oAEMAQsgAEHPAEcNA0EAKAK8oAEiAEECakHiAEHqAEHlAEHjAEH0ABATRQ0DQQAgAEEMajYCvKABECdBLkcNA0EAQQAoArygAUECajYCvKABECdB5ABHDQNBACgCvKABIgBBAmpB5QBB5gBB6QBB7gBB5QBB0ABB8gBB7wBB8ABB5QBB8gBB9ABB+QAQL0UNA0EAIABBHGo2ArygARAnQShHDQNBAEEAKAK8oAFBAmo2ArygARAnEDBFDQMQJ0EsRw0DQQBBACgCvKABQQJqNgK8oAEQJxpBACgCvKABIgAgBCADEEENA0EAIAAgCEEBdGo2ArygARAnQSxHDQNBAEEAKAK8oAFBAmo2ArygARAnQfsARw0DQQBBACgCvKABQQJqNgK8oAEQJ0HlAEcNA0EAKAK8oAEiAEECakHuAEH1AEHtAEHlAEHyAEHhAEHiAEHsAEHlABAxRQ0DQQAgAEEUajYCvKABECdBOkcNA0EAQQAoArygAUECajYCvKABECchBUEAKAK8oAEhAAJAIAVB9ABGDQAgAC8BAkHyAEcNBCAALwEEQfUARw0EIAAvAQZB5QBHDQQLQQAgAEEIajYCvKABECdBLEcNA0EAQQAoArygAUECajYCvKABECdB5wBHDQNBACgCvKABIgAvAQJB5QBHDQMgAC8BBEH0AEcNA0EAIABBBmo2ArygAQJAECciAEE6Rw0AQQBBACgCvKABQQJqNgK8oAEQJ0HmAEcNBEEAKAK8oAEiAEECakH1AEHuAEHjAEH0AEHpAEHvAEHuABAWRQ0EQQAgAEEQaiIANgK8oAECQBAnIgVBKEYNACAAQQAoArygAUYNBSAFEC1FDQULECchAAsgAEEoRw0DQQBBACgCvKABQQJqNgK8oAEQJ0EpRw0DQQBBACgCvKABQQJqNgK8oAEQJ0H7AEcNA0EAQQAoArygAUECajYCvKABECdB8gBHDQNBACgCvKABIgBBAmpB5QBB9ABB9QBB8gBB7gAQE0UNA0EAIABBDGo2ArygARAnGkEAKAK8oAEiACACIAYQQQ0DQQAgACAHQQF0ajYCvKABECdB2wBHDQNBAEEAKAK8oAFBAmo2ArygARAnGkEAKAK8oAEiACAEIAMQQQ0DQQAgACAIQQF0ajYCvKABECdB3QBHDQNBAEEAKAK8oAFBAmo2ArygAQJAECciAEE7Rw0AQQBBACgCvKABQQJqNgK8oAEQJyEACyAAQf0ARw0DQQBBACgCvKABQQJqNgK8oAECQBAnIgBBLEcNAEEAQQAoArygAUECajYCvKABECchAAsgAEH9AEcNA0EAQQAoArygAUECajYCvKABECdBKUcNA0EAQQAoArygAUECajYCvKABECciAEE7Rw0BQQBBACgCvKABQQJqNgK8oAELECchAAsgAEH9AEcNAUEAQQAoArygAUECajYCvKABECdBKUcNAUEAKAK0oAEhBEGAICEAA0ACQAJAIAQgAEYNACAHIABBDGooAgAgAEEIaigCACIDa0EBdUcNASACIAMgBhBBDQEgACgCACAAQQRqKAIAQQAoAqAfEQAAQQAgATYCvKABCw8LIABBEGohAAwACwsgAiAAQQAoAqQfEQAAC0EAIAE2ArygAQtBAAJAQQAoAvAfDQBBACAANgLwHwtBACgCvKABIQBBAEEAKALAoAFBAmo2ArygAUEAIABBACgCmB9rQQF1NgLsHwuOAQEEf0EAKAK8oAEhAUEAKALAoAEhAgJAAkADQCABIgNBAmohASADIAJPDQEgAS8BACIEIABGDQICQCAEQdwARg0AIARBdmoOBAIBAQIBCyADQQRqIQEgAy8BBEENRw0AIANBBmogASADLwEGQQpGGyEBDAALC0EAIAE2ArygAUEJEBsPC0EAIAE2ArygAQtKAQN/QQAoArygAUECaiEAQQAoAsCgASEBAkADQCAAIgJBfmogAU8NASACQQJqIQAgAi8BAEF2ag4EAQAAAQALC0EAIAI2ArygAQt8AQJ/QQBBACgCvKABIgBBAmo2ArygASAAQQZqIQBBACgCwKABIQEDQAJAAkACQCAAQXxqIAFPDQAgAEF+ai8BAEEqRw0CIAAvAQBBL0cNAkEAIABBfmo2ArygAQwBCyAAQX5qIQALQQAgADYCvKABDwsgAEECaiEADAALC2wBAX8CQAJAIABBX2oiAUEFSw0AQQEgAXRBMXENAQsgAEFGakH//wNxQQZJDQAgAEEpRyAAQVhqQf//A3FBB0lxDQACQCAAQaV/ag4EAQAAAQALIABB/QBHIABBhX9qQf//A3FBBElxDwtBAQs9AQF/QQEhAQJAIABB9wBB6ABB6QBB7ABB5QAQNA0AIABB5gBB7wBB8gAQNQ0AIABB6QBB5gAQKyEBCyABC5sBAQJ/QQEhAQJAAkACQAJAAkACQCAALwEAIgJBRWoOBAUEBAEACwJAIAJBm39qDgQDBAQCAAsgAkEpRg0EIAJB+QBHDQMgAEF+akHmAEHpAEHuAEHhAEHsAEHsABA2DwsgAEF+ai8BAEE9Rg8LIABBfmpB4wBB4QBB9ABB4wAQLA8LIABBfmpB5QBB7ABB8wAQNQ8LQQAhAQsgAQvSAwECf0EAIQECQAJAAkACQAJAAkACQAJAAkAgAC8BAEGcf2oOFAABAggICAgICAgDBAgIBQgGCAgHCAsCQAJAIABBfmovAQBBl39qDgQACQkBCQsgAEF8akH2AEHvABArDwsgAEF8akH5AEHpAEHlABA1DwsCQAJAIABBfmovAQBBjX9qDgIAAQgLAkAgAEF8ai8BACICQeEARg0AIAJB7ABHDQggAEF6akHlABA3DwsgAEF6akHjABA3DwsgAEF8akHkAEHlAEHsAEHlABAsDwsgAEF+ai8BAEHvAEcNBSAAQXxqLwEAQeUARw0FAkAgAEF6ai8BACICQfAARg0AIAJB4wBHDQYgAEF4akHpAEHuAEHzAEH0AEHhAEHuABA2DwsgAEF4akH0AEH5ABArDwtBASEBIABBfmoiAEHpABA3DQQgAEHyAEHlAEH0AEH1AEHyABA0DwsgAEF+akHkABA3DwsgAEF+akHkAEHlAEHiAEH1AEHnAEHnAEHlABA4DwsgAEF+akHhAEH3AEHhAEHpABAsDwsCQCAAQX5qLwEAIgJB7wBGDQAgAkHlAEcNASAAQXxqQe4AEDcPCyAAQXxqQfQAQegAQfIAEDUhAQsgAQt2AQJ/AkACQANAQQBBACgCvKABIgBBAmoiATYCvKABIABBACgCwKABTw0BAkACQAJAIAEvAQAiAUGlf2oOAgECAAsCQCABQXZqDgQEAwMEAAsgAUEvRw0CDAQLEEAaDAELQQAgAEEEajYCvKABDAALC0ELEBsLC8YBAQR/QQAoArygASEAQQAoAsCgASEBAkACQANAIAAiAkECaiEAIAIgAU8NAQJAAkAgAC8BACIDQaR/ag4FAQICAgQACyADQSRHDQEgAi8BBEH7AEcNAUEAQQAvAYRAIgBBAWo7AYRAQQAoAqBgIABBAXRqQQAvAYhAOwEAQQAgAkEEajYCvKABQQBBAC8BhkBBAWoiADsBiEBBACAAOwGGQA8LIAJBBGohAAwACwtBACAANgK8oAFBCBAbDwtBACAANgK8oAELNAEBf0EBIQECQCAAQXdqQf//A3FBBUkNACAAQYABckGgAUYNACAAQS5HIAAQP3EhAQsgAQtJAQF/QQAhBwJAIAAvAQAgAUcNACAALwECIAJHDQAgAC8BBCADRw0AIAAvAQYgBEcNACAALwEIIAVHDQAgAC8BCiAGRiEHCyAHC3oBA39BACgCvKABIQACQANAAkAgAC8BACIBQXdqQQVJDQAgAUEgRg0AIAFBoAFGDQAgAUEvRw0CAkAgAC8BAiIAQSpGDQAgAEEvRw0DEB0MAQsQHgtBAEEAKAK8oAEiAkECaiIANgK8oAEgAkEAKALAoAFJDQALCyABCzkBAX8CQCAALwEAIgFBgPgDcUGAuANHDQAgAEF+ai8BAEH/B3FBCnQgAUH/B3FyQYCABGohAQsgAQt9AQF/AkAgAEEvSw0AIABBJEYPCwJAIABBOkkNAEEAIQECQCAAQcEASQ0AIABB2wBJDQECQCAAQeAASw0AIABB3wBGDwsgAEH7AEkNAQJAIABB//8DSw0AIABBqgFJDQEgABA5DwtBASEBIAAQOg0AIAAQOyEBCyABDwtBAQtjAQF/AkAgAEHAAEsNACAAQSRGDwtBASEBAkAgAEHbAEkNAAJAIABB4ABLDQAgAEHfAEYPCyAAQfsASQ0AAkAgAEH//wNLDQBBACEBIABBqgFJDQEgABA8DwsgABA6IQELIAELTAEDf0EAIQMCQCAAQX5qIgRBACgCmB8iBUkNACAELwEAIAFHDQAgAC8BACACRw0AAkAgBCAFRw0AQQEPCyAAQXxqLwEAECUhAwsgAwtmAQN/QQAhBQJAIABBemoiBkEAKAKYHyIHSQ0AIAYvAQAgAUcNACAAQXxqLwEAIAJHDQAgAEF+ai8BACADRw0AIAAvAQAgBEcNAAJAIAYgB0cNAEEBDwsgAEF4ai8BABAlIQULIAULhQEBAn8gABA+IgAQKiEBAkACQCAAQdwARg0AQQAhAiABRQ0BC0EAKAK8oAFBAkEEIABBgIAESRtqIQACQANAQQAgADYCvKABIAAvAQAQPiIBRQ0BAkAgARApRQ0AIABBAkEEIAFBgIAESRtqIQAMAQsLQQAhAiABQdwARg0BC0EBIQILIAIL2gMBBH9BACgCvKABIgBBfmohAQNAQQAgAEECajYCvKABAkACQAJAIABBACgCwKABTw0AECchAEEAKAK8oAEhAgJAAkAgABAtRQ0AQQAoArygASEDAkACQBAnIgBBOkcNAEEAQQAoArygAUECajYCvKABECcQLUUNAUEAKAK8oAEvAQAhAAsgAiADQQAoApwfEQAADAILQQAgATYCvKABDwsCQAJAIABBIkYNACAAQS5GDQEgAEEnRw0EC0EAKAK8oAEhAiAAEBxBAEEAKAK8oAFBAmoiAzYCvKABECciAEE6Rw0BQQBBACgCvKABQQJqNgK8oAECQBAnEC1FDQBBACgCvKABLwEAIQAgAiADQQAoApwfEQAADAILQQAgATYCvKABDwtBACgCvKABIgAvAQJBLkcNAiAALwEEQS5HDQJBACAAQQZqNgK8oAECQAJAAkAgAC8BBiIAQfIARw0AQQEQECEAQQAoArygASECIAANASACLwEAIQALIABB//8DcRAtDQFBACABNgK8oAEPC0EAIAJBAmo2ArygAQsQJyEACyAAQf//A3EiAEEsRg0CIABB/QBGDQBBACABNgK8oAELDwtBACABNgK8oAEPC0EAKAK8oAEhAAwACwuPAQEBf0EAIQ4CQCAALwEAIAFHDQAgAC8BAiACRw0AIAAvAQQgA0cNACAALwEGIARHDQAgAC8BCCAFRw0AIAAvAQogBkcNACAALwEMIAdHDQAgAC8BDiAIRw0AIAAvARAgCUcNACAALwESIApHDQAgAC8BFCALRw0AIAAvARYgDEcNACAALwEYIA1GIQ4LIA4LqAEBAn9BACEBQQAoArygASECAkACQCAAQe0ARw0AIAJBAmpB7wBB5ABB9QBB7ABB5QAQE0UNAUEAIAJBDGo2ArygAQJAECdBLkYNAEEAIQEMAgtBAEEAKAK8oAFBAmo2ArygARAnIQALIABB5QBHDQBBACgCvKABIgBBDmogAiAAQQJqQfgAQfAAQe8AQfIAQfQAQfMAECYiARshAgtBACACNgK8oAEgAQtnAQF/QQAhCgJAIAAvAQAgAUcNACAALwECIAJHDQAgAC8BBCADRw0AIAAvAQYgBEcNACAALwEIIAVHDQAgAC8BCiAGRw0AIAAvAQwgB0cNACAALwEOIAhHDQAgAC8BECAJRiEKCyAKC3EBAX9BACELAkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZHDQAgAC8BDCAHRw0AIAAvAQ4gCEcNACAALwEQIAlHDQAgAC8BEiAKRiELCyALC4MEAQJ/QQAhAgJAECdBzwBHDQBBACECQQAoArygASIDQQJqQeIAQeoAQeUAQeMAQfQAEBNFDQBBACECQQAgA0EMajYCvKABECdBLkcNAEEAQQAoArygAUECajYCvKABAkAQJyIDQfAARw0AQQAhAkEAKAK8oAEiA0ECakHyAEHvAEH0AEHvAEH0AEH5AEHwAEHlABA9RQ0BQQAhAkEAIANBEmo2ArygARAnQS5HDQFBAEEAKAK8oAFBAmo2ArygARAnIQMLQQAhAiADQegARw0AQQAhAkEAKAK8oAEiA0ECakHhAEHzAEHPAEH3AEHuAEHQAEHyAEHvAEHwAEHlAEHyAEH0AEH5ABAvRQ0AQQAhAkEAIANBHGo2ArygARAnQS5HDQBBACECQQBBACgCvKABQQJqNgK8oAEQJ0HjAEcNAEEAIQJBACgCvKABIgMvAQJB4QBHDQAgAy8BBEHsAEcNACADLwEGQewARw0AQQAhAkEAIANBCGo2ArygARAnQShHDQBBACECQQBBACgCvKABQQJqNgK8oAEQJxAtRQ0AECdBLEcNAEEAIQJBAEEAKAK8oAFBAmo2ArygARAnGkEAKAK8oAEiAyAAIAFBAXQiARBBDQBBACECQQAgAyABajYCvKABECdBKUcNAEEAQQAoArygAUECajYCvKABQQEhAgsgAgtJAQN/QQAhBgJAIABBeGoiB0EAKAKYHyIISQ0AIAcgASACIAMgBCAFEBNFDQACQCAHIAhHDQBBAQ8LIABBdmovAQAQJSEGCyAGC1kBA39BACEEAkAgAEF8aiIFQQAoApgfIgZJDQAgBS8BACABRw0AIABBfmovAQAgAkcNACAALwEAIANHDQACQCAFIAZHDQBBAQ8LIABBemovAQAQJSEECyAEC0sBA39BACEHAkAgAEF2aiIIQQAoApgfIglJDQAgCCABIAIgAyAEIAUgBhAmRQ0AAkAgCCAJRw0AQQEPCyAAQXRqLwEAECUhBwsgBws9AQJ/QQAhAgJAQQAoApgfIgMgAEsNACAALwEAIAFHDQACQCADIABHDQBBAQ8LIABBfmovAQAQJSECCyACC00BA39BACEIAkAgAEF0aiIJQQAoApgfIgpJDQAgCSABIAIgAyAEIAUgBiAHEBZFDQACQCAJIApHDQBBAQ8LIABBcmovAQAQJSEICyAIC64SAQN/AkAgABA8DQAgAEH0v39qQQJJDQAgAEG3AUYNACAAQYB6akHwAEkNACAAQf12akEFSQ0AIABBhwdGDQAgAEHvdGpBLUkNAAJAIABBwXRqIgFBCEsNAEEBIAF0Qe0CcQ0BCyAAQfBzakELSQ0AIABBtXNqQR9JDQACQCAAQapyaiIBQRJLDQBBASABdEH//BlxDQELIABB8AxGDQAgAEGWcmpBBEkNACAAQcBwakEKSQ0AIABB2nBqQQtJDQAgAEHQcWpBG0kNACAAQZEORg0AIABBkHJqQQpJDQAgAEHCbWpBEkkNACAAQcZtakEDSQ0AIABBnW5qQSFJDQAgAEGtbmpBD0kNACAAQadvakEDSQ0AIABB129qQQVJDQAgAEHbb2pBA0kNACAAQeVvakEJSQ0AIABB6m9qQQRJDQAgAEH9D0YNACAAQZVwakEJSQ0AAkAgAEGvbWoiAUESSw0AQQEgAXRB/4AYcQ0BCyAAQZptakEKSQ0AAkACQCAAQcRsag4oAgECAgICAgICAQECAgEBAgICAQEBAQEBAQEBAgEBAQEBAQEBAQECAgALIABB/2xqQQNJDQELIABB/hNGDQAgAEGabGpBCkkNAAJAIABBxGtqIgFBFUsNAEEBIAF0Qf2wjgFxDQELIABB/2tqQQNJDQAgAEH1FEYNACAAQZprakEMSQ0AAkACQCAAQcRqag4oAgECAgICAgICAgECAgIBAgICAQEBAQEBAQEBAQEBAQEBAQEBAQECAgALIABB/2pqQQNJDQELIABBmmpqQQpJDQAgAEGGampBBkkNAAJAAkAgAEHEaWoOKAIBAgICAgICAgEBAgIBAQICAgEBAQEBAQEBAgIBAQEBAQEBAQEBAgIACyAAQf9pakEDSQ0BCyAAQZppakEKSQ0AAkAgAEHCaGoiAUEZSw0AQQEgAXRBn+6DEHENAQsgAEGCF0YNACAAQZpoakEKSQ0AAkACQCAAQcJnag4mAgICAgICAgECAgIBAgICAgEBAQEBAQECAgEBAQEBAQEBAQEBAgIACyAAQYBoakEFSQ0BCyAAQZpnakEKSQ0AAkACQCAAQcRmag4oAgECAgICAgICAQICAgECAgICAQEBAQEBAQICAQEBAQEBAQEBAQECAgALIABB/2ZqQQNJDQELIABBmmZqQQpJDQAgAEF8cSIBQYAaRg0AAkAgAEHFZWoOKQEBAAEBAQEBAQEAAQEBAAEBAQEAAAAAAAAAAAABAAAAAAAAAAAAAAEBAAsgAEGaZWpBCkkNAAJAIABBtmRqIgJBDEsNAEEBIAJ0QeEvcQ0BCyAAQf5kakECSQ0AIABBeHFB2BtGDQAgAEGaZGpBCkkNAAJAIABBz2NqIgJBHUsNAEEBIAJ0QfmHgP4DcQ0BCyAAQY5kakECSQ0AIABBsR1GDQAgAEGwY2pBCkkNAAJAIABBzGJqIgJBCEsNACACQQZHDQELIABBuGJqQQZJDQAgAEHgYWpBCkkNACAAQX5xIgJBmB5GDQAgAEGwYmpBCkkNAAJAIABBy2FqIgNBCksNAEEBIAN0QZUMcQ0BCyAAQfNgakELSQ0AIAJBhh9GDQAgAEGPYWpBFEkNACAAQe5RakEDSQ0AIABBl1lqQQlJDQAgAEGjWWpBA0kNACAAQfFeakEPSQ0AIABB/l5qQQxJDQAgAEGPX2pBBEkNACAAQZlfakEHSQ0AIABBnl9qQQNJDQAgAEGiX2pBA0kNACAAQapfakEESQ0AIABBwF9qQQpJDQAgAEHVX2pBFEkNACAAQcYfRg0AIABB52BqQSRJDQAgAEHOUWpBA0kNACAAQa5RakECSQ0AIABBjlFqQQJJDQAgAEH1T2pBA0kNACAAQaBQakEKSQ0AIABB3S9GDQAgAEHMUGpBIEkNACAAQbBGakEDSQ0AIABBsEdqQQpJDQAgAEHAR2pBCkkNACAAQdxHakEUSQ0AIABBmkhqQQ5JDQAgAEHQSGpBCkkNACAAQd9IakENSQ0AIABBgElqQQNJDQAgAEGVSWpBCUkNACAAQbBJakEKSQ0AIABBzElqQRFJDQAgAEGASmpBBUkNACAAQdBKakEOSQ0AIABB8EpqQQpJDQAgAEGBS2pBC0kNACAAQaBLakEdSQ0AIABBq0tqQQpJDQAgAEHpS2pBBUkNACAAQbBMakELSQ0AIABBuk1qQQpJDQAgAEHQTWpBDEkNACAAQeBNakEMSQ0AIABBqTFGDQAgAEHwT2pBCkkNACAAQcBEakE6SQ0AIABBiUZqQQNJDQAgAEGORmpBA0kNACAAQe05Rg0AIABBrEZqQRVJDQAgAEGFRGpBBUkNAAJAIABBwb9/aiICQRVLDQBBASACdEGDgIABcQ0BCyAAQZu+f2pBDEkNACAAQeHBAEYNACAAQbC+f2pBDUkNACAAQZGmf2pBA0kNACAAQf/aAEYNACAAQWBxQeDbAEYNACAAQdaff2pBBkkNACAAQeeef2pBAkkNACAAQYyzfWpBCkkNACAAQe/MAkYNACAAQeCzfWpBCkkNAAJAIABB9a99aiICQRxLDQBBASACdEGBgID4AXENAQsgAEHisn1qQQJJDQAgAEGQsn1qQQJJDQACQAJAIABB/q99ag4FAgEBAQIACyAAQYCvfWpBAkkNAQsgAEHNrH1qQQ5JDQAgAUGA0wJGDQAgAEG5rX1qQQ1JDQAgAEHarX1qQQhJDQAgAEGBrn1qQQtJDQAgAEGgrn1qQRJJDQAgAEHMrn1qQRJJDQAgAEGwrn1qQQpJDQAgAEHXq31qQQ5JDQAgAEHl0wJGDQAgAEFfcUGwrH1qQQpJDQACQCAAQb2rfWoiAUEKSw0AQQEgAXRBgQxxDQELIABBsKt9akEKSQ0AAkAgAEGdqH1qIgFBCksNACABQQhHDQELAkAgAEHQqn1qIgFBEUsNAEEBIAF0QZ2DC3ENAQsCQCAAQZWqfWoiAUELSw0AQQEgAXRBnxhxDQELIABBhat9akEDSQ0AIABBcHEiAUGA/ANGDQAgAEGe9gNGDQAgAEGQqH1qQQpJDQAgAEG//gNGIABB8IF8akEKSSAAQbODfGpBA0kgAEHNg3xqQQJJIAFBoPwDRnJycnIPC0EBC1wBBH9BgIAEIQFBkAghAkF+IQMCQANAQQAhBCADQQJqIgNB5wNLDQEgAigCACABaiIBIABLDQEgAkEEaiEEIAJBCGohAiAEKAIAIAFqIgEgAEkNAAtBASEECyAEC1wBBH9BgIAEIQFBsBchAkF+IQMCQANAQQAhBCADQQJqIgNB+QFLDQEgAigCACABaiIBIABLDQEgAkEEaiEEIAJBCGohAiAEKAIAIAFqIgEgAEkNAAtBASEECyAEC8YfAQZ/AkACQAJAAkACQAJAIABB1n5qIgFBEEsNAEEBIAF0QYGQBHENAQsgAEG6empBDEkNACAAQYh+akHKA0kNACAAQcB+akEXSQ0AIABBqH5qQR9JDQACQCAAQZB5aiIBQRxLDQBBASABdEHf+YK6AXENAQsCQCAAQaB6aiIBQQ5LDQBBASABdEGfoAFxDQELIABB9nZqQaYBSQ0AIABBiXhqQYsBSQ0AIABB8nhqQRRJDQAgAEHdeGpB0wBJDQAgAEGRdGpBBEkNACAAQbB0akEbSQ0AIABBoHVqQSlJDQAgAEHZCkYNACAAQc91akEmSQ0AIABBj3NqQeMASQ0AIABBfnEiAkHuDEYNACAAQeBzakErSQ0AAkAgAEGrcmoiAUE8Tw0AQoGAjLCAnIGACCABrYhCAYNQRQ0BCyAAQe5xakEeSQ0AIABBtnBqQSFJDQAgAEGxD0YNACAAQbNxakHZAEkNAAJAIABBjHBqIgFBBksNAEEBIAF0QcMAcQ0BCyAAQYBwakEWSQ0AQQEhAQJAAkAgAEHcb2oOBQUBAQEFAAsgAEGaEEYNAQsgAEH8bWpBNkkNACAAQcpuakEISQ0AIABB4G5qQRVJDQAgAEHAb2pBGUkNACAAQaBvakELSQ0AIABBvRJGDQAgAEHQEkYNACAAQahtakEKSQ0AIABBj21qQRBJDQACQCAAQftsaiIDQQxPDQBBASEBQf8ZIANB//8DcXZBAXENBAsgAEHtbGpBFkkNAAJAIABBhGxqIgFBFEsNAEEBIAF0QYH84QBxDQELIABB1mxqQQdJDQACQCAAQc5saiIBQRxLDQBBASABdEHxkYCAAXENAQsCQCAAQaRsaiIBQRVLDQBBASABdEG7gMABcQ0BCyAAQe1rakEWSQ0AAkAgAEHWa2oiAUE1Tw0AQv+2g4CAgOALIAGtiEIBg1BFDQELIABB7WpqQRZJDQAgAEHxampBA0kNACAAQY5rakEDSQ0AIABB+2pqQQlJDQBBASEBAkACQCAAQdZqag4nBQUFBQUFBQEFBQEFBQUFBQEBAQUBAQEBAQEBAQEBAQEBAQEBAQEFAAsCQCAAQYdqaiIBQRdLDQBBASABdEGB4L8GcQ0CCyAAQaBqakECSQ0BCyAAQe1pakEWSQ0AQQEhAQJAAkAgAEGPaWoONAUBAQEBAQEBAQEBAQEBAQEBAQUBBQUFBQUFAQEBBQUFAQUFBQUBAQEFBQEFAQUFAQEBBQUACwJAIABB1mlqIgFBE0sNAEEBIAF0Qf/2I3ENAgsgAEGkaWoiAUEFSw0AIAFBAkcNAQsgAEHYaGpBA0kNACAAQe5nakEXSQ0AIABB8mdqQQNJDQAgAEH7Z2pBCEkNACAAQdAXRg0AIABB0mhqQQxJDQAgAEG9GEYNACAAQdZnakEQSQ0AAkAgAEGoZ2oiAUEpTw0AQoeGgICAICABrYhCAYNQRQ0BCyAAQdZmakEKSQ0AIABB7mZqQRdJDQAgAEH7ZmpBCEkNACAAQfJmakEDSQ0AAkAgAEH7ZWoiAUELSw0AIAFBCEcNAQsCQCAAQctmaiIBQQhLDQBBASABdEGfAnENAQsCQCAAQaJmaiIBQRRLDQBBASABdEGNgOAAcQ0BCyAAQe5lakEpSQ0AIABBvRpGDQAgAEHOGkYNACAAQc1kakEJSQ0AIABB5mRqQRhJDQAgAEH7ZGpBEkkNACAAQYZlakEGSQ0AIABBrGVqQQNJDQAgAEGhZWpBA0kNAAJAIABBw2RqIgNBCk8NAEEBIQFB+QcgA0H//wNxdkEBcQ0ECyACQbIcRg0AIABB/2NqQTBJDQAgAEHAY2pBB0kNAAJAIABB/2JqIgFBDEsNAEEBIAF0QcslcQ0BCyAAQXxxIgNBlB1GDQAgAEHnYmpBB0kNAAJAIABB32JqIgFBJk8NAELX7JuA+QUgAa2IQgGDUEUNAQsgAEGAYGpBK0kNACAAQfhgakEFSQ0AIABBt2FqQSRJDQAgAEF4cSIEQcAeRg0AIABBgB5GDQAgA0HcHUYNAAJAIABBwV9qIgFBKE8NAEKBgPjDxxggAa2IQgGDUEUNAQsgAEGSX2pBA0kNACAAQeBeakEmSQ0AIABBjiFGDQAgAEGLX2pBDUkNACAAQcchRg0AIABBzSFGDQAgAEG2W2pBBEkNACAAQbBeakErSQ0AIABBhF5qQc0CSQ0AAkAgAEGwW2oiBUEJTw0AQQEhAUH/AiAFQf//A3F2QQFxDQQLIABBzlpqQQRJDQAgAEHwWmpBIUkNACAAQfZaakEESQ0AIABBpltqQQRJDQAgAEGgW2pBKUkNAAJAIABByFpqIgVBCU8NAEEBIQFB/wIgBUH//wNxdkEBcQ0ECyAAQYBRakE0SQ0AIABBklFqQQNJDQAgAEGgUWpBDUkNACAAQcBRakESSQ0AIABB4FFqQRJJDQAgAEHyUWpBBEkNACAAQYBSakENSQ0AIABBklJqQQtJDQAgAEHgUmpBywBJDQAgAEH/UmpBGkkNACAAQZFTakERSQ0AIABB/1dqQewESQ0AIABBiFhqQQZJDQAgAEHgWGpB1gBJDQAgAEFwcSIFQYAnRg0AIABB6FlqQcMASQ0AIABB7llqQQRJDQAgAEGoWmpBOUkNACAAQb5aakEESQ0AIABBuFpqQQ9JDQAgAEHXL0YNACAAQdwvRg0AIABB4E9qQdkASQ0AIABBgExqQRdJDQAgAEHQTGpBGkkNACAAQYBNakEsSQ0AIABBkE1qQQVJDQAgAEGwTWpBHkkNACAAQYBOakEfSQ0AIABB0E5qQcYASQ0AIABBqjFGDQQgAEGAT2pBKUkNBCAAQbtJakEHSQ0EIABB+0lqQS9JDQQgAEGnNUYNBCAAQeBLakE1SQ0EIABBl0ZqQQRJDQQgAEHDRmpBA0kNBCAAQfBGakErSQ0EIABBgEdqQQlJDQQgAEGmR2pBJEkNBCAAQbNHakEDSQ0EIABBgEhqQSRJDQQgAEHGSGpBLEkNBCACQa43Rg0EIABB/UhqQR5JDQQgAEGSRmoiBkEJSQ0BDAILQQEhAQwCC0EBIQFBjwMgBkH//wNxdkEBcQ0BCyAEQdA+Rg0BIABBuEFqQQZJDQEgAEHgQWpBJkkNASAAQehBakEGSQ0BIABBgEZqQcABSQ0BIABBgERqQZYCSQ0BAkAgAEGnQWoiAUEESw0AQQEgAXRBFXENAgsgAEGhQWpBH0kNASAAQYBBakE1SQ0BAkAgAEHKQGoiBEEJTw0AQQEhAUH/AiAEQf//A3F2QQFxDQELIABBjkBqQQNJDQEgAEGgQGpBDUkNASAAQapAakEGSQ0BIANB0D9GDQEgAEG+QGpBA0kNASAAQbpAakEHSQ0BIABBikBqQQdJDQEgAEHxwABGDQEgAEH/wABGDQEgAEHwvn9qQQ1JDQEgAEGCwgBGDQEgAEGHwgBGDQEgAEGVwgBGDQEgAEH2vX9qQQpJDQECQCAAQei9f2oiBEERTw0AQQEhAUG/oAUgBHZBAXENAQsgAEHWvX9qQRBJDQEgA0G8wgBGDQECQCAAQbu9f2oiBEEKTw0AQQEhAUGfBCAEQf//A3F2QQFxDQELIABBoKd/akGFAUkNASAAQdCnf2pBL0kNASAAQaC9f2pBKUkNASAAQYCof2pBL0kNAQJAIABBlaZ/aiIEQQlPDQBBASEBQY8DIARB//8DcXZBAXENAQsgAEGApn9qQSZJDQEgAEGn2gBGDQEgAEGt2gBGDQEgAEGAtn1qQY0CSQ0BIABBsLZ9akEuSQ0BIABBgMB9akGNCUkNASAAQYDkfmpB8KMBSQ0BIABBgJh/akG2M0kNASAFQfDjAEYNASAAQeCcf2pBG0kNASAAQc+df2pB3gBJDQEgAEH7nX9qQStJDQEgA0H84QBGDQEgAEHfnn9qQdoASQ0BIABB5Z5/akEFSQ0BIABBv59/akHWAEkNASAAQciff2pBBUkNASAAQc+ff2pBBUkNASAAQd+ff2pBCUkNASAAQfuff2pBA0kNASAAQaikf2pBB0kNASAAQbCkf2pBB0kNASAAQbikf2pBB0kNASAAQcCkf2pBB0kNASAAQcikf2pBB0kNASAAQdCkf2pBB0kNASAAQdikf2pBB0kNASAAQeCkf2pBB0kNASAAQYClf2pBF0kNASAAQe/aAEYNASAAQdClf2pBOEkNASAAQf6ufWpBMkkNASAAQcCvfWpBNEkNASAAQfSvfWpBF0kNASAAQfmvfWpBBEkNASAAQf2vfWpBA0kNASAAQYmwfWpBC0kNASAAQfWwfWpBL0kNASAAQd6xfWpB5wBJDQEgAEHpsX1qQQlJDQEgAEHgsn1qQdAASQ0BIABBgbN9akEfSQ0BIABBwLN9akEvSQ0BIAJBqswCRg0BIAVBkMwCRg0BAkAgAEGOrn1qIgJBDU8NAEEBIQFBvzQgAkH//wNxdkEBcQ0BCyAAQaCtfWpBHUkNASAAQfatfWpBHEkNASAAQdCtfWpBF0kNASAAQbyrfWpBCEkNASAAQcCrfWpBA0kNASAAQYCsfWpBKUkNASAAQYasfWpBBUkNASAAQZqsfWpBCkkNASAAQaCsfWpBBUkNASAAQc/TAkYNASAAQfysfWpBL0kNASAAQYKrfWpBMkkNASAAQfrUAkYNASAAQaCrfWpBF0kNAQJAIABBz6p9aiICQRJPDQBBASEBQbG+CiACdkEBcQ0BCyAAQYCKfGpBB0kNASAAQZCLfGpB6gBJDQEgAEGAjnxqQe4CSQ0BIABBtdB8akExSQ0BIABB0NB8akEXSQ0BIABBgKh9akGk1wBJDQEgAEGQqX1qQfMASQ0BIABBpKl9akEKSQ0BIABB0Kl9akErSQ0BIABB2Kl9akEHSQ0BIABB4Kl9akEHSQ0BIABB76l9akEGSQ0BIABBd3FB/6l9akEGSQ0BIABBjqp9akEDSQ0BIABBpap9akEDSQ0BIABBoKp9akELSQ0BAkAgAEHtiXxqIgJBC08NAEEBIQFBnwggAkH//wNxdkEBcQ0BCyAAQeGJfGpBCkkNASAAQdaJfGpBDUkNAQJAIABByIl8aiICQQ1PDQBBASEBQd82IAJB//8DcXZBAXENAQsgAEGugHxqQQZJDQEgAEG2gHxqQQZJDQEgAEG+gHxqQQZJDQEgAEGagXxqQdkASQ0BIABBv4F8akEaSQ0BIABB34F8akEaSQ0BIABBioN8akGHAUkNASAAQZCDfGpBBUkNASAAQZCEfGpBDEkNASAAQe6EfGpBNkkNASAAQbCFfGpBwABJDQEgAEG6iXxqQewASQ0BQQEhASAAQa2IfGpB6wJJDQAgAEGmgHxqQQNJDwsgAQ8LQQELXQEBf0EAIQkCQCAALwEAIAFHDQAgAC8BAiACRw0AIAAvAQQgA0cNACAALwEGIARHDQAgAC8BCCAFRw0AIAAvAQogBkcNACAALwEMIAdHDQAgAC8BDiAIRiEJCyAJCzUAAkAgAEGA+ANxQYCwA0cNACAAQQp0QYD4P3FBACgCvKABLwECQf8HcXJBgIAEaiEACyAAC2gBAn9BASEBAkACQCAAQV9qIgJBBUsNAEEBIAJ0QTFxDQELIABB+P8DcUEoRg0AIABBRmpB//8DcUEGSQ0AAkAgAEGlf2oiAkEDSw0AIAJBAUcNAQsgAEGFf2pB//8DcUEESSEBCyABC3gBBH9BACgCvKABIQBBACgCwKABIQECQAJAA0AgAEECaiECIAAgAU8NAQJAAkAgAi8BACIDQaR/ag4CAQQACyACIQAgA0F2ag4EAgEBAgELIABBBGohAAwACwtBACACNgK8oAFBChAbQQAPC0EAIAI2ArygAUHdAAtJAQN/QQAhAwJAIAJFDQACQANAIAAtAAAiBCABLQAAIgVHDQEgAUEBaiEBIABBAWohACACQX9qIgINAAwCCwsgBCAFayEDCyADCwvCFwIAQYAIC5gXAAAAAAAAAAAAAAAAAAAAAAAAAAALAAAAAgAAABkAAAACAAAAEgAAAAIAAAABAAAAAgAAAA4AAAADAAAADQAAACMAAAB6AAAARgAAADQAAAAMAQAAHAAAAAQAAAAwAAAAMAAAAB8AAAAOAAAAHQAAAAYAAAAlAAAACwAAAB0AAAADAAAAIwAAAAUAAAAHAAAAAgAAAAQAAAArAAAAnQAAABMAAAAjAAAABQAAACMAAAAFAAAAJwAAAAkAAAAzAAAAnQAAADYBAAAKAAAAFQAAAAsAAAAHAAAAmQAAAAUAAAADAAAAAAAAAAIAAAArAAAAAgAAAAEAAAAEAAAAAAAAAAMAAAAWAAAACwAAABYAAAAKAAAAHgAAAEIAAAASAAAAAgAAAAEAAAALAAAAFQAAAAsAAAAZAAAARwAAADcAAAAHAAAAAQAAAEEAAAAAAAAAEAAAAAMAAAACAAAAAgAAAAIAAAAcAAAAKwAAABwAAAAEAAAAHAAAACQAAAAHAAAAAgAAABsAAAAcAAAANQAAAAsAAAAVAAAACwAAABIAAAAOAAAAEQAAAG8AAABIAAAAOAAAADIAAAAOAAAAMgAAAA4AAAAjAAAAXQEAACkAAAAHAAAAAQAAAE8AAAAcAAAACwAAAAAAAAAJAAAAFQAAAGsAAAAUAAAAHAAAABYAAAANAAAANAAAAEwAAAAsAAAAIQAAABgAAAAbAAAAIwAAAB4AAAAAAAAAAwAAAAAAAAAJAAAAIgAAAAQAAAAAAAAADQAAAC8AAAAPAAAAAwAAABYAAAAAAAAAAgAAAAAAAAAkAAAAEQAAAAIAAAAYAAAAVQAAAAYAAAACAAAAAAAAAAIAAAADAAAAAgAAAA4AAAACAAAACQAAAAgAAAAuAAAAJwAAAAcAAAADAAAAAQAAAAMAAAAVAAAAAgAAAAYAAAACAAAAAQAAAAIAAAAEAAAABAAAAAAAAAATAAAAAAAAAA0AAAAEAAAAnwAAADQAAAATAAAAAwAAABUAAAACAAAAHwAAAC8AAAAVAAAAAQAAAAIAAAAAAAAAuQAAAC4AAAAqAAAAAwAAACUAAAAvAAAAFQAAAAAAAAA8AAAAKgAAAA4AAAAAAAAASAAAABoAAADmAAAAKwAAAHUAAAA/AAAAIAAAAAcAAAADAAAAAAAAAAMAAAAHAAAAAgAAAAEAAAACAAAAFwAAABAAAAAAAAAAAgAAAAAAAABfAAAABwAAAAMAAAAmAAAAEQAAAAAAAAACAAAAAAAAAB0AAAAAAAAACwAAACcAAAAIAAAAAAAAABYAAAAAAAAADAAAAC0AAAAUAAAAAAAAACMAAAA4AAAACAEAAAgAAAACAAAAJAAAABIAAAAAAAAAMgAAAB0AAABxAAAABgAAAAIAAAABAAAAAgAAACUAAAAWAAAAAAAAABoAAAAFAAAAAgAAAAEAAAACAAAAHwAAAA8AAAAAAAAASAEAABIAAAC+AAAAAAAAAFAAAACZAwAAZwAAAG4AAAASAAAAwwAAAL0KAAAuBAAA0g8AAEYCAAC6IQAAOAIAAAgAAAAeAAAAcgAAAB0AAAATAAAALwAAABEAAAADAAAAIAAAABQAAAAGAAAAEgAAALECAAA/AAAAgQAAAEoAAAAGAAAAAAAAAEMAAAAMAAAAQQAAAAEAAAACAAAAAAAAAB0AAAD3FwAACQAAANUEAAArAAAACAAAAPgiAAAeAQAAMgAAAAIAAAASAAAAAwAAAAkAAACLAQAABQkAAGoAAAAGAAAADAAAAAQAAAAIAAAACAAAAAkAAABnFwAAVAAAAAIAAABGAAAAAgAAAAEAAAADAAAAAAAAAAMAAAABAAAAAwAAAAMAAAACAAAACwAAAAIAAAAAAAAAAgAAAAYAAAACAAAAQAAAAAIAAAADAAAAAwAAAAcAAAACAAAABgAAAAIAAAAbAAAAAgAAAAMAAAACAAAABAAAAAIAAAAAAAAABAAAAAYAAAACAAAAUwEAAAMAAAAYAAAAAgAAABgAAAACAAAAHgAAAAIAAAAYAAAAAgAAAB4AAAACAAAAGAAAAAIAAAAeAAAAAgAAABgAAAACAAAAHgAAAAIAAAAYAAAAAgAAAAcAAAA1CQAALAAAAAsAAAAGAAAAEQAAAAAAAAByAQAAKwAAABUFAADEAAAAPAAAAEMAAAAIAAAAAAAAALUEAAADAAAAAgAAABoAAAACAAAAAQAAAAIAAAAAAAAAAwAAAAAAAAACAAAACQAAAAIAAAADAAAAAgAAAAAAAAACAAAAAAAAAAcAAAAAAAAABQAAAAAAAAACAAAAAAAAAAIAAAAAAAAAAgAAAAIAAAACAAAAAQAAAAIAAAAAAAAAAwAAAAAAAAACAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAABAAAAAgAAAAAAAAADAAAAAwAAAAIAAAAGAAAAAgAAAAMAAAACAAAAAwAAAAIAAAAAAAAAAgAAAAkAAAACAAAAEAAAAAYAAAACAAAAAgAAAAQAAAACAAAAEAAAAEURAADdpgAAIwAAADQQAAAMAAAA3QAAAAMAAACBFgAADwAAADAdAAAgDAAAHQIAAOMFAABKEwAA/QEAAAAAAADjAAAAAAAAAJYAAAAEAAAAJgEAAAkAAABYBQAAAgAAAAIAAAABAAAABgAAAAMAAAApAAAAAgAAAAUAAAAAAAAApgAAAAEAAAA+AgAAAwAAAAkAAAAJAAAAcgEAAAEAAACaAAAACgAAALAAAAACAAAANgAAAA4AAAAgAAAACQAAABAAAAADAAAALgAAAAoAAAA2AAAACQAAAAcAAAACAAAAJQAAAA0AAAACAAAACQAAAAYAAAABAAAALQAAAAAAAAANAAAAAgAAADEAAAANAAAACQAAAAMAAAACAAAACwAAAFMAAAALAAAABwAAAAAAAAChAAAACwAAAAYAAAAJAAAABwAAAAMAAAA4AAAAAQAAAAIAAAAGAAAAAwAAAAEAAAADAAAAAgAAAAoAAAAAAAAACwAAAAEAAAADAAAABgAAAAQAAAAEAAAAwQAAABEAAAAKAAAACQAAAAUAAAAAAAAAUgAAABMAAAANAAAACQAAANYAAAAGAAAAAwAAAAgAAAAcAAAAAQAAAFMAAAAQAAAAEAAAAAkAAABSAAAADAAAAAkAAAAJAAAAVAAAAA4AAAAFAAAACQAAAPMAAAAOAAAApgAAAAkAAABHAAAABQAAAAIAAAABAAAAAwAAAAMAAAACAAAAAAAAAAIAAAABAAAADQAAAAkAAAB4AAAABgAAAAMAAAAGAAAABAAAAAAAAAAdAAAACQAAACkAAAAGAAAAAgAAAAMAAAAJAAAAAAAAAAoAAAAKAAAALwAAAA8AAACWAQAABwAAAAIAAAAHAAAAEQAAAAkAAAA5AAAAFQAAAAIAAAANAAAAewAAAAUAAAAEAAAAAAAAAAIAAAABAAAAAgAAAAYAAAACAAAAAAAAAAkAAAAJAAAAMQAAAAQAAAACAAAAAQAAAAIAAAAEAAAACQAAAAkAAABKAQAAAwAAAGpLAAAJAAAAhwAAAAQAAAA8AAAABgAAABoAAAAJAAAA9gMAAAAAAAACAAAANgAAAAgAAAADAAAAUgAAAAAAAAAMAAAAAQAAAKxMAAABAAAAxxQAAAQAAAAEAAAABQAAAAkAAAAHAAAAAwAAAAYAAAAfAAAAAwAAAJUAAAACAAAAigUAADEAAAABAgAANgAAAAUAAAAxAAAACQAAAAAAAAAPAAAAAAAAABcAAAAEAAAAAgAAAA4AAABRBQAABgAAAAIAAAAQAAAAAwAAAAYAAAACAAAAAQAAAAIAAAAEAAAABgEAAAYAAAAKAAAACQAAAKMBAAANAAAA1wUAAAYAAABuAAAABgAAAAYAAAAJAAAAlxIAAAkAAAAHBQwA7wAAAABBmB8LHFCMAAABAAAAAgAAAAMAAAAEAAAAAAQAAPAfAAA=";return"undefined"!=typeof Buffer?Buffer.from(A,"base64"):Uint8Array.from(atob(A),A=>A.charCodeAt(0))}let I;export function init(){return I||(I=(async()=>{const Q=await WebAssembly.compile(g()),{exports:B}=await WebAssembly.instantiate(Q);A=B})())}export function initSync(){if(A)return;const Q=new WebAssembly.Module(g()),{exports:B}=new WebAssembly.Instance(Q);A=B}
\ No newline at end of file
+/* cjs-module-lexer 2.0.0 */
+let A;const B=1===new Uint8Array(new Uint16Array([1]).buffer)[0];export function parse(I,C="@"){if(!A)throw new Error("Not initialized");const w=I.length+1,D=(A.__heap_base.value||A.__heap_base)+4*w-A.memory.buffer.byteLength;D>0&&A.memory.grow(Math.ceil(D/65536));const G=A.sa(w);(B?g:E)(I,new Uint16Array(A.memory.buffer,G,w));const S=A.parseCJS(G,I.length,0,0,0);if(S){const B=new Error(`Parse error ${C}${A.e()}:${I.slice(0,A.e()).split("\n").length}:${A.e()-I.lastIndexOf("\n",A.e()-1)}`);throw Object.assign(B,{idx:A.e()}),5!==S&&6!==S&&7!==S||Object.assign(B,{code:"ERR_LEXER_ESM_SYNTAX"}),B}let R=new Set,o=new Set,H=new Set;for(;A.rre();){const B=Q(I.slice(A.res(),A.ree()));B&&o.add(B)}for(;A.ru();)H.add(Q(I.slice(A.us(),A.ue())));for(;A.re();){let B=Q(I.slice(A.es(),A.ee()));void 0===B||H.has(B)||R.add(B)}return{exports:[...R],reexports:[...o]}}function Q(A){if('"'!==A[0]&&"'"!==A[0])return A;try{const B=(0,eval)(A);for(let A=0;A<B.length;A++){const Q=64512&B.charCodeAt(A);if(!(Q<55296)){if(55296!==Q)return;if(56320!=(64512&B.charCodeAt(++A)))return}}return B}catch{}}function E(A,B){const Q=A.length;let E=0;for(;E<Q;){const Q=A.charCodeAt(E);B[E++]=(255&Q)<<8|Q>>>8}}function g(A,B){const Q=A.length;let E=0;for(;E<Q;)B[E]=A.charCodeAt(E++)}function I(){const A="AGFzbQEAAAABXA1gAX8Bf2ACf38AYAABf2AAAGABfwBgBn9/f39/fwF/YAJ/fwF/YAd/f39/f39/AX9gA39/fwF/YAh/f39/f39/fwF/YAV/f39/fwF/YAR/f39/AX9gBH9/f38AAzMyAQEBAwAABAUJBAAEBAMDAAcCAAAICgAFAAAGBQsHBgAAAAAIAAICAgICAgICAgIFDAYEBQFwAQUFBQMBAAEGCAF/AEHQmAILB1wOBm1lbW9yeQIAC19faGVhcF9iYXNlAwACc2EAJAFlACUCZXMAJgJlZQAnA3JlcwAoA3JlZQApAnVzACoCdWUAKwJyZQAsA3JyZQAtAnJ1AC4IcGFyc2VDSlMALwkKAQBBAQsEAAECAwrJkwEyDgAgACABQcgfQcAfEDALDgAgACABQdQfQcwfEDALDgAgACABQeAfQdgfEDALEgBBzB9BADYCAEHUH0EANgIAC8wBAQN/AkBBvKABKAIAIgNBAmpB5QBB8QBB9QBB6QBB8gBB5QAQEARAQbygASADQQ5qNgIAAkAQEUEoRw0AQbygAUG8oAEoAgBBAmo2AgAQESEBQbygASgCACECIAFBJ0cgAUEiR3ENACABEAxBvKABQbygASgCAEECaiIBNgIAEBFBKUcNAAJAIABBAWsOAgMDAAtBtKABKAIAIAI2AgBBtKABKAIAIAE2AgRBAQ8LQbygASADNgIAC0EADwsgAiABQaAfKAIAEQEAQQELGwAgAEGYHygCAEYEQEEBDwsgAEECay8BABAPC/8CAQV/QZgfKAIAIQQDQAJAIABBAmshASAALwEAIgJBIEcNACAAIARLIAEhAA0BCwsCQCACQT1HDQADQAJAIAFBAmshACABLwEAQSBHDQAgASAESyAAIQENAQsLIABBAmohASAAQQRqIQNBACECA0ACQCABLwEAIgBBgPgDcUGAuANGBEAgAEH/B3EgAUECay8BAEH/B3FBCnRyQYCABGohAAsgAEUgASAETXINACAAQdwARg0CIAAQEkUNACABQX5BfCAAQYCABEkbaiEBIAAQEyECDAELCyACQQFxRQ0AIAEvAQBBIEcNAEG0oAEoAgAiAkGwHygCAEYNACACIAM2AgwgAiABQQJqNgIIA0ACQCABQQJrIQAgAS8BACIDQSBHDQAgASAESyAAIQENAQsLAkACQAJAIANB8gBrDgMAAwEDCyAAQfYAQeEAEBQNAQwCCyAAQewAQeUAEBQNACAAQeMAQe8AQe4AQfMAEBVFDQELQbSgASACQRBqNgIACws7AQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUYhBgsgBgtPAQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZHDQAgAC8BDCAHRiEICyAIC7MFAQN/QbygAUG8oAEoAgAiAkEOajYCAAJAAkAQESIBQdsARwRAIAFBPUYNASABQS5HDQJBvKABQbygASgCAEECajYCABARQbygASgCACEBEBZFDQJBvKABKAIAIQAQEUE9Rw0CIAEgAEGcHygCABEBAA8LQbygAUG8oAEoAgBBAmo2AgAQESIAQSdHIABBIkdxDQFBvKABKAIAIAAQDEG8oAFBvKABKAIAQQJqIgA2AgAQEUHdAEcNAUG8oAFBvKABKAIAQQJqNgIAEBFBPUcNASAAQZwfKAIAEQEADAELIABFDQBBqB8oAgARAwBBvKABQbygASgCAEECajYCABARIgBB8gBHBEAgAEH7AEcNAUG8oAEoAgBBAmshAQJAAkADQEG8oAFBvKABKAIAIgBBAmo2AgAgAEHAoAEoAgBPDQIQESEAQbygASgCACECAkAgABAWBEBBvKABKAIAIQMQESIAQTpGBEBBvKABQbygASgCAEECajYCABAREBZFDQRBvKABKAIALwEAIQALIAIgA0GcHygCABEBAAwBCwJAIABBIkcEQCAAQS5GDQEgAEEnRw0EC0G8oAEoAgAgABAMQbygAUG8oAEoAgBBAmoiAzYCABARIgBBOkcNAUG8oAFBvKABKAIAQQJqNgIAEBEQFkUNA0G8oAEoAgAvAQAhACADQZwfKAIAEQEADAELQbygASgCACIALwECQS5HDQIgAC8BBEEuRw0CQbygASAAQQZqNgIAAkACQCAALwEGIgBB8gBGBH9BARAEQbygASgCACEADQEgAC8BAAUgAAtB//8DcRAWRQ0EDAELQbygASAAQQJqNgIACxARIQALIABB//8DcSIAQSxGDQALIABB/QBGDQELQbygASABNgIACw8LQQEQBBoLQbygASACQQxqNgIACywBAX8gAEGgAUYgAEEJayIBQRdNQQBBASABdEGfgIAEcRtyRQRAQQAPC0EBC0AAQfAfKAIARQRAQfAfIAA2AgALQbygASgCACEAQbygAUHAoAEoAgBBAmo2AgBB7B8gAEGYHygCAGtBAXU2AgALjAEBBH9BvKABKAIAIQFBwKABKAIAIQQCQANAAkAgASICQQJqIQEgAiAETw0AIAEvAQAiAyAARg0CIANB3ABHBEAgA0EKaw4EAQICAQILIAJBBGohASACLwEEQQ1HDQEgAkEGaiABIAIvAQZBCkYbIQEMAQsLQbygASABNgIAQQkQCw8LQbygASABNgIAC0oBA39BvKABKAIAQQJqIQFBwKABKAIAIQIDQAJAIAEiAEECayACTw0AIABBAmohASAALwEAQQprDgQAAQEAAQsLQbygASAANgIAC2EBAn9BvKABKAIAQQZqIQBBwKABKAIAIQEDQAJAAkAgASAAQQRrSwRAIABBAmsvAQBBKkcNAiAALwEAQS9HDQIMAQsgAEECayEAC0G8oAEgADYCAA8LIABBAmohAAwACwALNAEBfyAAQaABRiAAQQlrIgFBF01BAEEBIAF0QZ+AgARxG3JFBEAgABAiIABBLkdxDwtBAQtFAQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZGIQcLIAcLaQEDf0G8oAEoAgAhAANAAkACQCAALwEAIgFBL0YEQCAALwECIgBBKkcEQCAAQS9HDQMQDQwCCxAODAELIAEQCkUNAQtBvKABQbygASgCACICQQJqIgA2AgAgAkHAoAEoAgBJDQELCyABC4ETAQR/IABBL00EQCAAQSRGDwsCQCAAQTpJDQACQCAAQcEASQ0AIABB2wBJDQEgAEHgAE0EQCAAQd8ARg8LIABB+wBJDQEgAEH//wNNBEAgAEGqAUkNAQJ/AkAgABAgIABBjMAAa0ECSXIgAEG3AUYgAEGABmtB8ABJcnIgAEGHB0YgAEGDCWtBBUlyIABBkQtrQS1JcnINAAJAAkAgAEG/C2siAUEJSUHtAiABdkEBcXENACAAQZAMa0ELSSAAQcsMa0EfSXINAiAAQfAMRiAAQeoNa0EESXIgAEHWDWsiAUESTUEAQQEgAXRB//wZcRtyIABBwA9rQQpJIABBpg9rQQtJciAAQZEORiAAQbAOa0EbSXJyciAAQfANa0EKSSAAQb4Sa0ESSXIgAEG6EmtBA0kgAEHjEWtBIUlyciAAQdMRa0EPSSAAQdkQa0EDSXIgAEGpEGtBBUkgAEGlEGtBA0lycnJyIABBmxBrQQlJIABBlhBrQQRJciAAQf0PRiAAQesPa0EJSXJycg0CAkAgAEHREmsiAUETTwRAIABB5hJrQQpJDQQMAQtB/4AYIAF2QQFxIABB5hJrQQpJcg0BCwJAAkAgAEG8E2sOKAIBAgICAgICAgEBAgIBAQICAgEBAQEBAQEBAQIBAQEBAQEBAQEBAgIACyAAQYETa0EDSQ0DCyAAQf4TRiAAQeYTa0EKSXINAiAAQfUURiAAQYEUa0EDSXIgAEG8FGsiAUEVTUEAQQEgAXRB/bCOAXEbciAAQeYUa0EMSXINAgJAAkAgAEG8FWsOKAIBAgICAgICAgIBAgICAQICAgEBAQEBAQEBAQEBAQEBAQEBAQEBAgIACyAAQYEVa0EDSQ0DCyAAQeYVa0EKSSAAQfoVa0EGSXINAgJAAkAgAEG8FmsOKAIBAgICAgICAgEBAgIBAQICAgEBAQEBAQEBAgIBAQEBAQEBAQEBAgIACyAAQYEWa0EDSQ0DCyAAQeYWa0EKSQ0CIABBghdGIABB5hdrQQpJciAAQb4XayIBQRlNQQBBASABdEGf7oMQcRtyDQICQAJAIABBvhhrDiYCAgICAgICAQICAgECAgICAQEBAQEBAQICAQEBAQEBAQEBAQECAgALIABBgBhrQQVJDQMLIABB5hhrQQpJDQICQAJAIABBvBlrDigCAQICAgICAgIBAgICAQICAgIBAQEBAQEBAgIBAQEBAQEBAQEBAQICAAsgAEGBGWtBA0kNAwsgAEHmGWtBCkkNAiAAQXxxIgFBgBpGDQICQCAAQbsaayICQSlPBEAgAEHmGmtBCkkNBAwBC0L7956AgTAgAq2Ip0EBcSAAQeYaa0EKSXINAQsgAEF4cUHYG0YgAEGCG2tBAklyIABByhtrIgJBDE1BAEEBIAJ0QeEvcRtyIABB5htrQQpJcg0CIABBsR1GIABB8htrQQJJciAAQbEcayICQR1NQQBBASACdEH5h4D+A3EbciAAQdAca0EKSXINAgJAIABBtB1rIgJBCU8EQCAAQcgda0EGSQ0EDAELQb8DIAJ2QQFxIABByB1rQQZJcg0BCyAAQaAea0EKSSAAQdAda0EKSXINAiAAQX5xIgJBmB5GDQIgAEG1HmsiA0ELSUGVDCADdkEBcXENACAAQY0fa0ELSSAAQfEea0EUSXIgAkGGH0YgAEGSLmtBA0lyciAAQekma0EJSSAAQd0ma0EDSXIgAEGPIWtBD0kgAEGCIWtBDElycnIgAEHxIGtBBEkgAEHnIGtBB0lyIABB4iBrQQNJIABB3iBrQQNJcnIgAEHWIGtBBEkgAEHAIGtBCklyIABBxh9GIABBqyBrQRRJcnJyciAAQZkfa0EkSSAAQbIua0EDSXIgAEHSLmtBAkkgAEHyLmtBAklyciAAQYswa0EDSSAAQeAva0EKSXIgAEHdL0YgAEG0L2tBIElycnIgAEHQOWtBA0kgAEFucUHAOGtBCklyIABBpDhrQRRJIABB5jdrQQ5JcnIgAEGwN2tBCkkgAEGhN2tBDUlyIABBgDdrQQNJIABB6zZrQQlJcnJycnIgAEHQNmtBCkkgAEG0NmtBEUlyIABBgDZrQQVJIABBsDVrQQ5JcnIgAEGQNWtBCkkgAEH/NGtBC0lyIABB4DRrQR1JIABB1TRrQQpJcnJyIABBlzRrQQVJIABB0DNrQQtJciAAQakxRiAAQcYya0EKSXJyIABBkDBrQQpJIABBbHFBoDJrQQxJciAAQcA7a0E6SSAAQfc5a0EDSXJycnIgAEHtOUYgAEHyOWtBA0lyIABB1DlrQRVJIABB+ztrQQVJcnJycg0CIABB4cEARiAAQeXBAGtBDElyIABBv8AAayICQRVNQQBBASACdEGDgIABcRtyIABB0MEAa0ENSSAAQe/ZAGtBA0lyIABB/9oARiAAQWBxQeDbAEZycnIgAEGq4ABrQQZJIABBmeEAa0ECSXIgAEHvzAJGIABB9MwCa0EKSXJyIABBoMwCa0EKSXJyDQIgAEGezQJrQQJJIABB8M0Ca0ECSXIgAEGL0AJrIgJBHE1BAEEBIAJ0QYGAgPgBcRtyDQICQAJAIABBgtACaw4FAgEBAQIACyAAQYDRAmtBAkkNAwsgAUGA0wJGIABBs9MCa0EOSXIgAEHH0gJrQQ1JIABBptICa0EISXJyIABB/9ECa0ELSSAAQeDRAmtBEklyIABBtNECa0ESSSAAQdDRAmtBCklycnIgAEHl0wJGIABBqdQCa0EOSXJyDQIgAEFecUHQ0wJrQQpJDQEgAEHQ1AJrQQpJIABBw9QCayIBQQpNQQBBASABdEGBDHEbcg0BIABB49cCayIBQQpNIAFBCEdxDQEgAEGw1QJrIgFBEU1BAEEBIAF0QZ2DC3EbDQEgAEH71AJrQQNJIABB69UCayIBQQtNQQBBASABdEGfGHEbcg0BIABBcHEiAUGA/ANGIABBnvYDRnINASAAQfDXAmtBCkkNACABQaD8A0YgAEGz/ANrQQJJciAAQc38A2tBA0lyIABBkP4Da0EKSXIgAEG//gNGcgwDC0EBDAILQQEMAQtBAQsPC0EBIQEgABAfDQBBACEBQYCABCEEQX4hA0GwFyECAkADQCADQQJqIgNB+QFLDQEgACACKAIAIARqIgRJBEBBACEBDAILIAJBBGohASACQQhqIQIgASgCACAEaiIEIABJDQALQQEhAQsgA0H6AUkgAXEhAQsgAQ8LQQELXQEBfyAAQcAATQRAIABBJEYPC0EBIQECQCAAQdsASQ0AIABB4ABNBEAgAEHfAEYPCyAAQfsASQ0AIABB//8DTQRAQQAhASAAQaoBSQ0BIAAQIA8LIAAQHyEBCyABC0YBA38CQCAAQQJrIgRBmB8oAgAiBUkNACAELwEAIAFHDQAgAC8BACACRw0AIAQgBUYEQEEBDwsgAEEEay8BABAPIQMLIAMLYAEDfwJAIABBBmsiBkGYHygCACIHSQ0AIAYvAQAgAUcNACAAQQRrLwEAIAJHDQAgAEECay8BACADRw0AIAAvAQAgBEcNACAGIAdGBEBBAQ8LIABBCGsvAQAQDyEFCyAFC3oBAX8gABAhIgEQEyEAAn8gAUHcAEcEQEEAIABFDQEaC0G8oAEoAgBBAkEEIAFBgIAESRtqIQACQANAQbygASAANgIAIAAvAQAQISIBRQ0BIAEQEgRAIABBAkEEIAFBgIAESRtqIQAMAQsLQQAgAUHcAEYNARoLQQELC5MBAQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKQdAARw0AIAAvAQxB8gBHDQAgAC8BDkHvAEcNACAALwEQQfAARw0AIAAvARJB5QBHDQAgAC8BFEHyAEcNACAALwEWQfQARw0AIAAvARhB+QBGIQYLIAYLmwEBAn9BvKABKAIAIQECQCAAQe0ARgR/IAFBAmpB7wBB5ABB9QBB7ABB5QAQB0UNAUG8oAEgAUEMajYCABARQS5HBEAMAgtBvKABQbygASgCAEECajYCABARBSAAC0HlAEcNAEG8oAEoAgAiAEEOaiABIABBAmpB+ABB8ABB7wBB8gBB9ABB8wAQECICGyEBC0G8oAEgATYCACACC2wBAX8CQCAALwEAQe4ARw0AIAAvAQJB9QBHDQAgAC8BBEHtAEcNACAALwEGQeUARw0AIAAvAQhB8gBHDQAgAC8BCkHhAEcNACAALwEMQeIARw0AIAAvAQ5B7ABHDQAgAC8BEEHlAEYhAQsgAQvzAwEEfwJAEBFBzwBHDQBBvKABKAIAIgJBAmpB4gBB6gBB5QBB4wBB9AAQB0UNAEG8oAEgAkEMajYCABARQS5HDQBBvKABQbygASgCAEECajYCABARIgJB8ABGBH8CQEG8oAEoAgAiBEECaiICLwEAQfIARw0AIAIvAQJB7wBHDQAgAi8BBEH0AEcNACACLwEGQe8ARw0AIAIvAQhB9ABHDQAgAi8BCkH5AEcNACACLwEMQfAARw0AIAIvAQ5B5QBGIQMLIANFDQFBvKABIARBEmo2AgAQEUEuRw0BQbygAUG8oAEoAgBBAmo2AgAQEQUgAgtB6ABHDQBBvKABKAIAIgJBAmpB4QBB8wBBzwBB9wBB7gAQF0UNAEG8oAEgAkEcajYCABARQS5HDQBBvKABQbygASgCAEECajYCABARQeMARw0AQbygASgCACICLwECQeEARw0AIAIvAQRB7ABHDQAgAi8BBkHsAEcNAEG8oAEgAkEIajYCABARQShHDQBBvKABQbygASgCAEECajYCABAREBZFDQAQEUEsRw0AQbygAUG8oAEoAgBBAmo2AgAQERpBvKABKAIAIgIgACABQQF0IgAQIw0AQbygASAAIAJqNgIAEBFBKUcNAEG8oAFBvKABKAIAQQJqNgIAQQEhBQsgBQtDAQN/AkAgAEEIayIHQZgfKAIAIghJDQAgByABIAIgAyAEIAUQB0UNACAHIAhGBEBBAQ8LIABBCmsvAQAQDyEGCyAGC1MBA38CQCAAQQRrIgVBmB8oAgAiBkkNACAFLwEAIAFHDQAgAEECay8BACACRw0AIAAvAQAgA0cNACAFIAZGBEBBAQ8LIABBBmsvAQAQDyEECyAEC0UBA38CQCAAQQprIghBmB8oAgAiCUkNACAIIAEgAiADIAQgBSAGEBBFDQAgCCAJRgRAQQEPCyAAQQxrLwEAEA8hBwsgBws3AQJ/AkBBmB8oAgAiAyAASw0AIAAvAQAgAUcNACAAIANGBEBBAQ8LIABBAmsvAQAQDyECCyACC2YBBH9BgIAEIQFBfiEEQZAIIQICQANAIARBAmoiBEHnA0sNASAAIAIoAgAgAWoiAUkEQEEAIQMMAgsgAkEEaiEDIAJBCGohAiADKAIAIAFqIgEgAEkNAAtBASEDCyAEQegDSSADcQv/GwEFfwJAIABBxgVrQQxJIABB+AFrQcoDSXIgAEGqAWsiAUEQTUEAQQEgAXRBgZAEcRtyIABBwAFrQRdJIABB2AFrQR9JcnINACAAQfAGayIBQRxNQQBBASABdEHf+YK6AXEbDQAgAEGKCWtBpgFJIABB9wdrQYsBSXIgAEHgBWsiAUEOTUEAQQEgAXRBn6ABcRtyIABBjgdrQRRJIABBowdrQdMASXIgAEHvC2tBBEkgAEHQC2tBG0lycnINACAAQdkKRiAAQeAKa0EpSXIgAEGxCmtBJkkgAEHxDGtB4wBJcnIgAEGgDGtBK0lyDQAgAEF+cSIEQe4MRg0AAkACQAJAIABB1Q1rIgFBPE8EQCAAQZIOa0EeSQ0EDAELQoGAjLCAnIGACCABrYinQQFxIABBkg5rQR5Jcg0BCyAAQbEPRiAAQcoPa0EhSXIgAEHNDmtB2QBJcg0CIABBgBBrQRZJIABB9A9rIgFBBk1BAEEBIAF0QcMAcRtyDQICQAJAIABBpBBrDgUCAQEBAgALIABBmhBGDQMLIABBhBJrQTZJIABBthFrQQhJciAAQaARa0EVSSAAQcAQa0EZSXJyIABBvRJGIABB4BBrQQtJciAAQdASRiAAQdgSa0EKSXJycg0CIABB8RJrQRBJDQICQCAAQYUTayIBQQxPBEAgAEGTE2tBFkkNBAwBC0H/GSABdkEBcSAAQZMTa0EWSXINAQsgAEGqE2tBB0kgAEH8E2siAUEUTUEAQQEgAXRBgfzhAHEbcg0CIABBshNrIgFBHE1BAEEBIAF0QfGRgIABcRsNAiAAQZMUa0EWSSAAQdwTayIBQRVNQQBBASABdEG7gMABcRtyDQIgAEGqFGsiAUE1SUL/toOAgIDgCyABrYhCAYNQRXEgAEGTFWtBFkkgAEGPFWtBA0lyciAAQfIUa0EDSSAAQYUVa0EJSXJyDQICQAJAIABBqhVrDicCAgICAgICAQICAQICAgICAQEBAgEBAQEBAQEBAQEBAQEBAQEBAQIACyAAQeAVa0ECSSAAQfkVayIBQRdNQQBBASABdEGB4L8GcRtyDQMLIABBkxZrQRZJDQICQAJAIABB8RZrDjQCAQEBAQEBAQEBAQEBAQEBAQECAQICAgICAgEBAQICAgECAgICAQEBAgIBAgECAgEBAQICAAsgAEGqFmsiAUETTUEAQQEgAXRB//YjcRsNAyAAQdwWayIBQQVLDQAgAUECRw0DCyAAQagXa0EDSSAAQZIYa0EXSXIgAEGOGGtBA0kgAEGFGGtBCElyciAAQdAXRiAAQa4Xa0EMSXIgAEG9GEYgAEGqGGtBEElycnINAiAAQdgYayIBQSlJQoeGgICAICABrYhCAYNQRXEgAEGqGWtBCkkgAEGSGWtBF0lyciAAQYUZa0EISSAAQY4Za0EDSXJyDQIgAEGFGmsiAUELTSABQQhHcQ0CIABBtRlrIgFBCE1BAEEBIAF0QZ8CcRsNAiAAQb0aRiAAQZIaa0EpSXIgAEHeGWsiAUEUTUEAQQEgAXRBjYDgAHEbciAAQc4aRiAAQbMba0EJSXIgAEGaG2tBGEkgAEGFG2tBEklycnINAiAAQfoaa0EGSSAAQdQaa0EDSXIgAEHfGmtBA0lyDQIgAEG9G2siAUEKSUH5ByABdkEBcXENACAEQbIcRiAAQYEca0EwSXIgAEHAHGtBB0lyDQIgAEGBHWsiAUEMTUEAQQEgAXRByyVxGw0CIABBfHEiAUGUHUYgAEGZHWtBB0lyDQIgAEGhHWsiAkEmSULX7JuA+QUgAq2IQgGDUEVxIABBgCBrQStJIABBiB9rQQVJcnIgAEHJHmtBJElyDQIgAEF4cSIDQcAeRiAAQYAeRnIgAUHcHUZyDQICQCAAQb8gayICQShPBEAgAEHuIGtBA0kNBAwBC0KBgPjDxxggAq2Ip0EBcSAAQe4ga0EDSXINAQsgAEGOIUYgAEGgIWtBJklyIABBxyFGIABB9SBrQQ1JcnIgAEHNIUYgAEHKJGtBBElyIABB0CFrQStJIABB/CFrQc0CSXJycg0CIABB0CRrIgJBCUlB/wIgAnZBAXFxDQAgAEGyJWtBBEkgAEGQJWtBIUlyIABBiiVrQQRJIABB2iRrQQRJcnIgAEHgJGtBKUlyDQIgAEG4JWsiAkEJSUH/AiACdkEBcXENACAAQYAva0E0SSAAQe4ua0EDSXIgAEHgLmtBDUkgAEHALmtBEklyciAAQaAua0ESSSAAQY4ua0EESXIgAEGALmtBDUkgAEHuLWtBC0lycnINAiAAQaAta0HLAEkgAEGBLWtBGklyIABB7yxrQRFJIABBgShrQewESXJyIABB+CdrQQZJIABBoCdrQdYASXJyDQIgAEFwcSICQYAnRiAAQZgma0HDAElyIABBkiZrQQRJIABB2CVrQTlJcnIgAEHCJWtBBEkgAEHIJWtBD0lyIABB1y9GIABB3C9GcnJyDQIgAEGgMGtB2QBJIABBgDRrQRdJciAAQbAza0EaSSAAQYAza0EsSXJyIABB8DJrQQVJcg0CIABB0DJrQR5JIABBgDJrQR9JciAAQaoxRiAAQbAxa0HGAElyciAAQYAxa0EpSSAAQcU2a0EHSXIgAEGnNUYgAEGFNmtBL0lycnINASAAQaA0a0E1SSAAQek5a0EESXIgAEG9OWtBA0kgAEGQOWtBK0lyciAAQYA5a0EJSSAAQdo4a0EkSXIgAEHNOGtBA0kgAEGAOGtBJElycnINASAAQbo3a0EsSSAAQYM3a0EeSXIgBEGuN0ZyDQEgAEHuOWsiBUEJSUGPAyAFdkEBcXENACAAQcg+a0EGSSAAQaA+a0EmSXIgAEGYPmtBBkkgAEGAOmtBwAFJcnIgAEGAPGtBlgJJIABBgD9rQTVJciAAQd0+RiAAQd8+a0EfSXJycg0BIANB0D5GIABBfXFB2T5Gcg0BIABBtj9rIgNBCUlB/wIgA3ZBAXFxDQAgAEHyP2tBA0kgAEHgP2tBDUlyIAFB0D9GIABB1j9rQQZJcnIgAEHCP2tBA0kgAEHGP2tBB0lyIABB8cAARiAAQfY/a0EHSXJycg0BIABB/8AARiAAQZDBAGtBDUlyIABBgsIARiAAQYfCAEZyciAAQZXCAEYgAEGKwgBrQQpJcnINASAAQZjCAGsiA0ERSUG/oAUgA3ZBAXFxDQAgAUG8wgBGIABBqsIAa0EQSXINASAAQcXCAGsiA0EKSUGfBCADdkEBcXENACAAQeDYAGtBhQFJIABBsNgAa0EvSXIgAEHgwgBrQSlJIABBgNgAa0EvSXJyDQECQCAAQevZAGsiA0EJTwRAIABBgNoAa0EmSQ0DDAELQY8DIAN2QQFxIABBgNoAa0EmSXINAQsgAEGn2gBGIABBrdoARnIgAEGAygJrQY0CSSAAQdDJAmtBLklyciAAQYDAAmtBjQlJIABBgJwBa0HwowFJciACQfDjAEYgAEGA6ABrQbYzSXJycg0BIABBoOMAa0EbSSAAQbHiAGtB3gBJciABQfzhAEYgAEGF4gBrQStJcnIgAEGh4QBrQdoASSAAQZvhAGtBBUlyIABBweAAa0HWAEkgAEG44ABrQQVJcnJyDQEgAEGx4ABrQQVJIABBoeAAa0EJSXIgAEGF4ABrQQNJcg0BIABBZ3EiAUHA2wBrQQdJIAFBoNsAa0EHSXIgAEHv2gBGIABBgNsAa0EXSXJyIABBsNoAa0E4SSAAQYLRAmtBMklyIABBwNACa0E0SSAAQYzQAmtBF0lycnINASAAQYfQAmtBBEkgAEGD0AJrQQNJciAAQffPAmtBC0kgAEGLzwJrQS9JcnIgAEGizgJrQecASSAAQZfOAmtBCUlyIABBoM0Ca0HQAEkgAEH/zAJrQR9JcnJyDQEgAkGQzAJGIABBwMwCa0EvSXIgBEGqzAJGcg0BIABB8tECayIBQQ1JQb80IAF2QQFxcQ0AIABB4NICa0EdSSAAQYrSAmtBHElyIABBsNICa0EXSSAAQcTUAmtBCElyciAAQcDUAmtBA0kgAEGA1AJrQSlJciAAQfrTAmtBBUkgAEHm0wJrQQpJcnJyDQEgAEHP0wJGIABB4NMCa0EFSXIgAEGE0wJrQS9JIABB/tQCa0EySXJyIABB+tQCRiAAQeDUAmtBF0lycg0BIABBsdUCayIBQRJJQbG+CiABdkEBcXENACAAQYD2A2tBB0kgAEHw9ANrQeoASXIgAEGA8gNrQe4CSSAAQcuvA2tBMUlyciAAQbCvA2tBF0kgAEGA2AJrQaTXAElyIABB8NYCa0HzAEkgAEHc1gJrQQpJcnJyDQEgAEGw1gJrQStJDQEgAEF3cSIBQaDWAmtBB0kgAEGR1gJrQQZJciABQYHWAmtBBkkgAEHy1QJrQQNJcnIgAEHb1QJrQQNJIABB4NUCa0ELSXJyDQEgAEGT9gNrIgFBC0lBnwggAXZBAXFxDQAgAEGf9gNrQQpJIABBqvYDa0ENSXINASAAQbj2A2siAUENSUHfNiABdkEBcXENACAAQdL/A2tBBkkgAEF2cUHC/wNrQQZJciAAQeb+A2tB2QBJIABBwf4Da0EaSXJyIABBof4Da0EaSSAAQfb8A2tBhwFJciAAQfD8A2tBBUkgAEHw+wNrQQxJcnJyDQEgAEGS+wNrQTZJIABB0PoDa0HAAElyIABBxvYDa0HsAElyDQEgAEHT9wNrQesCSQ0AIABB2v8Da0EDSQ8LQQEPC0EBDwtBAQsyACAAQYD4A3FBgLADRgR/IABBCnRBgPg/cUG8oAEoAgAvAQJB/wdxckGAgARqBSAACwtdAQF/AkAgAEH4/wNxQShGIABBIWsiAUEFTUEAQQEgAXRBMXEbckUEQCAAQTprIgFB//8DcUElT0K/gICAoAMgAa2IQgGDUHINAQtBAQ8LIABB+wBrQf//A3FBBEkLQwEDfwJAIAJFDQADQCAALQAAIgQgAS0AACIFRgRAIAFBAWohASAAQQFqIQAgAkEBayICDQEMAgsLIAQgBWshAwsgAwt4AQF/QZgfKAIAIgEgAEEBdGoiAEEAOwEAQeQfIABBAmoiADYCAEHoHyAANgIAQcAfQQA2AgBByB9BADYCAEHEH0EANgIAQcwfQQA2AgBB1B9BADYCAEHQH0EANgIAQdgfQQA2AgBB4B9BADYCAEHcH0EANgIAIAELCABB7B8oAgALFQBBxB8oAgAoAgBBmB8oAgBrQQF1CxUAQcQfKAIAKAIEQZgfKAIAa0EBdQsVAEHQHygCACgCAEGYHygCAGtBAXULFQBB0B8oAgAoAgRBmB8oAgBrQQF1CxUAQdwfKAIAKAIAQZgfKAIAa0EBdQsVAEHcHygCACgCBEGYHygCAGtBAXULCgBBwB9BxB8QMQsKAEHMH0HQHxAxCwoAQdgfQdwfEDEL0UEBBX8Cf0GAwAAgATYCAEGYHyAANgIAIAIEQEGcHyACNgIACyADBEBBoB8gAzYCAAsgBARAQaQfIAQ2AgALQYjAAEH//wM7AQBBoOAAQaDAADYCAEGwoAFBsOAANgIAQbSgAUGAIDYCAEGMwABBrB8oAgA2AgBBvKABIABBAmsiAjYCAEHAoAEgAiABQQF0aiIDNgIAQYbAAEEAOwEAQYTAAEEAOwEAQZDAAEEAOgAAQewfQQA2AgBB8B9BADYCAEG4oAFBADoAAAJAAkAgAC8BAEEjRw0AIAAvAQJBIUcNAEEAIQIgAUECRg0BIABBBGohAANAIAAiAkECayADTw0BIABBAmohACACLwEAQQprDgQBAAABAAsACwNAQbygASACQQJqIgA2AgACQAJAAkAgAiADSQRAIAAvAQAiA0EJayIBQRdNQQBBASABdEGfgIAEcRsNAwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAQYbAAC8BACIFRQRAAkACQAJAIANB3wBrDg8CEBMTBhMFExMTARMTEwQACwJAIANBJ2sOCQ4ICRMTExMTDwALAkAgA0H7AGsOAwsTDAALIANBIkYNDSADQc8ARg0GIANB8gBHDRICQEEAEARFDQAgABAFRQ0AIAIQBgtBjMAAQbygASgCADYCAAwTCwJAIAJBBGpB7QBB8ABB7wBB8gBB9AAQB0UNACAAEAVFDQBBvKABQbygASgCACIBQQxqIgA2AgACQAJAAkACQAJAAkACQBARIgJBJ2sOCAIDAQIBAQEEAAsgAkEiRiACQfsARnINAQtBvKABKAIAIABGDQQLQYbAAC8BAEUNAkG8oAFBvKABKAIAQQJrNgIADAMLQYbAAEGGwAAvAQAiAEEBajsBAEGwoAEoAgAgAEECdGogATYCAAwCC0EFEAsMAQtBBhALC0G8oAEoAgAhAAtBjMAAIAA2AgAMEgtBACEDAkAgAkEEaiIBLwEAQekARw0AIAEvAQJB7gBHDQAgAS8BBEH0AEcNACABLwEGQeUARw0AIAEvAQhB8gBHDQAgAS8BCkHvAEcNACABLwEMQfAARw0AIAEvAQ5B0gBHDQAgAS8BEEHlAEcNACABLwESQfEARw0AIAEvARRB9QBHDQAgAS8BFkHpAEcNACABLwEYQfIARw0AIAEvARpB5QBHDQAgAS8BHEHXAEcNACABLwEeQekARw0AIAEvASBB7ABHDQAgAS8BIkHkAEcNACABLwEkQeMARw0AIAEvASZB4QBHDQAgAS8BKEHyAEcNACABLwEqQeQARiEDCwJAAkAgA0UNACAAEAVFBEAgAi8BAEEuRw0BC0G8oAEgAkEwajYCACACLwEwQShHDQFBvKABIAJBMmo2AgBBhsAAQQE7AQBBsKABKAIAQYzAACgCADYCAEEAEARFDQEgABAFRQ0BIAIQBgwBCyABQd8AQeUAQfgAQfAAQe8AQfIAQfQAEAhFDQAgABAFRQRAIAIvAQBBLkcNAQtBvKABIAJBEmo2AgAgAi8BEiIAQdMARgR/IAIvARRB9ABHDQEgAi8BFkHhAEcNASACLwEYQfIARw0BQbygASACQRpqNgIAIAIvARoFIAALQf//A3FBKEcNAEGwoAEoAgBBjMAAKAIANgIAQYbAAEEBOwEAQbygAUG8oAEoAgAiAEECajYCACAALwECQfIARw0AQQIQBBoLQYzAAEG8oAEoAgA2AgAMEQsCQCADQSdrDgkLBQcQEBAQEAwACwJAIANB4ABrDgYNEBADEAIACwJAIANB+wBrDgMIEAoACyADQSJGDQogA0HPAEYNAyADQe0ARw0PCyACQQRqQe8AQeQAQfUAQewAQeUAEAdFDQ4gABAFRQ0OQbygAUG8oAEoAgAiAEEMajYCAAJAAkAQEUEuRw0AQbygAUG8oAEoAgBBAmo2AgAQEUHlAEcNAEG8oAEoAgBBAmpB+ABB8ABB7wBB8gBB9ABB8wAQEEUNAEEBEAkMAQtBvKABIABBCmo2AgALDA4LIAJBBGpB+ABB8ABB7wBB8gBB9AAQB0UNDSAAEAVFDQ0gAi8BDkHzAEYEQEEAEAkMDgsgBQ0NQbygAUG8oAEoAgBBDGoiATYCABARIQACQCABQbygASgCAEYEQCAAECJFDQELQQcQCwsMDQsgABAFRQ0MIAIvAQRB7ABHDQwgAi8BBkHhAEcNDCACLwEIQfMARw0MIAIvAQpB8wBHDQwgAi8BDBAKRQ0MQbigAUEBOgAADAwLIAJBBGpB4gBB6gBB5QBB4wBB9AAQB0UNCyAAEAVFDQsgBUUhAUG8oAFBvKABKAIAIgBBDGo2AgAgAEEKaiECAkACQBARQS5HDQBBvKABQbygASgCAEECajYCAAJAEBEiAEHkAEYEQEG8oAEoAgAiAEECakHlAEHmAEHpAEHuAEHlABAXRQ0CQbygASAAQRxqNgIAIABBGmohAhARQShHDQJBvKABQbygASgCAEECajYCABAREBhFDQIQEUEsRw0CQbygAUG8oAEoAgBBAmo2AgAQESIAQSdHIABBIkdxDQJBvKABKAIAIQQgABAMQbygAUG8oAEoAgBBAmoiAzYCABARQSxHDQFBvKABQbygASgCAEECajYCABARQfsARw0BQbygAUG8oAEoAgBBAmo2AgAQESIAQeUARgRAQbygASgCACIAQQJqEBlFDQJBvKABIABBFGo2AgAQEUE6Rw0CQbygAUG8oAEoAgBBAmo2AgAQEUH0AEcNAkG8oAEoAgAiAC8BAkHyAEcNAiAALwEEQfUARw0CIAAvAQZB5QBHDQJBvKABIABBCGo2AgAQEUEsRw0CQbygAUG8oAEoAgBBAmo2AgAQESEACyAAQecARwRAIABB9gBHDQJBvKABKAIAIgAvAQJB4QBHDQIgAC8BBEHsAEcNAiAALwEGQfUARw0CIAAvAQhB5QBHDQJBvKABIABBCmo2AgAQEUE6Rw0CIAQgA0GcHygCABEBAEG8oAEgAjYCAAwEC0G8oAEoAgAiAC8BAkHlAEcNASAALwEEQfQARw0BQbygASAAQQZqNgIAEBEiAEE6RgR/QbygAUG8oAEoAgBBAmo2AgAQEUHmAEcNAkG8oAEoAgAiAEECakH1AEHuAEHjAEH0AEHpAEHvAEHuABAIRQ0CQbygASAAQRBqIgE2AgAQESIAQShHBEAgAUG8oAEoAgBGDQMgABAWRQ0DCxARBSAAC0EoRw0BQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0BQbygAUG8oAEoAgBBAmo2AgAQEUH7AEcNAUG8oAFBvKABKAIAQQJqNgIAEBFB8gBHDQFBvKABKAIAIgBBAmpB5QBB9ABB9QBB8gBB7gAQB0UNAUG8oAEgAEEMajYCABAREBZFDQECQAJAEBEiAEHbAEcEQCAAQS5HDQJBvKABQbygASgCAEECajYCABAREBYNAQwEC0G8oAFBvKABKAIAQQJqNgIAEBEiAEEnRyAAQSJHcQ0DIAAQDEG8oAFBvKABKAIAQQJqNgIAEBFB3QBHDQNBvKABQbygASgCAEECajYCAAsQESEACyAAQTtGBH9BvKABQbygASgCAEECajYCABARBSAAC0H9AEcNAUG8oAFBvKABKAIAQQJqNgIAEBEiAEEsRgR/QbygAUG8oAEoAgBBAmo2AgAQEQUgAAtB/QBHDQFBvKABQbygASgCAEECajYCABARQSlHDQEgBCADQZwfKAIAEQEADAMLIAFFIABB6wBHcg0BQbygASgCACIALwECQeUARw0BIAAvAQRB+QBHDQEgAC8BBkHzAEcNASAAQQZqIQJBvKABIABBCGo2AgAQEUEoRw0BQbygAUG8oAEoAgBBAmo2AgAQEUG8oAEoAgAhBhAWRQ0BQbygASgCABARQSlHDQFBvKABQbygASgCACICQQJqNgIAEBFBLkcNAUG8oAFBvKABKAIAQQJqNgIAEBFB5gBHDQFBvKABKAIAIgBBAmpB7wBB8gBBxQBB4QBB4wBB6AAQEEUNAUG8oAEgAEEOajYCABARQbygASgCACIAQQJrIQJBKEcNAUG8oAEgAEECajYCABARQeYARw0BQbygASgCACIAQQJqQfUAQe4AQeMAQfQAQekAQe8AQe4AEAhFDQFBvKABIABBEGo2AgAQEUEoRw0BQbygAUG8oAEoAgBBAmo2AgAQEUG8oAEoAgAhBxAWRQ0BQbygASgCACEBEBFBKUcNAUG8oAFBvKABKAIAQQJqNgIAEBFB+wBHDQFBvKABQbygASgCAEECajYCABARQekARw0BQbygASgCACIALwECQeYARw0BQbygASAAQQRqNgIAEBFBKEcNAUG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgASAHayIJECMNASAGayIFQQF1IQRBvKABIAAgCUEBdSIIQQF0ajYCAAJAAkACQBARIgBBIUcEQCAAQT1HDQVBvKABKAIAIgAvAQJBPUcNBSAALwEEQT1HDQVBvKABIABBBmo2AgAQESIBQSdHIAFBIkdxDQVBvKABKAIAIgBBAmpB5ABB5QBB5gBB4QBB9QBB7ABB9AAQCEUNBUG8oAEgAEEQajYCABARIAFHDQVBvKABQbygASgCAEECajYCABARQfwARw0FQbygASgCACIALwECQfwARw0FQbygASAAQQRqNgIAEBEaQbygASgCACIAIAcgCRAjDQVBvKABIAAgCEEBdGo2AgAQEUE9Rw0FQbygASgCACIALwECQT1HDQUgAC8BBEE9Rw0FQbygASAAQQZqNgIAEBEiA0EnRyADQSJHcQ0FQQAhAQJAQbygASgCACIAQQJqIgovAQBB3wBHDQAgCi8BAkHfAEcNACAKLwEEQeUARw0AIAovAQZB8wBHDQAgCi8BCEHNAEcNACAKLwEKQe8ARw0AIAovAQxB5ABHDQAgCi8BDkH1AEcNACAKLwEQQewARw0AIAovARJB5QBGIQELIAFFDQVBvKABIABBFmo2AgAQESADRw0FQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0FQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNBUG8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0FQbygASAAQQxqNgIAEBFBO0YEQEG8oAFBvKABKAIAQQJqNgIACxARIgBB6QBHDQNB6QAhAEG8oAEoAgAiAS8BAkHmAEcNA0G8oAEgAUEEajYCABARQShHDQVBvKABQbygASgCAEECaiIANgIAIAcgCBAaBEAQEUEpRw0GQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNBkG8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0GQbygASAAQQxqNgIAEBFBO0YEQEG8oAFBvKABKAIAQQJqNgIACxARIgBB6QBHDQRB6QAhAEG8oAEoAgAiAS8BAkHmAEcNBEG8oAEgAUEEajYCABARQShHDQZBvKABKAIAQQJqIQALQbygASAANgIAIAAgByAJECMNBUG8oAEgACAIQQF0ajYCABARQekARw0FQbygASgCACIALwECQe4ARw0FIAAvAQRBIEcNBUG8oAEgAEEGajYCABAREBhFDQUQEUEmRw0FQbygASgCACIALwECQSZHDQVBvKABIABBBGo2AgAQERAYRQ0FEBFB2wBHDQVBvKABQbygASgCAEECajYCABARGkG8oAEoAgAiACAHIAkQIw0FQbygASAAIAhBAXRqNgIAEBFB3QBHDQVBvKABQbygASgCAEECajYCABARQT1HDQVBvKABKAIAIgAvAQJBPUcNBSAALwEEQT1HDQVBvKABIABBBmo2AgAQERpBvKABKAIAIgAgBiAFECMNBUG8oAEgACAEQQF0ajYCABARQdsARw0FQbygAUG8oAEoAgBBAmo2AgAQERpBvKABKAIAIgAgByAJECMNBUG8oAEgACAIQQF0ajYCABARQd0ARw0FQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0FQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNBUG8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0FQbygASAAQQxqNgIAEBFBO0YNAQwCC0G8oAEoAgAiAC8BAkE9Rw0EIAAvAQRBPUcNBEG8oAEgAEEGajYCABARIgFBJ0cgAUEiR3ENBEG8oAEoAgAiAEECakHkAEHlAEHmAEHhAEH1AEHsAEH0ABAIRQ0EQbygASAAQRBqNgIAEBEgAUcNBEG8oAFBvKABKAIAQQJqNgIAEBEiAEEmRgR/QbygASgCACIALwECQSZHDQVBvKABIABBBGo2AgAQEUEhRw0FQbygAUG8oAEoAgBBAmo2AgACQAJAEBEiAEHPAEcNAEG8oAEoAgBBAmpB4gBB6gBB5QBB4wBB9ABBLhAQRQ0AIAcgCBAaRQ0HDAELIAAQFkUNABARQS5HDQZBvKABQbygASgCAEECajYCABARQegARw0GQbygASgCACIAQQJqQeEAQfMAQc8AQfcAQe4AEBdFDQZBvKABIABBHGo2AgAQEUEoRw0GQbygAUG8oAEoAgBBAmo2AgAQERpBvKABKAIAIgAgByAJECMNBkG8oAEgACAIQQF0ajYCABARQSlHDQZBvKABQbygASgCAEECajYCAAsQEQUgAAtBKUcNBAtBvKABQbygASgCAEECajYCAAsQESEACwJAAkAgABAYBEAQEUHbAEcNBEG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQRBvKABIAAgCEEBdGo2AgAQEUHdAEcNBEG8oAFBvKABKAIAQQJqNgIAEBFBPUcNBEG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAYgBRAjDQRBvKABIAAgBEEBdGo2AgAQEUHbAEcNBEG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQRBvKABIAAgCEEBdGo2AgAQEUHdAEcNBEG8oAFBvKABKAIAQQJqNgIAEBEiAEE7Rg0BDAILIABBzwBHDQNBvKABKAIAIgBBAmpB4gBB6gBB5QBB4wBB9AAQB0UNA0G8oAEgAEEMajYCABARQS5HDQNBvKABQbygASgCAEECajYCABARQeQARw0DQbygASgCACIAQQJqQeUAQeYAQekAQe4AQeUAEBdFDQNBvKABIABBHGo2AgAQEUEoRw0DQbygAUG8oAEoAgBBAmo2AgAQERAYRQ0DEBFBLEcNA0G8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQNBvKABIAAgCEEBdGo2AgAQEUEsRw0DQbygAUG8oAEoAgBBAmo2AgAQEUH7AEcNA0G8oAFBvKABKAIAQQJqNgIAEBFB5QBHDQNBvKABKAIAIgBBAmoQGUUNA0G8oAEgAEEUajYCABARQTpHDQNBvKABQbygASgCAEECajYCABARQbygASgCACEBQfQARwRAIAEvAQJB8gBHDQQgAS8BBEH1AEcNBCABLwEGQeUARw0EC0G8oAEgAUEIajYCABARQSxHDQNBvKABQbygASgCAEECajYCABARQecARw0DQbygASgCACIALwECQeUARw0DIAAvAQRB9ABHDQNBvKABIABBBmo2AgAQESIAQTpGBH9BvKABQbygASgCAEECajYCABARQeYARw0EQbygASgCACIAQQJqQfUAQe4AQeMAQfQAQekAQe8AQe4AEAhFDQRBvKABIABBEGoiATYCABARIgBBKEcEQCABQbygASgCAEYNBSAAEBZFDQULEBEFIAALQShHDQNBvKABQbygASgCAEECajYCABARQSlHDQNBvKABQbygASgCAEECajYCABARQfsARw0DQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNA0G8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0DQbygASAAQQxqNgIAEBEaQbygASgCACIAIAYgBRAjDQNBvKABIAAgBEEBdGo2AgAQEUHbAEcNA0G8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQNBvKABIAAgCEEBdGo2AgAQEUHdAEcNA0G8oAFBvKABKAIAQQJqNgIAEBEiAEE7RgR/QbygAUG8oAEoAgBBAmo2AgAQEQUgAAtB/QBHDQNBvKABQbygASgCAEECajYCABARIgBBLEYEf0G8oAFBvKABKAIAQQJqNgIAEBEFIAALQf0ARw0DQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0DQbygAUG8oAEoAgBBAmo2AgAQESIAQTtHDQELQbygAUG8oAEoAgBBAmo2AgAQESEACyAAQf0ARw0BQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0BQbSgASgCACEDQYAgIQADQAJAIAAgA0cEQCAEIABBDGooAgAgAEEIaigCACIBa0EBdUcNASAGIAEgBRAjDQEgACgCACAAQQRqKAIAQaAfKAIAEQEAQbygASACNgIACwwECyAAQRBqIQAMAAsACyAEIANBpB8oAgARAQALQbygASACNgIACwwLC0GGwAAgBUEBajsBAEGwoAEoAgAgBUECdGpBjMAAKAIANgIADAoLQQgQC0HwHygCAAwNC0GGwAAgBUEBazsBAAwICyAFQdCgAWpBuKABLQAAOgAAQYbAACAFQQFqOwEAQbCgASgCACAFQQJ0akGMwAAoAgA2AgBBuKABQQA6AAAMBwtBAhALQQAMCgtBhsAAIAVBAWsiADsBAEGIwAAvAQAiASAFRgRAQYTAAEGEwAAvAQBBAWsiADsBAEGIwABBoOAAKAIAIABB//8DcUEBdGovAQA7AQAMBQsgAUH//wNGIABB//8DcSABT3INBUEDEAtB8B8oAgAMCQsgAxAMDAQLAkAgAi8BBCIAQSpHBEAgAEEvRw0BEA0MBgsQDgwFC0GQwAACfwJAAkACfwJAQYzAACgCACIGLwEAIgRBKUcgBEEoa0H//wNxQQdJcSAEQSFrIgBBBU1BAEEBIAB0QTFxG3JFBEAgBEE6ayIAQf//A3FBJU9Cv4CAgKACIACtiEIBg1ByDQELQQEMAQsgBEH9AEcgBEH7AGtB//8DcUEESXELBEACQAJAAkAgBEEraw4EAQUCAAULIAZBAmsvAQBBMGtB//8DcUEKSQ0DDAQLIAZBAmsvAQBBK0YNAgwDCyAGQQJrLwEAQS1GDQEMAgsCQCAEQf0ARwRAIARBL0YNASAEQSlHDQJBASEDAkBBsKABKAIAIAVBAnRqKAIAIgBB9wBB6ABB6QBB7ABB5QAQGw0AIABB5gBB7wBB8gAQHA0AIABB6QBB5gAQFCEDCyADRQ0CDAMLAn9BASEAAkACQAJAAkACQAJAQbCgASgCACAFQQJ0aigCACICLwEAIgFBO2sOBAUEBAEACwJAIAFB5QBrDgQDBAQCAAsgAUEpRg0EIAFB+QBHDQMgAkECa0HmAEHpAEHuAEHhAEHsAEHsABAdDAULIAJBAmsvAQBBPUYMBAsgAkECa0HjAEHhAEH0AEHjABAVDAMLIAJBAmtB5QBB7ABB8wAQHAwCC0EAIQALIAALDQIgBUHQoAFqLQAARQ0BDAILQZDAAC0AAA0BCwJ/QQAhAwJAAkACQAJAAkACQAJAAkACQCAGLwEAQeQAaw4UAAECCAgICAgICAMECAgFCAYICAcICwJAAkAgBkECay8BAEHpAGsOBAAJCQEJCyAGQQRrQfYAQe8AEBQMCQsgBkEEa0H5AEHpAEHlABAcDAgLAkACQCAGQQJrLwEAQfMAaw4CAAEICyAGQQRrLwEAIgBB4QBHBEAgAEHsAEcNCCAGQQZrQeUAEB4MCQsgBkEGa0HjABAeDAgLIAZBBGtB5ABB5QBB7ABB5QAQFQwHCyAGQQJrLwEAQe8ARw0FIAZBBGsvAQBB5QBHDQUgBkEGay8BACIAQfAARwRAIABB4wBHDQYgBkEIa0HpAEHuAEHzAEH0AEHhAEHuABAdDAcLIAZBCGtB9ABB+QAQFAwGC0EBIQMgBkECayIAQekAEB4NBCAAQfIAQeUAQfQAQfUAQfIAEBsMBQsgBkECa0HkABAeDAQLAn8CQCAGQQJrIgFBDGsiAkGYHygCACIASQ0AIAJB5ABB5QBB4gBB9QBB5wBB5wBB5QAQCEUNAEEBIAAgAkYNARogAUEOay8BABAPIQMLIAMLDAMLIAZBAmtB4QBB9wBB4QBB6QAQFQwCCyAGQQJrLwEAIgBB7wBHBEAgAEHlAEcNASAGQQRrQe4AEB4MAgsgBkEEa0H0AEHoAEHyABAcIQMLIAMLIQAgBEUNAEEBIABFDQEaCwJAA0BBwKABKAIAIQJBvKABKAIAIQADQCAAQQJqIQECQAJAIAAgAk8NAAJAAkACQCABLwEAIgNB2wBrDgIBAgALIAEhACADQQprDgQCBAQCAwtBvKABIAE2AgBBvKABKAIAIQBBwKABKAIAIQMCQAJAA0ACQCAAQQJqIQEgACADTw0AAkACQCABLwEAIgJB3ABrDgIBBAALIAEhACACQQprDgQBAgIBAgsgAEEEaiEADAELC0G8oAEgATYCAEEKEAsMAQtBvKABIAE2AgALDAQLIABBBGohAAwCC0G8oAEgATYCAEELEAsMAwsgA0EvRw0ACwtBvKABIAE2AgALQQALOgAADAMLQYjAAC8BAEH+/wNHDQFBBBALQfAfKAIADAYLQYbAAC8BABpB8B8oAgAiACAAQYjAAC8BAEH//wNHGyECDAQLQbygASgCACEAQcCgASgCACEDAkACQANAAkAgACIBQQJqIQAgASADTw0AAkACQCAALwEAIgJB3ABrDgUBAwMDBAALIAJBJEcNAiABLwEEQfsARw0CQYTAAEGEwAAvAQAiAEEBajsBAEGg4AAoAgAgAEEBdGpBiMAALwEAOwEAQbygASABQQRqNgIAQYjAAEGGwAAvAQBBAWoiADsBAEGGwAAgADsBAAwECyABQQRqIQAMAQsLQbygASAANgIAQQgQCwwBC0G8oAEgADYCAAsLQYzAAEG8oAEoAgA2AgALQcCgASgCACEDQbygASgCACECDAALAAsgAgsLRQEBfyACKAIAIgRBCGogAyAEG0HoHygCACIENgIAIAIgBDYCAEHoHyAEQQxqNgIAIARBADYCCCAEIAE2AgQgBCAANgIACyIBAX8gASABKAIAIgJBCGogACACGygCACICNgIAIAJBAEcLC6kXAgBBlAgLgRcLAAAAAgAAABkAAAACAAAAEgAAAAIAAAABAAAAAgAAAA4AAAADAAAADQAAACMAAAB6AAAARgAAADQAAAAMAQAAHAAAAAQAAAAwAAAAMAAAAB8AAAAOAAAAHQAAAAYAAAAlAAAACwAAAB0AAAADAAAAIwAAAAUAAAAHAAAAAgAAAAQAAAArAAAAnQAAABMAAAAjAAAABQAAACMAAAAFAAAAJwAAAAkAAAAzAAAAnQAAADYBAAAKAAAAFQAAAAsAAAAHAAAAmQAAAAUAAAADAAAAAAAAAAIAAAArAAAAAgAAAAEAAAAEAAAAAAAAAAMAAAAWAAAACwAAABYAAAAKAAAAHgAAAEIAAAASAAAAAgAAAAEAAAALAAAAFQAAAAsAAAAZAAAARwAAADcAAAAHAAAAAQAAAEEAAAAAAAAAEAAAAAMAAAACAAAAAgAAAAIAAAAcAAAAKwAAABwAAAAEAAAAHAAAACQAAAAHAAAAAgAAABsAAAAcAAAANQAAAAsAAAAVAAAACwAAABIAAAAOAAAAEQAAAG8AAABIAAAAOAAAADIAAAAOAAAAMgAAAA4AAAAjAAAAXQEAACkAAAAHAAAAAQAAAE8AAAAcAAAACwAAAAAAAAAJAAAAFQAAAGsAAAAUAAAAHAAAABYAAAANAAAANAAAAEwAAAAsAAAAIQAAABgAAAAbAAAAIwAAAB4AAAAAAAAAAwAAAAAAAAAJAAAAIgAAAAQAAAAAAAAADQAAAC8AAAAPAAAAAwAAABYAAAAAAAAAAgAAAAAAAAAkAAAAEQAAAAIAAAAYAAAAVQAAAAYAAAACAAAAAAAAAAIAAAADAAAAAgAAAA4AAAACAAAACQAAAAgAAAAuAAAAJwAAAAcAAAADAAAAAQAAAAMAAAAVAAAAAgAAAAYAAAACAAAAAQAAAAIAAAAEAAAABAAAAAAAAAATAAAAAAAAAA0AAAAEAAAAnwAAADQAAAATAAAAAwAAABUAAAACAAAAHwAAAC8AAAAVAAAAAQAAAAIAAAAAAAAAuQAAAC4AAAAqAAAAAwAAACUAAAAvAAAAFQAAAAAAAAA8AAAAKgAAAA4AAAAAAAAASAAAABoAAADmAAAAKwAAAHUAAAA/AAAAIAAAAAcAAAADAAAAAAAAAAMAAAAHAAAAAgAAAAEAAAACAAAAFwAAABAAAAAAAAAAAgAAAAAAAABfAAAABwAAAAMAAAAmAAAAEQAAAAAAAAACAAAAAAAAAB0AAAAAAAAACwAAACcAAAAIAAAAAAAAABYAAAAAAAAADAAAAC0AAAAUAAAAAAAAACMAAAA4AAAACAEAAAgAAAACAAAAJAAAABIAAAAAAAAAMgAAAB0AAABxAAAABgAAAAIAAAABAAAAAgAAACUAAAAWAAAAAAAAABoAAAAFAAAAAgAAAAEAAAACAAAAHwAAAA8AAAAAAAAASAEAABIAAAC+AAAAAAAAAFAAAACZAwAAZwAAAG4AAAASAAAAwwAAAL0KAAAuBAAA0g8AAEYCAAC6IQAAOAIAAAgAAAAeAAAAcgAAAB0AAAATAAAALwAAABEAAAADAAAAIAAAABQAAAAGAAAAEgAAALECAAA/AAAAgQAAAEoAAAAGAAAAAAAAAEMAAAAMAAAAQQAAAAEAAAACAAAAAAAAAB0AAAD3FwAACQAAANUEAAArAAAACAAAAPgiAAAeAQAAMgAAAAIAAAASAAAAAwAAAAkAAACLAQAABQkAAGoAAAAGAAAADAAAAAQAAAAIAAAACAAAAAkAAABnFwAAVAAAAAIAAABGAAAAAgAAAAEAAAADAAAAAAAAAAMAAAABAAAAAwAAAAMAAAACAAAACwAAAAIAAAAAAAAAAgAAAAYAAAACAAAAQAAAAAIAAAADAAAAAwAAAAcAAAACAAAABgAAAAIAAAAbAAAAAgAAAAMAAAACAAAABAAAAAIAAAAAAAAABAAAAAYAAAACAAAAUwEAAAMAAAAYAAAAAgAAABgAAAACAAAAHgAAAAIAAAAYAAAAAgAAAB4AAAACAAAAGAAAAAIAAAAeAAAAAgAAABgAAAACAAAAHgAAAAIAAAAYAAAAAgAAAAcAAAA1CQAALAAAAAsAAAAGAAAAEQAAAAAAAAByAQAAKwAAABUFAADEAAAAPAAAAEMAAAAIAAAAAAAAALUEAAADAAAAAgAAABoAAAACAAAAAQAAAAIAAAAAAAAAAwAAAAAAAAACAAAACQAAAAIAAAADAAAAAgAAAAAAAAACAAAAAAAAAAcAAAAAAAAABQAAAAAAAAACAAAAAAAAAAIAAAAAAAAAAgAAAAIAAAACAAAAAQAAAAIAAAAAAAAAAwAAAAAAAAACAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAABAAAAAgAAAAAAAAADAAAAAwAAAAIAAAAGAAAAAgAAAAMAAAACAAAAAwAAAAIAAAAAAAAAAgAAAAkAAAACAAAAEAAAAAYAAAACAAAAAgAAAAQAAAACAAAAEAAAAEURAADdpgAAIwAAADQQAAAMAAAA3QAAAAMAAACBFgAADwAAADAdAAAgDAAAHQIAAOMFAABKEwAA/QEAAAAAAADjAAAAAAAAAJYAAAAEAAAAJgEAAAkAAABYBQAAAgAAAAIAAAABAAAABgAAAAMAAAApAAAAAgAAAAUAAAAAAAAApgAAAAEAAAA+AgAAAwAAAAkAAAAJAAAAcgEAAAEAAACaAAAACgAAALAAAAACAAAANgAAAA4AAAAgAAAACQAAABAAAAADAAAALgAAAAoAAAA2AAAACQAAAAcAAAACAAAAJQAAAA0AAAACAAAACQAAAAYAAAABAAAALQAAAAAAAAANAAAAAgAAADEAAAANAAAACQAAAAMAAAACAAAACwAAAFMAAAALAAAABwAAAAAAAAChAAAACwAAAAYAAAAJAAAABwAAAAMAAAA4AAAAAQAAAAIAAAAGAAAAAwAAAAEAAAADAAAAAgAAAAoAAAAAAAAACwAAAAEAAAADAAAABgAAAAQAAAAEAAAAwQAAABEAAAAKAAAACQAAAAUAAAAAAAAAUgAAABMAAAANAAAACQAAANYAAAAGAAAAAwAAAAgAAAAcAAAAAQAAAFMAAAAQAAAAEAAAAAkAAABSAAAADAAAAAkAAAAJAAAAVAAAAA4AAAAFAAAACQAAAPMAAAAOAAAApgAAAAkAAABHAAAABQAAAAIAAAABAAAAAwAAAAMAAAACAAAAAAAAAAIAAAABAAAADQAAAAkAAAB4AAAABgAAAAMAAAAGAAAABAAAAAAAAAAdAAAACQAAACkAAAAGAAAAAgAAAAMAAAAJAAAAAAAAAAoAAAAKAAAALwAAAA8AAACWAQAABwAAAAIAAAAHAAAAEQAAAAkAAAA5AAAAFQAAAAIAAAANAAAAewAAAAUAAAAEAAAAAAAAAAIAAAABAAAAAgAAAAYAAAACAAAAAAAAAAkAAAAJAAAAMQAAAAQAAAACAAAAAQAAAAIAAAAEAAAACQAAAAkAAABKAQAAAwAAAGpLAAAJAAAAhwAAAAQAAAA8AAAABgAAABoAAAAJAAAA9gMAAAAAAAACAAAANgAAAAgAAAADAAAAUgAAAAAAAAAMAAAAAQAAAKxMAAABAAAAxxQAAAQAAAAEAAAABQAAAAkAAAAHAAAAAwAAAAYAAAAfAAAAAwAAAJUAAAACAAAAigUAADEAAAABAgAANgAAAAUAAAAxAAAACQAAAAAAAAAPAAAAAAAAABcAAAAEAAAAAgAAAA4AAABRBQAABgAAAAIAAAAQAAAAAwAAAAYAAAACAAAAAQAAAAIAAAAEAAAABgEAAAYAAAAKAAAACQAAAKMBAAANAAAA1wUAAAYAAABuAAAABgAAAAYAAAAJAAAAlxIAAAkAAAAHBQwA7wBBmB8LGlCMAAABAAAAAgAAAAMAAAAEAAAAAAQAAPAf";return"undefined"!=typeof Buffer?Buffer.from(A,"base64"):Uint8Array.from(atob(A),A=>A.charCodeAt(0))}let C;export function init(){return C||(C=(async()=>{const B=await WebAssembly.compile(I()),{exports:Q}=await WebAssembly.instantiate(B);A=Q})())}export function initSync(){if(A)return;const B=new WebAssembly.Module(I()),{exports:Q}=new WebAssembly.Instance(B);A=Q}
\ No newline at end of file
diff --git a/deps/cjs-module-lexer/lexer.js b/deps/cjs-module-lexer/lexer.js
old mode 100644
new mode 100755
diff --git a/deps/cjs-module-lexer/src/.babelrc b/deps/cjs-module-lexer/src/.babelrc
new file mode 100755
index 00000000000000..ac89f952694c6e
--- /dev/null
+++ b/deps/cjs-module-lexer/src/.babelrc
@@ -0,0 +1,10 @@
+{
+  "plugins": [
+    [
+      "@babel/plugin-transform-modules-commonjs",
+      {
+        "strict": true
+      },
+    ]
+  ]
+}
diff --git a/deps/cjs-module-lexer/src/CHANGELOG.md b/deps/cjs-module-lexer/src/CHANGELOG.md
new file mode 100644
index 00000000000000..5a24d193fd487f
--- /dev/null
+++ b/deps/cjs-module-lexer/src/CHANGELOG.md
@@ -0,0 +1,40 @@
+1.2.2
+- Fix RollupJS reexports bug (https://github.com/nodejs/cjs-module-lexer/pull/59)
+
+1.2.1
+- Support Unicode escapes in strings (https://github.com/nodejs/cjs-module-lexer/pull/55)
+- Filter export strings to valid surrogate pairs (https://github.com/nodejs/cjs-module-lexer/pull/56)
+
+1.2.0
+- Support for non-identifier exports (https://github.com/nodejs/cjs-module-lexer/pull/54, @nicolo-ribaudo)
+
+1.1.1
+- Better support for Babel reexport getter function forms (https://github.com/nodejs/cjs-module-lexer/issues/50)
+- Support Babel interopRequireWildcard reexports patterns (https://github.com/nodejs/cjs-module-lexer/issues/52)
+
+1.1.0
+- Support for Babel reexport conflict filter (https://github.com/nodejs/cjs-module-lexer/issues/36, @nicolo-ribaudo)
+- Support trailing commas in getter patterns (https://github.com/nodejs/cjs-module-lexer/issues/31)
+- Support for RollupJS reexports property checks (https://github.com/nodejs/cjs-module-lexer/issues/38)
+
+1.0.0
+- Unsafe getter tracking (https://github.com/nodejs/cjs-module-lexer/pull/29)
+
+0.6.0
+- API-only breaking change: Unify JS and Wasm interfaces (https://github.com/nodejs/cjs-module-lexer/pull/27)
+- Add type definitions (https://github.com/nodejs/cjs-module-lexer/pull/28)
+
+0.5.2
+- Support named getter functions (https://github.com/nodejs/cjs-module-lexer/pull/26)
+
+0.5.1:
+- Feature: Implement specific reexport getter forms (https://github.com/nodejs/cjs-module-lexer/pull/25)
+
+0.5.0
+- Breaking Change: No longer emit Object.defineProperty exports (https://github.com/nodejs/cjs-module-lexer/pull/24)
+- Doc: Update link to WASI SDK (https://github.com/nodejs/cjs-module-lexer/pull/19)
+
+0.4.3
+- Support for Babel 7.12 reexports (https://github.com/nodejs/cjs-module-lexer/pull/16)
+- Support module.exports = { ...require('x') } reexports (https://github.com/nodejs/cjs-module-lexer/pull/18)
+- "if" keyword space parsing in exports matching (https://github.com/nodejs/cjs-module-lexer/pull/17)
diff --git a/deps/cjs-module-lexer/src/LICENSE b/deps/cjs-module-lexer/src/LICENSE
new file mode 100755
index 00000000000000..935b357962d08b
--- /dev/null
+++ b/deps/cjs-module-lexer/src/LICENSE
@@ -0,0 +1,10 @@
+MIT License
+-----------
+
+Copyright (C) 2018-2020 Guy Bedford
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/deps/cjs-module-lexer/src/Makefile b/deps/cjs-module-lexer/src/Makefile
new file mode 100755
index 00000000000000..9a75850f73ae65
--- /dev/null
+++ b/deps/cjs-module-lexer/src/Makefile
@@ -0,0 +1,16 @@
+WASM2WAT := ../wabt/bin/wasm2wat
+WASM_OPT := ../binaryen/bin/wasm-opt
+
+.PHONY: optimize clean
+
+lib/lexer.wat: lib/lexer.wasm
+	$(WASM2WAT) lib/lexer.wasm -o lib/lexer.wat
+
+lib/lexer.wasm: include-wasm/cjs-module-lexer.h src/lexer.c | lib/
+	node build/wasm.js --docker
+
+lib/:
+	@mkdir -p $@
+
+clean:
+	$(RM) lib/*
diff --git a/deps/cjs-module-lexer/src/README.md b/deps/cjs-module-lexer/src/README.md
new file mode 100755
index 00000000000000..cc7ca50cc72243
--- /dev/null
+++ b/deps/cjs-module-lexer/src/README.md
@@ -0,0 +1,464 @@
+# CJS Module Lexer
+
+[![Build Status][travis-image]][travis-url]
+
+A [very fast](#benchmarks) JS CommonJS module syntax lexer used to detect the most likely list of named exports of a CommonJS module.
+
+Outputs the list of named exports (`exports.name = ...`) and possible module reexports (`module.exports = require('...')`), including the common transpiler variations of these cases.
+
+Forked from https://github.com/guybedford/es-module-lexer.
+
+_Comprehensively handles the JS language grammar while remaining small and fast. - ~90ms per MB of JS cold and ~15ms per MB of JS warm, [see benchmarks](#benchmarks) for more info._
+
+### Project Status
+
+This project is used in Node.js core for detecting the named exports available when importing a CJS module into ESM, and is maintained for this purpose.
+
+PRs will be accepted and upstreamed for parser bugs, performance improvements or new syntax support only.
+
+_Detection patterns for this project are **frozen**_. This is because adding any new export detection patterns would result in fragmented backwards-compatibility. Specifically, it would be very difficult to figure out why an ES module named export for CommonJS might work in newer Node.js versions but not older versions. This problem would only be discovered downstream of module authors, with the fix for module authors being to then have to understand which patterns in this project provide full backwards-compatibily. Rather, by fully freezing the detected patterns, if it works in any Node.js version it will work in any other. Build tools can also reliably treat the supported syntax for this project as a part of their output target for ensuring syntax support.
+
+### Usage
+
+```
+npm install cjs-module-lexer
+```
+
+For use in CommonJS:
+
+```js
+const { parse } = require('cjs-module-lexer');
+
+// `init` return a promise for parity with the ESM API, but you do not have to call it
+
+const { exports, reexports } = parse(`
+  // named exports detection
+  module.exports.a = 'a';
+  (function () {
+    exports.b = 'b';
+  })();
+  Object.defineProperty(exports, 'c', { value: 'c' });
+  /* exports.d = 'not detected'; */
+
+  // reexports detection
+  if (maybe) module.exports = require('./dep1.js');
+  if (another) module.exports = require('./dep2.js');
+
+  // literal exports assignments
+  module.exports = { a, b: c, d, 'e': f }
+
+  // __esModule detection
+  Object.defineProperty(module.exports, '__esModule', { value: true })
+`);
+
+// exports === ['a', 'b', 'c', '__esModule']
+// reexports === ['./dep1.js', './dep2.js']
+```
+
+When using the ESM version, Wasm is supported instead:
+
+```js
+import { parse, init } from 'cjs-module-lexer';
+// init() needs to be called and waited upon, or use initSync() to compile
+// Wasm blockingly and synchronously.
+await init();
+const { exports, reexports } = parse(source);
+```
+
+The Wasm build is around 1.5x faster and without a cold start.
+
+### Grammar
+
+CommonJS exports matches are run against the source token stream.
+
+The token grammar is:
+
+```
+IDENTIFIER: As defined by ECMA-262, without support for identifier `\` escapes, filtered to remove strict reserved words:
+            "implements", "interface", "let", "package", "private", "protected", "public", "static", "yield", "enum"
+
+STRING_LITERAL: A `"` or `'` bounded ECMA-262 string literal.
+
+MODULE_EXPORTS: `module` `.` `exports`
+
+EXPORTS_IDENTIFIER: MODULE_EXPORTS_IDENTIFIER | `exports`
+
+EXPORTS_DOT_ASSIGN: EXPORTS_IDENTIFIER `.` IDENTIFIER `=`
+
+EXPORTS_LITERAL_COMPUTED_ASSIGN: EXPORTS_IDENTIFIER `[` STRING_LITERAL `]` `=`
+
+EXPORTS_LITERAL_PROP: (IDENTIFIER  (`:` IDENTIFIER)?) | (STRING_LITERAL `:` IDENTIFIER)
+
+EXPORTS_SPREAD: `...` (IDENTIFIER | REQUIRE)
+
+EXPORTS_MEMBER: EXPORTS_DOT_ASSIGN | EXPORTS_LITERAL_COMPUTED_ASSIGN
+
+EXPORTS_DEFINE: `Object` `.` `defineProperty `(` EXPORTS_IDENFITIER `,` STRING_LITERAL
+
+EXPORTS_DEFINE_VALUE: EXPORTS_DEFINE `, {`
+  (`enumerable: true,`)?
+  (
+    `value:` |
+    `get` (`: function` IDENTIFIER? )?  `() {` return IDENTIFIER (`.` IDENTIFIER | `[` STRING_LITERAL `]`)? `;`? `}` `,`?
+  )
+  `})`
+
+EXPORTS_LITERAL: MODULE_EXPORTS `=` `{` (EXPORTS_LITERAL_PROP | EXPORTS_SPREAD) `,`)+ `}`
+
+REQUIRE: `require` `(` STRING_LITERAL `)`
+
+EXPORTS_ASSIGN: (`var` | `const` | `let`) IDENTIFIER `=` (`_interopRequireWildcard (`)? REQUIRE
+
+MODULE_EXPORTS_ASSIGN: MODULE_EXPORTS `=` REQUIRE
+
+EXPORT_STAR: (`__export` | `__exportStar`) `(` REQUIRE
+
+EXPORT_STAR_LIB: `Object.keys(` IDENTIFIER$1 `).forEach(function (` IDENTIFIER$2 `) {`
+  (
+    (
+      `if (` IDENTIFIER$2 `===` ( `'default'` | `"default"` ) `||` IDENTIFIER$2 `===` ( '__esModule' | `"__esModule"` ) `) return` `;`?
+      (
+        (`if (Object` `.prototype`? `.hasOwnProperty.call(`  IDENTIFIER `, ` IDENTIFIER$2 `)) return` `;`?)?
+        (`if (` IDENTIFIER$2 `in` EXPORTS_IDENTIFIER `&&` EXPORTS_IDENTIFIER `[` IDENTIFIER$2 `] ===` IDENTIFIER$1 `[` IDENTIFIER$2 `]) return` `;`)?
+      )?
+    ) |
+    `if (` IDENTIFIER$2 `!==` ( `'default'` | `"default"` ) (`&& !` (`Object` `.prototype`? `.hasOwnProperty.call(`  IDENTIFIER `, ` IDENTIFIER$2 `)` | IDENTIFIER `.hasOwnProperty(` IDENTIFIER$2 `)`))? `)`
+  )
+  (
+    EXPORTS_IDENTIFIER `[` IDENTIFIER$2 `] =` IDENTIFIER$1 `[` IDENTIFIER$2 `]` `;`? |
+    `Object.defineProperty(` EXPORTS_IDENTIFIER `, ` IDENTIFIER$2 `, { enumerable: true, get` (`: function` IDENTIFIER? )?  `() { return ` IDENTIFIER$1 `[` IDENTIFIER$2 `]` `;`? `}` `,`? `})` `;`?
+  )
+  `})`
+```
+
+Spacing between tokens is taken to be any ECMA-262 whitespace, ECMA-262 block comment or ECMA-262 line comment.
+
+* The returned export names are taken to be the combination of:
+  1. All `IDENTIFIER` and `STRING_LITERAL` slots for `EXPORTS_MEMBER` and `EXPORTS_LITERAL` matches.
+  2. The first `STRING_LITERAL` slot for all `EXPORTS_DEFINE_VALUE` matches where that same string is not an `EXPORTS_DEFINE` match that is not also an `EXPORTS_DEFINE_VALUE` match.
+* The reexport specifiers are taken to be the combination of:
+  1. The `REQUIRE` matches of the last matched of either `MODULE_EXPORTS_ASSIGN` or `EXPORTS_LITERAL`.
+  2. All _top-level_ `EXPORT_STAR` `REQUIRE` matches and `EXPORTS_ASSIGN` matches whose `IDENTIFIER` also matches the first `IDENTIFIER` in `EXPORT_STAR_LIB`.
+
+### Parsing Examples
+
+#### Named Exports Parsing
+
+The basic matching rules for named exports are `exports.name`, `exports['name']` or `Object.defineProperty(exports, 'name', ...)`. This matching is done without scope analysis and regardless of the expression position:
+
+```js
+// DETECTS EXPORTS: a, b
+(function (exports) {
+  exports.a = 'a'; 
+  exports['b'] = 'b';
+})(exports);
+```
+
+Because there is no scope analysis, the above detection may overclassify:
+
+```js
+// DETECTS EXPORTS: a, b, c
+(function (exports, Object) {
+  exports.a = 'a';
+  exports['b'] = 'b';
+  if (false)
+    exports.c = 'c';
+})(NOT_EXPORTS, NOT_OBJECT);
+```
+
+It will in turn underclassify in cases where the identifiers are renamed:
+
+```js
+// DETECTS: NO EXPORTS
+(function (e) {
+  e.a = 'a';
+  e['b'] = 'b';
+})(exports);
+```
+
+#### Getter Exports Parsing
+
+`Object.defineProperty` is detected for specifically value and getter forms returning an identifier or member expression:
+
+```js
+// DETECTS: a, b, c, d, __esModule
+Object.defineProperty(exports, 'a', {
+  enumerable: true,
+  get: function () {
+    return q.p;
+  }
+});
+Object.defineProperty(exports, 'b', {
+  enumerable: true,
+  get: function () {
+    return q['p'];
+  }
+});
+Object.defineProperty(exports, 'c', {
+  enumerable: true,
+  get () {
+    return b;
+  }
+});
+Object.defineProperty(exports, 'd', { value: 'd' });
+Object.defineProperty(exports, '__esModule', { value: true });
+```
+
+Value properties are also detected specifically:
+
+```js
+Object.defineProperty(exports, 'a', {
+  value: 'no problem'
+});
+```
+
+To avoid matching getters that have side effects, any getter for an export name that does not support the forms above will
+opt-out of the getter matching:
+
+```js
+// DETECTS: NO EXPORTS
+Object.defineProperty(exports, 'a', {
+  get () {
+    return 'nope';
+  }
+});
+
+if (false) {
+  Object.defineProperty(module.exports, 'a', {
+    get () {
+      return dynamic();
+    }
+  })
+}
+```
+
+Alternative object definition structures or getter function bodies are not detected:
+
+```js
+// DETECTS: NO EXPORTS
+Object.defineProperty(exports, 'a', {
+  enumerable: false,
+  get () {
+    return p;
+  }
+});
+Object.defineProperty(exports, 'b', {
+  configurable: true,
+  get () {
+    return p;
+  }
+});
+Object.defineProperty(exports, 'c', {
+  get: () => p
+});
+Object.defineProperty(exports, 'd', {
+  enumerable: true,
+  get: function () {
+    return dynamic();
+  }
+});
+Object.defineProperty(exports, 'e', {
+  enumerable: true,
+  get () {
+    return 'str';
+  }
+});
+```
+
+`Object.defineProperties` is also not supported.
+
+#### Exports Object Assignment
+
+A best-effort is made to detect `module.exports` object assignments, but because this is not a full parser, arbitrary expressions are not handled in the
+object parsing process.
+
+Simple object definitions are supported:
+
+```js
+// DETECTS EXPORTS: a, b, c
+module.exports = {
+  a,
+  'b': b,
+  c: c,
+  ...d
+};
+```
+
+Object properties that are not identifiers or string expressions will bail out of the object detection, while spreads are ignored:
+
+```js
+// DETECTS EXPORTS: a, b
+module.exports = {
+  a,
+  ...d,
+  b: require('c'),
+  c: "not detected since require('c') above bails the object detection"
+}
+```
+
+`Object.defineProperties` is not currently supported either.
+
+#### module.exports reexport assignment
+
+Any `module.exports = require('mod')` assignment is detected as a reexport, but only the last one is returned:
+
+```js
+// DETECTS REEXPORTS: c
+module.exports = require('a');
+(module => module.exports = require('b'))(NOT_MODULE);
+if (false) module.exports = require('c');
+```
+
+This is to avoid over-classification in Webpack bundles with externals which include `module.exports = require('external')` in their source for every external dependency.
+
+In exports object assignment, any spread of `require()` are detected as multiple separate reexports:
+
+```js
+// DETECTS REEXPORTS: a, b
+module.exports = require('ignored');
+module.exports = {
+  ...require('a'),
+  ...require('b')
+};
+```
+
+#### Transpiler Re-exports
+
+For named exports, transpiler output works well with the rules described above.
+
+But for star re-exports, special care is taken to support common patterns of transpiler outputs from Babel and TypeScript as well as bundlers like RollupJS.
+These reexport and star reexport patterns are restricted to only be detected at the top-level as provided by the direct output of these tools.
+
+For example, `export * from 'external'` is output by Babel as:
+
+```js
+"use strict";
+
+exports.__esModule = true;
+
+var _external = require("external");
+
+Object.keys(_external).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  exports[key] = _external[key];
+});
+```
+
+Where the `var _external = require("external")` is specifically detected as well as the `Object.keys(_external)` statement, down to the exact
+for of that entire expression including minor variations of the output. The `_external` and `key` identifiers are carefully matched in this
+detection.
+
+Similarly for TypeScript, `export * from 'external'` is output as:
+
+```js
+"use strict";
+function __export(m) {
+    for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
+}
+Object.defineProperty(exports, "__esModule", { value: true });
+__export(require("external"));
+```
+
+Where the `__export(require("external"))` statement is explicitly detected as a reexport, including variations `tslib.__export` and `__exportStar`.
+
+### Environment Support
+
+Node.js 10+, and [all browsers with Web Assembly support](https://caniuse.com/#feat=wasm).
+
+### JS Grammar Support
+
+* Token state parses all line comments, block comments, strings, template strings, blocks, parens and punctuators.
+* Division operator / regex token ambiguity is handled via backtracking checks against punctuator prefixes, including closing brace or paren backtracking.
+* Always correctly parses valid JS source, but may parse invalid JS source without errors.
+
+### Benchmarks
+
+Benchmarks can be run with `npm run bench`.
+
+Current results:
+
+JS Build:
+
+```
+Module load time
+> 4ms
+Cold Run, All Samples
+test/samples/*.js (3635 KiB)
+> 299ms
+
+Warm Runs (average of 25 runs)
+test/samples/angular.js (1410 KiB)
+> 13.96ms
+test/samples/angular.min.js (303 KiB)
+> 4.72ms
+test/samples/d3.js (553 KiB)
+> 6.76ms
+test/samples/d3.min.js (250 KiB)
+> 4ms
+test/samples/magic-string.js (34 KiB)
+> 0.64ms
+test/samples/magic-string.min.js (20 KiB)
+> 0ms
+test/samples/rollup.js (698 KiB)
+> 8.48ms
+test/samples/rollup.min.js (367 KiB)
+> 5.36ms
+
+Warm Runs, All Samples (average of 25 runs)
+test/samples/*.js (3635 KiB)
+> 40.28ms
+```
+
+Wasm Build:
+```
+Module load time
+> 10ms
+Cold Run, All Samples
+test/samples/*.js (3635 KiB)
+> 43ms
+
+Warm Runs (average of 25 runs)
+test/samples/angular.js (1410 KiB)
+> 9.32ms
+test/samples/angular.min.js (303 KiB)
+> 3.16ms
+test/samples/d3.js (553 KiB)
+> 5ms
+test/samples/d3.min.js (250 KiB)
+> 2.32ms
+test/samples/magic-string.js (34 KiB)
+> 0.16ms
+test/samples/magic-string.min.js (20 KiB)
+> 0ms
+test/samples/rollup.js (698 KiB)
+> 6.28ms
+test/samples/rollup.min.js (367 KiB)
+> 3.6ms
+
+Warm Runs, All Samples (average of 25 runs)
+test/samples/*.js (3635 KiB)
+> 27.76ms
+```
+
+### Wasm Build Steps
+
+The build uses docker and make, they must be installed first.
+
+To build the lexer wasm run `npm run build-wasm`.
+
+Optimization passes are run with [Binaryen](https://github.com/WebAssembly/binaryen)
+prior to publish to reduce the Web Assembly footprint.
+
+After building the lexer wasm, build the final distribution components
+(lexer.js and lexer.mjs) by running `npm run build`.
+
+If you need to build lib/lexer.wat (optional) you must first install
+[wabt](https://github.com/WebAssembly/wabt) as a sibling folder to this
+project. The wat file is then build by running `make lib/lexer.wat`
+
+### License
+
+MIT
+
+[travis-url]: https://travis-ci.org/guybedford/es-module-lexer
+[travis-image]: https://travis-ci.org/guybedford/es-module-lexer.svg?branch=master
diff --git a/deps/cjs-module-lexer/src/build.js b/deps/cjs-module-lexer/src/build.js
new file mode 100755
index 00000000000000..da024d1a6cb780
--- /dev/null
+++ b/deps/cjs-module-lexer/src/build.js
@@ -0,0 +1,25 @@
+const fs = require('fs');
+const terser = require('terser');
+
+const MINIFY = true;
+
+try { fs.mkdirSync('./dist'); }
+catch (e) {}
+
+const wasmBuffer = fs.readFileSync('./lib/lexer.wasm');
+const jsSource = fs.readFileSync('./src/lexer.js').toString();
+const pjson = JSON.parse(fs.readFileSync('./package.json').toString());
+
+const jsSourceProcessed = jsSource.replace('WASM_BINARY', wasmBuffer.toString('base64'));
+
+const minified = MINIFY && terser.minify(jsSourceProcessed, {
+  module: true,
+  output: {
+    preamble: `/* cjs-module-lexer ${pjson.version} */`
+  }
+});
+
+if (minified.error)
+  throw minified.error;
+
+fs.writeFileSync('./dist/lexer.mjs', minified ? minified.code : jsSourceProcessed);
diff --git a/deps/cjs-module-lexer/src/build/Makefile b/deps/cjs-module-lexer/src/build/Makefile
new file mode 100755
index 00000000000000..f13c390b8cdb96
--- /dev/null
+++ b/deps/cjs-module-lexer/src/build/Makefile
@@ -0,0 +1,13 @@
+lib/lexer.wasm: include-wasm/cjs-module-lexer.h src/lexer.c
+	@mkdir -p lib
+	clang --sysroot=/usr/share/wasi-sysroot -target wasm32-unknown-wasi src/lexer.c -I include-wasm -o lib/lexer.wasm -nostartfiles \
+	-Wl,-z,stack-size=13312,--no-entry,--compress-relocations,--strip-all,--export=__heap_base,\
+	--export=parseCJS,--export=sa,--export=e,--export=re,--export=es,--export=ee,--export=rre,--export=ree,--export=res,--export=ru,--export=us,--export=ue \
+	-Wno-logical-op-parentheses -Wno-parentheses \
+	-Oz
+
+optimize: lib/lexer.wasm
+	${WASM_OPT} -Oz lib/lexer.wasm -o lib/lexer.wasm
+
+clean:
+	rm lib/*
diff --git a/deps/cjs-module-lexer/src/build/wasm.js b/deps/cjs-module-lexer/src/build/wasm.js
new file mode 100644
index 00000000000000..58fb64041d7691
--- /dev/null
+++ b/deps/cjs-module-lexer/src/build/wasm.js
@@ -0,0 +1,54 @@
+'use strict'
+
+const WASM_BUILDER_CONTAINER = 'ghcr.io/nodejs/wasm-builder@sha256:975f391d907e42a75b8c72eb77c782181e941608687d4d8694c3e9df415a0970' // v0.0.9
+
+const WASM_OPT = './wasm-opt'
+
+const { execSync } = require('node:child_process')
+const { writeFileSync, readFileSync, existsSync, mkdirSync } = require('node:fs')
+const { join, resolve } = require('node:path')
+
+const ROOT = resolve(__dirname, '../')
+
+let platform = process.env.WASM_PLATFORM
+if (!platform && process.argv[2]) {
+  platform = execSync('docker info -f "{{.OSType}}/{{.Architecture}}"').toString().trim()
+}
+
+if (process.argv[2] === '--docker') {
+  let cmd = `docker run --rm --platform=${platform.toString().trim()} `
+  if (process.platform === 'linux') {
+    cmd += ` --user ${process.getuid()}:${process.getegid()}`
+  }
+
+  if (!existsSync(`${ROOT}/dist`)){
+    mkdirSync(`${ROOT}/dist`);
+  }
+
+  cmd += ` --mount type=bind,source=${ROOT}/lib,target=/home/node/build/lib \
+           --mount type=bind,source=${ROOT}/src,target=/home/node/build/src \
+           --mount type=bind,source=${ROOT}/dist,target=/home/node/build/dist \
+           --mount type=bind,source=${ROOT}/node_modules,target=/home/node/build/node_modules \
+           --mount type=bind,source=${ROOT}/build/wasm.js,target=/home/node/build/wasm.js \
+           --mount type=bind,source=${ROOT}/build/Makefile,target=/home/node/build/Makefile \
+           --mount type=bind,source=${ROOT}/build.js,target=/home/node/build/build.js \
+           --mount type=bind,source=${ROOT}/package.json,target=/home/node/build/package.json \
+           --mount type=bind,source=${ROOT}/include-wasm,target=/home/node/build/include-wasm \
+           -t ${WASM_BUILDER_CONTAINER} node wasm.js`
+  console.log(`> ${cmd}\n\n`)
+  execSync(cmd, { stdio: 'inherit' })
+  process.exit(0)
+}
+
+const hasOptimizer = (function () {
+  try { execSync(`${WASM_OPT} --version`); return true } catch (error) { return false }
+})()
+
+// Build wasm binary
+console.log('Building wasm');
+execSync(`make lib/lexer.wasm`, { stdio: 'inherit' })
+if (hasOptimizer) {
+  console.log('Optimizing wasm');
+  execSync(`make optimize`, { stdio: 'inherit' })
+}
+execSync(`node build.js`, { stdio: 'inherit' })
diff --git a/deps/cjs-module-lexer/src/include-wasm/cjs-module-lexer.h b/deps/cjs-module-lexer/src/include-wasm/cjs-module-lexer.h
new file mode 100755
index 00000000000000..ab2adca3c751ab
--- /dev/null
+++ b/deps/cjs-module-lexer/src/include-wasm/cjs-module-lexer.h
@@ -0,0 +1,238 @@
+#include <stdint.h>
+#include <stdbool.h>
+#include <stddef.h>
+#include <limits.h>
+#include <string.h>
+
+extern unsigned char __heap_base;
+
+const uint16_t* source = (void*)&__heap_base;
+uint32_t parse_error;
+
+struct Slice {
+  const uint16_t* start;
+  const uint16_t* end;
+  struct Slice* next;
+};
+typedef struct Slice Slice;
+
+struct StarExportBinding {
+  const uint16_t* specifier_start;
+  const uint16_t* specifier_end;
+  const uint16_t* id_start;
+  const uint16_t* id_end;
+};
+typedef struct StarExportBinding StarExportBinding;
+
+Slice* first_export = NULL;
+Slice* export_read_head = NULL;
+Slice* export_write_head = NULL;
+Slice* first_reexport = NULL;
+Slice* reexport_read_head = NULL;
+Slice* reexport_write_head = NULL;
+Slice* first_unsafe_getter = NULL;
+Slice* unsafe_getter_read_head = NULL;
+Slice* unsafe_getter_write_head = NULL;
+void* analysis_base;
+void* analysis_head;
+
+void bail (uint32_t err);
+
+// allocateSource
+const uint16_t* sa (uint32_t utf16Len) {
+  const uint16_t* sourceEnd = source + utf16Len + 1;
+  // ensure source is null terminated
+  *(uint16_t*)(source + utf16Len) = '\0';
+  analysis_base = (void*)sourceEnd;
+  analysis_head = analysis_base;
+  first_export = NULL;
+  export_write_head = NULL;
+  export_read_head = NULL;
+  first_reexport = NULL;
+  reexport_write_head = NULL;
+  reexport_read_head = NULL;
+  first_unsafe_getter = NULL;
+  unsafe_getter_write_head = NULL;
+  unsafe_getter_read_head = NULL;
+  return source;
+}
+
+// getErr
+uint32_t e () {
+  return parse_error;
+}
+
+// getExportStart
+uint32_t es () {
+  return export_read_head->start - source;
+}
+// getExportEnd
+uint32_t ee () {
+  return export_read_head->end - source;
+}
+// getReexportStart
+uint32_t res () {
+  return reexport_read_head->start - source;
+}
+// getReexportEnd
+uint32_t ree () {
+  return reexport_read_head->end - source;
+}
+// getUnsafeGetterStart
+uint32_t us () {
+  return unsafe_getter_read_head->start - source;
+}
+// getUnsafeGetterEnd
+uint32_t ue () {
+  return unsafe_getter_read_head->end - source;
+}
+// readExport
+bool re () {
+  if (export_read_head == NULL)
+    export_read_head = first_export;
+  else
+    export_read_head = export_read_head->next;
+  if (export_read_head == NULL)
+    return false;
+  return true;
+}
+// readReexport
+bool rre () {
+  if (reexport_read_head == NULL)
+    reexport_read_head = first_reexport;
+  else
+    reexport_read_head = reexport_read_head->next;
+  if (reexport_read_head == NULL)
+    return false;
+  return true;
+}
+// readUnsafeGetter
+bool ru () {
+  if (unsafe_getter_read_head == NULL)
+    unsafe_getter_read_head = first_unsafe_getter;
+  else
+    unsafe_getter_read_head = unsafe_getter_read_head->next;
+  if (unsafe_getter_read_head == NULL)
+    return false;
+  return true;
+}
+
+void _addExport (const uint16_t* start, const uint16_t* end) {
+  Slice* export = (Slice*)(analysis_head);
+  analysis_head = analysis_head + sizeof(Slice);
+  if (export_write_head == NULL)
+    first_export = export;
+  else
+    export_write_head->next = export;
+  export_write_head = export;
+  export->start = start;
+  export->end = end;
+  export->next = NULL;
+}
+void _addReexport (const uint16_t* start, const uint16_t* end) {
+  Slice* reexport = (Slice*)(analysis_head);
+  analysis_head = analysis_head + sizeof(Slice);
+  if (reexport_write_head == NULL)
+    first_reexport = reexport;
+  else
+    reexport_write_head->next = reexport;
+  reexport_write_head = reexport;
+  reexport->start = start;
+  reexport->end = end;
+  reexport->next = NULL;
+}
+void _addUnsafeGetter (const uint16_t* start, const uint16_t* end) {
+  Slice* unsafe_getter = (Slice*)(analysis_head);
+  analysis_head = analysis_head + sizeof(Slice);
+  if (unsafe_getter_write_head == NULL)
+    first_unsafe_getter = unsafe_getter;
+  else
+    unsafe_getter_write_head->next = unsafe_getter;
+  unsafe_getter_write_head = unsafe_getter;
+  unsafe_getter->start = start;
+  unsafe_getter->end = end;
+  unsafe_getter->next = NULL;
+}
+void _clearReexports () {
+  reexport_write_head = NULL;
+  first_reexport = NULL;
+}
+void (*addExport)(const uint16_t*, const uint16_t*) = &_addExport;
+void (*addReexport)(const uint16_t*, const uint16_t*) = &_addReexport;
+void (*addUnsafeGetter)(const uint16_t*, const uint16_t*) = &_addUnsafeGetter;
+void (*clearReexports)() = &_clearReexports;
+uint32_t parseCJS (uint16_t* source, uint32_t sourceLen, void (*addExport)(const uint16_t* start, const uint16_t* end), void (*addReexport)(const uint16_t* start, const uint16_t* end), void (*addUnsafeGetter)(const uint16_t*, const uint16_t*), void (*clearReexports)());
+
+enum RequireType {
+  Import,
+  ExportAssign,
+  ExportStar
+};
+
+void tryBacktrackAddStarExportBinding (uint16_t* pos);
+bool tryParseRequire (enum RequireType requireType);
+void tryParseLiteralExports ();
+bool readExportsOrModuleDotExports (uint16_t ch);
+void tryParseModuleExportsDotAssign ();
+void tryParseExportsDotAssign (bool assign);
+void tryParseObjectDefineOrKeys (bool keys);
+bool identifier (uint16_t ch);
+
+void throwIfImportStatement ();
+void throwIfExportStatement ();
+
+void readImportString (const uint16_t* ss, uint16_t ch);
+uint16_t readExportAs (uint16_t* startPos, uint16_t* endPos);
+
+uint16_t commentWhitespace ();
+void stringLiteral (uint16_t quote);
+void regularExpression ();
+void templateString ();
+void blockComment ();
+void lineComment ();
+
+uint16_t readToWsOrPunctuator (uint16_t ch);
+
+uint32_t fullCharCode (uint16_t ch);
+uint32_t fullCharCodeAtLast (uint16_t* pos);
+bool isIdentifierStart (uint32_t code);
+bool isIdentifierChar (uint32_t code);
+int charCodeByteLen (uint32_t ch);
+
+bool isBr (uint16_t c);
+bool isBrOrWs (uint16_t c);
+bool isBrOrWsOrPunctuator (uint16_t c);
+bool isBrOrWsOrPunctuatorNotDot (uint16_t c);
+
+bool str_eq2 (uint16_t* pos, uint16_t c1, uint16_t c2);
+bool str_eq3 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3);
+bool str_eq4 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4);
+bool str_eq5 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5);
+bool str_eq6 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6);
+bool str_eq7 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7);
+bool str_eq8 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8);
+bool str_eq9 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8, uint16_t c9);
+bool str_eq10 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8, uint16_t c9, uint16_t c10);
+bool str_eq13 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8, uint16_t c9, uint16_t c10, uint16_t c11, uint16_t c12, uint16_t c13);
+bool str_eq18 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8, uint16_t c9, uint16_t c10, uint16_t c11, uint16_t c12, uint16_t c13, uint16_t c14, uint16_t c15, uint16_t c16, uint16_t c17, uint16_t c18);
+bool str_eq22 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8, uint16_t c9, uint16_t c10, uint16_t c11, uint16_t c12, uint16_t c13, uint16_t c14, uint16_t c15, uint16_t c16, uint16_t c17, uint16_t c18, uint16_t c19, uint16_t c20, uint16_t c21, uint16_t c22);
+
+bool readPrecedingKeyword2(uint16_t* pos, uint16_t c1, uint16_t c2);
+bool readPrecedingKeyword3(uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3);
+bool readPrecedingKeyword4(uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4);
+bool readPrecedingKeyword5(uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5);
+bool readPrecedingKeyword6(uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6);
+bool readPrecedingKeyword7(uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7);
+
+bool keywordStart (uint16_t* pos);
+bool isExpressionKeyword (uint16_t* pos);
+bool isParenKeyword (uint16_t* pos);
+bool isPunctuator (uint16_t charCode);
+bool isExpressionPunctuator (uint16_t charCode);
+bool isExpressionTerminator (uint16_t* pos);
+
+void nextChar (uint16_t ch);
+void nextCharSurrogate (uint16_t ch);
+uint16_t readChar ();
+
+void syntaxError (uint32_t code);
diff --git a/deps/cjs-module-lexer/src/lexer.d.mts b/deps/cjs-module-lexer/src/lexer.d.mts
new file mode 100644
index 00000000000000..98e01424641336
--- /dev/null
+++ b/deps/cjs-module-lexer/src/lexer.d.mts
@@ -0,0 +1 @@
+export * from './lexer.js'
diff --git a/deps/cjs-module-lexer/lexer.d.ts b/deps/cjs-module-lexer/src/lexer.d.ts
old mode 100644
new mode 100755
similarity index 96%
rename from deps/cjs-module-lexer/lexer.d.ts
rename to deps/cjs-module-lexer/src/lexer.d.ts
index c7d8a523f36bc6..cda07d80af9d58
--- a/deps/cjs-module-lexer/lexer.d.ts
+++ b/deps/cjs-module-lexer/src/lexer.d.ts
@@ -1,8 +1,8 @@
-export interface Exports {
-  exports: string[];
-  reexports: string[];
-}
-
-export declare function parse(source: string, name?: string): Exports;
-export declare function init(): Promise<void>;
-export declare function initSync(): void;
+export interface Exports {
+  exports: string[];
+  reexports: string[];
+}
+
+export declare function parse(source: string, name?: string): Exports;
+export declare function init(): Promise<void>;
+export declare function initSync(): void;
diff --git a/deps/cjs-module-lexer/src/lexer.js b/deps/cjs-module-lexer/src/lexer.js
new file mode 100755
index 00000000000000..aaf7dde807f98e
--- /dev/null
+++ b/deps/cjs-module-lexer/src/lexer.js
@@ -0,0 +1,1443 @@
+let source, pos, end;
+let openTokenDepth,
+  templateDepth,
+  lastTokenPos,
+  lastSlashWasDivision,
+  templateStack,
+  templateStackDepth,
+  openTokenPosStack,
+  openClassPosStack,
+  nextBraceIsClass,
+  starExportMap,
+  lastStarExportSpecifier,
+  _exports,
+  unsafeGetters,
+  reexports;
+
+function resetState () {
+  openTokenDepth = 0;
+  templateDepth = -1;
+  lastTokenPos = -1;
+  lastSlashWasDivision = false;
+  templateStack = new Array(1024);
+  templateStackDepth = 0;
+  openTokenPosStack = new Array(1024);
+  openClassPosStack = new Array(1024);
+  nextBraceIsClass = false;
+  starExportMap = Object.create(null);
+  lastStarExportSpecifier = null;
+
+  _exports = new Set();
+  unsafeGetters = new Set();
+  reexports = new Set();
+}
+
+// RequireType
+const Import = 0;
+const ExportAssign = 1;
+const ExportStar = 2;
+
+function parseCJS (source, name = '@') {
+  resetState();
+  try {
+    parseSource(source);
+  }
+  catch (e) {
+    e.message += `\n  at ${name}:${source.slice(0, pos).split('\n').length}:${pos - source.lastIndexOf('\n', pos - 1)}`;
+    e.loc = pos;
+    throw e;
+  }
+  const result = { exports: [..._exports].filter(expt => expt !== undefined && !unsafeGetters.has(expt)), reexports: [...reexports].filter(reexpt => reexpt !== undefined) };
+  resetState();
+  return result;
+}
+
+function decode (str) {
+  if (str[0] === '"' || str[0] === '\'') {
+    try {
+      const decoded = (0, eval)(str);
+      // Filter to exclude non-matching UTF-16 surrogate strings
+      for (let i = 0; i < decoded.length; i++) {
+        const surrogatePrefix = decoded.charCodeAt(i) & 0xFC00;
+        if (surrogatePrefix < 0xD800) {
+          // Not a surrogate
+          continue;
+        }
+        else if (surrogatePrefix === 0xD800) {
+          // Validate surrogate pair
+          if ((decoded.charCodeAt(++i) & 0xFC00) !== 0xDC00)
+            return;
+        }
+        else {
+          // Out-of-range surrogate code (above 0xD800)
+          return;
+        }
+      }
+      return decoded;
+    }
+    catch {}
+  }
+  else {
+    return str;
+  }
+}
+
+function parseSource (cjsSource) {
+  source = cjsSource;
+  pos = -1;
+  end = source.length - 1;
+  let ch = 0;
+
+  // Handle #!
+  if (source.charCodeAt(0) === 35/*#*/ && source.charCodeAt(1) === 33/*!*/) {
+    if (source.length === 2)
+      return true;
+    pos += 2;
+    while (pos++ < end) {
+      ch = source.charCodeAt(pos);
+      if (ch === 10/*\n*/ || ch === 13/*\r*/)
+        break;
+    }
+  }
+
+  while (pos++ < end) {
+    ch = source.charCodeAt(pos);
+
+    if (ch === 32 || ch < 14 && ch > 8)
+      continue;
+
+    if (openTokenDepth === 0) {
+      switch (ch) {
+        case 105/*i*/:
+          if (source.startsWith('mport', pos + 1) && keywordStart(pos))
+            throwIfImportStatement();
+          lastTokenPos = pos;
+          continue;
+        case 114/*r*/:
+          const startPos = pos;
+          if (tryParseRequire(Import) && keywordStart(startPos))
+            tryBacktrackAddStarExportBinding(startPos - 1);
+          lastTokenPos = pos;
+          continue;
+        case 95/*_*/:
+          if (source.startsWith('interopRequireWildcard', pos + 1) && (keywordStart(pos) || source.charCodeAt(pos - 1) === 46/*.*/)) {
+            const startPos = pos;
+            pos += 23;
+            if (source.charCodeAt(pos) === 40/*(*/) {
+              pos++;
+              openTokenPosStack[openTokenDepth++] = lastTokenPos;
+              if (tryParseRequire(Import) && keywordStart(startPos)) {
+                tryBacktrackAddStarExportBinding(startPos - 1);
+              }
+            }
+          }
+          else if (source.startsWith('_export', pos + 1) && (keywordStart(pos) || source.charCodeAt(pos - 1) === 46/*.*/)) {
+            pos += 8;
+            if (source.startsWith('Star', pos))
+              pos += 4;
+            if (source.charCodeAt(pos) === 40/*(*/) {
+              openTokenPosStack[openTokenDepth++] = lastTokenPos;
+              if (source.charCodeAt(++pos) === 114/*r*/)
+                tryParseRequire(ExportStar);
+            }
+          }
+          lastTokenPos = pos;
+          continue;
+      }
+    }
+
+    switch (ch) {
+      case 101/*e*/:
+        if (source.startsWith('xport', pos + 1) && keywordStart(pos)) {
+          if (source.charCodeAt(pos + 6) === 115/*s*/)
+            tryParseExportsDotAssign(false);
+          else if (openTokenDepth === 0)
+            throwIfExportStatement();
+        }
+        break;
+      case 99/*c*/:
+        if (keywordStart(pos) && source.startsWith('lass', pos + 1) && isBrOrWs(source.charCodeAt(pos + 5)))
+          nextBraceIsClass = true;
+        break;
+      case 109/*m*/:
+        if (source.startsWith('odule', pos + 1) && keywordStart(pos))
+          tryParseModuleExportsDotAssign();
+        break;
+      case 79/*O*/:
+        if (source.startsWith('bject', pos + 1) && keywordStart(pos))
+          tryParseObjectDefineOrKeys(openTokenDepth === 0);
+        break;
+      case 40/*(*/:
+        openTokenPosStack[openTokenDepth++] = lastTokenPos;
+        break;
+      case 41/*)*/:
+        if (openTokenDepth === 0)
+          throw new Error('Unexpected closing bracket.');
+        openTokenDepth--;
+        break;
+      case 123/*{*/:
+        openClassPosStack[openTokenDepth] = nextBraceIsClass;
+        nextBraceIsClass = false;
+        openTokenPosStack[openTokenDepth++] = lastTokenPos;
+        break;
+      case 125/*}*/:
+        if (openTokenDepth === 0)
+          throw new Error('Unexpected closing brace.');
+        if (openTokenDepth-- === templateDepth) {
+          templateDepth = templateStack[--templateStackDepth];
+          templateString();
+        }
+        else {
+          if (templateDepth !== -1 && openTokenDepth < templateDepth)
+            throw new Error('Unexpected closing brace.');
+        }
+        break;
+      case 60/*>*/:
+        // TODO: <!-- XML comment support
+        break;
+      case 39/*'*/:
+      case 34/*"*/:
+        stringLiteral(ch);
+        break;
+      case 47/*/*/: {
+        const next_ch = source.charCodeAt(pos + 1);
+        if (next_ch === 47/*/*/) {
+          lineComment();
+          // dont update lastToken
+          continue;
+        }
+        else if (next_ch === 42/***/) {
+          blockComment();
+          // dont update lastToken
+          continue;
+        }
+        else {
+          // Division / regex ambiguity handling based on checking backtrack analysis of:
+          // - what token came previously (lastToken)
+          // - if a closing brace or paren, what token came before the corresponding
+          //   opening brace or paren (lastOpenTokenIndex)
+          const lastToken = source.charCodeAt(lastTokenPos);
+          if (isExpressionPunctuator(lastToken) &&
+              !(lastToken === 46/*.*/ && (source.charCodeAt(lastTokenPos - 1) >= 48/*0*/ && source.charCodeAt(lastTokenPos - 1) <= 57/*9*/)) &&
+              !(lastToken === 43/*+*/ && source.charCodeAt(lastTokenPos - 1) === 43/*+*/) && !(lastToken === 45/*-*/ && source.charCodeAt(lastTokenPos - 1) === 45/*-*/) ||
+              lastToken === 41/*)*/ && isParenKeyword(openTokenPosStack[openTokenDepth]) ||
+              lastToken === 125/*}*/ && (isExpressionTerminator(openTokenPosStack[openTokenDepth]) || openClassPosStack[openTokenDepth]) ||
+              lastToken === 47/*/*/ && lastSlashWasDivision ||
+              isExpressionKeyword(lastTokenPos) ||
+              !lastToken) {
+            regularExpression();
+            lastSlashWasDivision = false;
+          }
+          else {
+            lastSlashWasDivision = true;
+          }
+        }
+        break;
+      }
+      case 96/*`*/:
+        templateString();
+        break;
+    }
+    lastTokenPos = pos;
+  }
+
+  if (templateDepth !== -1)
+    throw new Error('Unterminated template.');
+
+  if (openTokenDepth)
+    throw new Error('Unterminated braces.');
+}
+
+function tryBacktrackAddStarExportBinding (bPos) {
+  while (source.charCodeAt(bPos) === 32/* */ && bPos >= 0)
+    bPos--;
+  if (source.charCodeAt(bPos) === 61/*=*/) {
+    bPos--;
+    while (source.charCodeAt(bPos) === 32/* */ && bPos >= 0)
+      bPos--;
+    let codePoint;
+    const id_end = bPos;
+    let identifierStart = false;
+    while ((codePoint = codePointAtLast(bPos)) && bPos >= 0) {
+      if (codePoint === 92/*\*/)
+        return;
+      if (!isIdentifierChar(codePoint, true))
+        break;
+      identifierStart = isIdentifierStart(codePoint, true);
+      bPos -= codePointLen(codePoint);
+    }
+    if (identifierStart && source.charCodeAt(bPos) === 32/* */) {
+      const starExportId = source.slice(bPos + 1, id_end + 1);
+      while (source.charCodeAt(bPos) === 32/* */ && bPos >= 0)
+        bPos--;
+      switch (source.charCodeAt(bPos)) {
+        case 114/*r*/:
+          if (!source.startsWith('va', bPos - 2))
+            return;
+          break;
+        case 116/*t*/:
+          if (!source.startsWith('le', bPos - 2) && !source.startsWith('cons', bPos - 4))
+            return;
+          break;
+        default: return;
+      }
+      starExportMap[starExportId] = lastStarExportSpecifier;
+    }
+  }
+}
+
+// `Object.` `prototype.`? hasOwnProperty.call(`  IDENTIFIER `, ` IDENTIFIER$2 `)`
+function tryParseObjectHasOwnProperty (it_id) {
+  ch = commentWhitespace();
+  if (ch !== 79/*O*/ || !source.startsWith('bject', pos + 1)) return false;
+  pos += 6;
+  ch = commentWhitespace();
+  if (ch !== 46/*.*/) return false;
+  pos++;
+  ch = commentWhitespace();
+  if (ch === 112/*p*/) {
+    if (!source.startsWith('rototype', pos + 1)) return false;
+    pos += 9;
+    ch = commentWhitespace();
+    if (ch !== 46/*.*/) return false;
+    pos++;
+    ch = commentWhitespace();
+  }
+  if (ch !== 104/*h*/ || !source.startsWith('asOwnProperty', pos + 1)) return false;
+  pos += 14;
+  ch = commentWhitespace();
+  if (ch !== 46/*.*/) return false;
+  pos++;
+  ch = commentWhitespace();
+  if (ch !== 99/*c*/ || !source.startsWith('all', pos + 1)) return false;
+  pos += 4;
+  ch = commentWhitespace();
+  if (ch !== 40/*(*/) return false;
+  pos++;
+  ch = commentWhitespace();
+  if (!identifier()) return false;
+  ch = commentWhitespace();
+  if (ch !== 44/*,*/) return false;
+  pos++;
+  ch = commentWhitespace();
+  if (!source.startsWith(it_id, pos)) return false;
+  pos += it_id.length;
+  ch = commentWhitespace();
+  if (ch !== 41/*)*/) return false;
+  pos++;
+  return true;
+}
+
+function tryParseObjectDefineOrKeys (keys) {
+  pos += 6;
+  let revertPos = pos - 1;
+  let ch = commentWhitespace();
+  if (ch === 46/*.*/) {
+    pos++;
+    ch = commentWhitespace();
+    if (ch === 100/*d*/ && source.startsWith('efineProperty', pos + 1)) {
+      let expt;
+      while (true) {
+        pos += 14;
+        revertPos = pos - 1;
+        ch = commentWhitespace();
+        if (ch !== 40/*(*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (!readExportsOrModuleDotExports(ch)) break;
+        ch = commentWhitespace();
+        if (ch !== 44/*,*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch !== 39/*'*/ && ch !== 34/*"*/) break;
+        const exportPos = pos;
+        stringLiteral(ch);
+        expt = source.slice(exportPos, ++pos);
+        ch = commentWhitespace();
+        if (ch !== 44/*,*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch !== 123/*{*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch === 101/*e*/) {
+          if (!source.startsWith('numerable', pos + 1)) break;
+          pos += 10;
+          ch = commentWhitespace();
+          if (ch !== 58/*:*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 116/*t*/ || !source.startsWith('rue', pos + 1)) break;
+          pos += 4;
+          ch = commentWhitespace();
+          if (ch !== 44) break;
+          pos++;
+          ch = commentWhitespace();
+        }
+        if (ch === 118/*v*/) {
+          if (!source.startsWith('alue', pos + 1)) break;
+          pos += 5;
+          ch = commentWhitespace();
+          if (ch !== 58/*:*/) break;
+          _exports.add(decode(expt));
+          pos = revertPos;
+          return;
+        }
+        else if (ch === 103/*g*/) {
+          if (!source.startsWith('et', pos + 1)) break;
+          pos += 3;
+          ch = commentWhitespace();
+          if (ch === 58/*:*/) {
+            pos++;
+            ch = commentWhitespace();
+            if (ch !== 102/*f*/) break;
+            if (!source.startsWith('unction', pos + 1)) break;
+            pos += 8;
+            let lastPos = pos;
+            ch = commentWhitespace();
+            if (ch !== 40 && (lastPos === pos || !identifier())) break;
+            ch = commentWhitespace();
+          }
+          if (ch !== 40/*(*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 41/*)*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 123/*{*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 114/*r*/) break;
+          if (!source.startsWith('eturn', pos + 1)) break;
+          pos += 6;
+          ch = commentWhitespace();
+          if (!identifier()) break;
+          ch = commentWhitespace();
+          if (ch === 46/*.*/) {
+            pos++;
+            commentWhitespace();
+            if (!identifier()) break;
+            ch = commentWhitespace();
+          }
+          else if (ch === 91/*[*/) {
+            pos++;
+            ch = commentWhitespace();
+            if (ch === 39/*'*/ || ch === 34/*"*/) stringLiteral(ch);
+            else break;
+            pos++;
+            ch = commentWhitespace();
+            if (ch !== 93/*]*/) break;
+            pos++;
+            ch = commentWhitespace();
+          }
+          if (ch === 59/*;*/) {
+            pos++;
+            ch = commentWhitespace();
+          }
+          if (ch !== 125/*}*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch === 44/*,*/) {
+            pos++;
+            ch = commentWhitespace();
+          }
+          if (ch !== 125/*}*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 41/*)*/) break;
+          _exports.add(decode(expt));
+          return;
+        }
+        break;
+      }
+      if (expt) {
+        unsafeGetters.add(decode(expt));
+      }
+    }
+    else if (keys && ch === 107/*k*/ && source.startsWith('eys', pos + 1)) {
+      while (true) {
+        pos += 4;
+        revertPos = pos - 1;
+        ch = commentWhitespace();
+        if (ch !== 40/*(*/) break;
+        pos++;
+        ch = commentWhitespace();
+        const id_start = pos;
+        if (!identifier()) break;
+        const id = source.slice(id_start, pos);
+        ch = commentWhitespace();
+        if (ch !== 41/*)*/) break;
+
+        revertPos = pos++;
+        ch = commentWhitespace();
+        if (ch !== 46/*.*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch !== 102/*f*/ || !source.startsWith('orEach', pos + 1)) break;
+        pos += 7;
+        ch = commentWhitespace();
+        revertPos = pos - 1;
+        if (ch !== 40/*(*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch !== 102/*f*/ || !source.startsWith('unction', pos + 1)) break;
+        pos += 8;
+        ch = commentWhitespace();
+        if (ch !== 40/*(*/) break;
+        pos++;
+        ch = commentWhitespace();
+        const it_id_start = pos;
+        if (!identifier()) break;
+        const it_id = source.slice(it_id_start, pos);
+        ch = commentWhitespace();
+        if (ch !== 41/*)*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch !== 123/*{*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch !== 105/*i*/ || source.charCodeAt(pos + 1) !== 102/*f*/) break;
+        pos += 2;
+        ch = commentWhitespace();
+        if (ch !== 40/*(*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (!source.startsWith(it_id, pos)) break;
+        pos += it_id.length;
+        ch = commentWhitespace();
+        // `if (` IDENTIFIER$2 `===` ( `'default'` | `"default"` ) `||` IDENTIFIER$2 `===` ( '__esModule' | `"__esModule"` ) `) return` `;`? |
+        if (ch === 61/*=*/) {
+          if (!source.startsWith('==', pos + 1)) break;
+          pos += 3;
+          ch = commentWhitespace();
+          if (ch !== 34/*"*/ && ch !== 39/*'*/) break;
+          let quot = ch;
+          if (!source.startsWith('default', pos + 1)) break;
+          pos += 8;
+          ch = commentWhitespace();
+          if (ch !== quot) break;
+          pos += 1;
+          ch = commentWhitespace();
+          if (ch !== 124/*|*/ || source.charCodeAt(pos + 1) !== 124/*|*/) break;
+          pos += 2;
+          ch = commentWhitespace();
+          if (source.slice(pos, pos + it_id.length) !== it_id) break;
+          pos += it_id.length;
+          ch = commentWhitespace();
+          if (ch !== 61/*=*/ || source.slice(pos + 1, pos + 3) !== '==') break;
+          pos += 3;
+          ch = commentWhitespace();
+          if (ch !== 34/*"*/ && ch !== 39/*'*/) break;
+          quot = ch;
+          if (!source.startsWith('__esModule', pos + 1)) break;
+          pos += 11;
+          ch = commentWhitespace();
+          if (ch !== quot) break;
+          pos += 1;
+          ch = commentWhitespace();
+          if (ch !== 41/*)*/) break;
+          pos += 1;
+          ch = commentWhitespace();
+          if (ch !== 114/*r*/ || !source.startsWith('eturn', pos + 1)) break;
+          pos += 6;
+          ch = commentWhitespace();
+          if (ch === 59/*;*/)
+            pos++;
+          ch = commentWhitespace();
+
+          // `if (`
+          if (ch === 105/*i*/ && source.charCodeAt(pos + 1) === 102/*f*/) {
+            let inIf = true;
+            pos += 2;
+            ch = commentWhitespace();
+            if (ch !== 40/*(*/) break;
+            pos++;
+            const ifInnerPos = pos;
+            // `Object.prototype.hasOwnProperty.call(`  IDENTIFIER `, ` IDENTIFIER$2 `)) return` `;`?
+            if (tryParseObjectHasOwnProperty(it_id)) {
+              ch = commentWhitespace();
+              if (ch !== 41/*)*/) break;
+              pos++;
+              ch = commentWhitespace();
+              if (ch !== 114/*r*/ || !source.startsWith('eturn', pos + 1)) break;
+              pos += 6;
+              ch = commentWhitespace();
+              if (ch === 59/*;*/)
+                pos++;
+              ch = commentWhitespace();
+              // match next if
+              if (ch === 105/*i*/ && source.charCodeAt(pos + 1) === 102/*f*/) {
+                pos += 2;
+                ch = commentWhitespace();
+                if (ch !== 40/*(*/) break;
+                pos++;
+              }
+              else {
+                inIf = false;
+              }
+            }
+            else {
+              pos = ifInnerPos;
+            }
+
+            // IDENTIFIER$2 `in` EXPORTS_IDENTIFIER `&&` EXPORTS_IDENTIFIER `[` IDENTIFIER$2 `] ===` IDENTIFIER$1 `[` IDENTIFIER$2 `]) return` `;`?
+            if (inIf) {
+              if (!source.startsWith(it_id, pos)) break;
+              pos += it_id.length;
+              ch = commentWhitespace();
+              if (ch !== 105/*i*/ || !source.startsWith('n ', pos + 1)) break;
+              pos += 3;
+              ch = commentWhitespace();
+              if (!readExportsOrModuleDotExports(ch)) break;
+              ch = commentWhitespace();
+              if (ch !== 38/*&*/ || source.charCodeAt(pos + 1) !== 38/*&*/) break;
+              pos += 2;
+              ch = commentWhitespace();
+              if (!readExportsOrModuleDotExports(ch)) break;
+              ch = commentWhitespace();
+              if (ch !== 91/*[*/) break;
+              pos++;
+              ch = commentWhitespace();
+              if (!source.startsWith(it_id, pos)) break;
+              pos += it_id.length;
+              ch = commentWhitespace();
+              if (ch !== 93/*]*/) break;
+              pos++;
+              ch = commentWhitespace();
+              if (ch !== 61/*=*/ || !source.startsWith('==', pos + 1)) break;
+              pos += 3;
+              ch = commentWhitespace();
+              if (!source.startsWith(id, pos)) break;
+              pos += id.length;
+              ch = commentWhitespace();
+              if (ch !== 91/*[*/) break;
+              pos++;
+              ch = commentWhitespace();
+              if (!source.startsWith(it_id, pos)) break;
+              pos += it_id.length;
+              ch = commentWhitespace();
+              if (ch !== 93/*]*/) break;
+              pos++;
+              ch = commentWhitespace();
+              if (ch !== 41/*)*/) break;
+              pos++;
+              ch = commentWhitespace();
+              if (ch !== 114/*r*/ || !source.startsWith('eturn', pos + 1)) break;
+              pos += 6;
+              ch = commentWhitespace();
+              if (ch === 59/*;*/)
+                pos++;
+              ch = commentWhitespace();
+            }
+          }
+        }
+        // `if (` IDENTIFIER$2 `!==` ( `'default'` | `"default"` ) (`&& !` IDENTIFIER `.hasOwnProperty(` IDENTIFIER$2 `)`  )? `)`
+        else if (ch === 33/*!*/) {
+          if (!source.startsWith('==', pos + 1)) break;
+          pos += 3;
+          ch = commentWhitespace();
+          if (ch !== 34/*"*/ && ch !== 39/*'*/) break;
+          const quot = ch;
+          if (!source.startsWith('default', pos + 1)) break;
+          pos += 8;
+          ch = commentWhitespace();
+          if (ch !== quot) break;
+          pos += 1;
+          ch = commentWhitespace();
+          if (ch === 38/*&*/) {
+            if (source.charCodeAt(pos + 1) !== 38/*&*/) break;
+            pos += 2;
+            ch = commentWhitespace();
+            if (ch !== 33/*!*/) break;
+            pos += 1;
+            ch = commentWhitespace();
+            if (ch === 79/*O*/ && source.startsWith('bject', pos + 1) && source[pos + 6] === '.') {
+              if (!tryParseObjectHasOwnProperty(it_id)) break;
+            }
+            else if (identifier()) {
+              ch = commentWhitespace();
+              if (ch !== 46/*.*/) break;
+              pos++;
+              ch = commentWhitespace();
+              if (ch !== 104/*h*/ || !source.startsWith('asOwnProperty', pos + 1)) break;
+              pos += 14;
+              ch = commentWhitespace();
+              if (ch !== 40/*(*/) break;
+              pos += 1;
+              ch = commentWhitespace();
+              if (!source.startsWith(it_id, pos)) break;
+              pos += it_id.length;
+              ch = commentWhitespace();
+              if (ch !== 41/*)*/) break;
+              pos += 1;
+            }
+            else break;
+            ch = commentWhitespace();
+          }
+          if (ch !== 41/*)*/) break;
+          pos += 1;
+          ch = commentWhitespace();
+        }
+        else break;
+
+        // EXPORTS_IDENTIFIER `[` IDENTIFIER$2 `] =` IDENTIFIER$1 `[` IDENTIFIER$2 `]`
+        if (readExportsOrModuleDotExports(ch)) {
+          ch = commentWhitespace();
+          if (ch !== 91/*[*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (source.slice(pos, pos + it_id.length) !== it_id) break;
+          pos += it_id.length;
+          ch = commentWhitespace();
+          if (ch !== 93/*]*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 61/*=*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (source.slice(pos, pos + id.length) !== id) break;
+          pos += id.length;
+          ch = commentWhitespace();
+          if (ch !== 91/*[*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (source.slice(pos, pos + it_id.length) !== it_id) break;
+          pos += it_id.length;
+          ch = commentWhitespace();
+          if (ch !== 93/*]*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch === 59/*;*/) {
+            pos++;
+            ch = commentWhitespace();
+          }
+        }
+        // `Object.defineProperty(` EXPORTS_IDENTIFIER `, ` IDENTIFIER$2 `, { enumerable: true, get: function () { return ` IDENTIFIER$1 `[` IDENTIFIER$2 `]; } })`
+        else if (ch === 79/*O*/) {
+          if (source.slice(pos + 1, pos + 6) !== 'bject') break;
+          pos += 6;
+          ch = commentWhitespace();
+          if (ch !== 46/*.*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 100/*d*/ || !source.startsWith('efineProperty', pos + 1)) break;
+          pos += 14;
+          ch = commentWhitespace();
+          if (ch !== 40/*(*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (!readExportsOrModuleDotExports(ch)) break;
+          ch = commentWhitespace();
+          if (ch !== 44/*,*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (!source.startsWith(it_id, pos)) break;
+          pos += it_id.length;
+          ch = commentWhitespace();
+          if (ch !== 44/*,*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 123/*{*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 101/*e*/ || !source.startsWith('numerable', pos + 1)) break;
+          pos += 10;
+          ch = commentWhitespace();
+          if (ch !== 58/*:*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 116/*t*/ && !source.startsWith('rue', pos + 1)) break;
+          pos += 4;
+          ch = commentWhitespace();
+          if (ch !== 44/*,*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 103/*g*/ || !source.startsWith('et', pos + 1)) break;
+          pos += 3;
+          ch = commentWhitespace();
+          if (ch === 58/*:*/) {
+            pos++;
+            ch = commentWhitespace();
+            if (ch !== 102/*f*/) break;
+            if (!source.startsWith('unction', pos + 1)) break;
+            pos += 8;
+            let lastPos = pos;
+            ch = commentWhitespace();
+            if (ch !== 40 && (lastPos === pos || !identifier())) break;
+            ch = commentWhitespace();
+          }
+          if (ch !== 40/*(*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 41/*)*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 123/*{*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 114/*r*/ || !source.startsWith('eturn', pos + 1)) break;
+          pos += 6;
+          ch = commentWhitespace();
+          if (!source.startsWith(id, pos)) break;
+          pos += id.length;
+          ch = commentWhitespace();
+          if (ch !== 91/*[*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (!source.startsWith(it_id, pos)) break;
+          pos += it_id.length;
+          ch = commentWhitespace();
+          if (ch !== 93/*]*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch === 59/*;*/) {
+            pos++;
+            ch = commentWhitespace();
+          }
+          if (ch !== 125/*}*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch === 44/*,*/) {
+            pos++;
+            ch = commentWhitespace();
+          }
+          if (ch !== 125/*}*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch !== 41/*)*/) break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch === 59/*;*/) {
+            pos++;
+            ch = commentWhitespace();
+          }
+        }
+        else break;
+
+        if (ch !== 125/*}*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch !== 41/*)*/) break;
+
+        const starExportSpecifier = starExportMap[id];
+        if (starExportSpecifier) {
+          reexports.add(decode(starExportSpecifier));
+          pos = revertPos;
+          return;
+        }
+        return;
+      }
+    }
+  }
+  pos = revertPos;
+}
+
+function readExportsOrModuleDotExports (ch) {
+  const revertPos = pos;
+  if (ch === 109/*m*/ && source.startsWith('odule', pos + 1)) {
+    pos += 6;
+    ch = commentWhitespace();
+    if (ch !== 46/*.*/) {
+      pos = revertPos;
+      return false;
+    }
+    pos++;
+    ch = commentWhitespace();
+  }
+  if (ch === 101/*e*/ && source.startsWith('xports', pos + 1)) {
+    pos += 7;
+    return true;
+  }
+  else {
+    pos = revertPos;
+    return false;
+  }
+}
+
+function tryParseModuleExportsDotAssign () {
+  pos += 6;
+  const revertPos = pos - 1;
+  let ch = commentWhitespace();
+  if (ch === 46/*.*/) {
+    pos++;
+    ch = commentWhitespace();
+    if (ch === 101/*e*/ && source.startsWith('xports', pos + 1)) {
+      tryParseExportsDotAssign(true);
+      return;
+    }
+  }
+  pos = revertPos;
+}
+
+function tryParseExportsDotAssign (assign) {
+  pos += 7;
+  const revertPos = pos - 1;
+  let ch = commentWhitespace();
+  switch (ch) {
+    // exports.asdf
+    case 46/*.*/: {
+      pos++;
+      ch = commentWhitespace();
+      const startPos = pos;
+      if (identifier()) {
+        const endPos = pos;
+        ch = commentWhitespace();
+        if (ch === 61/*=*/) {
+          _exports.add(decode(source.slice(startPos, endPos)));
+          return;
+        }
+      }
+      break;
+    }
+    // exports['asdf']
+    case 91/*[*/: {
+      pos++;
+      ch = commentWhitespace();
+      if (ch === 39/*'*/ || ch === 34/*"*/) {
+        const startPos = pos;
+        stringLiteral(ch);
+        const endPos = ++pos;
+        ch = commentWhitespace();
+        if (ch !== 93/*]*/) break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch !== 61/*=*/) break;
+        _exports.add(decode(source.slice(startPos, endPos)));
+      }
+      break;
+    }
+    // module.exports =
+    case 61/*=*/: {
+      if (assign) {
+        if (reexports.size)
+          reexports = new Set();
+        pos++;
+        ch = commentWhitespace();
+        // { ... }
+        if (ch === 123/*{*/) {
+          tryParseLiteralExports();
+          return;
+        }
+
+        // require('...')
+        if (ch === 114/*r*/)
+          tryParseRequire(ExportAssign);
+      }
+    }
+  }
+  pos = revertPos;
+}
+
+function tryParseRequire (requireType) {
+  // require('...')
+  const revertPos = pos;
+  if (source.startsWith('equire', pos + 1)) {
+    pos += 7;
+    let ch = commentWhitespace();
+    if (ch === 40/*(*/) {
+      pos++;
+      ch = commentWhitespace();
+      const reexportStart = pos;
+      if (ch === 39/*'*/ || ch === 34/*"*/) {
+        stringLiteral(ch);
+        const reexportEnd = ++pos;
+        ch = commentWhitespace();
+        if (ch === 41/*)*/) {
+          switch (requireType) {
+            case ExportAssign:
+              reexports.add(decode(source.slice(reexportStart, reexportEnd)));
+              return true;
+            case ExportStar:
+              reexports.add(decode(source.slice(reexportStart, reexportEnd)));
+              return true;
+            default:
+              lastStarExportSpecifier = decode(source.slice(reexportStart, reexportEnd));
+              return true;
+          }
+        }
+      }
+    }
+    pos = revertPos;
+  }
+  return false;
+}
+
+function tryParseLiteralExports () {
+  const revertPos = pos - 1;
+  while (pos++ < end) {
+    let ch = commentWhitespace();
+    const startPos = pos;
+    if (identifier()) {
+      const endPos = pos;
+      ch = commentWhitespace();
+      if (ch === 58/*:*/) {
+        pos++;
+        ch = commentWhitespace();
+        // nothing more complex than identifier expressions for now
+        if (!identifier()) {
+          pos = revertPos;
+          return;
+        }
+        ch = source.charCodeAt(pos);
+      }
+      _exports.add(decode(source.slice(startPos, endPos)));
+    }
+    else if (ch === 46/*.*/ && source.startsWith('..', pos + 1)) {
+      pos += 3;
+      if (source.charCodeAt(pos) === 114/*r*/ && tryParseRequire(ExportAssign)) {
+        pos++;
+      }
+      else if (!identifier()) {
+        pos = revertPos;
+        return;
+      }
+      ch = commentWhitespace();
+    }
+    else if (ch === 39/*'*/ || ch === 34/*"*/) {
+      const startPos = pos;
+      stringLiteral(ch);
+      const endPos = ++pos;
+      ch = commentWhitespace();
+      if (ch === 58/*:*/) {
+        pos++;
+        ch = commentWhitespace();
+        // nothing more complex than identifier expressions for now
+        if (!identifier()) {
+          pos = revertPos;
+          return;
+        }
+        ch = source.charCodeAt(pos);
+        _exports.add(decode(source.slice(startPos, endPos)));
+      }
+    }
+    else {
+      pos = revertPos;
+      return;
+    }
+
+    if (ch === 125/*}*/)
+      return;
+
+    if (ch !== 44/*,*/) {
+      pos = revertPos;
+      return;
+    }
+  }
+}
+
+// --- Extracted from AcornJS ---
+//(https://github.com/acornjs/acorn/blob/master/acorn/src/identifier.js#L23
+//
+// MIT License
+
+// Copyright (C) 2012-2018 by various contributors (see AUTHORS)
+
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+// ## Character categories
+
+// Big ugly regular expressions that match characters in the
+// whitespace, identifier, and identifier-start categories. These
+// are only applied when a character is found to actually have a
+// code point above 128.
+// Generated by `bin/generate-identifier-regex.js`.
+let nonASCIIidentifierStartChars = "\xaa\xb5\xba\xc0-\xd6\xd8-\xf6\xf8-\u02c1\u02c6-\u02d1\u02e0-\u02e4\u02ec\u02ee\u0370-\u0374\u0376\u0377\u037a-\u037d\u037f\u0386\u0388-\u038a\u038c\u038e-\u03a1\u03a3-\u03f5\u03f7-\u0481\u048a-\u052f\u0531-\u0556\u0559\u0560-\u0588\u05d0-\u05ea\u05ef-\u05f2\u0620-\u064a\u066e\u066f\u0671-\u06d3\u06d5\u06e5\u06e6\u06ee\u06ef\u06fa-\u06fc\u06ff\u0710\u0712-\u072f\u074d-\u07a5\u07b1\u07ca-\u07ea\u07f4\u07f5\u07fa\u0800-\u0815\u081a\u0824\u0828\u0840-\u0858\u0860-\u086a\u08a0-\u08b4\u08b6-\u08c7\u0904-\u0939\u093d\u0950\u0958-\u0961\u0971-\u0980\u0985-\u098c\u098f\u0990\u0993-\u09a8\u09aa-\u09b0\u09b2\u09b6-\u09b9\u09bd\u09ce\u09dc\u09dd\u09df-\u09e1\u09f0\u09f1\u09fc\u0a05-\u0a0a\u0a0f\u0a10\u0a13-\u0a28\u0a2a-\u0a30\u0a32\u0a33\u0a35\u0a36\u0a38\u0a39\u0a59-\u0a5c\u0a5e\u0a72-\u0a74\u0a85-\u0a8d\u0a8f-\u0a91\u0a93-\u0aa8\u0aaa-\u0ab0\u0ab2\u0ab3\u0ab5-\u0ab9\u0abd\u0ad0\u0ae0\u0ae1\u0af9\u0b05-\u0b0c\u0b0f\u0b10\u0b13-\u0b28\u0b2a-\u0b30\u0b32\u0b33\u0b35-\u0b39\u0b3d\u0b5c\u0b5d\u0b5f-\u0b61\u0b71\u0b83\u0b85-\u0b8a\u0b8e-\u0b90\u0b92-\u0b95\u0b99\u0b9a\u0b9c\u0b9e\u0b9f\u0ba3\u0ba4\u0ba8-\u0baa\u0bae-\u0bb9\u0bd0\u0c05-\u0c0c\u0c0e-\u0c10\u0c12-\u0c28\u0c2a-\u0c39\u0c3d\u0c58-\u0c5a\u0c60\u0c61\u0c80\u0c85-\u0c8c\u0c8e-\u0c90\u0c92-\u0ca8\u0caa-\u0cb3\u0cb5-\u0cb9\u0cbd\u0cde\u0ce0\u0ce1\u0cf1\u0cf2\u0d04-\u0d0c\u0d0e-\u0d10\u0d12-\u0d3a\u0d3d\u0d4e\u0d54-\u0d56\u0d5f-\u0d61\u0d7a-\u0d7f\u0d85-\u0d96\u0d9a-\u0db1\u0db3-\u0dbb\u0dbd\u0dc0-\u0dc6\u0e01-\u0e30\u0e32\u0e33\u0e40-\u0e46\u0e81\u0e82\u0e84\u0e86-\u0e8a\u0e8c-\u0ea3\u0ea5\u0ea7-\u0eb0\u0eb2\u0eb3\u0ebd\u0ec0-\u0ec4\u0ec6\u0edc-\u0edf\u0f00\u0f40-\u0f47\u0f49-\u0f6c\u0f88-\u0f8c\u1000-\u102a\u103f\u1050-\u1055\u105a-\u105d\u1061\u1065\u1066\u106e-\u1070\u1075-\u1081\u108e\u10a0-\u10c5\u10c7\u10cd\u10d0-\u10fa\u10fc-\u1248\u124a-\u124d\u1250-\u1256\u1258\u125a-\u125d\u1260-\u1288\u128a-\u128d\u1290-\u12b0\u12b2-\u12b5\u12b8-\u12be\u12c0\u12c2-\u12c5\u12c8-\u12d6\u12d8-\u1310\u1312-\u1315\u1318-\u135a\u1380-\u138f\u13a0-\u13f5\u13f8-\u13fd\u1401-\u166c\u166f-\u167f\u1681-\u169a\u16a0-\u16ea\u16ee-\u16f8\u1700-\u170c\u170e-\u1711\u1720-\u1731\u1740-\u1751\u1760-\u176c\u176e-\u1770\u1780-\u17b3\u17d7\u17dc\u1820-\u1878\u1880-\u18a8\u18aa\u18b0-\u18f5\u1900-\u191e\u1950-\u196d\u1970-\u1974\u1980-\u19ab\u19b0-\u19c9\u1a00-\u1a16\u1a20-\u1a54\u1aa7\u1b05-\u1b33\u1b45-\u1b4b\u1b83-\u1ba0\u1bae\u1baf\u1bba-\u1be5\u1c00-\u1c23\u1c4d-\u1c4f\u1c5a-\u1c7d\u1c80-\u1c88\u1c90-\u1cba\u1cbd-\u1cbf\u1ce9-\u1cec\u1cee-\u1cf3\u1cf5\u1cf6\u1cfa\u1d00-\u1dbf\u1e00-\u1f15\u1f18-\u1f1d\u1f20-\u1f45\u1f48-\u1f4d\u1f50-\u1f57\u1f59\u1f5b\u1f5d\u1f5f-\u1f7d\u1f80-\u1fb4\u1fb6-\u1fbc\u1fbe\u1fc2-\u1fc4\u1fc6-\u1fcc\u1fd0-\u1fd3\u1fd6-\u1fdb\u1fe0-\u1fec\u1ff2-\u1ff4\u1ff6-\u1ffc\u2071\u207f\u2090-\u209c\u2102\u2107\u210a-\u2113\u2115\u2118-\u211d\u2124\u2126\u2128\u212a-\u2139\u213c-\u213f\u2145-\u2149\u214e\u2160-\u2188\u2c00-\u2c2e\u2c30-\u2c5e\u2c60-\u2ce4\u2ceb-\u2cee\u2cf2\u2cf3\u2d00-\u2d25\u2d27\u2d2d\u2d30-\u2d67\u2d6f\u2d80-\u2d96\u2da0-\u2da6\u2da8-\u2dae\u2db0-\u2db6\u2db8-\u2dbe\u2dc0-\u2dc6\u2dc8-\u2dce\u2dd0-\u2dd6\u2dd8-\u2dde\u3005-\u3007\u3021-\u3029\u3031-\u3035\u3038-\u303c\u3041-\u3096\u309b-\u309f\u30a1-\u30fa\u30fc-\u30ff\u3105-\u312f\u3131-\u318e\u31a0-\u31bf\u31f0-\u31ff\u3400-\u4dbf\u4e00-\u9ffc\ua000-\ua48c\ua4d0-\ua4fd\ua500-\ua60c\ua610-\ua61f\ua62a\ua62b\ua640-\ua66e\ua67f-\ua69d\ua6a0-\ua6ef\ua717-\ua71f\ua722-\ua788\ua78b-\ua7bf\ua7c2-\ua7ca\ua7f5-\ua801\ua803-\ua805\ua807-\ua80a\ua80c-\ua822\ua840-\ua873\ua882-\ua8b3\ua8f2-\ua8f7\ua8fb\ua8fd\ua8fe\ua90a-\ua925\ua930-\ua946\ua960-\ua97c\ua984-\ua9b2\ua9cf\ua9e0-\ua9e4\ua9e6-\ua9ef\ua9fa-\ua9fe\uaa00-\uaa28\uaa40-\uaa42\uaa44-\uaa4b\uaa60-\uaa76\uaa7a\uaa7e-\uaaaf\uaab1\uaab5\uaab6\uaab9-\uaabd\uaac0\uaac2\uaadb-\uaadd\uaae0-\uaaea\uaaf2-\uaaf4\uab01-\uab06\uab09-\uab0e\uab11-\uab16\uab20-\uab26\uab28-\uab2e\uab30-\uab5a\uab5c-\uab69\uab70-\uabe2\uac00-\ud7a3\ud7b0-\ud7c6\ud7cb-\ud7fb\uf900-\ufa6d\ufa70-\ufad9\ufb00-\ufb06\ufb13-\ufb17\ufb1d\ufb1f-\ufb28\ufb2a-\ufb36\ufb38-\ufb3c\ufb3e\ufb40\ufb41\ufb43\ufb44\ufb46-\ufbb1\ufbd3-\ufd3d\ufd50-\ufd8f\ufd92-\ufdc7\ufdf0-\ufdfb\ufe70-\ufe74\ufe76-\ufefc\uff21-\uff3a\uff41-\uff5a\uff66-\uffbe\uffc2-\uffc7\uffca-\uffcf\uffd2-\uffd7\uffda-\uffdc"
+let nonASCIIidentifierChars = "\u200c\u200d\xb7\u0300-\u036f\u0387\u0483-\u0487\u0591-\u05bd\u05bf\u05c1\u05c2\u05c4\u05c5\u05c7\u0610-\u061a\u064b-\u0669\u0670\u06d6-\u06dc\u06df-\u06e4\u06e7\u06e8\u06ea-\u06ed\u06f0-\u06f9\u0711\u0730-\u074a\u07a6-\u07b0\u07c0-\u07c9\u07eb-\u07f3\u07fd\u0816-\u0819\u081b-\u0823\u0825-\u0827\u0829-\u082d\u0859-\u085b\u08d3-\u08e1\u08e3-\u0903\u093a-\u093c\u093e-\u094f\u0951-\u0957\u0962\u0963\u0966-\u096f\u0981-\u0983\u09bc\u09be-\u09c4\u09c7\u09c8\u09cb-\u09cd\u09d7\u09e2\u09e3\u09e6-\u09ef\u09fe\u0a01-\u0a03\u0a3c\u0a3e-\u0a42\u0a47\u0a48\u0a4b-\u0a4d\u0a51\u0a66-\u0a71\u0a75\u0a81-\u0a83\u0abc\u0abe-\u0ac5\u0ac7-\u0ac9\u0acb-\u0acd\u0ae2\u0ae3\u0ae6-\u0aef\u0afa-\u0aff\u0b01-\u0b03\u0b3c\u0b3e-\u0b44\u0b47\u0b48\u0b4b-\u0b4d\u0b55-\u0b57\u0b62\u0b63\u0b66-\u0b6f\u0b82\u0bbe-\u0bc2\u0bc6-\u0bc8\u0bca-\u0bcd\u0bd7\u0be6-\u0bef\u0c00-\u0c04\u0c3e-\u0c44\u0c46-\u0c48\u0c4a-\u0c4d\u0c55\u0c56\u0c62\u0c63\u0c66-\u0c6f\u0c81-\u0c83\u0cbc\u0cbe-\u0cc4\u0cc6-\u0cc8\u0cca-\u0ccd\u0cd5\u0cd6\u0ce2\u0ce3\u0ce6-\u0cef\u0d00-\u0d03\u0d3b\u0d3c\u0d3e-\u0d44\u0d46-\u0d48\u0d4a-\u0d4d\u0d57\u0d62\u0d63\u0d66-\u0d6f\u0d81-\u0d83\u0dca\u0dcf-\u0dd4\u0dd6\u0dd8-\u0ddf\u0de6-\u0def\u0df2\u0df3\u0e31\u0e34-\u0e3a\u0e47-\u0e4e\u0e50-\u0e59\u0eb1\u0eb4-\u0ebc\u0ec8-\u0ecd\u0ed0-\u0ed9\u0f18\u0f19\u0f20-\u0f29\u0f35\u0f37\u0f39\u0f3e\u0f3f\u0f71-\u0f84\u0f86\u0f87\u0f8d-\u0f97\u0f99-\u0fbc\u0fc6\u102b-\u103e\u1040-\u1049\u1056-\u1059\u105e-\u1060\u1062-\u1064\u1067-\u106d\u1071-\u1074\u1082-\u108d\u108f-\u109d\u135d-\u135f\u1369-\u1371\u1712-\u1714\u1732-\u1734\u1752\u1753\u1772\u1773\u17b4-\u17d3\u17dd\u17e0-\u17e9\u180b-\u180d\u1810-\u1819\u18a9\u1920-\u192b\u1930-\u193b\u1946-\u194f\u19d0-\u19da\u1a17-\u1a1b\u1a55-\u1a5e\u1a60-\u1a7c\u1a7f-\u1a89\u1a90-\u1a99\u1ab0-\u1abd\u1abf\u1ac0\u1b00-\u1b04\u1b34-\u1b44\u1b50-\u1b59\u1b6b-\u1b73\u1b80-\u1b82\u1ba1-\u1bad\u1bb0-\u1bb9\u1be6-\u1bf3\u1c24-\u1c37\u1c40-\u1c49\u1c50-\u1c59\u1cd0-\u1cd2\u1cd4-\u1ce8\u1ced\u1cf4\u1cf7-\u1cf9\u1dc0-\u1df9\u1dfb-\u1dff\u203f\u2040\u2054\u20d0-\u20dc\u20e1\u20e5-\u20f0\u2cef-\u2cf1\u2d7f\u2de0-\u2dff\u302a-\u302f\u3099\u309a\ua620-\ua629\ua66f\ua674-\ua67d\ua69e\ua69f\ua6f0\ua6f1\ua802\ua806\ua80b\ua823-\ua827\ua82c\ua880\ua881\ua8b4-\ua8c5\ua8d0-\ua8d9\ua8e0-\ua8f1\ua8ff-\ua909\ua926-\ua92d\ua947-\ua953\ua980-\ua983\ua9b3-\ua9c0\ua9d0-\ua9d9\ua9e5\ua9f0-\ua9f9\uaa29-\uaa36\uaa43\uaa4c\uaa4d\uaa50-\uaa59\uaa7b-\uaa7d\uaab0\uaab2-\uaab4\uaab7\uaab8\uaabe\uaabf\uaac1\uaaeb-\uaaef\uaaf5\uaaf6\uabe3-\uabea\uabec\uabed\uabf0-\uabf9\ufb1e\ufe00-\ufe0f\ufe20-\ufe2f\ufe33\ufe34\ufe4d-\ufe4f\uff10-\uff19\uff3f"
+
+const nonASCIIidentifierStart = new RegExp("[" + nonASCIIidentifierStartChars + "]")
+const nonASCIIidentifier = new RegExp("[" + nonASCIIidentifierStartChars + nonASCIIidentifierChars + "]")
+
+nonASCIIidentifierStartChars = nonASCIIidentifierChars = null
+
+// These are a run-length and offset encoded representation of the
+// >0xffff code points that are a valid part of identifiers. The
+// offset starts at 0x10000, and each pair of numbers represents an
+// offset to the next range, and then a size of the range. They were
+// generated by bin/generate-identifier-regex.js
+
+// eslint-disable-next-line comma-spacing
+const astralIdentifierStartCodes = [0,11,2,25,2,18,2,1,2,14,3,13,35,122,70,52,268,28,4,48,48,31,14,29,6,37,11,29,3,35,5,7,2,4,43,157,19,35,5,35,5,39,9,51,157,310,10,21,11,7,153,5,3,0,2,43,2,1,4,0,3,22,11,22,10,30,66,18,2,1,11,21,11,25,71,55,7,1,65,0,16,3,2,2,2,28,43,28,4,28,36,7,2,27,28,53,11,21,11,18,14,17,111,72,56,50,14,50,14,35,349,41,7,1,79,28,11,0,9,21,107,20,28,22,13,52,76,44,33,24,27,35,30,0,3,0,9,34,4,0,13,47,15,3,22,0,2,0,36,17,2,24,85,6,2,0,2,3,2,14,2,9,8,46,39,7,3,1,3,21,2,6,2,1,2,4,4,0,19,0,13,4,159,52,19,3,21,2,31,47,21,1,2,0,185,46,42,3,37,47,21,0,60,42,14,0,72,26,230,43,117,63,32,7,3,0,3,7,2,1,2,23,16,0,2,0,95,7,3,38,17,0,2,0,29,0,11,39,8,0,22,0,12,45,20,0,35,56,264,8,2,36,18,0,50,29,113,6,2,1,2,37,22,0,26,5,2,1,2,31,15,0,328,18,190,0,80,921,103,110,18,195,2749,1070,4050,582,8634,568,8,30,114,29,19,47,17,3,32,20,6,18,689,63,129,74,6,0,67,12,65,1,2,0,29,6135,9,1237,43,8,8952,286,50,2,18,3,9,395,2309,106,6,12,4,8,8,9,5991,84,2,70,2,1,3,0,3,1,3,3,2,11,2,0,2,6,2,64,2,3,3,7,2,6,2,27,2,3,2,4,2,0,4,6,2,339,3,24,2,24,2,30,2,24,2,30,2,24,2,30,2,24,2,30,2,24,2,7,2357,44,11,6,17,0,370,43,1301,196,60,67,8,0,1205,3,2,26,2,1,2,0,3,0,2,9,2,3,2,0,2,0,7,0,5,0,2,0,2,0,2,2,2,1,2,0,3,0,2,0,2,0,2,0,2,0,2,1,2,0,3,3,2,6,2,3,2,3,2,0,2,9,2,16,6,2,2,4,2,16,4421,42717,35,4148,12,221,3,5761,15,7472,3104,541,1507,4938]
+
+// eslint-disable-next-line comma-spacing
+const astralIdentifierCodes = [509,0,227,0,150,4,294,9,1368,2,2,1,6,3,41,2,5,0,166,1,574,3,9,9,370,1,154,10,176,2,54,14,32,9,16,3,46,10,54,9,7,2,37,13,2,9,6,1,45,0,13,2,49,13,9,3,2,11,83,11,7,0,161,11,6,9,7,3,56,1,2,6,3,1,3,2,10,0,11,1,3,6,4,4,193,17,10,9,5,0,82,19,13,9,214,6,3,8,28,1,83,16,16,9,82,12,9,9,84,14,5,9,243,14,166,9,71,5,2,1,3,3,2,0,2,1,13,9,120,6,3,6,4,0,29,9,41,6,2,3,9,0,10,10,47,15,406,7,2,7,17,9,57,21,2,13,123,5,4,0,2,1,2,6,2,0,9,9,49,4,2,1,2,4,9,9,330,3,19306,9,135,4,60,6,26,9,1014,0,2,54,8,3,82,0,12,1,19628,1,5319,4,4,5,9,7,3,6,31,3,149,2,1418,49,513,54,5,49,9,0,15,0,23,4,2,14,1361,6,2,16,3,6,2,1,2,4,262,6,10,9,419,13,1495,6,110,6,6,9,4759,9,787719,239]
+
+// This has a complexity linear to the value of the code. The
+// assumption is that looking up astral identifier characters is
+// rare.
+function isInAstralSet(code, set) {
+  let pos = 0x10000
+  for (let i = 0; i < set.length; i += 2) {
+    pos += set[i]
+    if (pos > code) return false
+    pos += set[i + 1]
+    if (pos >= code) return true
+  }
+}
+
+// Test whether a given character code starts an identifier.
+
+function isIdentifierStart(code, astral) {
+  if (code < 65) return code === 36
+  if (code < 91) return true
+  if (code < 97) return code === 95
+  if (code < 123) return true
+  if (code <= 0xffff) return code >= 0xaa && nonASCIIidentifierStart.test(String.fromCharCode(code))
+  if (astral === false) return false
+  return isInAstralSet(code, astralIdentifierStartCodes)
+}
+
+// Test whether a given character is part of an identifier.
+
+function isIdentifierChar(code, astral) {
+  if (code < 48) return code === 36
+  if (code < 58) return true
+  if (code < 65) return false
+  if (code < 91) return true
+  if (code < 97) return code === 95
+  if (code < 123) return true
+  if (code <= 0xffff) return code >= 0xaa && nonASCIIidentifier.test(String.fromCharCode(code))
+  if (astral === false) return false
+  return isInAstralSet(code, astralIdentifierStartCodes) || isInAstralSet(code, astralIdentifierCodes)
+}
+
+function identifier () {
+  let ch = source.codePointAt(pos);
+  if (!isIdentifierStart(ch, true) || ch === '\\')
+    return false;
+  pos += codePointLen(ch);
+  while (ch = source.codePointAt(pos)) {
+    if (isIdentifierChar(ch, true)) {
+      pos += codePointLen(ch);
+    }
+    else if (ch === '\\') {
+      // no identifier escapes support for now
+      return false;
+    }
+    else {
+      break;
+    }
+  }
+  return true;
+}
+
+function codePointLen (ch) {
+  if (ch < 0x10000) return 1;
+  return 2;
+}
+
+function codePointAtLast (bPos) {
+  // Gives the UTF char for backtracking surrogates
+  const ch = source.charCodeAt(bPos);
+  if ((ch & 0xFC00) === 0xDC00)
+    return (((source.charCodeAt(bPos - 1) & 0x3FF) << 10) | (ch & 0x3FF)) + 0x10000;
+  return ch;
+}
+
+function esmSyntaxErr (msg) {
+  return Object.assign(new Error(msg), { code: 'ERR_LEXER_ESM_SYNTAX' });
+}
+
+function throwIfImportStatement () {
+  const startPos = pos;
+  pos += 6;
+  const ch = commentWhitespace();
+  switch (ch) {
+    // dynamic import
+    case 40/*(*/:
+      openTokenPosStack[openTokenDepth++] = startPos;
+      return;
+    // import.meta
+    case 46/*.*/:
+      throw esmSyntaxErr('Unexpected import.meta in CJS module.');
+
+    default:
+      // no space after "import" -> not an import keyword
+      if (pos === startPos + 6)
+        break;
+    case 34/*"*/:
+    case 39/*'*/:
+    case 123/*{*/:
+    case 42/***/:
+      // import statement only permitted at base-level
+      if (openTokenDepth !== 0) {
+        pos--;
+        return;
+      }
+      // import statements are a syntax error in CommonJS
+      throw esmSyntaxErr('Unexpected import statement in CJS module.');
+  }
+}
+
+function throwIfExportStatement () {
+  pos += 6;
+  const curPos = pos;
+  const ch = commentWhitespace();
+  if (pos === curPos && !isPunctuator(ch))
+    return;
+  throw esmSyntaxErr('Unexpected export statement in CJS module.');
+}
+
+function commentWhitespace () {
+  let ch;
+  do {
+    ch = source.charCodeAt(pos);
+    if (ch === 47/*/*/) {
+      const next_ch = source.charCodeAt(pos + 1);
+      if (next_ch === 47/*/*/)
+        lineComment();
+      else if (next_ch === 42/***/)
+        blockComment();
+      else
+        return ch;
+    }
+    else if (!isBrOrWs(ch)) {
+      return ch;
+    }
+  } while (pos++ < end);
+  return ch;
+}
+
+function templateString () {
+  while (pos++ < end) {
+    const ch = source.charCodeAt(pos);
+    if (ch === 36/*$*/ && source.charCodeAt(pos + 1) === 123/*{*/) {
+      pos++;
+      templateStack[templateStackDepth++] = templateDepth;
+      templateDepth = ++openTokenDepth;
+      return;
+    }
+    if (ch === 96/*`*/)
+      return;
+    if (ch === 92/*\*/)
+      pos++;
+  }
+  syntaxError();
+}
+
+function blockComment () {
+  pos++;
+  while (pos++ < end) {
+    const ch = source.charCodeAt(pos);
+    if (ch === 42/***/ && source.charCodeAt(pos + 1) === 47/*/*/) {
+      pos++;
+      return;
+    }
+  }
+}
+
+function lineComment () {
+  while (pos++ < end) {
+    const ch = source.charCodeAt(pos);
+    if (ch === 10/*\n*/ || ch === 13/*\r*/)
+      return;
+  }
+}
+
+function stringLiteral (quote) {
+  while (pos++ < end) {
+    let ch = source.charCodeAt(pos);
+    if (ch === quote)
+      return;
+    if (ch === 92/*\*/) {
+      ch = source.charCodeAt(++pos);
+      if (ch === 13/*\r*/ && source.charCodeAt(pos + 1) === 10/*\n*/)
+        pos++;
+    }
+    else if (isBr(ch))
+      break;
+  }
+  throw new Error('Unterminated string.');
+}
+
+function regexCharacterClass () {
+  while (pos++ < end) {
+    let ch = source.charCodeAt(pos);
+    if (ch === 93/*]*/)
+      return ch;
+    if (ch === 92/*\*/)
+      pos++;
+    else if (ch === 10/*\n*/ || ch === 13/*\r*/)
+      break;
+  }
+  throw new Error('Syntax error reading regular expression class.');
+}
+
+function regularExpression () {
+  while (pos++ < end) {
+    let ch = source.charCodeAt(pos);
+    if (ch === 47/*/*/)
+      return;
+    if (ch === 91/*[*/)
+      ch = regexCharacterClass();
+    else if (ch === 92/*\*/)
+      pos++;
+    else if (ch === 10/*\n*/ || ch === 13/*\r*/)
+      break;
+  }
+  throw new Error('Syntax error reading regular expression.');
+}
+
+// Note: non-asii BR and whitespace checks omitted for perf / footprint
+// if there is a significant user need this can be reconsidered
+function isBr (c) {
+  return c === 13/*\r*/ || c === 10/*\n*/;
+}
+
+function isBrOrWs (c) {
+  return c > 8 && c < 14 || c === 32 || c === 160;
+}
+
+function isBrOrWsOrPunctuatorNotDot (c) {
+  return c > 8 && c < 14 || c === 32 || c === 160 || isPunctuator(c) && c !== 46/*.*/;
+}
+
+function keywordStart (pos) {
+  return pos === 0 || isBrOrWsOrPunctuatorNotDot(source.charCodeAt(pos - 1));
+}
+
+function readPrecedingKeyword (pos, match) {
+  if (pos < match.length - 1)
+    return false;
+  return source.startsWith(match, pos - match.length + 1) && (pos === 0 || isBrOrWsOrPunctuatorNotDot(source.charCodeAt(pos - match.length)));
+}
+
+function readPrecedingKeyword1 (pos, ch) {
+  return source.charCodeAt(pos) === ch && (pos === 0 || isBrOrWsOrPunctuatorNotDot(source.charCodeAt(pos - 1)));
+}
+
+// Detects one of case, debugger, delete, do, else, in, instanceof, new,
+//   return, throw, typeof, void, yield, await
+function isExpressionKeyword (pos) {
+  switch (source.charCodeAt(pos)) {
+    case 100/*d*/:
+      switch (source.charCodeAt(pos - 1)) {
+        case 105/*i*/:
+          // void
+          return readPrecedingKeyword(pos - 2, 'vo');
+        case 108/*l*/:
+          // yield
+          return readPrecedingKeyword(pos - 2, 'yie');
+        default:
+          return false;
+      }
+    case 101/*e*/:
+      switch (source.charCodeAt(pos - 1)) {
+        case 115/*s*/:
+          switch (source.charCodeAt(pos - 2)) {
+            case 108/*l*/:
+              // else
+              return readPrecedingKeyword1(pos - 3, 101/*e*/);
+            case 97/*a*/:
+              // case
+              return readPrecedingKeyword1(pos - 3, 99/*c*/);
+            default:
+              return false;
+          }
+        case 116/*t*/:
+          // delete
+          return readPrecedingKeyword(pos - 2, 'dele');
+        default:
+          return false;
+      }
+    case 102/*f*/:
+      if (source.charCodeAt(pos - 1) !== 111/*o*/ || source.charCodeAt(pos - 2) !== 101/*e*/)
+        return false;
+      switch (source.charCodeAt(pos - 3)) {
+        case 99/*c*/:
+          // instanceof
+          return readPrecedingKeyword(pos - 4, 'instan');
+        case 112/*p*/:
+          // typeof
+          return readPrecedingKeyword(pos - 4, 'ty');
+        default:
+          return false;
+      }
+    case 110/*n*/:
+      // in, return
+      return readPrecedingKeyword1(pos - 1, 105/*i*/) || readPrecedingKeyword(pos - 1, 'retur');
+    case 111/*o*/:
+      // do
+      return readPrecedingKeyword1(pos - 1, 100/*d*/);
+    case 114/*r*/:
+      // debugger
+      return readPrecedingKeyword(pos - 1, 'debugge');
+    case 116/*t*/:
+      // await
+      return readPrecedingKeyword(pos - 1, 'awai');
+    case 119/*w*/:
+      switch (source.charCodeAt(pos - 1)) {
+        case 101/*e*/:
+          // new
+          return readPrecedingKeyword1(pos - 2, 110/*n*/);
+        case 111/*o*/:
+          // throw
+          return readPrecedingKeyword(pos - 2, 'thr');
+        default:
+          return false;
+      }
+  }
+  return false;
+}
+
+function isParenKeyword (curPos) {
+  return source.charCodeAt(curPos) === 101/*e*/ && source.startsWith('whil', curPos - 4) ||
+      source.charCodeAt(curPos) === 114/*r*/ && source.startsWith('fo', curPos - 2) ||
+      source.charCodeAt(curPos - 1) === 105/*i*/ && source.charCodeAt(curPos) === 102/*f*/;
+}
+
+function isPunctuator (ch) {
+  // 23 possible punctuator endings: !%&()*+,-./:;<=>?[]^{}|~
+  return ch === 33/*!*/ || ch === 37/*%*/ || ch === 38/*&*/ ||
+    ch > 39 && ch < 48 || ch > 57 && ch < 64 ||
+    ch === 91/*[*/ || ch === 93/*]*/ || ch === 94/*^*/ ||
+    ch > 122 && ch < 127;
+}
+
+function isExpressionPunctuator (ch) {
+  // 20 possible expression endings: !%&(*+,-.:;<=>?[^{|~
+  return ch === 33/*!*/ || ch === 37/*%*/ || ch === 38/*&*/ ||
+    ch > 39 && ch < 47 && ch !== 41 || ch > 57 && ch < 64 ||
+    ch === 91/*[*/ || ch === 94/*^*/ || ch > 122 && ch < 127 && ch !== 125/*}*/;
+}
+
+function isExpressionTerminator (curPos) {
+  // detects:
+  // => ; ) finally catch else
+  // as all of these followed by a { will indicate a statement brace
+  switch (source.charCodeAt(curPos)) {
+    case 62/*>*/:
+      return source.charCodeAt(curPos - 1) === 61/*=*/;
+    case 59/*;*/:
+    case 41/*)*/:
+      return true;
+    case 104/*h*/:
+      return source.startsWith('catc', curPos - 4);
+    case 121/*y*/:
+      return source.startsWith('finall', curPos - 6);
+    case 101/*e*/:
+      return source.startsWith('els', curPos - 3);
+  }
+  return false;
+}
+
+const initPromise = Promise.resolve();
+
+module.exports.init = () => initPromise;
+module.exports.initSync = () => {};
+module.exports.parse = parseCJS;
diff --git a/deps/cjs-module-lexer/src/lib/lexer.wasm b/deps/cjs-module-lexer/src/lib/lexer.wasm
new file mode 100755
index 0000000000000000000000000000000000000000..ae6ac5a0f43621081c1ad45c3524b27f230c6f6f
GIT binary patch
literal 22164
zcmcJXdz4*Oo#)Rv_ffa%-m2WZL!RdrkPsdTAfSLsHm+2<pjp`C%v$qD_Xx9A#+lsK
zwgU7xJw0*@L|lLvp;b^@ijl!K-Sz}Uhp`2Uho~rR3CJ@@0b>9`2myIR=JWmSz3;tM
zxoPco=D@D=+xz_XZ~tEV_1pU<IrFR!r%95ee>`|bdTx5|8QHn#CTAo7NkTz#M)_QO
z{1^WA`MgjIfV?W9L~to07X?sY@1*dKqti4kBuTN<UrdU{LLuqPlB6<_l#--es`iy(
zA*m!;`zh7R#Zvmwv{Wh;(j+Zc;KfZ{kyZQtc&Pm0%^&`=t^XxUsvrE|f82cLM?d)Q
z&pc~$A<51<GdU>ToE)5OJ}X(BZQh)$DQpEiguk1Uwb?mmC5L9`Y)%f#wr)-iFKp%S
z5!u#rl694jp1Jj`&F?$q1IhaSfi!VxwV0$?Vc<uXr$-MZd6K8@hpXJ=s``=DkiB=6
z`$<=JdX;-X*?9@YE;%ks92k06e}dTOW*gl1CelN)WVqn6E$)|zdm(YZN!-(k+mn#3
z*NcXc7u?VmYGoVhbKN1E1`|~aRjJ6A`rJk=Xk_rUW)pvgH;oO#WW6>MeK@rWZY_ke
z4LNc(hcYx@b=Mm+dB*n$gIjdzoT^CV1wK?=GN+oWjfquoKG*cJ3~jh8lpld((8*@a
z^=VR{Q{9`TrE~qqMzOHLTFjb_G*9?GoVgq}&}H$|JZ&U{X|)PQ=H5f8A*T>(AO*-C
zH5F>oNQJ6qwuqD~ZfO);(#U)rQBGXz)xwx--B5rhF!uJ1!L)HD*bSV$)wNpGOCYl`
zhwN!v#fjUQj0|RZQlGa`+H)Uwe@P*jqsy$R`us*#Q`?zK#|$O17IcP8J4_W+&!n@O
zsY`aM%oYj5oBZ8EWgGM#Hs6yphYCp{ElAFn6ZcqBUoe=~GG(7N|5#uQKasfS6Zc%=
zUQFr>H=-9Y0(*6NMzwlkn&N4u?mRVRuTQf)3s5mH1gM-B160XNBaL!3FIP|hm(&eZ
z2J&)%YI)yCqf*T))o+z>`!07xSHZL8+rz1QIN5}?Qum&b!Iam!O@mn%dUSRb;cShx
zzG$OIP>x<8zri<A(3gXEde;pVVtt&09+FrOiTwtP&+aJdsnC2R*)(Wav#6-C?xyex
zJc-`<H`aEcS2v~QJtkt}-iT!3T~40L>;>!ap&^j1cf;wV34HosMo%}o5;&7t>x=v#
zp@ITBOxy|Tg!_&V(p51~#%1OAxMy2Ya4&M`#JbBm89-_pEL!J>d=Cw2MDT6)R*~8)
zbhkOP!M2=uq}f_tT5MaL_RD_U^Zr{l?Tr-Ab!k0HqA|mKyOc9F?cG}#GdYn)#Gzms
ztV(U_H$s5Q;Uj~VeT%*xFf}Sx@fJug^>s5>vmSIfoq(zn=?H)On|SHs(_G^4&$HcC
z3=Ct-wr)h@jEgR<Zb;m2nO`NlSLHU?2Qj_jf+;;;?paX$;MjEOIbz|GG)2JZ-~qc)
zlxv`clpbS4UX~Y6*Z8ENu8`Z1Rbc3n@d|FBIaExuEM=(3G&C|ANUwwP*9@KJR#0{W
zBg-181~b!@G~oK{Qi4=x3OOb8S0u7_BR^rFMU`1I&%}xUZl<vIlQc~tWz)i$X%^*z
z1(e}^x{*pSi3W*c^HlRbKTIF0&a7#|tp~F1rH+D~&9t!VXBvprl4?>t=65m_Zahp=
z>o$#<!8ZPWL)=KCubTH&|5Ha#jU)(U6I|-n+x&xvqpU-H=R%x9eUOp7J|wBq`hX4F
zNEHlkRvwnxu$R}<s7-ijb$mYl0sreyGff>dGRODZ6Gp>yeoF!b!o$3!)9J)xKAM0^
z{*6#hSMVRUryyoFN7Qo=E}2Z4E*sqn_`l5OTji$Pos4c($%TFD1?TrSUCA&$TWz`{
z_@u@$V&ZPDs)zKCx?eL8|2cD{79ok-R%^QID8P>aR*i0zW!>(Yi2Z7?>54||zCqQU
z*X~_=-#mcM1<K@{rW;W0YXPdh;UU%CG1PR+XkJLWp<_rl&1<@OhV)&ag6cgnx9J*Q
zf_nhxsO-VIKC0%|fl4a+AHK-b`x2Rcm3|(;Gx*jVHTn!p^sCW98-d-==85h3r<*}`
z(d5ABU{NE`-qsSY11kCQtynQA>U;B>Lx<2u{gbM{DwD>i15s?F)%bidJZS5Ix95wK
zU6c$2W&UP?O2!vNp}x03TrF%X^Q|41re2%7z^SQL<YZwtC&tnYP9jIVBPR<xoa_QN
zwZ9Hf?k2mao9sRUc8S_1yQqsSFnW}moVVCyU2L+FziF`~JD@GuRnMJYN3ym&H!W!n
zt&Vz?N(BcY+JN#wn${AT-|KZ3u$qmkIbenizXP%H1G;1Y4l?}Z7%aDzvb3~b@()X!
z^zpU9WtJM6T;}9AUinIE{K!1}#;3kU-;s&!qx^=<$Hv?P%cP9+mc=f5=Q2^Md1Yj0
zyT{fCBZCoL<GK~9v!`9>y5*{~qFv{;3tMj&e6^|Np_;LI{R$!Wdp3W#LiY8ZeRCnt
z)VU$+ivxobD^;D+DUf6HA0LCr6)SC7?Y_OTIb5I*yU*3~LT7yV^r|pEya0s-^vcYA
za+SEgY@Io@y6MxaLx+3>!1vtGG(u-S4*;LGf#8K){gnz&0`yrAe;mjLf?pV5X!k|5
zNdS1I!X4J+-;##~PwYw<J4nR7=@|jK8z@uJ9s`Wn#Yct)rq@SekE|E}*OSi!V^hZm
zq>qfb$#+G(Yk(Gr+^%;v-4LjNI{;0OR|5<hZ!I7b;hE#Y@MD-$<P7tAfVmzM$cD2W
z$F>P>12nX~$HWnI8fb;u{W$>g8@Vq4TivO5M7*ybB{}Xm+9LsOLsp~pr(<q{V)Rbw
z<cUppg2=sMQU>+?`gn6aU&P0Ifffqu4bYiFc&v{<c1t3}U*3{LdN(r-;WuFb!?VwC
zwZZ^4C9FYFdHz8l?+SY#G74vmx#@?K5iia5X+D>Qc;#b2eo}k>Cz+ah=_grRqKOC_
zFJHNfFJ|D~9+G$$Pi10fdArk$w_2}?pY~XB9vDL<4K#kZZvD*2Xk4M|-(!t_>mJIm
zF$8~bH=qe|t)PlG{9aYEiE>(ypT@5DAeE*BMO*#S)BO6ql*w<5`F}U&rql@Ij%NQU
zeKcd;2E-UN&>l9&YvNu=Puw3q!Dxl3fy#FL+{)&*(f|7V>ew>-^oD49SM*5LHquo~
zBF&H5fcIuWs{YE$g%RJ<Zdwv+tX$oM|M;yp3(+!n3G~+7_BNpJlsCUk?OK7=H7h3m
zq*`Zd?bd+L`YJYD3DFN0;*FyFc%$HUEN(E!7PJt~wlLPbmYyoM^Gth~;+Em!s8;JN
ze7ly%uChgelZcUP4P`A<q4Ih<nx|t8t<-GE_$PjyIT;pKT7rog8!@%&(t4-Ys!Qd5
z)urai*vbnTaxKj2tE`3Uh((6@ivEj!Z!pa41ncWl)E4&Ch$E=TRvl@4$ff8*E)5*6
zP(34(DL049flQyslsjZtZ!6<t0ko$~3<p444V2ltw;QO021?buRQ(InLcKAZ5)w(W
zbFrxHKOADRoLy?GblW$$qB?+&pd@jRYg;2*-HQYjSO(AYi~kw;n46fB5ofOkRq~go
zzt5uGO|kQa$@OVXn{f{g5km=JoyBed=MjYq;DQeBBKJ}(UE*F#LagLV^!vEM3C{3q
z;$hMY!95~0|Hp!RK62BCz<!tIH<^SP*0DE`gLifT)ME!wpKDuNV<c`562d0AJP69K
zvhuYE5HZ7-EC^H|&e+#=c5!)D{nL)Zh!h2pGJ=f(EV^Guu-uWk(vf+<Jr)sa?(ql?
z5r_&D>Qoz{)jX}fSYV5iZ9t}<>T6_LJ6Ec@UnzFwh+4gr)X{@|XS%n|w&}qag=$d=
zjJ><1&dg#P_!XUl?#;&5LMm7hFbh_+?XEWxV7XIT38tfT0Mm(gz*?|4;E;)-9uzH9
zbo0C!6qo1~2P&ao_tZX;J|<hB0r!f6bM?g?Ntbu%neekDMK#@8lT=>!uvZKU2P}I~
zmC;@$(A-aWSV0lRvJMZFXEnJr<cC>q<FD!2!%6+XU>P(NXe(kY#2J-c+OXl^eQ~_0
zG>7}bcvI1M(}$xHXwpz+=BA+18BzwqkYeG+4@4Tp=5Q&{V8xl_rLHl{4^uII83wFU
zUhdE=2b#rdUaW46GzXf)l|Zv!G%Fpx@^Zb7ekkhiP^kqfw!eR;ZIDCtLY|xow)Xd7
zJkAwlo*DRVXm+Xo2L*F9H4#W=dfHYAQ<M2_(LGt{nwrur!>ON|3hk+hWwxK13YwaP
z(Vm*{(V}~bX}B;}-Mfq+yUjm$l(c?gWOy}gx;y<`x;@pzUq8(yj#2h(H@;0VD{v;k
zSuErS0N9lK0QhcZj5IEEK!5bL^S;YMM-sb>*!W+|bck2?HQmLjtz@Q4sxZ{1f7L`-
zr(Ft;t!%#va1Rj#>OD`uz!v9I0Je2E!VeB;p)ftrbZZUmI-u2R=LO;gPlVvZ1n^<(
zFvSU*ilTe2Mj%gHHIx147Cv~l->qCW)O0KTZsp|h)+IYyUmkB^^7g*Ue-GQ1>ug_t
zC;NJW1Q5TA$`8`0t*BaT{}+jsm*z;$a$C;ZlJ4c-HT4;*zc1ED{EqSy1O$##_3sdP
zV3h|n0c4BdNk|{y7k)R+GX+rK;~P_!f54&%agqE2xw>smA#%ZdaZ~fsUQQrjQH(kq
z&<;BI;vnR9aQei^n^to{TaNKJAM=v%?VI*3ta35_3!k-Bw<+TC1wj!z4XG1a_=nb{
zUkO8CyM-N&9X)yPcUZ8urkN1F@u`#3^WVQwo5jnC5tuGN1Auo*8+#yYtH}!}Q(UFJ
zqTWtmVvRQMJZ#qaUjXwgY1ZSH+|y97h5Ks@rJPQjc6|EgvW!Kifr&+?EEb98HZKsT
zIA&jxp*d?Wv`w3W^hb~dWwtL;OY_^x-23u@^c98(x6{6qG*qwzAmpdE|7LLz_A&wu
zi_IG@1@iI(gl)i-g*^TqWWTw(af!TRI|y|Y<o)u2C2D!?=*bs;5=G}T^t}Cmu<E}I
zfM%rU3jiy!|D^!Zy&3faA`z*po(7Lv`YYb@?E_R)X^V7KhD7>s<5F>P84(HJNq=F8
z9Y^|fYg&#3&OaLFw}?1kQ1V{{TB5cu0AN!S8h;&9wmrKSzz<fBddRm&Y=a%ksC$h`
zB*qGg?wiZS#yF9RBaQeZ5ZipKGET&TUeV_L#|H=AEdcXZ76`eL*hIv?+9DjQM^C>0
z*)O$TV=C`*)>f|JhNeD63_yETz#kEwI4HFBv9aNTn_MYoS}RAkqQRXj*yrF^l-!(a
zyLgE2p3gyv$el%a##^u6_JbvAC`5St$IwYHZHU}NL!+PC`+?<uLw%wED!9uE?mQ@l
zB&R?%Cf@|OiydxI?bJaQx*2tQIqZwNqkkV9hTm-fez3bJ7Cq#Ns+DO#Y-}pM;ozQ>
zS_C$Zk#?RV3gT@y4P-moNdQ@yuM-9WTngZ$sI7?h+z~d~1&$}k{WuZDaiFCp{_}?`
zsG*`mn(kSui{z_og4av{+^4z0_+-bKxz-x#?+OA$xB2<zGC-Se9ze|FJ%L-J#6JX>
zV-4MJ!J3`x6*w?z69hS!0wC5RB;tGO4q_rptq9<7Pir>;5PZYxOaZU7?*PoFRNijE
zlO0Dj-5p^PYXPqn()S6|_~_Kvjuq1vkY5i`zf+!|)nkSB^zl(|Hv-u}u?>KEQ1n}X
z7NmaYUFMh+-34T5EngG}ewX;s;UaiGz)F}ay1##C*p@$cycS#p?LSk<OC4wV;d`T^
z0lYt65sO+UG+93cCf?n2pSN+hb&|LiV~@O7GCc~q78a7J;HIqXzm2&E-y0hK&Pj>}
z(lB1y6%E`2853a|K;f^{O`Rlq_mL;YtOjn4IClVeJ-#q$A)uFiL6Cc|FWly1Myh$<
zt%i0XFQfE1pTFqV#6k{U|5uQMwYj72=7~~=Hx|Dhd%Lh1j4dMaeUHpYbrlEd9R*H5
z0MZ4vUfLlL^V0sbs+tS5LLpRa(0GP$mh|CAjn+fpttK$7kO!7A!qgAtRML#{H6Qo-
z1}_nB-ARPy(`JmR9|5ilCYn^Sc}nZctoC+)Rckl)R8N>LT2Il`cis^!MX!B={4#mV
zb&mu6LVYQ9tP{*pRTTX1YQ@zavVQU<f&NtJ7RBA@nbf~QpauF&Q`h+{AFdYUXNL;}
zGK3h$hZH!Pe3%jzD@2JrB+;JtlD1S5=CmDB(Yw^nd5Vl3ZTg)g5a)-cO9TnklfF<{
z8w}1D<Oi)+ehO$2w~Ga-2SV<@|0D2|Cczg3dPXM{51g{ny$Tsd*UsEFA5@%FsjOUd
z+bQwQ?twLA8pM^3>C9vJf#QA^fxSr3a$|mnKwFgGt}t6z4@|a0ZY@C!&G7iT;(QjY
z-Q^>GQO=+Gz~Hq1F4Rv5TrWMnt@`N62;6Hy$!QfyOWs00rZ;cYU3b$!H@mHu3CY<4
za`#I>zw+a2YY*^q=5Ig#pMXbs(mMp37_A4Oe$D+Jd-r{0UNi;n6lkGLYj%gShxwr8
zf0heOsKA>0tRQ+l-Z1V#<k$n7vY_O6*uy~6f>=O%Q7(sLC~??u6-)n4x4cS{SWtAk
zAO;v?;RcV6ogO`|8~yIRAlWkI&&S-YKBH!LDMsn%h+70QWvTdT4+Fidc;<!bXvAm)
zo3VDk0c2+t*6L--+6H0jb)ZSFs5`{iv%rRP&nx7f$+T@v+(Y7^Fsh(qOx2_H!C!dV
z!Cq7c!~<tjaMD=VtSgGZwI_e)Ndcv*qL?=5yvm&jcZfQ6L)t2}*G@;Vmg61+A5PE*
z-JNg;pMLVqtTrbKak&YD#t2w%&=(D<I9d(ifQ)T*0SZSX#B1_YF9j^IWa=+&@gl&$
z9kk)h?l!Th%}dRO0x;E&!C}~Pr;tz2-ZD(A_r#P?nyyU{{m}`zdy0(Sli`jXm+~xs
zdw9>fd*`M?`2*q2H9f=M>E8sfDqOJAC64OC#N94{|2-p3ZfSIthWKnOo$84jN@wBj
z?1>vnyKx6hvfEeHkE#M9%v1p3f2Y8oIc@$4GfcA4kRq<|3du8K5?@|r_xVsKnTb`o
z-QmlNWUg727s0N&Pfc1_T6&$BCQX_)c1)yh$FzZ5Cv&Y_lrI7G@5Hz=3Or#2ET<f|
z6zraxtfWTVC&4vieIf$e1e}maxnASD!}|sr&<DRETMr`#Dl$iaC36i0of5m%nE5+N
zy0a&rVzrkw^TO%YL%0-Up*;LvmtT@3)s2vX1q<=7;45k%+n{h1ffftkXttGeceaZD
zO3z@y<M#S1(O`18MCS+;3+_>F>&?mP^XHf6m*&r(pOT7+u4WY6n&wddP^F)e`Sa(5
zGWyC;p*o*?D<BMy3=Z=8Dc5+)ycLw5mu+xKy{M>EQZMP1)yq{g0DAWpsLdCB-S8oL
z+Z_b<aW-GCD`1D1HQ#4uO2rMXOiWg?LYlF&g>R@1kMQRW78UB?zD?aTDprH|;pScV
zgefq(PH9k1R1kf3i`)udg5w-#Ih(Mx@Up5a)vH?9l<WTb5eT~3gNIpfuFWIr-@pha
z->}{Pd>Xyr;_?a~!v-vdfG%JRTm#0yHQ+!9{sP7@FW`{7I}%giI?$cR1>68G2(fW+
z7jYpslr9MYaY~nVsx5c-M}(Cf+&qM8!5t>{A1EB;qq~w~wew+Jz(YE84+VFG@lPgF
z5Zc=xZzbfbTT8(jsO3n7WmSBnE(QDJgv=eSQZqu@QN7d}daXHC>YXZ;Q(**#<3}wh
zKl3c1Uiqh*x2U+9pEsNk+|#5(W`WrQ!qS`MGtlcTvbZ!dzO;R5&tGfye$vIPe96S<
zM4f3YT#A$**!hji?9QGBr%vCP+v$7NQeRyUolQD*tTu<rgY|l$&hTd?)*CDJf!G@d
zLT_ZvZ3iQq&sjIy_Y`NyYjUW&n<f4%Ll)fsd4_kNcJJwVj)VHSkJztnf?)KY0coyU
z8w%{qG8cy_gPxs1>3@iYmcr5r6sS=e9PDCJBY}FNE=Hn)7}M9>%>6jdKB}&do>?2L
zdWu|Pj;9X>md&^ZR%mC_pn(G&u%=6GHK(CHWoWO}0?&`{a{v@tfWwXc7JE<%mbNn?
zle<AwW&i5b7trZB$m@N;`~)StU3Q_K>(N}O=Mcv36GPGtVR$d);1?^=gL>UGt}mg6
zKR4<1nMT%Zf{3o#+jos(MKm`1DzU#PtK%2bbl}l@GUVHLfoFYyKBsCkWvU<05n_S-
zf%+%(=HB{Z<ZIZbQ*{_Zd9tMr{|xj4r{N(>JV}DrULyN@v`>ah%rA>ZTjT1H>hqxi
zoehQt+HF<L?_*o$&w+myex2LMB54bk8uLvwsK{%qrYFRK-w!F_o^ZVV+<n8mt>RrX
zIHg#>w7@Iu98y2Iusie`@*;Ef*h8?wA-cHP?j#ED+SO+6726ON$KP4z({C*PS@yQ^
zEH=~jU`}=6mE&EG5!(mHp>x#dijmZJ4r=%d^fpoSvR-`=t8A~*S-euW?aC5wmIr%3
z(^Yu8&po4Z`*!t-Oal5c<7-gSTQXdakF<OEzo43_c81Ha_Q=zXIPf#cCe|#02k-S=
zUZX=_bD*+~Re-vU9Bm$*e}4w`uGlD>(nAyY?<_lOWg2?se$I>;m4Z4LF}$JiKTQ06
z{mw&9`4m6@iAT^n?)L_WU4i8mJV!2(A-1<K-Tk?_X^5KkGZAEn#AX>UWE*|mBJ<0O
zeS~hau)o2~mPRw}(&iREib2Hv@X<b^_9x1H&EbBIsMDOo$`YG04p-4lp5*;xIOt^?
zg2vP>!rajCSFicaMk$EoT|)(aJc*yoBTU^anCTP#msFiv8auel;indig@U=%!DR-<
z4#VmwRma0tG+U`}V*U<A4Q%a_jw)t|ENKJvJc@@ABGcwZqVrG6!(L<)qpYT@63c6b
zjkYe3YIs0P%tv7@$pNztShR81N`1F6u;T8DxN((DwOUy00uI?6W4QIO8m3g2YWz)+
zj=mOo<LmZOPkqtBdX{TC>*!II!7Q`J%b+#Cm_TKWQYQ8cn=ppa4YklO@V60HlG=D=
z)>&=X!xy^TbQVYczCO1b>Pw4S_`!2oZOmwga`9{*+FgHNp6xrH5HH327M_c}dG>u`
z2G6l!RMq`M3OY_-z8@EpQaU=8KD7G^ohA?8;MIPs!+gY&sf3uTXV;1a9S4u7Oj<q7
z`@3`iO-Zv1;fKn9R?p~asmwi<PFLgCk2aDZ(Ek@M|KB>ch0xkvIt&M_N3~o+A7PA)
zmg*kf;_s>aT(rO8EfNTGhK4sQn&sjUSsmu|_PDgK^%dIL*K+LvyZi2#I`-o;HV$r`
zzp`W9ZR22{cCof5({h+ew`b4OC9T*2yr2x<vo2}Ho)<4^F&*`y)#Wh0<Ai$MV{^{|
zATAmC*kc{$mr~LJ(k!uIL~hqh$@_2+jML45I!CX%ZD*KexGtK$8$_D3x<N0RU3I-i
zV%@IUYJdD-j1vj&>DrU7%!Nf}dwiT}daZ%|XxteevG~60QanL%7yHnr<)>}d`|TZJ
zq}65dUbHk=@dHck;d*`ENBlsx+Z_9;YTLhFG;P+k50QOs{sLjwwfXB=IjmJv?E<xX
z(Qu%-hd6xP{u$`Ef8H6H;NlW^f6TJ=>r$zRYIV()A@0c{e_=krw)`Ts*S^5!Rr8W4
z-hTIF!IxO9hNuNpXYI+DkhDZC#STWt?Wq<zUe9tZTYG+x&g?^*%YEl-``($ayPU!I
zqwt+$!5Py@ulBm?`hFDa&gw_K>RLbQscW=Tb=rgNr`m7ZgY~MW6;7{mal!7!Htw?q
z7#}?lAGR!-_0{jA{69m`C~)SWK);4U)`fU56B!F4tiZdX_b><9={efZmGji5?KD@M
zlkY`+@BAAD+8gMYqRQr%uXPqb_LEWDL0+R14gMtqA7%4s1f@SY$;H!|5$uv8*q!)f
zZJ_EZ^{W5HFQKwnrAg$q#t+_0ZfYXkq8Qi_i5-0Wc9Iq_6K<`qN?em5xEcxdn!|RW
z!hwyBACOop*-uPzylW*oMT-bJ%JG`86FIz&Dq^doXfI_t@6)F|J$)<FaG@<mKPM9P
z8hS$Uiuqy9&d*j;ezscH&sIxS$8nB+HOhbd4N4i-uM4=Cxpot-&XpZ&yl-@j9EXcZ
zJX}o9cJXkrsKZ6iO8an;ppn0Z<qsD%w-@ES{Ovkp9ILjEUyAN9o%)or1o6sjj<u2D
z0*^J%&rJ$4dn`YUAEGH(5c5a)nFn#L5jh$^+Qq3P2GO8Y#}M%h!#n`R!ZP=|pR(AZ
zztZn7$P#U|jeLE%BKIuI8RY5<>^zgm63uc@mn!7i`EMW6XdUai6A`IY<Sa{;NEv0x
z7m7uknA}=UVt6T<p*zA^lXlb^v)W^}AAL5duaL3zP1<<Rh;(3>L>Item-GbxV1zVb
zr3`8a!oMN0T&FWSjA6(ie&?MS2PPV!FPNPS-5W{lgr*~jhwK+7%)HH^1xcD!{8K1a
zDy2%fQt7K84gy8(KP|D6{{9rdEAxXC{Yw|mqq17ezh-g~yj@P0no;#ds%A+_M^i;9
zO@jG-zG9CR%F9g@S6}I=kwN5@>YCP+U*>xAEu_Oy>XoJ6f^enWQ?>a`IlEU*8~i*3
zCz1MC8&Y0r2F<gSM62kQK-~&Yk8c#cCV@D<!<DQJh&&A=n9zbgUGqtOnT#er&>*bR
z4RuPd0$ie|n|SsQtqj}mj53g5PiteM5Kr3wh^uoOm*z>X6Vs)*$&j>DpW~0!qwkAR
ze3-xRvQTTUAU@oo029#%&P-Xzw9+GCBxJ((_h1xHv%$}WLZi6JQtVXN5P#rru{FAk
z26N=qKVM*GggyS@fZ#JMN%YU)JS>x@=Hien*kNvl&vUM*A>59)!@9<foJE%2sphgs
zJf~tHtd)+=iFX=Vool9$&HNd0Mnjqmbe_x*)78R&Kbnj!hDpQl=m4?URYB851^x2`
zT&QS&p!ZZYg2S{Qs@>ar32d+rZx6Eg!Y6IaUg{^0;RHqkGK1EpW&9&E?Z|hdm#BDy
zoq2PwE(&Y2f)|#5XQfc^=eP$c2yZJst#Gog`2sup^V#-X!88%L(Al90>H{8jNx*YV
z9Y4#E&236yTv3dnON(|tfSIv<a;2$v*6DRM`iCtcWXQ}<$yt>jZSYTS==XZVMP_>a
zcw`yZJS-0-&hK?|K^H%Y;fScH3k4Nsb3CM|g@PI!78RUE^)k_+<}%9|5tnSLR=>U&
zLVs1MjxVkzNs^Hc2=95}ord=i?*eI%bRg+3NF$_UNHvg_^DdH(3~3c_)mcF*lMW`S
z4dq2gG)kmClG;_>!$^Nknoo+~<9iKd{iJu0gmWBi4)9(`5?#@`k|dg<uSax6Q*X(k
zHuUKGB9iLqEjlYnCzHD6*7rzXdf7yJCrNFIo+Ih0lSEVP#3X&F?Wh;M4<f0qaF&r&
zb}Xs89knmL%_aRA=?_TnA{|Xqd3;MRe*zP0c}IRu2Nq4y(<6O}|0ZbxN#7)|Y$&_^
zA?a{ZgS3Pso<vu=&?A}jh|Vx6>QD98lje|wBbs_7mmbL}{*@Qqe?yWF#P52mp5Bs4
zZ?#b&ts|`=NhaY)&w5J^;YB(sS6)0tzT`K0#GlHpB1uk_chit>iht3JbO4k8O;Y=Z
zl7ugxjd*~`yGi;cp7qE!OG&#(vh_KnlSnx!@(*aVlo!9Ty~V)t8$Bx5^FdOqw;EVF
z)Dyp}@92?z*N~(yJyHKP;3G(~wVne>@|_Be3RiSw8~K<X`I2akk!I^vvPZg-QT?i$
zf9X*6*YgL^7tNb2mn84!eI*L~5buwW^zAm%jdZki80Ky&jzH|Y4fx|N-sE#zN#aNL
zlHMi1?2wZrlXw)Z>!>3=kCRRzsa((dNYa5Lr6lpIM>JnS;qtMc)4pt_HeVg4T@a53
z7OrTkJ>gwUc?n<(u;`1fd`k6{g!3V2{%hW<I}+Y%S2XnK9rJ>PC)??*M{m*Adqa2&
zPbvCK{I0$!yhum9D6dCw#QOjZ3P=4;-{V{Q{eAM{=U9Z+cp(|oUi8ncv?-k~#7S=F
zt$y-8lJunK+b|gUmM@79=_T^7Z+euMUiFUnfNebSphv!_C)V$N3s%}6{r%O8<+JNW
zKB9hOKE7kU$hZ1*#1$XWPAcDs!XCNS_se4_kWW2A60LDMoBGp{IBU*_6;yr#K~JGG
zyd|c1p75{a^SniOHRWpe--6dIx7ruYwIr2CebKb(<-HW@yXq>*ern>2B)Vv_gQR-L
zku=ujB;iR0)zcU$JbhPr^woobHTJ5m%EgE1YE04-za14|;fS8_<x?LB?`Y?%Ltb=Z
zJHpqPCc3H@WmP`X5^s7$GnNZaI#arZB;OUD=tlkgD`1U1;#1}Kks^KhvgS|G6Q9zB
zlJHbdwiK+SF+qA0UFBa4`D;Ud6K{PJ|B=7QJ4NmC$j8Shi+n^mgr{*$^w*M9E_$M)
zGCh({Nn@#e>+>`gZKbz#Al&0gaeh^s|CJ>Eq$@p<&!}&`^{B3r>?z!CJmur}Q)pLw
zZ8_DKT^R5+PKa-f3Br9@NIaq=-;&N%B>n1<j-{`^`$PZ!0h5B-QHr{jT&g3wnxh1N
zjwG5Ffh1npVHthZQC@B9k&g6eZjSQEj(-GV)NkwqF)w~ZTli%%Dvy5kRr1p3{h|Ix
lgcFk5`~nk>-hHK7LfGVrRn?{Mzr>3sl44zC^=J30{|hrv#BKlp

literal 0
HcmV?d00001

diff --git a/deps/cjs-module-lexer/src/package-lock.json b/deps/cjs-module-lexer/src/package-lock.json
new file mode 100644
index 00000000000000..3c5f50d681e7b3
--- /dev/null
+++ b/deps/cjs-module-lexer/src/package-lock.json
@@ -0,0 +1,1901 @@
+{
+  "name": "cjs-module-lexer",
+  "version": "2.0.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "cjs-module-lexer",
+      "version": "2.0.0",
+      "license": "MIT",
+      "devDependencies": {
+        "@babel/cli": "^7.5.5",
+        "@babel/core": "^7.5.5",
+        "@babel/plugin-transform-modules-commonjs": "^7.5.0",
+        "cross-env": "^7.0.3",
+        "kleur": "^2.0.2",
+        "mocha": "^9.1.3",
+        "terser": "^4.1.4"
+      }
+    },
+    "node_modules/@ampproject/remapping": {
+      "version": "2.2.1",
+      "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz",
+      "integrity": "sha512-lFMjJTrFL3j7L9yBxwYfCq2k6qqwHyzuUl/XBnif78PWTJYyL/dfowQHWE3sp6U6ZzqWiiIZnpTMO96zhkjwtg==",
+      "dev": true,
+      "dependencies": {
+        "@jridgewell/gen-mapping": "^0.3.0",
+        "@jridgewell/trace-mapping": "^0.3.9"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@babel/cli": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/cli/-/cli-7.22.5.tgz",
+      "integrity": "sha512-N5d7MjzwsQ2wppwjhrsicVDhJSqF9labEP/swYiHhio4Ca2XjEehpgPmerjnLQl7BPE59BLud0PTWGYwqFl/cQ==",
+      "dev": true,
+      "dependencies": {
+        "@jridgewell/trace-mapping": "^0.3.17",
+        "commander": "^4.0.1",
+        "convert-source-map": "^1.1.0",
+        "fs-readdir-recursive": "^1.1.0",
+        "glob": "^7.2.0",
+        "make-dir": "^2.1.0",
+        "slash": "^2.0.0"
+      },
+      "bin": {
+        "babel": "bin/babel.js",
+        "babel-external-helpers": "bin/babel-external-helpers.js"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "optionalDependencies": {
+        "@nicolo-ribaudo/chokidar-2": "2.1.8-no-fsevents.3",
+        "chokidar": "^3.4.0"
+      },
+      "peerDependencies": {
+        "@babel/core": "^7.0.0-0"
+      }
+    },
+    "node_modules/@babel/code-frame": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.5.tgz",
+      "integrity": "sha512-Xmwn266vad+6DAqEB2A6V/CcZVp62BbwVmcOJc2RPuwih1kw02TjQvWVWlcKGbBPd+8/0V5DEkOcizRGYsspYQ==",
+      "dev": true,
+      "dependencies": {
+        "@babel/highlight": "^7.22.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/compat-data": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.22.5.tgz",
+      "integrity": "sha512-4Jc/YuIaYqKnDDz892kPIledykKg12Aw1PYX5i/TY28anJtacvM1Rrr8wbieB9GfEJwlzqT0hUEao0CxEebiDA==",
+      "dev": true,
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/core": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.22.5.tgz",
+      "integrity": "sha512-SBuTAjg91A3eKOvD+bPEz3LlhHZRNu1nFOVts9lzDJTXshHTjII0BAtDS3Y2DAkdZdDKWVZGVwkDfc4Clxn1dg==",
+      "dev": true,
+      "dependencies": {
+        "@ampproject/remapping": "^2.2.0",
+        "@babel/code-frame": "^7.22.5",
+        "@babel/generator": "^7.22.5",
+        "@babel/helper-compilation-targets": "^7.22.5",
+        "@babel/helper-module-transforms": "^7.22.5",
+        "@babel/helpers": "^7.22.5",
+        "@babel/parser": "^7.22.5",
+        "@babel/template": "^7.22.5",
+        "@babel/traverse": "^7.22.5",
+        "@babel/types": "^7.22.5",
+        "convert-source-map": "^1.7.0",
+        "debug": "^4.1.0",
+        "gensync": "^1.0.0-beta.2",
+        "json5": "^2.2.2",
+        "semver": "^6.3.0"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/babel"
+      }
+    },
+    "node_modules/@babel/generator": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.22.5.tgz",
+      "integrity": "sha512-+lcUbnTRhd0jOewtFSedLyiPsD5tswKkbgcezOqqWFUVNEwoUTlpPOBmvhG7OXWLR4jMdv0czPGH5XbflnD1EA==",
+      "dev": true,
+      "dependencies": {
+        "@babel/types": "^7.22.5",
+        "@jridgewell/gen-mapping": "^0.3.2",
+        "@jridgewell/trace-mapping": "^0.3.17",
+        "jsesc": "^2.5.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-compilation-targets": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.5.tgz",
+      "integrity": "sha512-Ji+ywpHeuqxB8WDxraCiqR0xfhYjiDE/e6k7FuIaANnoOFxAHskHChz4vA1mJC9Lbm01s1PVAGhQY4FUKSkGZw==",
+      "dev": true,
+      "dependencies": {
+        "@babel/compat-data": "^7.22.5",
+        "@babel/helper-validator-option": "^7.22.5",
+        "browserslist": "^4.21.3",
+        "lru-cache": "^5.1.1",
+        "semver": "^6.3.0"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "peerDependencies": {
+        "@babel/core": "^7.0.0"
+      }
+    },
+    "node_modules/@babel/helper-environment-visitor": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.5.tgz",
+      "integrity": "sha512-XGmhECfVA/5sAt+H+xpSg0mfrHq6FzNr9Oxh7PSEBBRUb/mL7Kz3NICXb194rCqAEdxkhPT1a88teizAFyvk8Q==",
+      "dev": true,
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-function-name": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.22.5.tgz",
+      "integrity": "sha512-wtHSq6jMRE3uF2otvfuD3DIvVhOsSNshQl0Qrd7qC9oQJzHvOL4qQXlQn2916+CXGywIjpGuIkoyZRRxHPiNQQ==",
+      "dev": true,
+      "dependencies": {
+        "@babel/template": "^7.22.5",
+        "@babel/types": "^7.22.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-hoist-variables": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz",
+      "integrity": "sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==",
+      "dev": true,
+      "dependencies": {
+        "@babel/types": "^7.22.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-module-imports": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.22.5.tgz",
+      "integrity": "sha512-8Dl6+HD/cKifutF5qGd/8ZJi84QeAKh+CEe1sBzz8UayBBGg1dAIJrdHOcOM5b2MpzWL2yuotJTtGjETq0qjXg==",
+      "dev": true,
+      "dependencies": {
+        "@babel/types": "^7.22.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-module-transforms": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.22.5.tgz",
+      "integrity": "sha512-+hGKDt/Ze8GFExiVHno/2dvG5IdstpzCq0y4Qc9OJ25D4q3pKfiIP/4Vp3/JvhDkLKsDK2api3q3fpIgiIF5bw==",
+      "dev": true,
+      "dependencies": {
+        "@babel/helper-environment-visitor": "^7.22.5",
+        "@babel/helper-module-imports": "^7.22.5",
+        "@babel/helper-simple-access": "^7.22.5",
+        "@babel/helper-split-export-declaration": "^7.22.5",
+        "@babel/helper-validator-identifier": "^7.22.5",
+        "@babel/template": "^7.22.5",
+        "@babel/traverse": "^7.22.5",
+        "@babel/types": "^7.22.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-plugin-utils": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.22.5.tgz",
+      "integrity": "sha512-uLls06UVKgFG9QD4OeFYLEGteMIAa5kpTPcFL28yuCIIzsf6ZyKZMllKVOCZFhiZ5ptnwX4mtKdWCBE/uT4amg==",
+      "dev": true,
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-simple-access": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz",
+      "integrity": "sha512-n0H99E/K+Bika3++WNL17POvo4rKWZ7lZEp1Q+fStVbUi8nxPQEBOlTmCOxW/0JsS56SKKQ+ojAe2pHKJHN35w==",
+      "dev": true,
+      "dependencies": {
+        "@babel/types": "^7.22.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-split-export-declaration": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.5.tgz",
+      "integrity": "sha512-thqK5QFghPKWLhAV321lxF95yCg2K3Ob5yw+M3VHWfdia0IkPXUtoLH8x/6Fh486QUvzhb8YOWHChTVen2/PoQ==",
+      "dev": true,
+      "dependencies": {
+        "@babel/types": "^7.22.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-string-parser": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz",
+      "integrity": "sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==",
+      "dev": true,
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-validator-identifier": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.5.tgz",
+      "integrity": "sha512-aJXu+6lErq8ltp+JhkJUfk1MTGyuA4v7f3pA+BJ5HLfNC6nAQ0Cpi9uOquUj8Hehg0aUiHzWQbOVJGao6ztBAQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-validator-option": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.22.5.tgz",
+      "integrity": "sha512-R3oB6xlIVKUnxNUxbmgq7pKjxpru24zlimpE8WK47fACIlM0II/Hm1RS8IaOI7NgCr6LNS+jl5l75m20npAziw==",
+      "dev": true,
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helpers": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.22.5.tgz",
+      "integrity": "sha512-pSXRmfE1vzcUIDFQcSGA5Mr+GxBV9oiRKDuDxXvWQQBCh8HoIjs/2DlDB7H8smac1IVrB9/xdXj2N3Wol9Cr+Q==",
+      "dev": true,
+      "dependencies": {
+        "@babel/template": "^7.22.5",
+        "@babel/traverse": "^7.22.5",
+        "@babel/types": "^7.22.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/highlight": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.5.tgz",
+      "integrity": "sha512-BSKlD1hgnedS5XRnGOljZawtag7H1yPfQp0tdNJCHoH6AZ+Pcm9VvkrK59/Yy593Ypg0zMxH2BxD1VPYUQ7UIw==",
+      "dev": true,
+      "dependencies": {
+        "@babel/helper-validator-identifier": "^7.22.5",
+        "chalk": "^2.0.0",
+        "js-tokens": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/parser": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.22.5.tgz",
+      "integrity": "sha512-DFZMC9LJUG9PLOclRC32G63UXwzqS2koQC8dkx+PLdmt1xSePYpbT/NbsrJy8Q/muXz7o/h/d4A7Fuyixm559Q==",
+      "dev": true,
+      "bin": {
+        "parser": "bin/babel-parser.js"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@babel/plugin-transform-modules-commonjs": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.22.5.tgz",
+      "integrity": "sha512-B4pzOXj+ONRmuaQTg05b3y/4DuFz3WcCNAXPLb2Q0GT0TrGKGxNKV4jwsXts+StaM0LQczZbOpj8o1DLPDJIiA==",
+      "dev": true,
+      "dependencies": {
+        "@babel/helper-module-transforms": "^7.22.5",
+        "@babel/helper-plugin-utils": "^7.22.5",
+        "@babel/helper-simple-access": "^7.22.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "peerDependencies": {
+        "@babel/core": "^7.0.0-0"
+      }
+    },
+    "node_modules/@babel/template": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.22.5.tgz",
+      "integrity": "sha512-X7yV7eiwAxdj9k94NEylvbVHLiVG1nvzCV2EAowhxLTwODV1jl9UzZ48leOC0sH7OnuHrIkllaBgneUykIcZaw==",
+      "dev": true,
+      "dependencies": {
+        "@babel/code-frame": "^7.22.5",
+        "@babel/parser": "^7.22.5",
+        "@babel/types": "^7.22.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/traverse": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.22.5.tgz",
+      "integrity": "sha512-7DuIjPgERaNo6r+PZwItpjCZEa5vyw4eJGufeLxrPdBXBoLcCJCIasvK6pK/9DVNrLZTLFhUGqaC6X/PA007TQ==",
+      "dev": true,
+      "dependencies": {
+        "@babel/code-frame": "^7.22.5",
+        "@babel/generator": "^7.22.5",
+        "@babel/helper-environment-visitor": "^7.22.5",
+        "@babel/helper-function-name": "^7.22.5",
+        "@babel/helper-hoist-variables": "^7.22.5",
+        "@babel/helper-split-export-declaration": "^7.22.5",
+        "@babel/parser": "^7.22.5",
+        "@babel/types": "^7.22.5",
+        "debug": "^4.1.0",
+        "globals": "^11.1.0"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/types": {
+      "version": "7.22.5",
+      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.22.5.tgz",
+      "integrity": "sha512-zo3MIHGOkPOfoRXitsgHLjEXmlDaD/5KU1Uzuc9GNiZPhSqVxVRtxuPaSBZDsYZ9qV88AjtMtWW7ww98loJ9KA==",
+      "dev": true,
+      "dependencies": {
+        "@babel/helper-string-parser": "^7.22.5",
+        "@babel/helper-validator-identifier": "^7.22.5",
+        "to-fast-properties": "^2.0.0"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@jridgewell/gen-mapping": {
+      "version": "0.3.3",
+      "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.3.tgz",
+      "integrity": "sha512-HLhSWOLRi875zjjMG/r+Nv0oCW8umGb0BgEhyX3dDX3egwZtB8PqLnjz3yedt8R5StBrzcg4aBpnh8UA9D1BoQ==",
+      "dev": true,
+      "dependencies": {
+        "@jridgewell/set-array": "^1.0.1",
+        "@jridgewell/sourcemap-codec": "^1.4.10",
+        "@jridgewell/trace-mapping": "^0.3.9"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@jridgewell/resolve-uri": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz",
+      "integrity": "sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==",
+      "dev": true,
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@jridgewell/set-array": {
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz",
+      "integrity": "sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==",
+      "dev": true,
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@jridgewell/sourcemap-codec": {
+      "version": "1.4.15",
+      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz",
+      "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==",
+      "dev": true
+    },
+    "node_modules/@jridgewell/trace-mapping": {
+      "version": "0.3.18",
+      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz",
+      "integrity": "sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA==",
+      "dev": true,
+      "dependencies": {
+        "@jridgewell/resolve-uri": "3.1.0",
+        "@jridgewell/sourcemap-codec": "1.4.14"
+      }
+    },
+    "node_modules/@jridgewell/trace-mapping/node_modules/@jridgewell/sourcemap-codec": {
+      "version": "1.4.14",
+      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz",
+      "integrity": "sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==",
+      "dev": true
+    },
+    "node_modules/@nicolo-ribaudo/chokidar-2": {
+      "version": "2.1.8-no-fsevents.3",
+      "resolved": "https://registry.npmjs.org/@nicolo-ribaudo/chokidar-2/-/chokidar-2-2.1.8-no-fsevents.3.tgz",
+      "integrity": "sha512-s88O1aVtXftvp5bCPB7WnmXc5IwOZZ7YPuwNPt+GtOOXpPvad1LfbmjYv+qII7zP6RU2QGnqve27dnLycEnyEQ==",
+      "dev": true,
+      "optional": true
+    },
+    "node_modules/@ungap/promise-all-settled": {
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/@ungap/promise-all-settled/-/promise-all-settled-1.1.2.tgz",
+      "integrity": "sha512-sL/cEvJWAnClXw0wHk85/2L0G6Sj8UB0Ctc1TEMbKSsmpRosqhwj9gWgFRZSrBr2f9tiXISwNhCPmlfqUqyb9Q==",
+      "dev": true
+    },
+    "node_modules/ansi-colors": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz",
+      "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==",
+      "dev": true,
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/ansi-regex": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz",
+      "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/ansi-styles": {
+      "version": "3.2.1",
+      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
+      "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
+      "dev": true,
+      "dependencies": {
+        "color-convert": "^1.9.0"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/anymatch": {
+      "version": "3.1.3",
+      "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz",
+      "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==",
+      "dev": true,
+      "dependencies": {
+        "normalize-path": "^3.0.0",
+        "picomatch": "^2.0.4"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/argparse": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz",
+      "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==",
+      "dev": true
+    },
+    "node_modules/balanced-match": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
+      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==",
+      "dev": true
+    },
+    "node_modules/binary-extensions": {
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.2.0.tgz",
+      "integrity": "sha512-jDctJ/IVQbZoJykoeHbhXpOlNBqGNcwXJKJog42E5HDPUwQTSdjCHdihjj0DlnheQ7blbT6dHOafNAiS8ooQKA==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/brace-expansion": {
+      "version": "1.1.11",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
+      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
+      "dev": true,
+      "dependencies": {
+        "balanced-match": "^1.0.0",
+        "concat-map": "0.0.1"
+      }
+    },
+    "node_modules/braces": {
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
+      "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
+      "dev": true,
+      "dependencies": {
+        "fill-range": "^7.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/browser-stdout": {
+      "version": "1.3.1",
+      "resolved": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.1.tgz",
+      "integrity": "sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==",
+      "dev": true
+    },
+    "node_modules/browserslist": {
+      "version": "4.21.7",
+      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.7.tgz",
+      "integrity": "sha512-BauCXrQ7I2ftSqd2mvKHGo85XR0u7Ru3C/Hxsy/0TkfCtjrmAbPdzLGasmoiBxplpDXlPvdjX9u7srIMfgasNA==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/browserslist"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "dependencies": {
+        "caniuse-lite": "^1.0.30001489",
+        "electron-to-chromium": "^1.4.411",
+        "node-releases": "^2.0.12",
+        "update-browserslist-db": "^1.0.11"
+      },
+      "bin": {
+        "browserslist": "cli.js"
+      },
+      "engines": {
+        "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7"
+      }
+    },
+    "node_modules/buffer-from": {
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz",
+      "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==",
+      "dev": true
+    },
+    "node_modules/camelcase": {
+      "version": "6.3.0",
+      "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz",
+      "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==",
+      "dev": true,
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/caniuse-lite": {
+      "version": "1.0.30001498",
+      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001498.tgz",
+      "integrity": "sha512-LFInN2zAwx3ANrGCDZ5AKKJroHqNKyjXitdV5zRIVIaQlXKj3GmxUKagoKsjqUfckpAObPCEWnk5EeMlyMWcgw==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/caniuse-lite"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ]
+    },
+    "node_modules/chalk": {
+      "version": "2.4.2",
+      "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
+      "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
+      "dev": true,
+      "dependencies": {
+        "ansi-styles": "^3.2.1",
+        "escape-string-regexp": "^1.0.5",
+        "supports-color": "^5.3.0"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/chokidar": {
+      "version": "3.5.3",
+      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.3.tgz",
+      "integrity": "sha512-Dr3sfKRP6oTcjf2JmUmFJfeVMvXBdegxB0iVQ5eb2V10uFJUCAS8OByZdVAyVb8xXNz3GjjTgj9kLWsZTqE6kw==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "individual",
+          "url": "https://paulmillr.com/funding/"
+        }
+      ],
+      "dependencies": {
+        "anymatch": "~3.1.2",
+        "braces": "~3.0.2",
+        "glob-parent": "~5.1.2",
+        "is-binary-path": "~2.1.0",
+        "is-glob": "~4.0.1",
+        "normalize-path": "~3.0.0",
+        "readdirp": "~3.6.0"
+      },
+      "engines": {
+        "node": ">= 8.10.0"
+      },
+      "optionalDependencies": {
+        "fsevents": "~2.3.2"
+      }
+    },
+    "node_modules/cliui": {
+      "version": "7.0.4",
+      "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz",
+      "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==",
+      "dev": true,
+      "dependencies": {
+        "string-width": "^4.2.0",
+        "strip-ansi": "^6.0.0",
+        "wrap-ansi": "^7.0.0"
+      }
+    },
+    "node_modules/color-convert": {
+      "version": "1.9.3",
+      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
+      "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
+      "dev": true,
+      "dependencies": {
+        "color-name": "1.1.3"
+      }
+    },
+    "node_modules/color-name": {
+      "version": "1.1.3",
+      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
+      "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==",
+      "dev": true
+    },
+    "node_modules/commander": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/commander/-/commander-4.1.1.tgz",
+      "integrity": "sha512-NOKm8xhkzAjzFx8B2v5OAHT+u5pRQc2UCa2Vq9jYL/31o2wi9mxBA7LIFs3sV5VSC49z6pEhfbMULvShKj26WA==",
+      "dev": true,
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/concat-map": {
+      "version": "0.0.1",
+      "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
+      "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==",
+      "dev": true
+    },
+    "node_modules/convert-source-map": {
+      "version": "1.9.0",
+      "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz",
+      "integrity": "sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==",
+      "dev": true
+    },
+    "node_modules/cross-env": {
+      "version": "7.0.3",
+      "resolved": "https://registry.npmjs.org/cross-env/-/cross-env-7.0.3.tgz",
+      "integrity": "sha512-+/HKd6EgcQCJGh2PSjZuUitQBQynKor4wrFbRg4DtAgS1aWO+gU52xpH7M9ScGgXSYmAVS9bIJ8EzuaGw0oNAw==",
+      "dev": true,
+      "dependencies": {
+        "cross-spawn": "^7.0.1"
+      },
+      "bin": {
+        "cross-env": "src/bin/cross-env.js",
+        "cross-env-shell": "src/bin/cross-env-shell.js"
+      },
+      "engines": {
+        "node": ">=10.14",
+        "npm": ">=6",
+        "yarn": ">=1"
+      }
+    },
+    "node_modules/cross-spawn": {
+      "version": "7.0.3",
+      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
+      "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
+      "dev": true,
+      "dependencies": {
+        "path-key": "^3.1.0",
+        "shebang-command": "^2.0.0",
+        "which": "^2.0.1"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/debug": {
+      "version": "4.3.4",
+      "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz",
+      "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==",
+      "dev": true,
+      "dependencies": {
+        "ms": "2.1.2"
+      },
+      "engines": {
+        "node": ">=6.0"
+      },
+      "peerDependenciesMeta": {
+        "supports-color": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/decamelize": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-4.0.0.tgz",
+      "integrity": "sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/diff": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/diff/-/diff-5.0.0.tgz",
+      "integrity": "sha512-/VTCrvm5Z0JGty/BWHljh+BAiw3IK+2j87NGMu8Nwc/f48WoDAC395uomO9ZD117ZOBaHmkX1oyLvkVM/aIT3w==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.3.1"
+      }
+    },
+    "node_modules/electron-to-chromium": {
+      "version": "1.4.427",
+      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.427.tgz",
+      "integrity": "sha512-HK3r9l+Jm8dYAm1ctXEWIC+hV60zfcjS9UA5BDlYvnI5S7PU/yytjpvSrTNrSSRRkuu3tDyZhdkwIczh+0DWaw==",
+      "dev": true
+    },
+    "node_modules/emoji-regex": {
+      "version": "8.0.0",
+      "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
+      "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==",
+      "dev": true
+    },
+    "node_modules/escalade": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz",
+      "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==",
+      "dev": true,
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/escape-string-regexp": {
+      "version": "1.0.5",
+      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
+      "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.8.0"
+      }
+    },
+    "node_modules/fill-range": {
+      "version": "7.0.1",
+      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
+      "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
+      "dev": true,
+      "dependencies": {
+        "to-regex-range": "^5.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/find-up": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz",
+      "integrity": "sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==",
+      "dev": true,
+      "dependencies": {
+        "locate-path": "^6.0.0",
+        "path-exists": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/flat": {
+      "version": "5.0.2",
+      "resolved": "https://registry.npmjs.org/flat/-/flat-5.0.2.tgz",
+      "integrity": "sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ==",
+      "dev": true,
+      "bin": {
+        "flat": "cli.js"
+      }
+    },
+    "node_modules/fs-readdir-recursive": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/fs-readdir-recursive/-/fs-readdir-recursive-1.1.0.tgz",
+      "integrity": "sha512-GNanXlVr2pf02+sPN40XN8HG+ePaNcvM0q5mZBd668Obwb0yD5GiUbZOFgwn8kGMY6I3mdyDJzieUy3PTYyTRA==",
+      "dev": true
+    },
+    "node_modules/fs.realpath": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
+      "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==",
+      "dev": true
+    },
+    "node_modules/fsevents": {
+      "version": "2.3.2",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
+      "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
+      "dev": true,
+      "hasInstallScript": true,
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
+    "node_modules/gensync": {
+      "version": "1.0.0-beta.2",
+      "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz",
+      "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==",
+      "dev": true,
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/get-caller-file": {
+      "version": "2.0.5",
+      "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz",
+      "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==",
+      "dev": true,
+      "engines": {
+        "node": "6.* || 8.* || >= 10.*"
+      }
+    },
+    "node_modules/glob": {
+      "version": "7.2.3",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
+      "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
+      "dev": true,
+      "dependencies": {
+        "fs.realpath": "^1.0.0",
+        "inflight": "^1.0.4",
+        "inherits": "2",
+        "minimatch": "^3.1.1",
+        "once": "^1.3.0",
+        "path-is-absolute": "^1.0.0"
+      },
+      "engines": {
+        "node": "*"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/glob-parent": {
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+      "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
+      "dev": true,
+      "dependencies": {
+        "is-glob": "^4.0.1"
+      },
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/globals": {
+      "version": "11.12.0",
+      "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz",
+      "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==",
+      "dev": true,
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/growl": {
+      "version": "1.10.5",
+      "resolved": "https://registry.npmjs.org/growl/-/growl-1.10.5.tgz",
+      "integrity": "sha512-qBr4OuELkhPenW6goKVXiv47US3clb3/IbuWF9KNKEijAy9oeHxU9IgzjvJhHkUzhaj7rOUD7+YGWqUjLp5oSA==",
+      "dev": true,
+      "engines": {
+        "node": ">=4.x"
+      }
+    },
+    "node_modules/has-flag": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
+      "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==",
+      "dev": true,
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/he": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/he/-/he-1.2.0.tgz",
+      "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==",
+      "dev": true,
+      "bin": {
+        "he": "bin/he"
+      }
+    },
+    "node_modules/inflight": {
+      "version": "1.0.6",
+      "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz",
+      "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==",
+      "dev": true,
+      "dependencies": {
+        "once": "^1.3.0",
+        "wrappy": "1"
+      }
+    },
+    "node_modules/inherits": {
+      "version": "2.0.4",
+      "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
+      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==",
+      "dev": true
+    },
+    "node_modules/is-binary-path": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz",
+      "integrity": "sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==",
+      "dev": true,
+      "dependencies": {
+        "binary-extensions": "^2.0.0"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/is-extglob": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz",
+      "integrity": "sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/is-fullwidth-code-point": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz",
+      "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/is-glob": {
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz",
+      "integrity": "sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==",
+      "dev": true,
+      "dependencies": {
+        "is-extglob": "^2.1.1"
+      },
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/is-number": {
+      "version": "7.0.0",
+      "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz",
+      "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.12.0"
+      }
+    },
+    "node_modules/is-plain-obj": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-2.1.0.tgz",
+      "integrity": "sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/is-unicode-supported": {
+      "version": "0.1.0",
+      "resolved": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-0.1.0.tgz",
+      "integrity": "sha512-knxG2q4UC3u8stRGyAVJCOdxFmv5DZiRcdlIaAQXAbSfJya+OhopNotLQrstBhququ4ZpuKbDc/8S6mgXgPFPw==",
+      "dev": true,
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/isexe": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz",
+      "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==",
+      "dev": true
+    },
+    "node_modules/js-tokens": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
+      "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==",
+      "dev": true
+    },
+    "node_modules/js-yaml": {
+      "version": "4.1.0",
+      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz",
+      "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==",
+      "dev": true,
+      "dependencies": {
+        "argparse": "^2.0.1"
+      },
+      "bin": {
+        "js-yaml": "bin/js-yaml.js"
+      }
+    },
+    "node_modules/jsesc": {
+      "version": "2.5.2",
+      "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz",
+      "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==",
+      "dev": true,
+      "bin": {
+        "jsesc": "bin/jsesc"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/json5": {
+      "version": "2.2.3",
+      "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
+      "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==",
+      "dev": true,
+      "bin": {
+        "json5": "lib/cli.js"
+      },
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/kleur": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/kleur/-/kleur-2.0.2.tgz",
+      "integrity": "sha512-77XF9iTllATmG9lSlIv0qdQ2BQ/h9t0bJllHlbvsQ0zUWfU7Yi0S8L5JXzPZgkefIiajLmBJJ4BsMJmqcf7oxQ==",
+      "deprecated": "Please upgrade to kleur@3 or migrate to 'ansi-colors' if you prefer the old syntax. Visit <https://github.com/lukeed/kleur/releases/tag/v3.0.0\\> for migration path(s).",
+      "dev": true,
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/locate-path": {
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz",
+      "integrity": "sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==",
+      "dev": true,
+      "dependencies": {
+        "p-locate": "^5.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/log-symbols": {
+      "version": "4.1.0",
+      "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-4.1.0.tgz",
+      "integrity": "sha512-8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg==",
+      "dev": true,
+      "dependencies": {
+        "chalk": "^4.1.0",
+        "is-unicode-supported": "^0.1.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/log-symbols/node_modules/ansi-styles": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
+      "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
+      "dev": true,
+      "dependencies": {
+        "color-convert": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/ansi-styles?sponsor=1"
+      }
+    },
+    "node_modules/log-symbols/node_modules/chalk": {
+      "version": "4.1.2",
+      "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz",
+      "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==",
+      "dev": true,
+      "dependencies": {
+        "ansi-styles": "^4.1.0",
+        "supports-color": "^7.1.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/chalk?sponsor=1"
+      }
+    },
+    "node_modules/log-symbols/node_modules/color-convert": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
+      "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
+      "dev": true,
+      "dependencies": {
+        "color-name": "~1.1.4"
+      },
+      "engines": {
+        "node": ">=7.0.0"
+      }
+    },
+    "node_modules/log-symbols/node_modules/color-name": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
+      "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==",
+      "dev": true
+    },
+    "node_modules/log-symbols/node_modules/has-flag": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz",
+      "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/log-symbols/node_modules/supports-color": {
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz",
+      "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==",
+      "dev": true,
+      "dependencies": {
+        "has-flag": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/lru-cache": {
+      "version": "5.1.1",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz",
+      "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==",
+      "dev": true,
+      "dependencies": {
+        "yallist": "^3.0.2"
+      }
+    },
+    "node_modules/make-dir": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-2.1.0.tgz",
+      "integrity": "sha512-LS9X+dc8KLxXCb8dni79fLIIUA5VyZoyjSMCwTluaXA0o27cCK0bhXkpgw+sTXVpPy/lSO57ilRixqk0vDmtRA==",
+      "dev": true,
+      "dependencies": {
+        "pify": "^4.0.1",
+        "semver": "^5.6.0"
+      },
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/make-dir/node_modules/semver": {
+      "version": "5.7.1",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
+      "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==",
+      "dev": true,
+      "bin": {
+        "semver": "bin/semver"
+      }
+    },
+    "node_modules/minimatch": {
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
+      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+      "dev": true,
+      "dependencies": {
+        "brace-expansion": "^1.1.7"
+      },
+      "engines": {
+        "node": "*"
+      }
+    },
+    "node_modules/mocha": {
+      "version": "9.2.2",
+      "resolved": "https://registry.npmjs.org/mocha/-/mocha-9.2.2.tgz",
+      "integrity": "sha512-L6XC3EdwT6YrIk0yXpavvLkn8h+EU+Y5UcCHKECyMbdUIxyMuZj4bX4U9e1nvnvUUvQVsV2VHQr5zLdcUkhW/g==",
+      "dev": true,
+      "dependencies": {
+        "@ungap/promise-all-settled": "1.1.2",
+        "ansi-colors": "4.1.1",
+        "browser-stdout": "1.3.1",
+        "chokidar": "3.5.3",
+        "debug": "4.3.3",
+        "diff": "5.0.0",
+        "escape-string-regexp": "4.0.0",
+        "find-up": "5.0.0",
+        "glob": "7.2.0",
+        "growl": "1.10.5",
+        "he": "1.2.0",
+        "js-yaml": "4.1.0",
+        "log-symbols": "4.1.0",
+        "minimatch": "4.2.1",
+        "ms": "2.1.3",
+        "nanoid": "3.3.1",
+        "serialize-javascript": "6.0.0",
+        "strip-json-comments": "3.1.1",
+        "supports-color": "8.1.1",
+        "which": "2.0.2",
+        "workerpool": "6.2.0",
+        "yargs": "16.2.0",
+        "yargs-parser": "20.2.4",
+        "yargs-unparser": "2.0.0"
+      },
+      "bin": {
+        "_mocha": "bin/_mocha",
+        "mocha": "bin/mocha"
+      },
+      "engines": {
+        "node": ">= 12.0.0"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/mochajs"
+      }
+    },
+    "node_modules/mocha/node_modules/debug": {
+      "version": "4.3.3",
+      "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.3.tgz",
+      "integrity": "sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q==",
+      "dev": true,
+      "dependencies": {
+        "ms": "2.1.2"
+      },
+      "engines": {
+        "node": ">=6.0"
+      },
+      "peerDependenciesMeta": {
+        "supports-color": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/mocha/node_modules/debug/node_modules/ms": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
+      "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
+      "dev": true
+    },
+    "node_modules/mocha/node_modules/escape-string-regexp": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz",
+      "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==",
+      "dev": true,
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/mocha/node_modules/glob": {
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz",
+      "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==",
+      "dev": true,
+      "dependencies": {
+        "fs.realpath": "^1.0.0",
+        "inflight": "^1.0.4",
+        "inherits": "2",
+        "minimatch": "^3.0.4",
+        "once": "^1.3.0",
+        "path-is-absolute": "^1.0.0"
+      },
+      "engines": {
+        "node": "*"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/mocha/node_modules/glob/node_modules/minimatch": {
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
+      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+      "dev": true,
+      "dependencies": {
+        "brace-expansion": "^1.1.7"
+      },
+      "engines": {
+        "node": "*"
+      }
+    },
+    "node_modules/mocha/node_modules/has-flag": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz",
+      "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/mocha/node_modules/minimatch": {
+      "version": "4.2.1",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-4.2.1.tgz",
+      "integrity": "sha512-9Uq1ChtSZO+Mxa/CL1eGizn2vRn3MlLgzhT0Iz8zaY8NdvxvB0d5QdPFmCKf7JKA9Lerx5vRrnwO03jsSfGG9g==",
+      "dev": true,
+      "dependencies": {
+        "brace-expansion": "^1.1.7"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/mocha/node_modules/ms": {
+      "version": "2.1.3",
+      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
+      "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
+      "dev": true
+    },
+    "node_modules/mocha/node_modules/supports-color": {
+      "version": "8.1.1",
+      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz",
+      "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==",
+      "dev": true,
+      "dependencies": {
+        "has-flag": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/supports-color?sponsor=1"
+      }
+    },
+    "node_modules/ms": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
+      "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
+      "dev": true
+    },
+    "node_modules/nanoid": {
+      "version": "3.3.1",
+      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.1.tgz",
+      "integrity": "sha512-n6Vs/3KGyxPQd6uO0eH4Bv0ojGSUvuLlIHtC3Y0kEO23YRge8H9x1GCzLn28YX0H66pMkxuaeESFq4tKISKwdw==",
+      "dev": true,
+      "bin": {
+        "nanoid": "bin/nanoid.cjs"
+      },
+      "engines": {
+        "node": "^10 || ^12 || ^13.7 || ^14 || >=15.0.1"
+      }
+    },
+    "node_modules/node-releases": {
+      "version": "2.0.12",
+      "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.12.tgz",
+      "integrity": "sha512-QzsYKWhXTWx8h1kIvqfnC++o0pEmpRQA/aenALsL2F4pqNVr7YzcdMlDij5WBnwftRbJCNJL/O7zdKaxKPHqgQ==",
+      "dev": true
+    },
+    "node_modules/normalize-path": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
+      "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/once": {
+      "version": "1.4.0",
+      "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
+      "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==",
+      "dev": true,
+      "dependencies": {
+        "wrappy": "1"
+      }
+    },
+    "node_modules/p-limit": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz",
+      "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==",
+      "dev": true,
+      "dependencies": {
+        "yocto-queue": "^0.1.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/p-locate": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz",
+      "integrity": "sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==",
+      "dev": true,
+      "dependencies": {
+        "p-limit": "^3.0.2"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/path-exists": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz",
+      "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/path-is-absolute": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
+      "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/path-key": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz",
+      "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/picocolors": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz",
+      "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==",
+      "dev": true
+    },
+    "node_modules/picomatch": {
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
+      "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+      "dev": true,
+      "engines": {
+        "node": ">=8.6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
+    "node_modules/pify": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/pify/-/pify-4.0.1.tgz",
+      "integrity": "sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==",
+      "dev": true,
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/randombytes": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz",
+      "integrity": "sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==",
+      "dev": true,
+      "dependencies": {
+        "safe-buffer": "^5.1.0"
+      }
+    },
+    "node_modules/readdirp": {
+      "version": "3.6.0",
+      "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz",
+      "integrity": "sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==",
+      "dev": true,
+      "dependencies": {
+        "picomatch": "^2.2.1"
+      },
+      "engines": {
+        "node": ">=8.10.0"
+      }
+    },
+    "node_modules/require-directory": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz",
+      "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/safe-buffer": {
+      "version": "5.2.1",
+      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+      "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/feross"
+        },
+        {
+          "type": "patreon",
+          "url": "https://www.patreon.com/feross"
+        },
+        {
+          "type": "consulting",
+          "url": "https://feross.org/support"
+        }
+      ]
+    },
+    "node_modules/semver": {
+      "version": "6.3.0",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz",
+      "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==",
+      "dev": true,
+      "bin": {
+        "semver": "bin/semver.js"
+      }
+    },
+    "node_modules/serialize-javascript": {
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.0.tgz",
+      "integrity": "sha512-Qr3TosvguFt8ePWqsvRfrKyQXIiW+nGbYpy8XK24NQHE83caxWt+mIymTT19DGFbNWNLfEwsrkSmN64lVWB9ag==",
+      "dev": true,
+      "dependencies": {
+        "randombytes": "^2.1.0"
+      }
+    },
+    "node_modules/shebang-command": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz",
+      "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==",
+      "dev": true,
+      "dependencies": {
+        "shebang-regex": "^3.0.0"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/shebang-regex": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz",
+      "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/slash": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/slash/-/slash-2.0.0.tgz",
+      "integrity": "sha512-ZYKh3Wh2z1PpEXWr0MpSBZ0V6mZHAQfYevttO11c51CaWjGTaadiKZ+wVt1PbMlDV5qhMFslpZCemhwOK7C89A==",
+      "dev": true,
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/source-map": {
+      "version": "0.6.1",
+      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+      "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/source-map-support": {
+      "version": "0.5.21",
+      "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.21.tgz",
+      "integrity": "sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w==",
+      "dev": true,
+      "dependencies": {
+        "buffer-from": "^1.0.0",
+        "source-map": "^0.6.0"
+      }
+    },
+    "node_modules/string-width": {
+      "version": "4.2.3",
+      "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz",
+      "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==",
+      "dev": true,
+      "dependencies": {
+        "emoji-regex": "^8.0.0",
+        "is-fullwidth-code-point": "^3.0.0",
+        "strip-ansi": "^6.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/strip-ansi": {
+      "version": "6.0.1",
+      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
+      "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
+      "dev": true,
+      "dependencies": {
+        "ansi-regex": "^5.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/strip-json-comments": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz",
+      "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/supports-color": {
+      "version": "5.5.0",
+      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
+      "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
+      "dev": true,
+      "dependencies": {
+        "has-flag": "^3.0.0"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/terser": {
+      "version": "4.8.1",
+      "resolved": "https://registry.npmjs.org/terser/-/terser-4.8.1.tgz",
+      "integrity": "sha512-4GnLC0x667eJG0ewJTa6z/yXrbLGv80D9Ru6HIpCQmO+Q4PfEtBFi0ObSckqwL6VyQv/7ENJieXHo2ANmdQwgw==",
+      "dev": true,
+      "dependencies": {
+        "commander": "^2.20.0",
+        "source-map": "~0.6.1",
+        "source-map-support": "~0.5.12"
+      },
+      "bin": {
+        "terser": "bin/terser"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/terser/node_modules/commander": {
+      "version": "2.20.3",
+      "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz",
+      "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==",
+      "dev": true
+    },
+    "node_modules/to-fast-properties": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz",
+      "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==",
+      "dev": true,
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/to-regex-range": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
+      "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
+      "dev": true,
+      "dependencies": {
+        "is-number": "^7.0.0"
+      },
+      "engines": {
+        "node": ">=8.0"
+      }
+    },
+    "node_modules/update-browserslist-db": {
+      "version": "1.0.11",
+      "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz",
+      "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/browserslist"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "dependencies": {
+        "escalade": "^3.1.1",
+        "picocolors": "^1.0.0"
+      },
+      "bin": {
+        "update-browserslist-db": "cli.js"
+      },
+      "peerDependencies": {
+        "browserslist": ">= 4.21.0"
+      }
+    },
+    "node_modules/which": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz",
+      "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==",
+      "dev": true,
+      "dependencies": {
+        "isexe": "^2.0.0"
+      },
+      "bin": {
+        "node-which": "bin/node-which"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/workerpool": {
+      "version": "6.2.0",
+      "resolved": "https://registry.npmjs.org/workerpool/-/workerpool-6.2.0.tgz",
+      "integrity": "sha512-Rsk5qQHJ9eowMH28Jwhe8HEbmdYDX4lwoMWshiCXugjtHqMD9ZbiqSDLxcsfdqsETPzVUtX5s1Z5kStiIM6l4A==",
+      "dev": true
+    },
+    "node_modules/wrap-ansi": {
+      "version": "7.0.0",
+      "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz",
+      "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==",
+      "dev": true,
+      "dependencies": {
+        "ansi-styles": "^4.0.0",
+        "string-width": "^4.1.0",
+        "strip-ansi": "^6.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/wrap-ansi?sponsor=1"
+      }
+    },
+    "node_modules/wrap-ansi/node_modules/ansi-styles": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
+      "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
+      "dev": true,
+      "dependencies": {
+        "color-convert": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/ansi-styles?sponsor=1"
+      }
+    },
+    "node_modules/wrap-ansi/node_modules/color-convert": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
+      "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
+      "dev": true,
+      "dependencies": {
+        "color-name": "~1.1.4"
+      },
+      "engines": {
+        "node": ">=7.0.0"
+      }
+    },
+    "node_modules/wrap-ansi/node_modules/color-name": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
+      "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==",
+      "dev": true
+    },
+    "node_modules/wrappy": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
+      "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==",
+      "dev": true
+    },
+    "node_modules/y18n": {
+      "version": "5.0.8",
+      "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz",
+      "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==",
+      "dev": true,
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/yallist": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
+      "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==",
+      "dev": true
+    },
+    "node_modules/yargs": {
+      "version": "16.2.0",
+      "resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz",
+      "integrity": "sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==",
+      "dev": true,
+      "dependencies": {
+        "cliui": "^7.0.2",
+        "escalade": "^3.1.1",
+        "get-caller-file": "^2.0.5",
+        "require-directory": "^2.1.1",
+        "string-width": "^4.2.0",
+        "y18n": "^5.0.5",
+        "yargs-parser": "^20.2.2"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/yargs-parser": {
+      "version": "20.2.4",
+      "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.4.tgz",
+      "integrity": "sha512-WOkpgNhPTlE73h4VFAFsOnomJVaovO8VqLDzy5saChRBFQFBoMYirowyW+Q9HB4HFF4Z7VZTiG3iSzJJA29yRA==",
+      "dev": true,
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/yargs-unparser": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/yargs-unparser/-/yargs-unparser-2.0.0.tgz",
+      "integrity": "sha512-7pRTIA9Qc1caZ0bZ6RYRGbHJthJWuakf+WmHK0rVeLkNrrGhfoabBNdue6kdINI6r4if7ocq9aD/n7xwKOdzOA==",
+      "dev": true,
+      "dependencies": {
+        "camelcase": "^6.0.0",
+        "decamelize": "^4.0.0",
+        "flat": "^5.0.2",
+        "is-plain-obj": "^2.1.0"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/yocto-queue": {
+      "version": "0.1.0",
+      "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz",
+      "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==",
+      "dev": true,
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    }
+  }
+}
diff --git a/deps/cjs-module-lexer/package.json b/deps/cjs-module-lexer/src/package.json
old mode 100644
new mode 100755
similarity index 95%
rename from deps/cjs-module-lexer/package.json
rename to deps/cjs-module-lexer/src/package.json
index 6b9a771168ec21..d59353db6da501
--- a/deps/cjs-module-lexer/package.json
+++ b/deps/cjs-module-lexer/src/package.json
@@ -1,48 +1,48 @@
-{
-  "name": "cjs-module-lexer",
-  "version": "1.4.1",
-  "description": "Lexes CommonJS modules, returning their named exports metadata",
-  "main": "lexer.js",
-  "exports": {
-    "import": {
-      "types": "./lexer.d.mts",
-      "default": "./dist/lexer.mjs"
-    },
-    "default": "./lexer.js"
-  },
-  "types": "lexer.d.ts",
-  "scripts": {
-    "test-js": "mocha -b -u tdd test/*.js",
-    "test-wasm": "cross-env WASM=1 mocha -b -u tdd test/*.js",
-    "test-wasm-sync": "cross-env WASM_SYNC=1 mocha -b -u tdd test/*.js",
-    "test": "npm run test-wasm ; npm run test-wasm-sync ; npm run test-js",
-    "bench": "node --expose-gc bench/index.mjs",
-    "build": "node build.js ; babel dist/lexer.mjs -o dist/lexer.js ; terser dist/lexer.js -o dist/lexer.js",
-    "build-wasm": "make lib/lexer.wasm ; node build.js",
-    "prepublishOnly": "make && npm run build",
-    "footprint": "npm run build && cat dist/lexer.js | gzip -9f | wc -c"
-  },
-  "author": "Guy Bedford",
-  "license": "MIT",
-  "devDependencies": {
-    "@babel/cli": "^7.5.5",
-    "@babel/core": "^7.5.5",
-    "@babel/plugin-transform-modules-commonjs": "^7.5.0",
-    "cross-env": "^7.0.3",
-    "kleur": "^2.0.2",
-    "mocha": "^9.1.3",
-    "terser": "^4.1.4"
-  },
-  "files": [
-    "dist",
-    "lexer.d.ts"
-  ],
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/nodejs/cjs-module-lexer.git"
-  },
-  "bugs": {
-    "url": "https://github.com/nodejs/cjs-module-lexer/issues"
-  },
-  "homepage": "https://github.com/nodejs/cjs-module-lexer#readme"
-}
+{
+  "name": "cjs-module-lexer",
+  "version": "2.0.0",
+  "description": "Lexes CommonJS modules, returning their named exports metadata",
+  "main": "lexer.js",
+  "exports": {
+    "import": {
+      "types": "./lexer.d.mts",
+      "default": "./dist/lexer.mjs"
+    },
+    "default": "./lexer.js"
+  },
+  "types": "lexer.d.ts",
+  "scripts": {
+    "test-js": "mocha -b -u tdd test/*.js",
+    "test-wasm": "cross-env WASM=1 mocha -b -u tdd test/*.js",
+    "test-wasm-sync": "cross-env WASM_SYNC=1 mocha -b -u tdd test/*.js",
+    "test": "npm run test-wasm ; npm run test-wasm-sync ; npm run test-js",
+    "bench": "node --expose-gc bench/index.mjs",
+    "build": "node build.js ; babel dist/lexer.mjs -o dist/lexer.js ; terser dist/lexer.js -o dist/lexer.js",
+    "build-wasm": "make lib/lexer.wasm ; node build.js",
+    "prepublishOnly": "make && npm run build",
+    "footprint": "npm run build && cat dist/lexer.js | gzip -9f | wc -c"
+  },
+  "author": "Guy Bedford",
+  "license": "MIT",
+  "devDependencies": {
+    "@babel/cli": "^7.5.5",
+    "@babel/core": "^7.5.5",
+    "@babel/plugin-transform-modules-commonjs": "^7.5.0",
+    "cross-env": "^7.0.3",
+    "kleur": "^2.0.2",
+    "mocha": "^9.1.3",
+    "terser": "^4.1.4"
+  },
+  "files": [
+    "dist",
+    "lexer.d.ts"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/nodejs/cjs-module-lexer.git"
+  },
+  "bugs": {
+    "url": "https://github.com/nodejs/cjs-module-lexer/issues"
+  },
+  "homepage": "https://github.com/nodejs/cjs-module-lexer#readme"
+}
diff --git a/deps/cjs-module-lexer/src/src/lexer.c b/deps/cjs-module-lexer/src/src/lexer.c
new file mode 100755
index 00000000000000..78c6849f9c9f55
--- /dev/null
+++ b/deps/cjs-module-lexer/src/src/lexer.c
@@ -0,0 +1,1516 @@
+#include "cjs-module-lexer.h"
+
+const uint16_t* STANDARD_IMPORT = (uint16_t*)0x1;
+const uint16_t* IMPORT_META = (uint16_t*)0x2;
+const uint16_t __empty_char = '\0';
+const uint16_t* EMPTY_CHAR = &__empty_char;
+// tracked depth of template and brackets
+#define STACK_DEPTH 2048
+// tracked number of star exports
+#define MAX_STAR_EXPORTS 256
+const uint16_t* source;
+
+bool lastSlashWasDivision;
+uint16_t templateStackDepth;
+uint16_t openTokenDepth;
+uint16_t templateDepth;
+uint16_t braceDepth;
+uint16_t* lastTokenPos;
+uint16_t* pos;
+uint16_t* end;
+uint16_t* templateStack;
+uint16_t** openTokenPosStack;
+StarExportBinding* starExportStack;
+bool nextBraceIsClass;
+
+uint16_t* lastReexportStart;
+uint16_t* lastReexportEnd;
+
+// Memory Structure:
+// -> source
+// -> analysis starts after source
+uint32_t parse_error;
+uint32_t error = 0;
+uint32_t sourceLen;
+
+uint16_t templateStack_[STACK_DEPTH];
+uint16_t* openTokenPosStack_[STACK_DEPTH];
+bool openClassPosStack[STACK_DEPTH];
+StarExportBinding starExportStack_[MAX_STAR_EXPORTS];
+const StarExportBinding* STAR_EXPORT_STACK_END = &starExportStack_[MAX_STAR_EXPORTS - 1];
+
+void (*addExport)(const uint16_t*, const uint16_t*);
+void (*addReexport)(const uint16_t*, const uint16_t*);
+void (*addUnsafeGetter)(const uint16_t*, const uint16_t*);
+void (*clearReexports)();
+
+// Note: parsing is based on the _assumption_ that the source is already valid
+uint32_t parseCJS (uint16_t* _source, uint32_t _sourceLen, void (*_addExport)(const uint16_t*, const uint16_t*), void (*_addReexport)(const uint16_t*, const uint16_t*), void (*_addUnsafeGetter)(const uint16_t*, const uint16_t*), void (*_clearReexports)()) {
+  source = _source;
+  sourceLen = _sourceLen;
+  if (_addExport)
+    addExport = _addExport;
+  if (_addReexport)
+    addReexport = _addReexport;
+  if (_addUnsafeGetter)
+    addUnsafeGetter = _addUnsafeGetter;
+
+  templateStackDepth = 0;
+  openTokenDepth = 0;
+  templateDepth = UINT16_MAX;
+  lastTokenPos = (uint16_t*)EMPTY_CHAR;
+  lastSlashWasDivision = false;
+  parse_error = 0;
+  error = 0;
+  templateStack = &templateStack_[0];
+  openTokenPosStack = &openTokenPosStack_[0];
+  starExportStack = &starExportStack_[0];
+  nextBraceIsClass = false;
+
+  pos = (uint16_t*)(source - 1);
+  uint16_t ch = '\0';
+  end = pos + sourceLen;
+
+  // Handle #!
+  if (*source == '#' && *(source + 1) == '!') {
+    if (sourceLen == 2)
+      return 0;
+    pos += 2;
+    while (pos++ < end) {
+      ch = *pos;
+      if (ch == '\n' || ch == '\r')
+        break;
+    }
+  }
+
+  while (pos++ < end) {
+    ch = *pos;
+
+    if (ch == 32 || ch < 14 && ch > 8)
+      continue;
+
+    if (openTokenDepth == 0) {
+      switch (ch) {
+        case 'i':
+          if (str_eq5(pos + 1, 'm', 'p', 'o', 'r', 't') && keywordStart(pos))
+            throwIfImportStatement();
+          lastTokenPos = pos;
+          continue;
+        case 'r': {
+          uint16_t* startPos = pos;
+          if (tryParseRequire(Import) && keywordStart(startPos))
+            tryBacktrackAddStarExportBinding(startPos - 1);
+          lastTokenPos = pos;
+          continue;
+        }
+        case '_':
+          if (str_eq22(pos + 1, 'i', 'n', 't', 'e', 'r', 'o', 'p', 'R', 'e', 'q', 'u', 'i', 'r', 'e', 'W', 'i', 'l', 'd', 'c', 'a', 'r', 'd') && (keywordStart(pos) || *(pos - 1) == '.')) {
+            uint16_t* startPos = pos;
+            pos += 23;
+            if (*pos == '(') {
+              pos++;
+              openTokenPosStack[openTokenDepth++] = lastTokenPos;
+              if (tryParseRequire(Import) && keywordStart(startPos))
+                tryBacktrackAddStarExportBinding(startPos - 1);
+            }
+          }
+          else if (str_eq7(pos + 1, '_', 'e', 'x', 'p', 'o', 'r', 't') && (keywordStart(pos) || *(pos - 1) == '.')) {
+            pos += 8;
+            if (str_eq4(pos, 'S', 't', 'a', 'r'))
+              pos += 4;
+            if (*pos == '(') {
+              openTokenPosStack[openTokenDepth++] = lastTokenPos;
+              if (*(++pos) == 'r')
+                tryParseRequire(ExportStar);
+            }
+          }
+          lastTokenPos = pos;
+          continue;
+      }
+    }
+
+    switch (ch) {
+      case 'e':
+        if (str_eq5(pos + 1, 'x', 'p', 'o', 'r', 't') && keywordStart(pos)) {
+          if (*(pos + 6) == 's')
+            tryParseExportsDotAssign(false);
+          else if (openTokenDepth == 0)
+            throwIfExportStatement();
+        }
+        break;
+      case 'c':
+        if (keywordStart(pos) && str_eq4(pos + 1, 'l', 'a', 's', 's') && isBrOrWs(*(pos + 5)))
+          nextBraceIsClass = true;
+        break;
+      case 'm':
+        if (str_eq5(pos + 1, 'o', 'd', 'u', 'l', 'e') && keywordStart(pos))
+          tryParseModuleExportsDotAssign();
+        break;
+      case 'O':
+        if (str_eq5(pos + 1, 'b', 'j', 'e', 'c', 't') && keywordStart(pos))
+          tryParseObjectDefineOrKeys(openTokenDepth == 0);
+        break;
+      case '(':
+        openTokenPosStack[openTokenDepth++] = lastTokenPos;
+        break;
+      case ')':
+        if (openTokenDepth == 0)
+          return syntaxError(8), error;
+        openTokenDepth--;
+        break;
+      case '{':
+        openClassPosStack[openTokenDepth] = nextBraceIsClass;
+        nextBraceIsClass = false;
+        openTokenPosStack[openTokenDepth++] = lastTokenPos;
+        break;
+      case '}':
+        if (openTokenDepth == 0)
+          return syntaxError(2), false;
+        if (openTokenDepth-- == templateDepth) {
+          templateDepth = templateStack[--templateStackDepth];
+          templateString();
+        }
+        else {
+          if (templateDepth != UINT16_MAX && openTokenDepth < templateDepth)
+            return syntaxError(3), error;
+        }
+        break;
+      case '<':
+        // TODO: <!-- XML comment support
+        break;
+      case '\'':
+      case '"':
+        stringLiteral(ch);
+        break;
+      case '/': {
+        uint16_t next_ch = *(pos + 1);
+        if (next_ch == '/') {
+          lineComment();
+          // dont update lastToken
+          continue;
+        }
+        else if (next_ch == '*') {
+          blockComment();
+          // dont update lastToken
+          continue;
+        }
+        else {
+          // Division / regex ambiguity handling based on checking backtrack analysis of:
+          // - what token came previously (lastToken)
+          // - if a closing brace or paren, what token came before the corresponding
+          //   opening brace or paren (lastOpenTokenIndex)
+          uint16_t lastToken = *lastTokenPos;
+          if (isExpressionPunctuator(lastToken) &&
+              !(lastToken == '.' && (*(lastTokenPos - 1) >= '0' && *(lastTokenPos - 1) <= '9')) &&
+              !(lastToken == '+' && *(lastTokenPos - 1) == '+') && !(lastToken == '-' && *(lastTokenPos - 1) == '-') ||
+              lastToken == ')' && isParenKeyword(openTokenPosStack[openTokenDepth]) ||
+              lastToken == '}' && (isExpressionTerminator(openTokenPosStack[openTokenDepth]) || openClassPosStack[openTokenDepth]) ||
+              lastToken == '/' && lastSlashWasDivision ||
+              isExpressionKeyword(lastTokenPos) ||
+              !lastToken) {
+            regularExpression();
+            lastSlashWasDivision = false;
+          }
+          else {
+            lastSlashWasDivision = true;
+          }
+        }
+        break;
+      }
+      case '`':
+        if (templateDepth == UINT16_MAX - 1)
+          return syntaxError(4), error;
+        templateString();
+        break;
+    }
+    lastTokenPos = pos;
+  }
+
+  if (templateDepth != UINT16_MAX || openTokenDepth || error)
+    return error;
+
+  // success
+  return 0;
+}
+
+void tryBacktrackAddStarExportBinding (uint16_t* bPos) {
+  while (*bPos == ' ' && bPos > source)
+    bPos--;
+  if (*bPos == '=') {
+    bPos--;
+    while (*bPos == ' ' && bPos > source)
+      bPos--;
+    uint32_t charCode;
+    uint16_t* id_end = bPos;
+    bool identifierStart = false;
+    while ((charCode = fullCharCodeAtLast(bPos)) && bPos > source) {
+      if (charCode == '\\')
+        return;
+      if (!isIdentifierChar(charCode))
+        break;
+      identifierStart = isIdentifierStart(charCode);
+      bPos -= charCodeByteLen(charCode);
+    }
+    if (identifierStart && *bPos == ' ') {
+      // gracefully overflow if there are too many star export bindings to track
+      if (starExportStack == STAR_EXPORT_STACK_END)
+        return;
+      starExportStack->id_start = bPos + 1;
+      starExportStack->id_end = id_end + 1;
+      while (*bPos == ' ' && bPos > source)
+        bPos--;
+      switch (*bPos) {
+        case 'r':
+          if (!readPrecedingKeyword2(bPos - 1, 'v', 'a'))
+            return;
+          break;
+        case 't':
+          if (!readPrecedingKeyword2(bPos - 1, 'l', 'e') && !readPrecedingKeyword4(bPos - 1, 'c', 'o', 'n', 's'))
+            return;
+          break;
+        default: return;
+      }
+      starExportStack++;
+    }
+  }
+}
+
+bool tryParseObjectHasOwnProperty (uint16_t* it_id_start, ptrdiff_t it_id_len) {
+  uint16_t ch = commentWhitespace();
+  if (ch != 'O' || !str_eq5(pos + 1, 'b', 'j', 'e', 'c', 't')) return false;
+  pos += 6;
+  ch = commentWhitespace();
+  if (ch != '.') return false;
+  pos++;
+  ch = commentWhitespace();
+  if (ch == 'p') {
+    if (!str_eq8(pos + 1, 'r', 'o', 't', 'o', 't', 'y', 'p', 'e')) return false;
+    pos += 9;
+    ch = commentWhitespace();
+    if (ch != '.') return false;
+    pos++;
+    ch = commentWhitespace();
+  }
+  if (ch != 'h' || !str_eq13(pos + 1, 'a', 's', 'O', 'w', 'n', 'P', 'r', 'o', 'p', 'e', 'r', 't', 'y')) return false;
+  pos += 14;
+  ch = commentWhitespace();
+  if (ch != '.') return false;
+  pos++;
+  ch = commentWhitespace();
+  if (ch != 'c' || !str_eq3(pos + 1, 'a', 'l', 'l')) return false;
+  pos += 4;
+  ch = commentWhitespace();
+  if (ch != '(') return false;
+  pos++;
+  ch = commentWhitespace();
+  if (!identifier(ch)) return false;
+  ch = commentWhitespace();
+  if (ch != ',') return false;
+  pos++;
+  ch = commentWhitespace();
+  if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) return false;
+  pos += it_id_len;
+  ch = commentWhitespace();
+  if (ch != ')') return false;
+  pos++;
+  return true;
+}
+
+void tryParseObjectDefineOrKeys (bool keys) {
+  pos += 6;
+  uint16_t* revertPos = pos - 1;
+  uint16_t ch = commentWhitespace();
+  if (ch == '.') {
+    pos++;
+    ch = commentWhitespace();
+    if (ch == 'd' && str_eq13(pos + 1, 'e', 'f', 'i', 'n', 'e', 'P', 'r', 'o', 'p', 'e', 'r', 't', 'y')) {
+      uint16_t* exportStart = 0;
+      uint16_t* exportEnd = 0;
+      while (true) {
+        pos += 14;
+        revertPos = pos - 1;
+        ch = commentWhitespace();
+        if (ch != '(') break;
+        pos++;
+        ch = commentWhitespace();
+        if (!readExportsOrModuleDotExports(ch)) break;
+        ch = commentWhitespace();
+        if (ch != ',') break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch != '\'' && ch != '"') break;
+        exportStart = pos;
+        stringLiteral(ch);
+        exportEnd = ++pos;
+        ch = commentWhitespace();
+        if (ch != ',') break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch != '{') break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch == 'e') {
+          if (!str_eq9(pos + 1, 'n', 'u', 'm', 'e', 'r', 'a', 'b', 'l', 'e')) break;
+          pos += 10;
+          ch = commentWhitespace();
+          if (ch != ':') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != 't' || !str_eq3(pos + 1, 'r', 'u', 'e')) break;
+          pos += 4;
+          ch = commentWhitespace();
+          if (ch != 44) break;
+          pos++;
+          ch = commentWhitespace();
+        }
+        if (ch == 'v') {
+          if (!str_eq4(pos + 1, 'a', 'l', 'u', 'e')) break;
+          pos += 5;
+          ch = commentWhitespace();
+          if (ch != ':') break;
+          addExport(exportStart, exportEnd);
+          pos = revertPos;
+          return;
+        }
+        else if (ch == 'g') {
+          if (!str_eq2(pos + 1, 'e', 't')) break;
+          pos += 3;
+          ch = commentWhitespace();
+          if (ch == ':') {
+            pos++;
+            ch = commentWhitespace();
+            if (ch != 'f') break;
+            if (!str_eq7(pos + 1, 'u', 'n', 'c', 't', 'i', 'o', 'n')) break;
+            pos += 8;
+            uint16_t* lastPos = pos;
+            ch = commentWhitespace();
+            if (ch != '(' && (lastPos == pos || !identifier(ch))) break;
+            ch = commentWhitespace();
+          }
+          if (ch != '(') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != ')') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != '{') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != 'r') break;
+          if (!str_eq5(pos + 1, 'e', 't', 'u', 'r', 'n')) break;
+          pos += 6;
+          ch = commentWhitespace();
+          if (!identifier(ch)) break;
+          ch = commentWhitespace();
+          if (ch == '.') {
+            pos++;
+            ch = commentWhitespace();
+            if (!identifier(ch)) break;
+            ch = commentWhitespace();
+          }
+          else if (ch == '[') {
+            pos++;
+            ch = commentWhitespace();
+            if (ch == '\'' || ch == '"') stringLiteral(ch);
+            else break;
+            pos++;
+            ch = commentWhitespace();
+            if (ch != ']') break;
+            pos++;
+            ch = commentWhitespace();
+          }
+          if (ch == ';') {
+            pos++;
+            ch = commentWhitespace();
+          }
+          if (ch != '}') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch == ',') {
+            pos++;
+            ch = commentWhitespace();
+          }
+          if (ch != '}') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != ')') break;
+          addExport(exportStart, exportEnd);
+          return;
+        }
+        break;
+      }
+      if (exportEnd > 0) {
+        addUnsafeGetter(exportStart, exportEnd);
+      }
+    }
+    else if (keys && ch == 'k' && str_eq3(pos + 1, 'e', 'y', 's')) {
+      while (true) {
+        pos += 4;
+        revertPos = pos - 1;
+        ch = commentWhitespace();
+        if (ch != '(') break;
+        pos++;
+        ch = commentWhitespace();
+        uint16_t* id_start = pos;
+        if (!identifier(ch)) break;
+        ptrdiff_t id_len = pos - id_start;
+        ch = commentWhitespace();
+        if (ch != ')') break;
+
+        revertPos = pos++;
+        ch = commentWhitespace();
+        if (ch != '.') break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch != 'f' || !str_eq6(pos + 1, 'o', 'r', 'E', 'a', 'c', 'h')) break;
+        pos += 7;
+        ch = commentWhitespace();
+        revertPos = pos - 1;
+        if (ch != '(') break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch != 'f' || !str_eq7(pos + 1, 'u', 'n', 'c', 't', 'i', 'o', 'n')) break;
+        pos += 8;
+        ch = commentWhitespace();
+        if (ch != '(') break;
+        pos++;
+        ch = commentWhitespace();
+        uint16_t* it_id_start = pos;
+        if (!identifier(ch)) break;
+        ptrdiff_t it_id_len = pos - it_id_start;
+        ch = commentWhitespace();
+        if (ch != ')') break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch != '{') break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch != 'i' || *(pos + 1) != 'f') break;
+        pos += 2;
+        ch = commentWhitespace();
+        if (ch != '(') break;
+        pos++;
+        ch = commentWhitespace();
+        if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) break;
+        pos += it_id_len;
+        ch = commentWhitespace();
+        // `if (` IDENTIFIER$2 `===` ( `'default'` | `"default"` ) `||` IDENTIFIER$2 `===` ( '__esModule' | `"__esModule"` ) `) return` `;`? |
+        if (ch == '=') {
+          if (!str_eq2(pos + 1, '=', '=')) break;
+          pos += 3;
+          ch = commentWhitespace();
+          if (ch != '"' && ch != '\'') break;
+          uint16_t quot = ch;
+          if (!str_eq7(pos + 1, 'd', 'e', 'f', 'a', 'u', 'l', 't')) break;
+          pos += 8;
+          ch = commentWhitespace();
+          if (ch != quot) break;
+          pos += 1;
+          ch = commentWhitespace();
+          if (ch != '|' || *(pos + 1) != '|') break;
+          pos += 2;
+          ch = commentWhitespace();
+          if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) break;
+          pos += it_id_len;
+          ch = commentWhitespace();
+          if (ch != '=' || !str_eq2(pos + 1, '=', '=')) break;
+          pos += 3;
+          ch = commentWhitespace();
+          if (ch != '"' && ch != '\'') break;
+          quot = ch;
+          if (!str_eq10(pos + 1, '_', '_', 'e', 's', 'M', 'o', 'd', 'u', 'l', 'e')) break;
+          pos += 11;
+          ch = commentWhitespace();
+          if (ch != quot) break;
+          pos += 1;
+          ch = commentWhitespace();
+          if (ch != ')') break;
+          pos += 1;
+          ch = commentWhitespace();
+          if (ch != 'r' || !str_eq5(pos + 1, 'e', 't', 'u', 'r', 'n')) break;
+          pos += 6;
+          ch = commentWhitespace();
+          if (ch == ';')
+            pos++;
+          ch = commentWhitespace();
+
+          // `if (`
+          if (ch == 'i' && *(pos + 1) == 'f') {
+            bool inIf = true;
+            pos += 2;
+            ch = commentWhitespace();
+            if (ch != '(') break;
+            pos++;
+            uint16_t *ifInnerPos = pos;
+
+            // `Object.prototype.hasOwnProperty.call(`  IDENTIFIER `, ` IDENTIFIER$2 `)) return` `;`?
+            if (tryParseObjectHasOwnProperty(it_id_start, it_id_len)) {
+              ch = commentWhitespace();
+              if (ch != ')') break;
+              pos++;
+              ch = commentWhitespace();
+              if (ch != 'r' || !str_eq5(pos + 1, 'e', 't', 'u', 'r', 'n')) break;
+              pos += 6;
+              ch = commentWhitespace();
+              if (ch == ';')
+                pos++;
+              ch = commentWhitespace();
+              // match next if
+              if (ch == 'i' && *(pos + 1) == 'f') {
+                pos += 2;
+                ch = commentWhitespace();
+                if (ch != '(') break;
+                pos++;
+              }
+              else {
+                inIf = false;
+              }
+            }
+            else {
+              pos = ifInnerPos;
+            }
+
+            // `if (` IDENTIFIER$2 `in` EXPORTS_IDENTIFIER `&&` EXPORTS_IDENTIFIER `[` IDENTIFIER$2 `] ===` IDENTIFIER$1 `[` IDENTIFIER$2 `]) return` `;`?
+            if (inIf) {
+              if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) break;
+              pos += it_id_len;
+              ch = commentWhitespace();
+              if (ch != 'i' || !str_eq2(pos + 1, 'n', ' ')) break;
+              pos += 3;
+              ch = commentWhitespace();
+              if (!readExportsOrModuleDotExports(ch)) break;
+              ch = commentWhitespace();
+              if (ch != '&' || *(pos + 1) != '&') break;
+              pos += 2;
+              ch = commentWhitespace();
+              if (!readExportsOrModuleDotExports(ch)) break;
+              ch = commentWhitespace();
+              if (ch != '[') break;
+              pos++;
+              ch = commentWhitespace();
+              if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) break;
+              pos += it_id_len;
+              ch = commentWhitespace();
+              if (ch != ']') break;
+              pos++;
+              ch = commentWhitespace();
+              if (ch != '=' || !str_eq2(pos + 1, '=', '=')) break;
+              pos += 3;
+              ch = commentWhitespace();
+              if (memcmp(pos, id_start, id_len * sizeof(uint16_t)) != 0) break;
+              pos += id_len;
+              ch = commentWhitespace();
+              if (ch != '[') break;
+              pos++;
+              ch = commentWhitespace();
+              if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) break;
+              pos += it_id_len;
+              ch = commentWhitespace();
+              if (ch != ']') break;
+              pos++;
+              ch = commentWhitespace();
+              if (ch != ')') break;
+              pos++;
+              ch = commentWhitespace();
+              if (ch != 'r' || !str_eq5(pos + 1, 'e', 't', 'u', 'r', 'n')) break;
+              pos += 6;
+              ch = commentWhitespace();
+              if (ch == ';')
+                pos++;
+              ch = commentWhitespace();
+            }
+          }
+        }
+        // `if (` IDENTIFIER$2 `!==` ( `'default'` | `"default"` ) (`&& !` IDENTIFIER `.hasOwnProperty(` IDENTIFIER$2 `)`  )? `)`
+        else if (ch == '!') {
+          if (!str_eq2(pos + 1, '=', '=')) break;
+          pos += 3;
+          ch = commentWhitespace();
+          if (ch != '"' && ch != '\'') break;
+          uint16_t quot = ch;
+          if (!str_eq7(pos + 1, 'd', 'e', 'f', 'a', 'u', 'l', 't')) break;
+          pos += 8;
+          ch = commentWhitespace();
+          if (ch != quot) break;
+          pos += 1;
+          ch = commentWhitespace();
+          if (ch == '&') {
+            if (*(pos + 1) != '&') break;
+            pos += 2;
+            ch = commentWhitespace();
+            if (ch != '!') break;
+            pos += 1;
+            ch = commentWhitespace();
+            if (ch == 'O' && str_eq6(pos + 1, 'b', 'j', 'e', 'c', 't', '.')) {
+              if (!tryParseObjectHasOwnProperty(it_id_start, it_id_len)) break;
+            }
+            else if (identifier(ch)) {
+              ch = commentWhitespace();
+              if (ch != '.') break;
+              pos++;
+              ch = commentWhitespace();
+              if (ch != 'h' || !str_eq13(pos + 1, 'a', 's', 'O', 'w', 'n', 'P', 'r', 'o', 'p', 'e', 'r', 't', 'y')) break;
+              pos += 14;
+              ch = commentWhitespace();
+              if (ch != '(') break;
+              pos += 1;
+              ch = commentWhitespace();
+              if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) break;
+              pos += it_id_len;
+              ch = commentWhitespace();
+              if (ch != ')') break;
+              pos += 1;
+            }
+            ch = commentWhitespace();
+          }
+          if (ch != ')') break;
+          pos += 1;
+          ch = commentWhitespace();
+        }
+        else break;
+
+        // EXPORTS_IDENTIFIER `[` IDENTIFIER$2 `] =` IDENTIFIER$1 `[` IDENTIFIER$2 `]`
+        if (readExportsOrModuleDotExports(ch)) {
+          ch = commentWhitespace();
+          if (ch != '[') break;
+          pos++;
+          ch = commentWhitespace();
+          if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) break;
+          pos += it_id_len;
+          ch = commentWhitespace();
+          if (ch != ']') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != '=') break;
+          pos++;
+          ch = commentWhitespace();
+          if (memcmp(pos, id_start, id_len * sizeof(uint16_t)) != 0) break;
+          pos += id_len;
+          ch = commentWhitespace();
+          if (ch != '[') break;
+          pos++;
+          ch = commentWhitespace();
+          if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) break;
+          pos += it_id_len;
+          ch = commentWhitespace();
+          if (ch != ']') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch == ';') {
+            pos++;
+            ch = commentWhitespace();
+          }
+        }
+        // `Object.defineProperty(` EXPORTS_IDENTIFIER `, ` IDENTIFIER$2 `, { enumerable: true, get: function () { return ` IDENTIFIER$1 `[` IDENTIFIER$2 `]; } })`
+        else if (ch == 'O') {
+          if (!str_eq5(pos + 1, 'b', 'j', 'e', 'c', 't')) break;
+          pos += 6;
+          ch = commentWhitespace();
+          if (ch != '.') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != 'd' || !str_eq13(pos + 1, 'e', 'f', 'i', 'n', 'e', 'P', 'r', 'o', 'p', 'e', 'r', 't', 'y')) break;
+          pos += 14;
+          ch = commentWhitespace();
+          if (ch != '(') break;
+          pos++;
+          ch = commentWhitespace();
+          if (!readExportsOrModuleDotExports(ch)) break;
+          ch = commentWhitespace();
+          if (ch != ',') break;
+          pos++;
+          ch = commentWhitespace();
+          if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) break;
+          pos += it_id_len;
+          ch = commentWhitespace();
+          if (ch != ',') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != '{') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != 'e' || !str_eq9(pos + 1, 'n', 'u', 'm', 'e', 'r', 'a', 'b', 'l', 'e')) break;
+          pos += 10;
+          ch = commentWhitespace();
+          if (ch != ':') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != 't' && !str_eq3(pos + 1, 'r', 'u', 'e')) break;
+          pos += 4;
+          ch = commentWhitespace();
+          if (ch != ',') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != 'g' || !str_eq2(pos + 1, 'e', 't')) break;
+          pos += 3;
+          ch = commentWhitespace();
+          if (ch == ':') {
+            pos++;
+            ch = commentWhitespace();
+            if (ch != 'f') break;
+            if (!str_eq7(pos + 1, 'u', 'n', 'c', 't', 'i', 'o', 'n')) break;
+            pos += 8;
+            uint16_t* lastPos = pos;
+            ch = commentWhitespace();
+            if (ch != '(' && (lastPos == pos || !identifier(ch))) break;
+            ch = commentWhitespace();
+          }
+          if (ch != '(') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != ')') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != '{') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != 'r' || !str_eq5(pos + 1, 'e', 't', 'u', 'r', 'n')) break;
+          pos += 6;
+          ch = commentWhitespace();
+          if (memcmp(pos, id_start, id_len * sizeof(uint16_t)) != 0) break;
+          pos += id_len;
+          ch = commentWhitespace();
+          if (ch != '[') break;
+          pos++;
+          ch = commentWhitespace();
+          if (memcmp(pos, it_id_start, it_id_len * sizeof(uint16_t)) != 0) break;
+          pos += it_id_len;
+          ch = commentWhitespace();
+          if (ch != ']') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch == ';') {
+            pos++;
+            ch = commentWhitespace();
+          }
+          if (ch != '}') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch == ',') {
+            pos++;
+            ch = commentWhitespace();
+          }
+          if (ch != '}') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch != ')') break;
+          pos++;
+          ch = commentWhitespace();
+          if (ch == ';') {
+            pos++;
+            ch = commentWhitespace();
+          }
+        }
+        else break;
+
+        if (ch != '}') break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch != ')') break;
+
+        // search through export bindings to see if this is a star export
+        // this is done last because it is a linear search through all require bindings
+        // and by doing this search last after verifying the structure match,
+        // we don't have to worry about the slow search algorithm
+        StarExportBinding* curCheckBinding = &starExportStack_[0];
+        while (curCheckBinding != starExportStack) {
+          if (id_len == curCheckBinding->id_end - curCheckBinding->id_start &&
+              0 == memcmp(id_start, curCheckBinding->id_start, id_len * sizeof(uint16_t))) {
+            addReexport(curCheckBinding->specifier_start, curCheckBinding->specifier_end);
+            pos = revertPos;
+            return;
+          }
+          curCheckBinding++;
+        }
+        return;
+      }
+    }
+  }
+  pos = revertPos;
+}
+
+bool readExportsOrModuleDotExports (uint16_t ch) {
+  uint16_t* revertPos = pos;
+  if (ch == 'm' && str_eq5(pos + 1, 'o', 'd', 'u', 'l', 'e')) {
+    pos += 6;
+    ch = commentWhitespace();
+    if (ch != '.') {
+      pos = revertPos;
+      return false;
+    }
+    pos++;
+    ch = commentWhitespace();
+  }
+  if (ch == 'e' && str_eq6(pos + 1, 'x', 'p', 'o', 'r', 't', 's')) {
+    pos += 7;
+    return true;
+  }
+  else {
+    pos = revertPos;
+    return false;
+  }
+}
+
+void tryParseModuleExportsDotAssign () {
+  pos += 6;
+  uint16_t* revertPos = pos - 1;
+  uint16_t ch = commentWhitespace();
+  if (ch == '.') {
+    pos++;
+    ch = commentWhitespace();
+    if (ch == 'e' && str_eq6(pos + 1, 'x', 'p', 'o', 'r', 't', 's')) {
+      tryParseExportsDotAssign(true);
+      return;
+    }
+  }
+  pos = revertPos;
+}
+
+void tryParseExportsDotAssign (bool assign) {
+  pos += 7;
+  uint16_t* revertPos = pos - 1;
+  uint16_t ch = commentWhitespace();
+  switch (ch) {
+    // exports.asdf
+    case '.': {
+      pos++;
+      ch = commentWhitespace();
+      uint16_t* startPos = pos;
+      if (identifier(ch)) {
+        uint16_t* endPos = pos;
+        ch = commentWhitespace();
+        if (ch == '=') {
+          addExport(startPos, endPos);
+          return;
+        }
+      }
+      break;
+    }
+    // exports['asdf']
+    case '[': {
+      pos++;
+      ch = commentWhitespace();
+      if (ch == '\'' || ch == '"') {
+        uint16_t* startPos = pos;
+        stringLiteral(ch);
+        uint16_t* endPos = ++pos;
+        ch = commentWhitespace();
+        if (ch != ']') break;
+        pos++;
+        ch = commentWhitespace();
+        if (ch != '=') break;
+        addExport(startPos, endPos);
+      }
+      break;
+    }
+    // module.exports =
+    case '=': {
+      if (assign) {
+        clearReexports();
+        pos++;
+        ch = commentWhitespace();
+        // { ... }
+        if (ch == '{') {
+          tryParseLiteralExports();
+          return;
+        }
+
+        // require('...')
+        if (ch == 'r')
+          tryParseRequire(ExportAssign);
+      }
+    }
+  }
+  pos = revertPos;
+}
+
+bool tryParseRequire (enum RequireType requireType) {
+  uint16_t* revertPos = pos;
+  // require('...')
+  if (str_eq6(pos + 1, 'e', 'q', 'u', 'i', 'r', 'e')) {
+    pos += 7;
+    uint16_t ch = commentWhitespace();
+    if (ch == '(') {
+      pos++;
+      ch = commentWhitespace();
+      uint16_t* reexportStart = pos;
+      if (ch == '\'' || ch == '"') {
+        stringLiteral(ch);
+        uint16_t* reexportEnd = ++pos;
+        ch = commentWhitespace();
+        if (ch == ')') {
+          switch (requireType) {
+            case ExportStar:
+              addReexport(reexportStart, reexportEnd);
+              return true;
+            case ExportAssign:
+              addReexport(reexportStart, reexportEnd);
+              return true;
+            default:
+              starExportStack->specifier_start = reexportStart;
+              starExportStack->specifier_end = reexportEnd;
+              return true;
+          }
+        }
+      }
+    }
+    pos = revertPos;
+  }
+  return false;
+}
+
+void tryParseLiteralExports () {
+  uint16_t* revertPos = pos - 1;
+  while (pos++ < end) {
+    uint16_t ch = commentWhitespace();
+    uint16_t* startPos = pos;
+    if (identifier(ch)) {
+      uint16_t* endPos = pos;
+      ch = commentWhitespace();
+      if (ch == ':') {
+        pos++;
+        ch = commentWhitespace();
+        // nothing more complex than identifier expressions for now
+        if (!identifier(ch)) {
+          pos = revertPos;
+          return;
+        }
+        ch = *pos;
+      }
+      addExport(startPos, endPos);
+    }
+    else if (ch == '\'' || ch == '"') {
+      uint16_t* startPos = pos;
+      stringLiteral(ch);
+      uint16_t* endPos = ++pos;
+      ch = commentWhitespace();
+      if (ch == ':') {
+        pos++;
+        ch = commentWhitespace();
+        // nothing more complex than identifier expressions for now
+        if (!identifier(ch)) {
+          pos = revertPos;
+          return;
+        }
+        ch = *pos;
+        addExport(startPos, endPos);
+      }
+    }
+    else if (ch == '.' && str_eq2(pos + 1, '.', '.')) {
+      pos += 3;
+      if (*pos == 'r' && tryParseRequire(ExportAssign)) {
+        pos++;
+      }
+      else if (!identifier(*pos)) {
+        pos = revertPos;
+        return;
+      }
+      ch = commentWhitespace();
+    }
+    else {
+      pos = revertPos;
+      return;
+    }
+
+    if (ch == '}')
+      return;
+
+    if (ch != ',') {
+      pos = revertPos;
+      return;
+    }
+  }
+}
+
+// Identifier detection, ported from Acorn
+// ## Character categories
+
+// Big ugly regular expressions that match characters in the
+// whitespace, identifier, and identifier-start categories. These
+// are only applied when a character is found to actually have a
+// code point above 128.
+// Generated by `bin/generate-identifier-regex.js`.
+
+bool isNonASCIIidentifierStartChar (uint32_t ch) {
+  return ch == 0xaa || ch == 0xb5 || ch == 0xba || ch >= 0xc0 && ch <= 0xd6 || ch >= 0xd8 && ch <= 0xf6 || ch >= 0xf8 && ch <= 0x02c1 ||
+      ch >= 0x02c6 && ch <= 0x02d1 || ch >= 0x02e0 && ch <= 0x02e4 || ch == 0x02ec || ch == 0x02ee || ch >= 0x0370 && ch <= 0x0374 || ch == 0x0376 || ch == 0x0377 || ch >= 0x037a && ch <= 0x037d || ch == 0x037f || ch == 0x0386 || ch >= 0x0388 && ch <= 0x038a || ch == 0x038c || ch >= 0x038e && ch <= 0x03a1 || ch >= 0x03a3 && ch <= 0x03f5 || ch >= 0x03f7 && ch <= 0x0481 || ch >= 0x048a && ch <= 0x052f || ch >= 0x0531 && ch <= 0x0556 || ch == 0x0559 || ch >= 0x0560 && ch <= 0x0588 || ch >= 0x05d0 && ch <= 0x05ea || ch >= 0x05ef && ch <= 0x05f2 || ch >= 0x0620 && ch <= 0x064a || ch == 0x066e || ch == 0x066f || ch >= 0x0671 && ch <= 0x06d3 || ch == 0x06d5 || ch == 0x06e5 || ch == 0x06e6 || ch == 0x06ee || ch == 0x06ef || ch >= 0x06fa && ch <= 0x06fc || ch == 0x06ff || ch == 0x0710 || ch >= 0x0712 && ch <= 0x072f || ch >= 0x074d && ch <= 0x07a5 || ch == 0x07b1 || ch >= 0x07ca && ch <= 0x07ea || ch == 0x07f4 || ch == 0x07f5 || ch == 0x07fa || ch >= 0x0800 && ch <= 0x0815 || ch == 0x081a || ch == 0x0824 || ch == 0x0828 || ch >= 0x0840 && ch <= 0x0858 || ch >= 0x0860 && ch <= 0x086a || ch >= 0x08a0 && ch <= 0x08b4 || ch >= 0x08b6 && ch <= 0x08bd || ch >= 0x0904 && ch <= 0x0939 || ch == 0x093d || ch == 0x0950 || ch >= 0x0958 && ch <= 0x0961 || ch >= 0x0971 && ch <= 0x0980 || ch >= 0x0985 && ch <= 0x098c || ch == 0x098f || ch == 0x0990 || ch >= 0x0993 && ch <= 0x09a8 || ch >= 0x09aa && ch <= 0x09b0 || ch == 0x09b2 || ch >= 0x09b6 && ch <= 0x09b9 || ch == 0x09bd || ch == 0x09ce || ch == 0x09dc || ch == 0x09dd || ch >= 0x09df && ch <= 0x09e1 || ch == 0x09f0 || ch == 0x09f1 || ch == 0x09fc || ch >= 0x0a05 && ch <= 0x0a0a || ch == 0x0a0f || ch == 0x0a10 || ch >= 0x0a13 && ch <= 0x0a28 || ch >= 0x0a2a && ch <= 0x0a30 || ch == 0x0a32 || ch == 0x0a33 || ch == 0x0a35 || ch == 0x0a36 || ch == 0x0a38 || ch == 0x0a39 || ch >= 0x0a59 && ch <= 0x0a5c || ch == 0x0a5e || ch >= 0x0a72 && ch <= 0x0a74 || ch >= 0x0a85 && ch <= 0x0a8d || ch >= 0x0a8f && ch <= 0x0a91 || ch >= 0x0a93 && ch <= 0x0aa8 || ch >= 0x0aaa && ch <= 0x0ab0 || ch == 0x0ab2 || ch == 0x0ab3 || ch >= 0x0ab5 && ch <= 0x0ab9 || ch == 0x0abd || ch == 0x0ad0 || ch == 0x0ae0 || ch == 0x0ae1 || ch == 0x0af9 || ch >= 0x0b05 && ch <= 0x0b0c || ch == 0x0b0f || ch == 0x0b10 || ch >= 0x0b13 && ch <= 0x0b28 || ch >= 0x0b2a && ch <= 0x0b30 || ch == 0x0b32 || ch == 0x0b33 || ch >= 0x0b35 && ch <= 0x0b39 || ch == 0x0b3d || ch == 0x0b5c || ch == 0x0b5d || ch >= 0x0b5f && ch <= 0x0b61 || ch == 0x0b71 || ch == 0x0b83 || ch >= 0x0b85 && ch <= 0x0b8a || ch >= 0x0b8e && ch <= 0x0b90 || ch >= 0x0b92 && ch <= 0x0b95 || ch == 0x0b99 || ch == 0x0b9a || ch == 0x0b9c || ch == 0x0b9e || ch == 0x0b9f || ch == 0x0ba3 || ch == 0x0ba4 || ch >= 0x0ba8 && ch <= 0x0baa || ch >= 0x0bae && ch <= 0x0bb9 || ch == 0x0bd0 || ch >= 0x0c05 && ch <= 0x0c0c || ch >= 0x0c0e && ch <= 0x0c10 || ch >= 0x0c12 && ch <= 0x0c28 || ch >= 0x0c2a && ch <= 0x0c39 || ch == 0x0c3d || ch >= 0x0c58 && ch <= 0x0c5a || ch == 0x0c60 || ch == 0x0c61 || ch == 0x0c80 || ch >= 0x0c85 && ch <= 0x0c8c || ch >= 0x0c8e && ch <= 0x0c90 || ch >= 0x0c92 && ch <= 0x0ca8 || ch >= 0x0caa && ch <= 0x0cb3 || ch >= 0x0cb5 && ch <= 0x0cb9 || ch == 0x0cbd || ch == 0x0cde || ch == 0x0ce0 || ch == 0x0ce1 || ch == 0x0cf1 || ch == 0x0cf2 || ch >= 0x0d05 && ch <= 0x0d0c || ch >= 0x0d0e && ch <= 0x0d10 || ch >= 0x0d12 && ch <= 0x0d3a || ch == 0x0d3d || ch == 0x0d4e || ch >= 0x0d54 && ch <= 0x0d56 || ch >= 0x0d5f && ch <= 0x0d61 || ch >= 0x0d7a && ch <= 0x0d7f || ch >= 0x0d85 && ch <= 0x0d96 || ch >= 0x0d9a && ch <= 0x0db1 || ch >= 0x0db3 && ch <= 0x0dbb || ch == 0x0dbd || ch >= 0x0dc0 && ch <= 0x0dc6 || ch >= 0x0e01 && ch <= 0x0e30 || ch == 0x0e32 || ch == 0x0e33 || ch >= 0x0e40 && ch <= 0x0e46 || ch == 0x0e81 || ch == 0x0e82 || ch == 0x0e84 || ch == 0x0e87 || ch == 0x0e88 || ch == 0x0e8a || ch == 0x0e8d || ch >= 0x0e94 && ch <= 0x0e97 || ch >= 0x0e99 && ch <= 0x0e9f || ch >= 0x0ea1 && ch <= 0x0ea3 || ch == 0x0ea5 || ch == 0x0ea7 || ch == 0x0eaa || ch == 0x0eab || ch >= 0x0ead && ch <= 0x0eb0 || ch == 0x0eb2 || ch == 0x0eb3 || ch == 0x0ebd || ch >= 0x0ec0 && ch <= 0x0ec4 || ch == 0x0ec6 || ch >= 0x0edc && ch <= 0x0edf || ch == 0x0f00 || ch >= 0x0f40 && ch <= 0x0f47 || ch >= 0x0f49 && ch <= 0x0f6c || ch >= 0x0f88 && ch <= 0x0f8c || ch >= 0x1000 && ch <= 0x102a || ch == 0x103f || ch >= 0x1050 && ch <= 0x1055 || ch >= 0x105a && ch <= 0x105d || ch == 0x1061 || ch == 0x1065 || ch == 0x1066 || ch >= 0x106e && ch <= 0x1070 || ch >= 0x1075 && ch <= 0x1081 || ch == 0x108e || ch >= 0x10a0 && ch <= 0x10c5 || ch == 0x10c7 || ch == 0x10cd || ch >= 0x10d0 && ch <= 0x10fa || ch >= 0x10fc && ch <= 0x1248 || ch >= 0x124a && ch <= 0x124d || ch >= 0x1250 && ch <= 0x1256 || ch == 0x1258 || ch >= 0x125a && ch <= 0x125d || ch >= 0x1260 && ch <= 0x1288 || ch >= 0x128a && ch <= 0x128d || ch >= 0x1290 && ch <= 0x12b0 || ch >= 0x12b2 && ch <= 0x12b5 || ch >= 0x12b8 && ch <= 0x12be || ch == 0x12c0 || ch >= 0x12c2 && ch <= 0x12c5 || ch >= 0x12c8 && ch <= 0x12d6 || ch >= 0x12d8 && ch <= 0x1310 || ch >= 0x1312 && ch <= 0x1315 || ch >= 0x1318 && ch <= 0x135a || ch >= 0x1380 && ch <= 0x138f || ch >= 0x13a0 && ch <= 0x13f5 || ch >= 0x13f8 && ch <= 0x13fd || ch >= 0x1401 && ch <= 0x166c || ch >= 0x166f && ch <= 0x167f || ch >= 0x1681 && ch <= 0x169a || ch >= 0x16a0 && ch <= 0x16ea || ch >= 0x16ee && ch <= 0x16f8 || ch >= 0x1700 && ch <= 0x170c || ch >= 0x170e && ch <= 0x1711 || ch >= 0x1720 && ch <= 0x1731 || ch >= 0x1740 && ch <= 0x1751 || ch >= 0x1760 && ch <= 0x176c || ch >= 0x176e && ch <= 0x1770 || ch >= 0x1780 && ch <= 0x17b3 || ch == 0x17d7 || ch == 0x17dc || ch >= 0x1820 && ch <= 0x1878 || ch >= 0x1880 && ch <= 0x18a8 || ch == 0x18aa || ch >= 0x18b0 && ch <= 0x18f5 || ch >= 0x1900 && ch <= 0x191e || ch >= 0x1950 && ch <= 0x196d || ch >= 0x1970 && ch <= 0x1974 || ch >= 0x1980 && ch <= 0x19ab || ch >= 0x19b0 && ch <= 0x19c9 || ch >= 0x1a00 && ch <= 0x1a16 || ch >= 0x1a20 && ch <= 0x1a54 || ch == 0x1aa7 || ch >= 0x1b05 && ch <= 0x1b33 || ch >= 0x1b45 && ch <= 0x1b4b || ch >= 0x1b83 && ch <= 0x1ba0 || ch == 0x1bae || ch == 0x1baf || ch >= 0x1bba && ch <= 0x1be5 || ch >= 0x1c00 && ch <= 0x1c23 || ch >= 0x1c4d && ch <= 0x1c4f || ch >= 0x1c5a && ch <= 0x1c7d || ch >= 0x1c80 && ch <= 0x1c88 || ch >= 0x1c90 && ch <= 0x1cba || ch >= 0x1cbd && ch <= 0x1cbf || ch >= 0x1ce9 && ch <= 0x1cec || ch >= 0x1cee && ch <= 0x1cf1 || ch == 0x1cf5 || ch == 0x1cf6 || ch >= 0x1d00 && ch <= 0x1dbf || ch >= 0x1e00 && ch <= 0x1f15 || ch >= 0x1f18 && ch <= 0x1f1d || ch >= 0x1f20 && ch <= 0x1f45 || ch >= 0x1f48 && ch <= 0x1f4d || ch >= 0x1f50 && ch <= 0x1f57 || ch == 0x1f59 || ch == 0x1f5b || ch == 0x1f5d || ch >= 0x1f5f && ch <= 0x1f7d || ch >= 0x1f80 && ch <= 0x1fb4 || ch >= 0x1fb6 && ch <= 0x1fbc || ch == 0x1fbe || ch >= 0x1fc2 && ch <= 0x1fc4 || ch >= 0x1fc6 && ch <= 0x1fcc || ch >= 0x1fd0 && ch <= 0x1fd3 || ch >= 0x1fd6 && ch <= 0x1fdb || ch >= 0x1fe0 && ch <= 0x1fec || ch >= 0x1ff2 && ch <= 0x1ff4 || ch >= 0x1ff6 && ch <= 0x1ffc || ch == 0x2071 || ch == 0x207f || ch >= 0x2090 && ch <= 0x209c || ch == 0x2102 || ch == 0x2107 || ch >= 0x210a && ch <= 0x2113 || ch == 0x2115 || ch >= 0x2118 && ch <= 0x211d || ch == 0x2124 || ch == 0x2126 || ch == 0x2128 || ch >= 0x212a && ch <= 0x2139 || ch >= 0x213c && ch <= 0x213f || ch >= 0x2145 && ch <= 0x2149 || ch == 0x214e || ch >= 0x2160 && ch <= 0x2188 || ch >= 0x2c00 && ch <= 0x2c2e || ch >= 0x2c30 && ch <= 0x2c5e || ch >= 0x2c60 && ch <= 0x2ce4 || ch >= 0x2ceb && ch <= 0x2cee || ch == 0x2cf2 || ch == 0x2cf3 || ch >= 0x2d00 && ch <= 0x2d25 || ch == 0x2d27 || ch == 0x2d2d || ch >= 0x2d30 && ch <= 0x2d67 || ch == 0x2d6f || ch >= 0x2d80 && ch <= 0x2d96 || ch >= 0x2da0 && ch <= 0x2da6 || ch >= 0x2da8 && ch <= 0x2dae || ch >= 0x2db0 && ch <= 0x2db6 || ch >= 0x2db8 && ch <= 0x2dbe || ch >= 0x2dc0 && ch <= 0x2dc6 || ch >= 0x2dc8 && ch <= 0x2dce || ch >= 0x2dd0 && ch <= 0x2dd6 || ch >= 0x2dd8 && ch <= 0x2dde || ch >= 0x3005 && ch <= 0x3007 || ch >= 0x3021 && ch <= 0x3029 || ch >= 0x3031 && ch <= 0x3035 || ch >= 0x3038 && ch <= 0x303c || ch >= 0x3041 && ch <= 0x3096 || ch >= 0x309b && ch <= 0x309f || ch >= 0x30a1 && ch <= 0x30fa || ch >= 0x30fc && ch <= 0x30ff || ch >= 0x3105 && ch <= 0x312f || ch >= 0x3131 && ch <= 0x318e || ch >= 0x31a0 && ch <= 0x31ba || ch >= 0x31f0 && ch <= 0x31ff || ch >= 0x3400 && ch <= 0x4db5 || ch >= 0x4e00 && ch <= 0x9fef || ch >= 0xa000 && ch <= 0xa48c || ch >= 0xa4d0 && ch <= 0xa4fd || ch >= 0xa500 && ch <= 0xa60c || ch >= 0xa610 && ch <= 0xa61f || ch == 0xa62a || ch == 0xa62b || ch >= 0xa640 && ch <= 0xa66e || ch >= 0xa67f && ch <= 0xa69d || ch >= 0xa6a0 && ch <= 0xa6ef || ch >= 0xa717 && ch <= 0xa71f || ch >= 0xa722 && ch <= 0xa788 || ch >= 0xa78b && ch <= 0xa7b9 || ch >= 0xa7f7 && ch <= 0xa801 || ch >= 0xa803 && ch <= 0xa805 || ch >= 0xa807 && ch <= 0xa80a || ch >= 0xa80c && ch <= 0xa822 || ch >= 0xa840 && ch <= 0xa873 || ch >= 0xa882 && ch <= 0xa8b3 || ch >= 0xa8f2 && ch <= 0xa8f7 || ch == 0xa8fb || ch == 0xa8fd || ch == 0xa8fe || ch >= 0xa90a && ch <= 0xa925 || ch >= 0xa930 && ch <= 0xa946 || ch >= 0xa960 && ch <= 0xa97c || ch >= 0xa984 && ch <= 0xa9b2 || ch == 0xa9cf || ch >= 0xa9e0 && ch <= 0xa9e4 || ch >= 0xa9e6 && ch <= 0xa9ef || ch >= 0xa9fa && ch <= 0xa9fe || ch >= 0xaa00 && ch <= 0xaa28 || ch >= 0xaa40 && ch <= 0xaa42 || ch >= 0xaa44 && ch <= 0xaa4b || ch >= 0xaa60 && ch <= 0xaa76 || ch == 0xaa7a || ch >= 0xaa7e && ch <= 0xaaaf || ch == 0xaab1 || ch == 0xaab5 || ch == 0xaab6 || ch >= 0xaab9 && ch <= 0xaabd || ch == 0xaac0 || ch == 0xaac2 || ch >= 0xaadb && ch <= 0xaadd || ch >= 0xaae0 && ch <= 0xaaea || ch >= 0xaaf2 && ch <= 0xaaf4 || ch >= 0xab01 && ch <= 0xab06 || ch >= 0xab09 && ch <= 0xab0e || ch >= 0xab11 && ch <= 0xab16 || ch >= 0xab20 && ch <= 0xab26 || ch >= 0xab28 && ch <= 0xab2e ||
+      ch >= 0xab30 && ch <= 0xab5a || ch >= 0xab5c && ch <= 0xab65 || ch >= 0xab70 && ch <= 0xabe2 || ch >= 0xac00 && ch <= 0xd7a3 || ch >= 0xd7b0 && ch <= 0xd7c6 || ch >= 0xd7cb && ch <= 0xd7fb || ch >= 0xf900 && ch <= 0xfa6d || ch >= 0xfa70 && ch <= 0xfad9 || ch >= 0xfb00 && ch <= 0xfb06 || ch >= 0xfb13 && ch <= 0xfb17 || ch == 0xfb1d || ch >= 0xfb1f && ch <= 0xfb28 || ch >= 0xfb2a && ch <= 0xfb36 || ch >= 0xfb38 && ch <= 0xfb3c || ch == 0xfb3e || ch == 0xfb40 || ch == 0xfb41 || ch == 0xfb43 || ch == 0xfb44 || ch >= 0xfb46 && ch <= 0xfbb1 || ch >= 0xfbd3 && ch <= 0xfd3d || ch >= 0xfd50 && ch <= 0xfd8f || ch >= 0xfd92 && ch <= 0xfdc7 || ch >= 0xfdf0 && ch <= 0xfdfb || ch >= 0xfe70 && ch <= 0xfe74 || ch >= 0xfe76 && ch <= 0xfefc || ch >= 0xff21 && ch <= 0xff3a || ch >= 0xff41 && ch <= 0xff5a || ch >= 0xff66 && ch <= 0xffbe || ch >= 0xffc2 && ch <= 0xffc7 || ch >= 0xffca && ch <= 0xffcf || ch >= 0xffd2 && ch <= 0xffd7 || ch >= 0xffda && ch <= 0xffdc;
+}
+
+bool isNonASCIIidentifierChar (uint32_t ch) {
+  return isNonASCIIidentifierStartChar(ch) || ch == 0x200c || ch == 0x200d || ch == 0xb7 || ch >= 0x0300 && ch <= 0x036f || ch == 0x0387 || ch >= 0x0483 && ch <= 0x0487 || ch >= 0x0591 && ch <= 0x05bd || ch == 0x05bf || ch == 0x05c1 || ch == 0x05c2 || ch == 0x05c4 || ch == 0x05c5 || ch == 0x05c7 || ch >= 0x0610 && ch <= 0x061a || ch >= 0x064b && ch <= 0x0669 || ch == 0x0670 || ch >= 0x06d6 && ch <= 0x06dc || ch >= 0x06df && ch <= 0x06e4 || ch == 0x06e7 || ch == 0x06e8 || ch >= 0x06ea && ch <= 0x06ed || ch >= 0x06f0 && ch <= 0x06f9 || ch == 0x0711 || ch >= 0x0730 && ch <= 0x074a || ch >= 0x07a6 && ch <= 0x07b0 || ch >= 0x07c0 && ch <= 0x07c9 || ch >= 0x07eb && ch <= 0x07f3 || ch == 0x07fd || ch >= 0x0816 && ch <= 0x0819 || ch >= 0x081b && ch <= 0x0823 || ch >= 0x0825 && ch <= 0x0827 || ch >= 0x0829 && ch <= 0x082d || ch >= 0x0859 && ch <= 0x085b || ch >= 0x08d3 && ch <= 0x08e1 || ch >= 0x08e3 && ch <= 0x0903 || ch >= 0x093a && ch <= 0x093c || ch >= 0x093e && ch <= 0x094f || ch >= 0x0951 && ch <= 0x0957 || ch == 0x0962 || ch == 0x0963 || ch >= 0x0966 && ch <= 0x096f || ch >= 0x0981 && ch <= 0x0983 || ch == 0x09bc || ch >= 0x09be && ch <= 0x09c4 || ch == 0x09c7 || ch == 0x09c8 || ch >= 0x09cb && ch <= 0x09cd || ch == 0x09d7 || ch == 0x09e2 || ch == 0x09e3 || ch >= 0x09e6 && ch <= 0x09ef || ch == 0x09fe || ch >= 0x0a01 && ch <= 0x0a03 || ch == 0x0a3c || ch >= 0x0a3e && ch <= 0x0a42 || ch == 0x0a47 || ch == 0x0a48 || ch >= 0x0a4b && ch <= 0x0a4d || ch == 0x0a51 || ch >= 0x0a66 && ch <= 0x0a71 || ch == 0x0a75 || ch >= 0x0a81 && ch <= 0x0a83 || ch == 0x0abc || ch >= 0x0abe && ch <= 0x0ac5 || ch >= 0x0ac7 && ch <= 0x0ac9 || ch >= 0x0acb && ch <= 0x0acd || ch == 0x0ae2 || ch == 0x0ae3 || ch >= 0x0ae6 && ch <= 0x0aef || ch >= 0x0afa && ch <= 0x0aff || ch >= 0x0b01 && ch <= 0x0b03 || ch == 0x0b3c || ch >= 0x0b3e && ch <= 0x0b44 || ch == 0x0b47 || ch == 0x0b48 || ch >= 0x0b4b && ch <= 0x0b4d || ch == 0x0b56 || ch == 0x0b57 || ch == 0x0b62 || ch == 0x0b63 || ch >= 0x0b66 && ch <= 0x0b6f || ch == 0x0b82 || ch >= 0x0bbe && ch <= 0x0bc2 || ch >= 0x0bc6 && ch <= 0x0bc8 || ch >= 0x0bca && ch <= 0x0bcd || ch == 0x0bd7 || ch >= 0x0be6 && ch <= 0x0bef || ch >= 0x0c00 && ch <= 0x0c04 || ch >= 0x0c3e && ch <= 0x0c44 || ch >= 0x0c46 && ch <= 0x0c48 || ch >= 0x0c4a && ch <= 0x0c4d || ch == 0x0c55 || ch == 0x0c56 || ch == 0x0c62 || ch == 0x0c63 || ch >= 0x0c66 && ch <= 0x0c6f || ch >= 0x0c81 && ch <= 0x0c83 || ch == 0x0cbc || ch >= 0x0cbe && ch <= 0x0cc4 || ch >= 0x0cc6 && ch <= 0x0cc8 || ch >= 0x0cca && ch <= 0x0ccd || ch == 0x0cd5 || ch == 0x0cd6 || ch == 0x0ce2 || ch == 0x0ce3 || ch >= 0x0ce6 && ch <= 0x0cef || ch >= 0x0d00 && ch <= 0x0d03 || ch == 0x0d3b || ch == 0x0d3c || ch >= 0x0d3e && ch <= 0x0d44 || ch >= 0x0d46 && ch <= 0x0d48 || ch >= 0x0d4a && ch <= 0x0d4d || ch == 0x0d57 || ch == 0x0d62 || ch == 0x0d63 || ch >= 0x0d66 && ch <= 0x0d6f || ch == 0x0d82 || ch == 0x0d83 || ch == 0x0dca || ch >= 0x0dcf && ch <= 0x0dd4 || ch == 0x0dd6 || ch >= 0x0dd8 && ch <= 0x0ddf || ch >= 0x0de6 && ch <= 0x0def || ch == 0x0df2 || ch == 0x0df3 || ch == 0x0e31 || ch >= 0x0e34 && ch <= 0x0e3a || ch >= 0x0e47 && ch <= 0x0e4e || ch >= 0x0e50 && ch <= 0x0e59 || ch == 0x0eb1 || ch >= 0x0eb4 && ch <= 0x0eb9 || ch == 0x0ebb || ch == 0x0ebc || ch >= 0x0ec8 && ch <= 0x0ecd || ch >= 0x0ed0 && ch <= 0x0ed9 || ch == 0x0f18 || ch == 0x0f19 || ch >= 0x0f20 && ch <= 0x0f29 || ch == 0x0f35 || ch == 0x0f37 || ch == 0x0f39 || ch == 0x0f3e || ch == 0x0f3f || ch >= 0x0f71 && ch <= 0x0f84 || ch == 0x0f86 || ch == 0x0f87 || ch >= 0x0f8d && ch <= 0x0f97 || ch >= 0x0f99 && ch <= 0x0fbc || ch == 0x0fc6 || ch >= 0x102b && ch <= 0x103e || ch >= 0x1040 && ch <= 0x1049 || ch >= 0x1056 && ch <= 0x1059 || ch >= 0x105e && ch <= 0x1060 || ch >= 0x1062 && ch <= 0x1064 || ch >= 0x1067 && ch <= 0x106d || ch >= 0x1071 && ch <= 0x1074 || ch >= 0x1082 && ch <= 0x108d || ch >= 0x108f && ch <= 0x109d || ch >= 0x135d && ch <= 0x135f || ch >= 0x1369 && ch <= 0x1371 || ch >= 0x1712 && ch <= 0x1714 || ch >= 0x1732 && ch <= 0x1734 || ch == 0x1752 || ch == 0x1753 || ch == 0x1772 || ch == 0x1773 || ch >= 0x17b4 && ch <= 0x17d3 || ch == 0x17dd || ch >= 0x17e0 && ch <= 0x17e9 || ch >= 0x180b && ch <= 0x180d || ch >= 0x1810 && ch <= 0x1819 || ch == 0x18a9 || ch >= 0x1920 && ch <= 0x192b || ch >= 0x1930 && ch <= 0x193b || ch >= 0x1946 && ch <= 0x194f || ch >= 0x19d0 && ch <= 0x19da || ch >= 0x1a17 && ch <= 0x1a1b || ch >= 0x1a55 && ch <= 0x1a5e || ch >= 0x1a60 && ch <= 0x1a7c || ch >= 0x1a7f && ch <= 0x1a89 || ch >= 0x1a90 && ch <= 0x1a99 || ch >= 0x1ab0 && ch <= 0x1abd || ch >= 0x1b00 && ch <= 0x1b04 || ch >= 0x1b34 && ch <= 0x1b44 || ch >= 0x1b50 && ch <= 0x1b59 || ch >= 0x1b6b && ch <= 0x1b73 || ch >= 0x1b80 && ch <= 0x1b82 || ch >= 0x1ba1 && ch <= 0x1bad || ch >= 0x1bb0 && ch <= 0x1bb9 || ch >= 0x1be6 && ch <= 0x1bf3 || ch >= 0x1c24 && ch <= 0x1c37 || ch >= 0x1c40 && ch <= 0x1c49 || ch >= 0x1c50 && ch <= 0x1c59 || ch >= 0x1cd0 && ch <= 0x1cd2 || ch >= 0x1cd4 && ch <= 0x1ce8 || ch == 0x1ced || ch >= 0x1cf2 && ch <= 0x1cf4 || ch >= 0x1cf7 && ch <= 0x1cf9 || ch >= 0x1dc0 && ch <= 0x1df9 || ch >= 0x1dfb && ch <= 0x1dff || ch == 0x203f || ch == 0x2040 || ch == 0x2054 || ch >= 0x20d0 && ch <= 0x20dc || ch == 0x20e1 || ch >= 0x20e5 && ch <= 0x20f0 || ch >= 0x2cef && ch <= 0x2cf1 || ch == 0x2d7f || ch >= 0x2de0 && ch <= 0x2dff || ch >= 0x302a && ch <= 0x302f || ch == 0x3099 || ch == 0x309a || ch >= 0xa620 && ch <= 0xa629 || ch == 0xa66f || ch >= 0xa674 && ch <= 0xa67d || ch == 0xa69e || ch == 0xa69f || ch == 0xa6f0 || ch == 0xa6f1 || ch == 0xa802 || ch == 0xa806 || ch == 0xa80b || ch >= 0xa823 && ch <= 0xa827 || ch == 0xa880 || ch == 0xa881 || ch >= 0xa8b4 && ch <= 0xa8c5 || ch >= 0xa8d0 && ch <= 0xa8d9 || ch >= 0xa8e0 && ch <= 0xa8f1 || ch >= 0xa8ff && ch <= 0xa909 || ch >= 0xa926 && ch <= 0xa92d || ch >= 0xa947 && ch <= 0xa953 || ch >= 0xa980 && ch <= 0xa983 || ch >= 0xa9b3 && ch <= 0xa9c0 || ch >= 0xa9d0 && ch <= 0xa9d9 || ch == 0xa9e5 || ch >= 0xa9f0 && ch <= 0xa9f9 || ch >= 0xaa29 && ch <= 0xaa36 || ch == 0xaa43 || ch == 0xaa4c || ch == 0xaa4d || ch >= 0xaa50 && ch <= 0xaa59 || ch >= 0xaa7b && ch <= 0xaa7d || ch == 0xaab0 || ch >= 0xaab2 && ch <= 0xaab4 || ch == 0xaab7 || ch == 0xaab8 || ch == 0xaabe || ch == 0xaabf || ch == 0xaac1 || ch >= 0xaaeb && ch <= 0xaaef || ch == 0xaaf5 || ch == 0xaaf6 || ch >= 0xabe3 && ch <= 0xabea || ch == 0xabec || ch == 0xabed || ch >= 0xabf0 && ch <= 0xabf9 || ch == 0xfb1e || ch >= 0xfe00 && ch <= 0xfe0f || ch >= 0xfe20 && ch <= 0xfe2f || ch == 0xfe33 || ch == 0xfe34 || ch >= 0xfe4d && ch <= 0xfe4f || ch >= 0xff10 && ch <= 0xff19 || ch == 0xff3f;
+}
+
+// These are a run-length and offset encoded representation of the
+// >0xffff code points that are a valid part of identifiers. The
+// offset starts at 0x10000, and each pair of numbers represents an
+// offset to the next range, and then a size of the range. They were
+// generated by bin/generate-identifier-regex.js
+
+static uint32_t astralIdentifierStartCodes[] = { 0,11,2,25,2,18,2,1,2,14,3,13,35,122,70,52,268,28,4,48,48,31,14,29,6,37,11,29,3,35,5,7,2,4,43,157,19,35,5,35,5,39,9,51,157,310,10,21,11,7,153,5,3,0,2,43,2,1,4,0,3,22,11,22,10,30,66,18,2,1,11,21,11,25,71,55,7,1,65,0,16,3,2,2,2,28,43,28,4,28,36,7,2,27,28,53,11,21,11,18,14,17,111,72,56,50,14,50,14,35,349,41,7,1,79,28,11,0,9,21,107,20,28,22,13,52,76,44,33,24,27,35,30,0,3,0,9,34,4,0,13,47,15,3,22,0,2,0,36,17,2,24,85,6,2,0,2,3,2,14,2,9,8,46,39,7,3,1,3,21,2,6,2,1,2,4,4,0,19,0,13,4,159,52,19,3,21,2,31,47,21,1,2,0,185,46,42,3,37,47,21,0,60,42,14,0,72,26,230,43,117,63,32,7,3,0,3,7,2,1,2,23,16,0,2,0,95,7,3,38,17,0,2,0,29,0,11,39,8,0,22,0,12,45,20,0,35,56,264,8,2,36,18,0,50,29,113,6,2,1,2,37,22,0,26,5,2,1,2,31,15,0,328,18,190,0,80,921,103,110,18,195,2749,1070,4050,582,8634,568,8,30,114,29,19,47,17,3,32,20,6,18,689,63,129,74,6,0,67,12,65,1,2,0,29,6135,9,1237,43,8,8952,286,50,2,18,3,9,395,2309,106,6,12,4,8,8,9,5991,84,2,70,2,1,3,0,3,1,3,3,2,11,2,0,2,6,2,64,2,3,3,7,2,6,2,27,2,3,2,4,2,0,4,6,2,339,3,24,2,24,2,30,2,24,2,30,2,24,2,30,2,24,2,30,2,24,2,7,2357,44,11,6,17,0,370,43,1301,196,60,67,8,0,1205,3,2,26,2,1,2,0,3,0,2,9,2,3,2,0,2,0,7,0,5,0,2,0,2,0,2,2,2,1,2,0,3,0,2,0,2,0,2,0,2,0,2,1,2,0,3,3,2,6,2,3,2,3,2,0,2,9,2,16,6,2,2,4,2,16,4421,42717,35,4148,12,221,3,5761,15,7472,3104,541,1507,4938 };
+
+static uint32_t astralIdentifierCodes[] = { 509,0,227,0,150,4,294,9,1368,2,2,1,6,3,41,2,5,0,166,1,574,3,9,9,370,1,154,10,176,2,54,14,32,9,16,3,46,10,54,9,7,2,37,13,2,9,6,1,45,0,13,2,49,13,9,3,2,11,83,11,7,0,161,11,6,9,7,3,56,1,2,6,3,1,3,2,10,0,11,1,3,6,4,4,193,17,10,9,5,0,82,19,13,9,214,6,3,8,28,1,83,16,16,9,82,12,9,9,84,14,5,9,243,14,166,9,71,5,2,1,3,3,2,0,2,1,13,9,120,6,3,6,4,0,29,9,41,6,2,3,9,0,10,10,47,15,406,7,2,7,17,9,57,21,2,13,123,5,4,0,2,1,2,6,2,0,9,9,49,4,2,1,2,4,9,9,330,3,19306,9,135,4,60,6,26,9,1014,0,2,54,8,3,82,0,12,1,19628,1,5319,4,4,5,9,7,3,6,31,3,149,2,1418,49,513,54,5,49,9,0,15,0,23,4,2,14,1361,6,2,16,3,6,2,1,2,4,262,6,10,9,419,13,1495,6,110,6,6,9,4759,9,787719,239 };
+
+// This has a complexity linear to the value of the code. The
+// assumption is that looking up astral identifier characters is
+// rare.
+bool isInAstralIdentifierStartCodes (uint32_t code) {
+  uint32_t cur = 0x10000;
+  for (unsigned int i = 0; i < sizeof(astralIdentifierStartCodes) / sizeof(uint32_t); i += 2) {
+    cur += astralIdentifierStartCodes[i];
+    if (cur > code)
+      return false;
+    cur += astralIdentifierStartCodes[i + 1];
+    if (cur >= code)
+      return true;
+  }
+  return false;
+}
+
+bool isInAstralIdentifierCodes (uint32_t code) {
+  uint32_t cur = 0x10000;
+  for (unsigned int i = 0; i < sizeof(astralIdentifierCodes) / sizeof(uint32_t); i += 2) {
+    cur += astralIdentifierCodes[i];
+    if (cur > code)
+      return false;
+    cur += astralIdentifierCodes[i + 1];
+    if (cur >= code)
+      return true;
+  }
+  return false;
+}
+
+// Test whether a given character code starts an identifier.
+bool isIdentifierStart(uint32_t code) {
+  if (code < 65) return code == 36;
+  if (code < 91) return true;
+  if (code < 97) return code == 95;
+  if (code < 123) return true;
+  if (code <= 0xffff) return code >= 0xaa && isNonASCIIidentifierStartChar(code);
+  return isInAstralIdentifierStartCodes(code);
+}
+
+// Test whether a given character is part of an identifier.
+
+bool isIdentifierChar(uint32_t code) {
+  if (code < 48) return code == 36;
+  if (code < 58) return true;
+  if (code < 65) return false;
+  if (code < 91) return true;
+  if (code < 97) return code == 95;
+  if (code < 123) return true;
+  if (code <= 0xffff) return code >= 0xaa && isNonASCIIidentifierChar(code);
+  return isInAstralIdentifierStartCodes(code) || isInAstralIdentifierCodes(code);
+}
+
+inline int charCodeByteLen(uint32_t ch) {
+  if (ch < 0x10000) return 1;
+  return 2;
+}
+
+uint32_t fullCharCodeAtLast(uint16_t* bPos) {
+  // Gives the UTF char for backtracking surrogates
+  uint16_t ch = *bPos;
+  if ((ch & 0xFC00) == 0xDC00)
+    return (((*(bPos - 1) & 0x3FF) << 10) | (ch & 0x3FF)) + 0x10000;
+  return ch;
+}
+
+uint32_t fullCharCode(uint16_t ch) {
+  // Read UTF Surrogates if necessary
+  if ((ch & 0xFC00) == 0xD800)
+    return (((ch & 0x3FF) << 10) | (*(pos + 1) & 0x3FF)) + 0x10000;
+  return ch;
+}
+
+bool identifier (uint16_t startCh) {
+  uint32_t ch = fullCharCode(startCh);
+  if (!isIdentifierStart(ch) && ch != '\\')
+    return false;
+  pos += charCodeByteLen(ch);
+  while (ch = fullCharCode(*pos)) {
+    if (isIdentifierChar(ch)) {
+      pos += charCodeByteLen(ch);
+    }
+    else if (ch == '\\') {
+      // no identifier escapes support for now
+      return false;
+    }
+    else {
+      break;
+    }
+  }
+  return true;
+}
+
+void throwIfImportStatement () {
+  uint16_t* startPos = pos;
+  pos += 6;
+  uint16_t ch = commentWhitespace();
+  switch (ch) {
+    // dynamic import
+    case '(':
+      openTokenPosStack[openTokenDepth++] = startPos;
+      return;
+    // import.meta
+    case '.':
+      syntaxError(5);
+      return;
+    
+    default:
+      // no space after "import" -> not an import keyword
+      if (pos == startPos + 6)
+        break;
+    case '"':
+    case '\'':
+    case '{':
+    case '*':
+      // import statement only permitted at base-level
+      if (openTokenDepth != 0) {
+        pos--;
+        return;
+      }
+      // import statements are a syntax error in CommonJS
+      syntaxError(6);
+  }
+}
+
+void throwIfExportStatement () {
+  pos += 6;
+  uint16_t* curPos = pos;
+  uint16_t ch = commentWhitespace();
+  if (pos == curPos && !isPunctuator(ch))
+    return;
+  syntaxError(7);
+}
+
+uint16_t commentWhitespace () {
+  uint16_t ch;
+  do {
+    ch = *pos;
+    if (ch == '/') {
+      uint16_t next_ch = *(pos + 1);
+      if (next_ch == '/')
+        lineComment();
+      else if (next_ch == '*')
+        blockComment();
+      else
+        return ch;
+    }
+    else if (!isBrOrWs(ch)) {
+      return ch;
+    }
+  } while (pos++ < end);
+  return ch;
+}
+
+void templateString () {
+  while (pos++ < end) {
+    uint16_t ch = *pos;
+    if (ch == '$' && *(pos + 1) == '{') {
+      pos++;
+      templateStack[templateStackDepth++] = templateDepth;
+      templateDepth = ++openTokenDepth;
+      return;
+    }
+    if (ch == '`')
+      return;
+    if (ch == '\\')
+      pos++;
+  }
+  syntaxError(8);
+}
+
+void blockComment () {
+  pos++;
+  while (pos++ < end) {
+    uint16_t ch = *pos;
+    if (ch == '*' && *(pos + 1) == '/') {
+      pos++;
+      return;
+    }
+  }
+}
+
+void lineComment () {
+  while (pos++ < end) {
+    uint16_t ch = *pos;
+    if (ch == '\n' || ch == '\r')
+      return;
+  }
+}
+
+void stringLiteral (uint16_t quote) {
+  while (pos++ < end) {
+    uint16_t ch = *pos;
+    if (ch == quote)
+      return;
+    if (ch == '\\') {
+      ch = *++pos;
+      if (ch == '\r' && *(pos + 1) == '\n')
+        pos++;
+    }
+    else if (isBr(ch))
+      break;
+  }
+  syntaxError(9);
+}
+
+uint16_t regexCharacterClass () {
+  while (pos++ < end) {
+    uint16_t ch = *pos;
+    if (ch == ']')
+      return ch;
+    if (ch == '\\')
+      pos++;
+    else if (ch == '\n' || ch == '\r')
+      break;
+  }
+  syntaxError(10);
+  return '\0';
+}
+
+void regularExpression () {
+  while (pos++ < end) {
+    uint16_t ch = *pos;
+    if (ch == '/')
+      return;
+    if (ch == '[')
+      ch = regexCharacterClass();
+    else if (ch == '\\')
+      pos++;
+    else if (ch == '\n' || ch == '\r')
+      break;
+  }
+  syntaxError(11);
+}
+
+uint16_t readToWsOrPunctuator (uint16_t ch) {
+  do {
+    if (isBrOrWs(ch) || isPunctuator(ch))
+      return ch;
+  } while (ch = *(++pos));
+  return ch;
+}
+
+// Note: non-asii BR and whitespace checks omitted for perf / footprint
+// if there is a significant user need this can be reconsidered
+bool isBr (uint16_t c) {
+  return c == '\r' || c == '\n';
+}
+
+bool isBrOrWs (uint16_t c) {
+  return c > 8 && c < 14 || c == 32 || c == 160;
+}
+
+bool isBrOrWsOrPunctuatorNotDot (uint16_t c) {
+  return c > 8 && c < 14 || c == 32 || c == 160 || isPunctuator(c) && c != '.';
+}
+
+bool str_eq2 (uint16_t* pos, uint16_t c1, uint16_t c2) {
+  return *pos == c1 && *(pos + 1) == c2;
+}
+
+bool str_eq3 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3;
+}
+
+bool str_eq4 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3 && *(pos + 3) == c4;
+}
+
+bool str_eq5 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3 && *(pos + 3) == c4 && *(pos + 4) == c5;
+}
+
+bool str_eq6 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3 && *(pos + 3) == c4 && *(pos + 4) == c5 && *(pos + 5) == c6;
+}
+
+bool str_eq7 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3 && *(pos + 3) == c4 && *(pos + 4) == c5 && *(pos + 5) == c6 && *(pos + 6) == c7;
+}
+
+bool str_eq8 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3 && *(pos + 3) == c4 && *(pos + 4) == c5 && *(pos + 5) == c6 && *(pos + 6) == c7 && *(pos + 7) == c8;
+}
+
+bool str_eq9 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8, uint16_t c9) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3 && *(pos + 3) == c4 && *(pos + 4) == c5 && *(pos + 5) == c6 && *(pos + 6) == c7 && *(pos + 7) == c8 && *(pos + 8) == c9;
+}
+
+bool str_eq10 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8, uint16_t c9, uint16_t c10) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3 && *(pos + 3) == c4 && *(pos + 4) == c5 && *(pos + 5) == c6 && *(pos + 6) == c7 && *(pos + 7) == c8 && *(pos + 8) == c9 && *(pos + 9) == c10;
+}
+
+bool str_eq13 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8, uint16_t c9, uint16_t c10, uint16_t c11, uint16_t c12, uint16_t c13) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3 && *(pos + 3) == c4 && *(pos + 4) == c5 && *(pos + 5) == c6 && *(pos + 6) == c7 && *(pos + 7) == c8 && *(pos + 8) == c9 && *(pos + 9) == c10 && *(pos + 10) == c11 && *(pos + 11) == c12 && *(pos + 12) == c13;
+}
+
+bool str_eq18 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8, uint16_t c9, uint16_t c10, uint16_t c11, uint16_t c12, uint16_t c13, uint16_t c14, uint16_t c15, uint16_t c16, uint16_t c17, uint16_t c18) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3 && *(pos + 3) == c4 && *(pos + 4) == c5 && *(pos + 5) == c6 && *(pos + 6) == c7 && *(pos + 7) == c8 && *(pos + 8) == c9 && *(pos + 9) == c10 && *(pos + 10) == c11 && *(pos + 11) == c12 && *(pos + 12) == c13 && *(pos + 13) == c14 && *(pos + 14) == c15 && *(pos + 15) == c16 && *(pos + 16) == c17 && *(pos + 17) == c18;
+}
+
+bool str_eq22 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7, uint16_t c8, uint16_t c9, uint16_t c10, uint16_t c11, uint16_t c12, uint16_t c13, uint16_t c14, uint16_t c15, uint16_t c16, uint16_t c17, uint16_t c18, uint16_t c19, uint16_t c20, uint16_t c21, uint16_t c22) {
+  return *pos == c1 && *(pos + 1) == c2 && *(pos + 2) == c3 && *(pos + 3) == c4 && *(pos + 4) == c5 && *(pos + 5) == c6 && *(pos + 6) == c7 && *(pos + 7) == c8 && *(pos + 8) == c9 && *(pos + 9) == c10 && *(pos + 10) == c11 && *(pos + 11) == c12 && *(pos + 12) == c13 && *(pos + 13) == c14 && *(pos + 14) == c15 && *(pos + 15) == c16 && *(pos + 16) == c17 && *(pos + 17) == c18 && *(pos + 18) == c19 && *(pos + 19) == c20 && *(pos + 20) == c21 && *(pos + 21) == c22;
+}
+
+bool keywordStart (uint16_t* pos) {
+  return pos == source || isBrOrWsOrPunctuatorNotDot(*(pos - 1));
+}
+
+bool readPrecedingKeyword1 (uint16_t* pos, uint16_t c1) {
+  if (pos < source) return false;
+  return *pos == c1 && (pos == source || isBrOrWsOrPunctuatorNotDot(*(pos - 1)));
+}
+bool readPrecedingKeyword2 (uint16_t* pos, uint16_t c1, uint16_t c2) {
+  if (pos - 1 < source) return false;
+  return str_eq2(pos - 1, c1, c2) && (pos - 1 == source || isBrOrWsOrPunctuatorNotDot(*(pos - 2)));
+}
+bool readPrecedingKeyword3 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3) {
+  if (pos - 2 < source) return false;
+  return str_eq3(pos - 2, c1, c2, c3) && (pos - 2 == source || isBrOrWsOrPunctuatorNotDot(*(pos - 3)));
+}
+bool readPrecedingKeyword4 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4) {
+  if (pos - 3 < source) return false;
+  return str_eq4(pos - 3, c1, c2, c3, c4) && (pos - 3 == source || isBrOrWsOrPunctuatorNotDot(*(pos - 4)));
+}
+bool readPrecedingKeyword5 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5) {
+  if (pos - 4 < source) return false;
+  return str_eq5(pos - 4, c1, c2, c3, c4, c5) && (pos - 4 == source || isBrOrWsOrPunctuatorNotDot(*(pos - 5)));
+}
+bool readPrecedingKeyword6 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6) {
+  if (pos - 5 < source) return false;
+  return str_eq6(pos - 5, c1, c2, c3, c4, c5, c6) && (pos - 5 == source || isBrOrWsOrPunctuatorNotDot(*(pos - 6)));
+}
+bool readPrecedingKeyword7 (uint16_t* pos, uint16_t c1, uint16_t c2, uint16_t c3, uint16_t c4, uint16_t c5, uint16_t c6, uint16_t c7) {
+  if (pos - 6 < source) return false;
+  return str_eq7(pos - 6, c1, c2, c3, c4, c5, c6, c7) && (pos - 6 == source || isBrOrWsOrPunctuatorNotDot(*(pos - 7)));
+}
+
+// Detects one of case, debugger, delete, do, else, in, instanceof, new,
+//   return, throw, typeof, void, yield ,await
+bool isExpressionKeyword (uint16_t* pos) {
+  switch (*pos) {
+    case 'd':
+      switch (*(pos - 1)) {
+        case 'i':
+          // void
+          return readPrecedingKeyword2(pos - 2, 'v', 'o');
+        case 'l':
+          // yield
+          return readPrecedingKeyword3(pos - 2, 'y', 'i', 'e');
+        default:
+          return false;
+      }
+    case 'e':
+      switch (*(pos - 1)) {
+        case 's':
+          switch (*(pos - 2)) {
+            case 'l':
+              // else
+              return readPrecedingKeyword1(pos - 3, 'e');
+            case 'a':
+              // case
+              return readPrecedingKeyword1(pos - 3, 'c');
+            default:
+              return false;
+          }
+        case 't':
+          // delete
+          return readPrecedingKeyword4(pos - 2, 'd', 'e', 'l', 'e');
+        default:
+          return false;
+      }
+    case 'f':
+      if (*(pos - 1) != 'o' || *(pos - 2) != 'e')
+        return false;
+      switch (*(pos - 3)) {
+        case 'c':
+          // instanceof
+          return readPrecedingKeyword6(pos - 4, 'i', 'n', 's', 't', 'a', 'n');
+        case 'p':
+          // typeof
+          return readPrecedingKeyword2(pos - 4, 't', 'y');
+        default:
+          return false;
+      }
+    case 'n':
+      // in, return
+      return readPrecedingKeyword1(pos - 1, 'i') || readPrecedingKeyword5(pos - 1, 'r', 'e', 't', 'u', 'r');
+    case 'o':
+      // do
+      return readPrecedingKeyword1(pos - 1, 'd');
+    case 'r':
+      // debugger
+      return readPrecedingKeyword7(pos - 1, 'd', 'e', 'b', 'u', 'g', 'g', 'e');
+    case 't':
+      // await
+      return readPrecedingKeyword4(pos - 1, 'a', 'w', 'a', 'i');
+    case 'w':
+      switch (*(pos - 1)) {
+        case 'e':
+          // new
+          return readPrecedingKeyword1(pos - 2, 'n');
+        case 'o':
+          // throw
+          return readPrecedingKeyword3(pos - 2, 't', 'h', 'r');
+        default:
+          return false; 
+      }
+  }
+  return false;
+}
+
+bool isParenKeyword (uint16_t* curPos) {
+  return readPrecedingKeyword5(curPos, 'w', 'h', 'i', 'l', 'e') ||
+      readPrecedingKeyword3(curPos, 'f', 'o', 'r') ||
+      readPrecedingKeyword2(curPos, 'i', 'f');
+}
+
+bool isPunctuator (uint16_t ch) {
+  // 23 possible punctuator endings: !%&()*+,-./:;<=>?[]^{}|~
+  return ch == '!' || ch == '%' || ch == '&' ||
+    ch > 39 && ch < 48 || ch > 57 && ch < 64 ||
+    ch == '[' || ch == ']' || ch == '^' ||
+    ch > 122 && ch < 127;
+}
+
+bool isExpressionPunctuator (uint16_t ch) {
+  // 20 possible expression endings: !%&(*+,-.:;<=>?[^{|~
+  return ch == '!' || ch == '%' || ch == '&' ||
+    ch > 39 && ch < 47 && ch != 41 || ch > 57 && ch < 64 ||
+    ch == '[' || ch == '^' || ch > 122 && ch < 127 && ch != '}';
+}
+
+bool isExpressionTerminator (uint16_t* curPos) {
+  // detects:
+  // > ; ) -1 finally catch
+  // as all of these followed by a { will indicate a statement brace
+  switch (*curPos) {
+    case '>':
+      return *(curPos - 1) == '=';
+    case ';':
+    case ')':
+      return true;
+    case 'h':
+      return readPrecedingKeyword4(curPos - 1, 'c', 'a', 't', 'c');
+    case 'y':
+      return readPrecedingKeyword6(curPos - 1, 'f', 'i', 'n', 'a', 'l', 'l');
+    case 'e':
+      return readPrecedingKeyword3(curPos - 1, 'e', 'l', 's');
+  }
+  return false;
+}
+
+void bail (uint32_t err) {
+  error = 1;
+  parse_error = err;
+  pos = end + 1;
+}
+
+void syntaxError (uint32_t code) {
+  if (error == 0) error = code;
+  parse_error = pos - source;
+  pos = end + 1;
+}
diff --git a/deps/cjs-module-lexer/dist/lexer-external.mjs b/deps/cjs-module-lexer/src/src/lexer.js
old mode 100644
new mode 100755
similarity index 84%
rename from deps/cjs-module-lexer/dist/lexer-external.mjs
rename to deps/cjs-module-lexer/src/src/lexer.js
index 89450a3b60b4a1..1fc557dd1ef17a
--- a/deps/cjs-module-lexer/dist/lexer-external.mjs
+++ b/deps/cjs-module-lexer/src/src/lexer.js
@@ -1,104 +1,119 @@
-let wasm;
-
-const isLE = new Uint8Array(new Uint16Array([1]).buffer)[0] === 1;
-
-export function parse (source, name = '@') {
-  if (!wasm)
-    throw new Error('Not initialized');
-
-  const len = source.length + 1;
-
-  // need 2 bytes per code point plus analysis space so we double again
-  const extraMem = (wasm.__heap_base.value || wasm.__heap_base) + len * 4 - wasm.memory.buffer.byteLength;
-  if (extraMem > 0)
-    wasm.memory.grow(Math.ceil(extraMem / 65536));
-    
-  const addr = wasm.sa(len);
-  (isLE ? copyLE : copyBE)(source, new Uint16Array(wasm.memory.buffer, addr, len));
-
-  const err_code = wasm.parseCJS(addr, source.length, 0, 0, 0);
-
-  if (err_code) {
-    const err = new Error(`Parse error ${name}${wasm.e()}:${source.slice(0, wasm.e()).split('\n').length}:${wasm.e() - source.lastIndexOf('\n', wasm.e() - 1)}`);
-    Object.assign(err, { idx: wasm.e() });
-    if (err_code === 5 || err_code === 6 || err_code === 7)
-      Object.assign(err, { code: 'ERR_LEXER_ESM_SYNTAX' });
-    throw err;
-  }
-
-  let exports = new Set(), reexports = new Set(), unsafeGetters = new Set();
-  
-  while (wasm.rre()) {
-    const reexptStr = decode(source.slice(wasm.res(), wasm.ree()));
-    if (reexptStr)
-      reexports.add(reexptStr);
-  }
-  while (wasm.ru())
-    unsafeGetters.add(decode(source.slice(wasm.us(), wasm.ue())));
-  while (wasm.re()) {
-    let exptStr = decode(source.slice(wasm.es(), wasm.ee()));
-    if (exptStr !== undefined && !unsafeGetters.has(exptStr))
-      exports.add(exptStr);
-  }
-
-  return { exports: [...exports], reexports: [...reexports] };
-}
-
-function decode (str) {
-  if (str[0] === '"' || str[0] === '\'') {
-    try {
-      const decoded = (0, eval)(str);
-      // Filter to exclude non-matching UTF-16 surrogate strings
-      for (let i = 0; i < decoded.length; i++) {
-        const surrogatePrefix = decoded.charCodeAt(i) & 0xFC00;
-        if (surrogatePrefix < 0xD800) {
-          // Not a surrogate
-          continue;
-        }
-        else if (surrogatePrefix === 0xD800) {
-          // Validate surrogate pair
-          if ((decoded.charCodeAt(++i) & 0xFC00) !== 0xDC00)
-            return;
-        }
-        else {
-          // Out-of-range surrogate code (above 0xD800)
-          return;
-        }
-      }
-      return decoded;
-    }
-    catch {}
-  }
-  else {
-    return str;
-  }
-}
-
-function copyBE (src, outBuf16) {
-  const len = src.length;
-  let i = 0;
-  while (i < len) {
-    const ch = src.charCodeAt(i);
-    outBuf16[i++] = (ch & 0xff) << 8 | ch >>> 8;
-  }
-}
-
-function copyLE (src, outBuf16) {
-  const len = src.length;
-  let i = 0;
-  while (i < len)
-    outBuf16[i] = src.charCodeAt(i++);
-}
-
-let initPromise;
-export function init () {
-  if (initPromise)
-    return initPromise;
-  return initPromise = (async () => {
-    const compiled = await WebAssembly.compile(
-      (await import('node:fs')).readFileSync(new URL(import.meta.resolve('../lib/lexer.wasm')))
-    );
-    const { exports } = await WebAssembly.instantiate(compiled);
-    wasm = exports;
-  })();
-}
+let wasm;
+
+const isLE = new Uint8Array(new Uint16Array([1]).buffer)[0] === 1;
+
+export function parse (source, name = '@') {
+  if (!wasm)
+    throw new Error('Not initialized');
+
+  const len = source.length + 1;
+
+  // need 2 bytes per code point plus analysis space so we double again
+  const extraMem = (wasm.__heap_base.value || wasm.__heap_base) + len * 4 - wasm.memory.buffer.byteLength;
+  if (extraMem > 0)
+    wasm.memory.grow(Math.ceil(extraMem / 65536));
+    
+  const addr = wasm.sa(len);
+  (isLE ? copyLE : copyBE)(source, new Uint16Array(wasm.memory.buffer, addr, len));
+
+  const err_code = wasm.parseCJS(addr, source.length, 0, 0, 0);
+
+  if (err_code) {
+    const err = new Error(`Parse error ${name}${wasm.e()}:${source.slice(0, wasm.e()).split('\n').length}:${wasm.e() - source.lastIndexOf('\n', wasm.e() - 1)}`);
+    Object.assign(err, { idx: wasm.e() });
+    if (err_code === 5 || err_code === 6 || err_code === 7)
+      Object.assign(err, { code: 'ERR_LEXER_ESM_SYNTAX' });
+    throw err;
+  }
+
+  let exports = new Set(), reexports = new Set(), unsafeGetters = new Set();
+  
+  while (wasm.rre()) {
+    const reexptStr = decode(source.slice(wasm.res(), wasm.ree()));
+    if (reexptStr)
+      reexports.add(reexptStr);
+  }
+  while (wasm.ru())
+    unsafeGetters.add(decode(source.slice(wasm.us(), wasm.ue())));
+  while (wasm.re()) {
+    let exptStr = decode(source.slice(wasm.es(), wasm.ee()));
+    if (exptStr !== undefined && !unsafeGetters.has(exptStr))
+      exports.add(exptStr);
+  }
+
+  return { exports: [...exports], reexports: [...reexports] };
+}
+
+function decode (str) {
+  if (str[0] === '"' || str[0] === '\'') {
+    try {
+      const decoded = (0, eval)(str);
+      // Filter to exclude non-matching UTF-16 surrogate strings
+      for (let i = 0; i < decoded.length; i++) {
+        const surrogatePrefix = decoded.charCodeAt(i) & 0xFC00;
+        if (surrogatePrefix < 0xD800) {
+          // Not a surrogate
+          continue;
+        }
+        else if (surrogatePrefix === 0xD800) {
+          // Validate surrogate pair
+          if ((decoded.charCodeAt(++i) & 0xFC00) !== 0xDC00)
+            return;
+        }
+        else {
+          // Out-of-range surrogate code (above 0xD800)
+          return;
+        }
+      }
+      return decoded;
+    }
+    catch {}
+  }
+  else {
+    return str;
+  }
+}
+
+function copyBE (src, outBuf16) {
+  const len = src.length;
+  let i = 0;
+  while (i < len) {
+    const ch = src.charCodeAt(i);
+    outBuf16[i++] = (ch & 0xff) << 8 | ch >>> 8;
+  }
+}
+
+function copyLE (src, outBuf16) {
+  const len = src.length;
+  let i = 0;
+  while (i < len)
+    outBuf16[i] = src.charCodeAt(i++);
+}
+
+function getWasmBytes() {
+  const binary = 'WASM_BINARY';  // This string will be replaced by build.js.
+  if (typeof Buffer !== 'undefined')
+    return Buffer.from(binary, 'base64');
+  return Uint8Array.from(atob(binary), x => x.charCodeAt(0));
+}
+
+let initPromise;
+export function init () {
+  if (initPromise)
+    return initPromise;
+  return initPromise = (async () => {
+    const compiled = await WebAssembly.compile(getWasmBytes());
+    const { exports } = await WebAssembly.instantiate(compiled);
+    wasm = exports;
+  })();
+}
+
+export function initSync () {
+  if (wasm) {
+    return;
+  }
+  const compiled = new WebAssembly.Module(getWasmBytes());
+  const { exports } = new WebAssembly.Instance(compiled);
+  wasm = exports;
+  return;
+}
diff --git a/doc/api/esm.md b/doc/api/esm.md
index 3100d5756cd0c2..aea83fb712dfb7 100644
--- a/doc/api/esm.md
+++ b/doc/api/esm.md
@@ -1159,7 +1159,7 @@ resolution for ESM specifiers is [commonjs-extension-resolution-loader][].
 [`path.dirname()`]: path.md#pathdirnamepath
 [`process.dlopen`]: process.md#processdlopenmodule-filename-flags
 [`url.fileURLToPath()`]: url.md#urlfileurltopathurl-options
-[cjs-module-lexer]: https://github.com/nodejs/cjs-module-lexer/tree/1.2.2
+[cjs-module-lexer]: https://github.com/nodejs/cjs-module-lexer/tree/2.0.0
 [commonjs-extension-resolution-loader]: https://github.com/nodejs/loaders-test/tree/main/commonjs-extension-resolution-loader
 [custom https loader]: module.md#import-from-https
 [import.meta.resolve]: #importmetaresolvespecifier
diff --git a/src/cjs_module_lexer_version.h b/src/cjs_module_lexer_version.h
index 72a66ba9e9038f..da33536cce1b80 100644
--- a/src/cjs_module_lexer_version.h
+++ b/src/cjs_module_lexer_version.h
@@ -2,5 +2,5 @@
 // Refer to tools/dep_updaters/update-cjs-module-lexer.sh
 #ifndef SRC_CJS_MODULE_LEXER_VERSION_H_
 #define SRC_CJS_MODULE_LEXER_VERSION_H_
-#define CJS_MODULE_LEXER_VERSION "1.4.1"
+#define CJS_MODULE_LEXER_VERSION "2.0.0"
 #endif  // SRC_CJS_MODULE_LEXER_VERSION_H_
diff --git a/test/parallel/test-process-versions.js b/test/parallel/test-process-versions.js
index edf475d106e31e..b4a86c93a5b81c 100644
--- a/test/parallel/test-process-versions.js
+++ b/test/parallel/test-process-versions.js
@@ -4,7 +4,7 @@ const assert = require('assert');
 
 // Import of pure js (non-shared) deps for comparison
 const acorn = require('../../deps/acorn/acorn/package.json');
-const cjs_module_lexer = require('../../deps/cjs-module-lexer/package.json');
+const cjs_module_lexer = require('../../deps/cjs-module-lexer/src/package.json');
 
 const expected_keys = [
   'ares',
diff --git a/tools/dep_updaters/update-cjs-module-lexer.sh b/tools/dep_updaters/update-cjs-module-lexer.sh
index 44167e2f93e69a..1d12546ab45deb 100755
--- a/tools/dep_updaters/update-cjs-module-lexer.sh
+++ b/tools/dep_updaters/update-cjs-module-lexer.sh
@@ -27,7 +27,8 @@ console.log(name);
 EOF
 )"
 
-CURRENT_VERSION=$("$NODE" -p "require('./deps/cjs-module-lexer/package.json').version")
+
+CURRENT_VERSION=$("$NODE" -p "require('./deps/cjs-module-lexer/src/package.json').version")
 
 # This function exit with 0 if new version and current version are the same
 compare_dependency_version "cjs-module-lexer" "$NEW_VERSION" "$CURRENT_VERSION"
@@ -44,15 +45,53 @@ cleanup () {
 
 trap cleanup INT TERM EXIT
 
-cd "$WORKSPACE"
-
-"$NODE" "$NPM" init --yes
+CJS_MODULE_LEXER_ZIP="cjs-module-lexer-$NEW_VERSION"
 
-"$NODE" "$NPM" install --global-style --no-bin-links --ignore-scripts "cjs-module-lexer@$NEW_VERSION"
+# remove existing source and built files
+rm -rf "$DEPS_DIR/cjs-module-lexer/src"
+rm -rf "$DEPS_DIR/cjs-module-lexer/dist"
+rm "$DEPS_DIR/cjs-module-lexer/lexer.js"
 
-rm -rf "$DEPS_DIR/cjs-module-lexer"
+cd "$WORKSPACE"
 
-mv node_modules/cjs-module-lexer "$DEPS_DIR/cjs-module-lexer"
+curl -sL -o "$CJS_MODULE_LEXER_ZIP.zip" "https://github.com/nodejs/cjs-module-lexer/archive/refs/tags/$NEW_VERSION.zip"
+
+log_and_verify_sha256sum "cjs-module-lexer" "$CJS_MODULE_LEXER_ZIP.zip"
+
+echo "Unzipping..."
+unzip "$CJS_MODULE_LEXER_ZIP.zip" -d "src"
+mv "src/$CJS_MODULE_LEXER_ZIP" "$DEPS_DIR/cjs-module-lexer/src"
+rm "$CJS_MODULE_LEXER_ZIP.zip"
+cd "$ROOT"
+
+(
+  # remove components we don't need to keep in nodejs/deps
+  # these are files that we don't need to build from source
+  cd "$DEPS_DIR/cjs-module-lexer/src"
+  rm -rf bench
+  rm -rf .github || true 
+  rm -rf test
+  rm .gitignore
+  rm .travis.yml
+  rm CODE_OF_CONDUCT.md
+  rm CONTRIBUTING.md
+
+  # Rebuild components from source
+  rm lib/*.*
+  "$NODE" "$NPM" install --ignore-scripts
+  "$NODE" "$NPM" run build-wasm
+  "$NODE" "$NPM" run build
+  "$NODE" "$NPM" prune --production
+
+  # remove files we don't need in Node.js
+  rm -rf node_modules
+
+  # copy over the built files to the expected locations
+  mv dist ..
+  cp lexer.js ..
+  cp LICENSE ..
+  cp README.md ..
+)
 
 # update cjs_module_lexer_version.h
 cat > "$BASE_DIR/src/cjs_module_lexer_version.h" << EOL

From 82c46d5358869c690557bec164f6f41073897681 Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Mon, 24 Feb 2025 19:53:37 -0500
Subject: [PATCH 014/138] deps: update cjs-module-lexer to 2.1.0

PR-URL: https://github.com/nodejs/node/pull/57180
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
---
 deps/cjs-module-lexer/README.md             | 19 +++++++++++++++++++
 deps/cjs-module-lexer/dist/lexer.mjs        |  2 +-
 deps/cjs-module-lexer/src/README.md         | 19 +++++++++++++++++++
 deps/cjs-module-lexer/src/build/Makefile    | 21 ++++++++++++++++-----
 deps/cjs-module-lexer/src/package-lock.json |  4 ++--
 deps/cjs-module-lexer/src/package.json      |  2 +-
 src/cjs_module_lexer_version.h              |  2 +-
 7 files changed, 59 insertions(+), 10 deletions(-)

diff --git a/deps/cjs-module-lexer/README.md b/deps/cjs-module-lexer/README.md
index cc7ca50cc72243..addf5edc6b1193 100644
--- a/deps/cjs-module-lexer/README.md
+++ b/deps/cjs-module-lexer/README.md
@@ -456,6 +456,25 @@ If you need to build lib/lexer.wat (optional) you must first install
 [wabt](https://github.com/WebAssembly/wabt) as a sibling folder to this
 project. The wat file is then build by running `make lib/lexer.wat`
 
+### Creating a Release
+These are the steps to create and publish a release. You will need docker
+installed as well as having installed [wabt](https://github.com/WebAssembly/wabt)
+as outlined above:
+
+- [ ] Figure out if the release should be semver patch, minor or major based on the changes since
+  the last release and determine the new version.
+- [ ] Update the package.json version, and run a full build and test
+  - npm install
+  - npm run build
+  - npm run test
+- [ ] Commit and tag the changes, pushing up to main and the tag
+  - For example
+    - `git tag -a 1.4.2 -m "1.4.2"`
+    - `git push origin tag 1.4.2`
+- [ ] Create the GitHub release
+- [ ] Run npm publish from an account with access (asking somebody with access
+      the nodejs-foundation account is an option if you don't have access.
+      
 ### License
 
 MIT
diff --git a/deps/cjs-module-lexer/dist/lexer.mjs b/deps/cjs-module-lexer/dist/lexer.mjs
index 806bb46287259d..b6f5fb548bb73f 100644
--- a/deps/cjs-module-lexer/dist/lexer.mjs
+++ b/deps/cjs-module-lexer/dist/lexer.mjs
@@ -1,2 +1,2 @@
-/* cjs-module-lexer 2.0.0 */
+/* cjs-module-lexer 2.1.0 */
 let A;const B=1===new Uint8Array(new Uint16Array([1]).buffer)[0];export function parse(I,C="@"){if(!A)throw new Error("Not initialized");const w=I.length+1,D=(A.__heap_base.value||A.__heap_base)+4*w-A.memory.buffer.byteLength;D>0&&A.memory.grow(Math.ceil(D/65536));const G=A.sa(w);(B?g:E)(I,new Uint16Array(A.memory.buffer,G,w));const S=A.parseCJS(G,I.length,0,0,0);if(S){const B=new Error(`Parse error ${C}${A.e()}:${I.slice(0,A.e()).split("\n").length}:${A.e()-I.lastIndexOf("\n",A.e()-1)}`);throw Object.assign(B,{idx:A.e()}),5!==S&&6!==S&&7!==S||Object.assign(B,{code:"ERR_LEXER_ESM_SYNTAX"}),B}let R=new Set,o=new Set,H=new Set;for(;A.rre();){const B=Q(I.slice(A.res(),A.ree()));B&&o.add(B)}for(;A.ru();)H.add(Q(I.slice(A.us(),A.ue())));for(;A.re();){let B=Q(I.slice(A.es(),A.ee()));void 0===B||H.has(B)||R.add(B)}return{exports:[...R],reexports:[...o]}}function Q(A){if('"'!==A[0]&&"'"!==A[0])return A;try{const B=(0,eval)(A);for(let A=0;A<B.length;A++){const Q=64512&B.charCodeAt(A);if(!(Q<55296)){if(55296!==Q)return;if(56320!=(64512&B.charCodeAt(++A)))return}}return B}catch{}}function E(A,B){const Q=A.length;let E=0;for(;E<Q;){const Q=A.charCodeAt(E);B[E++]=(255&Q)<<8|Q>>>8}}function g(A,B){const Q=A.length;let E=0;for(;E<Q;)B[E]=A.charCodeAt(E++)}function I(){const A="AGFzbQEAAAABXA1gAX8Bf2ACf38AYAABf2AAAGABfwBgBn9/f39/fwF/YAJ/fwF/YAd/f39/f39/AX9gA39/fwF/YAh/f39/f39/fwF/YAV/f39/fwF/YAR/f39/AX9gBH9/f38AAzMyAQEBAwAABAUJBAAEBAMDAAcCAAAICgAFAAAGBQsHBgAAAAAIAAICAgICAgICAgIFDAYEBQFwAQUFBQMBAAEGCAF/AEHQmAILB1wOBm1lbW9yeQIAC19faGVhcF9iYXNlAwACc2EAJAFlACUCZXMAJgJlZQAnA3JlcwAoA3JlZQApAnVzACoCdWUAKwJyZQAsA3JyZQAtAnJ1AC4IcGFyc2VDSlMALwkKAQBBAQsEAAECAwrJkwEyDgAgACABQcgfQcAfEDALDgAgACABQdQfQcwfEDALDgAgACABQeAfQdgfEDALEgBBzB9BADYCAEHUH0EANgIAC8wBAQN/AkBBvKABKAIAIgNBAmpB5QBB8QBB9QBB6QBB8gBB5QAQEARAQbygASADQQ5qNgIAAkAQEUEoRw0AQbygAUG8oAEoAgBBAmo2AgAQESEBQbygASgCACECIAFBJ0cgAUEiR3ENACABEAxBvKABQbygASgCAEECaiIBNgIAEBFBKUcNAAJAIABBAWsOAgMDAAtBtKABKAIAIAI2AgBBtKABKAIAIAE2AgRBAQ8LQbygASADNgIAC0EADwsgAiABQaAfKAIAEQEAQQELGwAgAEGYHygCAEYEQEEBDwsgAEECay8BABAPC/8CAQV/QZgfKAIAIQQDQAJAIABBAmshASAALwEAIgJBIEcNACAAIARLIAEhAA0BCwsCQCACQT1HDQADQAJAIAFBAmshACABLwEAQSBHDQAgASAESyAAIQENAQsLIABBAmohASAAQQRqIQNBACECA0ACQCABLwEAIgBBgPgDcUGAuANGBEAgAEH/B3EgAUECay8BAEH/B3FBCnRyQYCABGohAAsgAEUgASAETXINACAAQdwARg0CIAAQEkUNACABQX5BfCAAQYCABEkbaiEBIAAQEyECDAELCyACQQFxRQ0AIAEvAQBBIEcNAEG0oAEoAgAiAkGwHygCAEYNACACIAM2AgwgAiABQQJqNgIIA0ACQCABQQJrIQAgAS8BACIDQSBHDQAgASAESyAAIQENAQsLAkACQAJAIANB8gBrDgMAAwEDCyAAQfYAQeEAEBQNAQwCCyAAQewAQeUAEBQNACAAQeMAQe8AQe4AQfMAEBVFDQELQbSgASACQRBqNgIACws7AQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUYhBgsgBgtPAQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZHDQAgAC8BDCAHRiEICyAIC7MFAQN/QbygAUG8oAEoAgAiAkEOajYCAAJAAkAQESIBQdsARwRAIAFBPUYNASABQS5HDQJBvKABQbygASgCAEECajYCABARQbygASgCACEBEBZFDQJBvKABKAIAIQAQEUE9Rw0CIAEgAEGcHygCABEBAA8LQbygAUG8oAEoAgBBAmo2AgAQESIAQSdHIABBIkdxDQFBvKABKAIAIAAQDEG8oAFBvKABKAIAQQJqIgA2AgAQEUHdAEcNAUG8oAFBvKABKAIAQQJqNgIAEBFBPUcNASAAQZwfKAIAEQEADAELIABFDQBBqB8oAgARAwBBvKABQbygASgCAEECajYCABARIgBB8gBHBEAgAEH7AEcNAUG8oAEoAgBBAmshAQJAAkADQEG8oAFBvKABKAIAIgBBAmo2AgAgAEHAoAEoAgBPDQIQESEAQbygASgCACECAkAgABAWBEBBvKABKAIAIQMQESIAQTpGBEBBvKABQbygASgCAEECajYCABAREBZFDQRBvKABKAIALwEAIQALIAIgA0GcHygCABEBAAwBCwJAIABBIkcEQCAAQS5GDQEgAEEnRw0EC0G8oAEoAgAgABAMQbygAUG8oAEoAgBBAmoiAzYCABARIgBBOkcNAUG8oAFBvKABKAIAQQJqNgIAEBEQFkUNA0G8oAEoAgAvAQAhACADQZwfKAIAEQEADAELQbygASgCACIALwECQS5HDQIgAC8BBEEuRw0CQbygASAAQQZqNgIAAkACQCAALwEGIgBB8gBGBH9BARAEQbygASgCACEADQEgAC8BAAUgAAtB//8DcRAWRQ0EDAELQbygASAAQQJqNgIACxARIQALIABB//8DcSIAQSxGDQALIABB/QBGDQELQbygASABNgIACw8LQQEQBBoLQbygASACQQxqNgIACywBAX8gAEGgAUYgAEEJayIBQRdNQQBBASABdEGfgIAEcRtyRQRAQQAPC0EBC0AAQfAfKAIARQRAQfAfIAA2AgALQbygASgCACEAQbygAUHAoAEoAgBBAmo2AgBB7B8gAEGYHygCAGtBAXU2AgALjAEBBH9BvKABKAIAIQFBwKABKAIAIQQCQANAAkAgASICQQJqIQEgAiAETw0AIAEvAQAiAyAARg0CIANB3ABHBEAgA0EKaw4EAQICAQILIAJBBGohASACLwEEQQ1HDQEgAkEGaiABIAIvAQZBCkYbIQEMAQsLQbygASABNgIAQQkQCw8LQbygASABNgIAC0oBA39BvKABKAIAQQJqIQFBwKABKAIAIQIDQAJAIAEiAEECayACTw0AIABBAmohASAALwEAQQprDgQAAQEAAQsLQbygASAANgIAC2EBAn9BvKABKAIAQQZqIQBBwKABKAIAIQEDQAJAAkAgASAAQQRrSwRAIABBAmsvAQBBKkcNAiAALwEAQS9HDQIMAQsgAEECayEAC0G8oAEgADYCAA8LIABBAmohAAwACwALNAEBfyAAQaABRiAAQQlrIgFBF01BAEEBIAF0QZ+AgARxG3JFBEAgABAiIABBLkdxDwtBAQtFAQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKIAZGIQcLIAcLaQEDf0G8oAEoAgAhAANAAkACQCAALwEAIgFBL0YEQCAALwECIgBBKkcEQCAAQS9HDQMQDQwCCxAODAELIAEQCkUNAQtBvKABQbygASgCACICQQJqIgA2AgAgAkHAoAEoAgBJDQELCyABC4ETAQR/IABBL00EQCAAQSRGDwsCQCAAQTpJDQACQCAAQcEASQ0AIABB2wBJDQEgAEHgAE0EQCAAQd8ARg8LIABB+wBJDQEgAEH//wNNBEAgAEGqAUkNAQJ/AkAgABAgIABBjMAAa0ECSXIgAEG3AUYgAEGABmtB8ABJcnIgAEGHB0YgAEGDCWtBBUlyIABBkQtrQS1JcnINAAJAAkAgAEG/C2siAUEJSUHtAiABdkEBcXENACAAQZAMa0ELSSAAQcsMa0EfSXINAiAAQfAMRiAAQeoNa0EESXIgAEHWDWsiAUESTUEAQQEgAXRB//wZcRtyIABBwA9rQQpJIABBpg9rQQtJciAAQZEORiAAQbAOa0EbSXJyciAAQfANa0EKSSAAQb4Sa0ESSXIgAEG6EmtBA0kgAEHjEWtBIUlyciAAQdMRa0EPSSAAQdkQa0EDSXIgAEGpEGtBBUkgAEGlEGtBA0lycnJyIABBmxBrQQlJIABBlhBrQQRJciAAQf0PRiAAQesPa0EJSXJycg0CAkAgAEHREmsiAUETTwRAIABB5hJrQQpJDQQMAQtB/4AYIAF2QQFxIABB5hJrQQpJcg0BCwJAAkAgAEG8E2sOKAIBAgICAgICAgEBAgIBAQICAgEBAQEBAQEBAQIBAQEBAQEBAQEBAgIACyAAQYETa0EDSQ0DCyAAQf4TRiAAQeYTa0EKSXINAiAAQfUURiAAQYEUa0EDSXIgAEG8FGsiAUEVTUEAQQEgAXRB/bCOAXEbciAAQeYUa0EMSXINAgJAAkAgAEG8FWsOKAIBAgICAgICAgIBAgICAQICAgEBAQEBAQEBAQEBAQEBAQEBAQEBAgIACyAAQYEVa0EDSQ0DCyAAQeYVa0EKSSAAQfoVa0EGSXINAgJAAkAgAEG8FmsOKAIBAgICAgICAgEBAgIBAQICAgEBAQEBAQEBAgIBAQEBAQEBAQEBAgIACyAAQYEWa0EDSQ0DCyAAQeYWa0EKSQ0CIABBghdGIABB5hdrQQpJciAAQb4XayIBQRlNQQBBASABdEGf7oMQcRtyDQICQAJAIABBvhhrDiYCAgICAgICAQICAgECAgICAQEBAQEBAQICAQEBAQEBAQEBAQECAgALIABBgBhrQQVJDQMLIABB5hhrQQpJDQICQAJAIABBvBlrDigCAQICAgICAgIBAgICAQICAgIBAQEBAQEBAgIBAQEBAQEBAQEBAQICAAsgAEGBGWtBA0kNAwsgAEHmGWtBCkkNAiAAQXxxIgFBgBpGDQICQCAAQbsaayICQSlPBEAgAEHmGmtBCkkNBAwBC0L7956AgTAgAq2Ip0EBcSAAQeYaa0EKSXINAQsgAEF4cUHYG0YgAEGCG2tBAklyIABByhtrIgJBDE1BAEEBIAJ0QeEvcRtyIABB5htrQQpJcg0CIABBsR1GIABB8htrQQJJciAAQbEcayICQR1NQQBBASACdEH5h4D+A3EbciAAQdAca0EKSXINAgJAIABBtB1rIgJBCU8EQCAAQcgda0EGSQ0EDAELQb8DIAJ2QQFxIABByB1rQQZJcg0BCyAAQaAea0EKSSAAQdAda0EKSXINAiAAQX5xIgJBmB5GDQIgAEG1HmsiA0ELSUGVDCADdkEBcXENACAAQY0fa0ELSSAAQfEea0EUSXIgAkGGH0YgAEGSLmtBA0lyciAAQekma0EJSSAAQd0ma0EDSXIgAEGPIWtBD0kgAEGCIWtBDElycnIgAEHxIGtBBEkgAEHnIGtBB0lyIABB4iBrQQNJIABB3iBrQQNJcnIgAEHWIGtBBEkgAEHAIGtBCklyIABBxh9GIABBqyBrQRRJcnJyciAAQZkfa0EkSSAAQbIua0EDSXIgAEHSLmtBAkkgAEHyLmtBAklyciAAQYswa0EDSSAAQeAva0EKSXIgAEHdL0YgAEG0L2tBIElycnIgAEHQOWtBA0kgAEFucUHAOGtBCklyIABBpDhrQRRJIABB5jdrQQ5JcnIgAEGwN2tBCkkgAEGhN2tBDUlyIABBgDdrQQNJIABB6zZrQQlJcnJycnIgAEHQNmtBCkkgAEG0NmtBEUlyIABBgDZrQQVJIABBsDVrQQ5JcnIgAEGQNWtBCkkgAEH/NGtBC0lyIABB4DRrQR1JIABB1TRrQQpJcnJyIABBlzRrQQVJIABB0DNrQQtJciAAQakxRiAAQcYya0EKSXJyIABBkDBrQQpJIABBbHFBoDJrQQxJciAAQcA7a0E6SSAAQfc5a0EDSXJycnIgAEHtOUYgAEHyOWtBA0lyIABB1DlrQRVJIABB+ztrQQVJcnJycg0CIABB4cEARiAAQeXBAGtBDElyIABBv8AAayICQRVNQQBBASACdEGDgIABcRtyIABB0MEAa0ENSSAAQe/ZAGtBA0lyIABB/9oARiAAQWBxQeDbAEZycnIgAEGq4ABrQQZJIABBmeEAa0ECSXIgAEHvzAJGIABB9MwCa0EKSXJyIABBoMwCa0EKSXJyDQIgAEGezQJrQQJJIABB8M0Ca0ECSXIgAEGL0AJrIgJBHE1BAEEBIAJ0QYGAgPgBcRtyDQICQAJAIABBgtACaw4FAgEBAQIACyAAQYDRAmtBAkkNAwsgAUGA0wJGIABBs9MCa0EOSXIgAEHH0gJrQQ1JIABBptICa0EISXJyIABB/9ECa0ELSSAAQeDRAmtBEklyIABBtNECa0ESSSAAQdDRAmtBCklycnIgAEHl0wJGIABBqdQCa0EOSXJyDQIgAEFecUHQ0wJrQQpJDQEgAEHQ1AJrQQpJIABBw9QCayIBQQpNQQBBASABdEGBDHEbcg0BIABB49cCayIBQQpNIAFBCEdxDQEgAEGw1QJrIgFBEU1BAEEBIAF0QZ2DC3EbDQEgAEH71AJrQQNJIABB69UCayIBQQtNQQBBASABdEGfGHEbcg0BIABBcHEiAUGA/ANGIABBnvYDRnINASAAQfDXAmtBCkkNACABQaD8A0YgAEGz/ANrQQJJciAAQc38A2tBA0lyIABBkP4Da0EKSXIgAEG//gNGcgwDC0EBDAILQQEMAQtBAQsPC0EBIQEgABAfDQBBACEBQYCABCEEQX4hA0GwFyECAkADQCADQQJqIgNB+QFLDQEgACACKAIAIARqIgRJBEBBACEBDAILIAJBBGohASACQQhqIQIgASgCACAEaiIEIABJDQALQQEhAQsgA0H6AUkgAXEhAQsgAQ8LQQELXQEBfyAAQcAATQRAIABBJEYPC0EBIQECQCAAQdsASQ0AIABB4ABNBEAgAEHfAEYPCyAAQfsASQ0AIABB//8DTQRAQQAhASAAQaoBSQ0BIAAQIA8LIAAQHyEBCyABC0YBA38CQCAAQQJrIgRBmB8oAgAiBUkNACAELwEAIAFHDQAgAC8BACACRw0AIAQgBUYEQEEBDwsgAEEEay8BABAPIQMLIAMLYAEDfwJAIABBBmsiBkGYHygCACIHSQ0AIAYvAQAgAUcNACAAQQRrLwEAIAJHDQAgAEECay8BACADRw0AIAAvAQAgBEcNACAGIAdGBEBBAQ8LIABBCGsvAQAQDyEFCyAFC3oBAX8gABAhIgEQEyEAAn8gAUHcAEcEQEEAIABFDQEaC0G8oAEoAgBBAkEEIAFBgIAESRtqIQACQANAQbygASAANgIAIAAvAQAQISIBRQ0BIAEQEgRAIABBAkEEIAFBgIAESRtqIQAMAQsLQQAgAUHcAEYNARoLQQELC5MBAQF/AkAgAC8BACABRw0AIAAvAQIgAkcNACAALwEEIANHDQAgAC8BBiAERw0AIAAvAQggBUcNACAALwEKQdAARw0AIAAvAQxB8gBHDQAgAC8BDkHvAEcNACAALwEQQfAARw0AIAAvARJB5QBHDQAgAC8BFEHyAEcNACAALwEWQfQARw0AIAAvARhB+QBGIQYLIAYLmwEBAn9BvKABKAIAIQECQCAAQe0ARgR/IAFBAmpB7wBB5ABB9QBB7ABB5QAQB0UNAUG8oAEgAUEMajYCABARQS5HBEAMAgtBvKABQbygASgCAEECajYCABARBSAAC0HlAEcNAEG8oAEoAgAiAEEOaiABIABBAmpB+ABB8ABB7wBB8gBB9ABB8wAQECICGyEBC0G8oAEgATYCACACC2wBAX8CQCAALwEAQe4ARw0AIAAvAQJB9QBHDQAgAC8BBEHtAEcNACAALwEGQeUARw0AIAAvAQhB8gBHDQAgAC8BCkHhAEcNACAALwEMQeIARw0AIAAvAQ5B7ABHDQAgAC8BEEHlAEYhAQsgAQvzAwEEfwJAEBFBzwBHDQBBvKABKAIAIgJBAmpB4gBB6gBB5QBB4wBB9AAQB0UNAEG8oAEgAkEMajYCABARQS5HDQBBvKABQbygASgCAEECajYCABARIgJB8ABGBH8CQEG8oAEoAgAiBEECaiICLwEAQfIARw0AIAIvAQJB7wBHDQAgAi8BBEH0AEcNACACLwEGQe8ARw0AIAIvAQhB9ABHDQAgAi8BCkH5AEcNACACLwEMQfAARw0AIAIvAQ5B5QBGIQMLIANFDQFBvKABIARBEmo2AgAQEUEuRw0BQbygAUG8oAEoAgBBAmo2AgAQEQUgAgtB6ABHDQBBvKABKAIAIgJBAmpB4QBB8wBBzwBB9wBB7gAQF0UNAEG8oAEgAkEcajYCABARQS5HDQBBvKABQbygASgCAEECajYCABARQeMARw0AQbygASgCACICLwECQeEARw0AIAIvAQRB7ABHDQAgAi8BBkHsAEcNAEG8oAEgAkEIajYCABARQShHDQBBvKABQbygASgCAEECajYCABAREBZFDQAQEUEsRw0AQbygAUG8oAEoAgBBAmo2AgAQERpBvKABKAIAIgIgACABQQF0IgAQIw0AQbygASAAIAJqNgIAEBFBKUcNAEG8oAFBvKABKAIAQQJqNgIAQQEhBQsgBQtDAQN/AkAgAEEIayIHQZgfKAIAIghJDQAgByABIAIgAyAEIAUQB0UNACAHIAhGBEBBAQ8LIABBCmsvAQAQDyEGCyAGC1MBA38CQCAAQQRrIgVBmB8oAgAiBkkNACAFLwEAIAFHDQAgAEECay8BACACRw0AIAAvAQAgA0cNACAFIAZGBEBBAQ8LIABBBmsvAQAQDyEECyAEC0UBA38CQCAAQQprIghBmB8oAgAiCUkNACAIIAEgAiADIAQgBSAGEBBFDQAgCCAJRgRAQQEPCyAAQQxrLwEAEA8hBwsgBws3AQJ/AkBBmB8oAgAiAyAASw0AIAAvAQAgAUcNACAAIANGBEBBAQ8LIABBAmsvAQAQDyECCyACC2YBBH9BgIAEIQFBfiEEQZAIIQICQANAIARBAmoiBEHnA0sNASAAIAIoAgAgAWoiAUkEQEEAIQMMAgsgAkEEaiEDIAJBCGohAiADKAIAIAFqIgEgAEkNAAtBASEDCyAEQegDSSADcQv/GwEFfwJAIABBxgVrQQxJIABB+AFrQcoDSXIgAEGqAWsiAUEQTUEAQQEgAXRBgZAEcRtyIABBwAFrQRdJIABB2AFrQR9JcnINACAAQfAGayIBQRxNQQBBASABdEHf+YK6AXEbDQAgAEGKCWtBpgFJIABB9wdrQYsBSXIgAEHgBWsiAUEOTUEAQQEgAXRBn6ABcRtyIABBjgdrQRRJIABBowdrQdMASXIgAEHvC2tBBEkgAEHQC2tBG0lycnINACAAQdkKRiAAQeAKa0EpSXIgAEGxCmtBJkkgAEHxDGtB4wBJcnIgAEGgDGtBK0lyDQAgAEF+cSIEQe4MRg0AAkACQAJAIABB1Q1rIgFBPE8EQCAAQZIOa0EeSQ0EDAELQoGAjLCAnIGACCABrYinQQFxIABBkg5rQR5Jcg0BCyAAQbEPRiAAQcoPa0EhSXIgAEHNDmtB2QBJcg0CIABBgBBrQRZJIABB9A9rIgFBBk1BAEEBIAF0QcMAcRtyDQICQAJAIABBpBBrDgUCAQEBAgALIABBmhBGDQMLIABBhBJrQTZJIABBthFrQQhJciAAQaARa0EVSSAAQcAQa0EZSXJyIABBvRJGIABB4BBrQQtJciAAQdASRiAAQdgSa0EKSXJycg0CIABB8RJrQRBJDQICQCAAQYUTayIBQQxPBEAgAEGTE2tBFkkNBAwBC0H/GSABdkEBcSAAQZMTa0EWSXINAQsgAEGqE2tBB0kgAEH8E2siAUEUTUEAQQEgAXRBgfzhAHEbcg0CIABBshNrIgFBHE1BAEEBIAF0QfGRgIABcRsNAiAAQZMUa0EWSSAAQdwTayIBQRVNQQBBASABdEG7gMABcRtyDQIgAEGqFGsiAUE1SUL/toOAgIDgCyABrYhCAYNQRXEgAEGTFWtBFkkgAEGPFWtBA0lyciAAQfIUa0EDSSAAQYUVa0EJSXJyDQICQAJAIABBqhVrDicCAgICAgICAQICAQICAgICAQEBAgEBAQEBAQEBAQEBAQEBAQEBAQIACyAAQeAVa0ECSSAAQfkVayIBQRdNQQBBASABdEGB4L8GcRtyDQMLIABBkxZrQRZJDQICQAJAIABB8RZrDjQCAQEBAQEBAQEBAQEBAQEBAQECAQICAgICAgEBAQICAgECAgICAQEBAgIBAgECAgEBAQICAAsgAEGqFmsiAUETTUEAQQEgAXRB//YjcRsNAyAAQdwWayIBQQVLDQAgAUECRw0DCyAAQagXa0EDSSAAQZIYa0EXSXIgAEGOGGtBA0kgAEGFGGtBCElyciAAQdAXRiAAQa4Xa0EMSXIgAEG9GEYgAEGqGGtBEElycnINAiAAQdgYayIBQSlJQoeGgICAICABrYhCAYNQRXEgAEGqGWtBCkkgAEGSGWtBF0lyciAAQYUZa0EISSAAQY4Za0EDSXJyDQIgAEGFGmsiAUELTSABQQhHcQ0CIABBtRlrIgFBCE1BAEEBIAF0QZ8CcRsNAiAAQb0aRiAAQZIaa0EpSXIgAEHeGWsiAUEUTUEAQQEgAXRBjYDgAHEbciAAQc4aRiAAQbMba0EJSXIgAEGaG2tBGEkgAEGFG2tBEklycnINAiAAQfoaa0EGSSAAQdQaa0EDSXIgAEHfGmtBA0lyDQIgAEG9G2siAUEKSUH5ByABdkEBcXENACAEQbIcRiAAQYEca0EwSXIgAEHAHGtBB0lyDQIgAEGBHWsiAUEMTUEAQQEgAXRByyVxGw0CIABBfHEiAUGUHUYgAEGZHWtBB0lyDQIgAEGhHWsiAkEmSULX7JuA+QUgAq2IQgGDUEVxIABBgCBrQStJIABBiB9rQQVJcnIgAEHJHmtBJElyDQIgAEF4cSIDQcAeRiAAQYAeRnIgAUHcHUZyDQICQCAAQb8gayICQShPBEAgAEHuIGtBA0kNBAwBC0KBgPjDxxggAq2Ip0EBcSAAQe4ga0EDSXINAQsgAEGOIUYgAEGgIWtBJklyIABBxyFGIABB9SBrQQ1JcnIgAEHNIUYgAEHKJGtBBElyIABB0CFrQStJIABB/CFrQc0CSXJycg0CIABB0CRrIgJBCUlB/wIgAnZBAXFxDQAgAEGyJWtBBEkgAEGQJWtBIUlyIABBiiVrQQRJIABB2iRrQQRJcnIgAEHgJGtBKUlyDQIgAEG4JWsiAkEJSUH/AiACdkEBcXENACAAQYAva0E0SSAAQe4ua0EDSXIgAEHgLmtBDUkgAEHALmtBEklyciAAQaAua0ESSSAAQY4ua0EESXIgAEGALmtBDUkgAEHuLWtBC0lycnINAiAAQaAta0HLAEkgAEGBLWtBGklyIABB7yxrQRFJIABBgShrQewESXJyIABB+CdrQQZJIABBoCdrQdYASXJyDQIgAEFwcSICQYAnRiAAQZgma0HDAElyIABBkiZrQQRJIABB2CVrQTlJcnIgAEHCJWtBBEkgAEHIJWtBD0lyIABB1y9GIABB3C9GcnJyDQIgAEGgMGtB2QBJIABBgDRrQRdJciAAQbAza0EaSSAAQYAza0EsSXJyIABB8DJrQQVJcg0CIABB0DJrQR5JIABBgDJrQR9JciAAQaoxRiAAQbAxa0HGAElyciAAQYAxa0EpSSAAQcU2a0EHSXIgAEGnNUYgAEGFNmtBL0lycnINASAAQaA0a0E1SSAAQek5a0EESXIgAEG9OWtBA0kgAEGQOWtBK0lyciAAQYA5a0EJSSAAQdo4a0EkSXIgAEHNOGtBA0kgAEGAOGtBJElycnINASAAQbo3a0EsSSAAQYM3a0EeSXIgBEGuN0ZyDQEgAEHuOWsiBUEJSUGPAyAFdkEBcXENACAAQcg+a0EGSSAAQaA+a0EmSXIgAEGYPmtBBkkgAEGAOmtBwAFJcnIgAEGAPGtBlgJJIABBgD9rQTVJciAAQd0+RiAAQd8+a0EfSXJycg0BIANB0D5GIABBfXFB2T5Gcg0BIABBtj9rIgNBCUlB/wIgA3ZBAXFxDQAgAEHyP2tBA0kgAEHgP2tBDUlyIAFB0D9GIABB1j9rQQZJcnIgAEHCP2tBA0kgAEHGP2tBB0lyIABB8cAARiAAQfY/a0EHSXJycg0BIABB/8AARiAAQZDBAGtBDUlyIABBgsIARiAAQYfCAEZyciAAQZXCAEYgAEGKwgBrQQpJcnINASAAQZjCAGsiA0ERSUG/oAUgA3ZBAXFxDQAgAUG8wgBGIABBqsIAa0EQSXINASAAQcXCAGsiA0EKSUGfBCADdkEBcXENACAAQeDYAGtBhQFJIABBsNgAa0EvSXIgAEHgwgBrQSlJIABBgNgAa0EvSXJyDQECQCAAQevZAGsiA0EJTwRAIABBgNoAa0EmSQ0DDAELQY8DIAN2QQFxIABBgNoAa0EmSXINAQsgAEGn2gBGIABBrdoARnIgAEGAygJrQY0CSSAAQdDJAmtBLklyciAAQYDAAmtBjQlJIABBgJwBa0HwowFJciACQfDjAEYgAEGA6ABrQbYzSXJycg0BIABBoOMAa0EbSSAAQbHiAGtB3gBJciABQfzhAEYgAEGF4gBrQStJcnIgAEGh4QBrQdoASSAAQZvhAGtBBUlyIABBweAAa0HWAEkgAEG44ABrQQVJcnJyDQEgAEGx4ABrQQVJIABBoeAAa0EJSXIgAEGF4ABrQQNJcg0BIABBZ3EiAUHA2wBrQQdJIAFBoNsAa0EHSXIgAEHv2gBGIABBgNsAa0EXSXJyIABBsNoAa0E4SSAAQYLRAmtBMklyIABBwNACa0E0SSAAQYzQAmtBF0lycnINASAAQYfQAmtBBEkgAEGD0AJrQQNJciAAQffPAmtBC0kgAEGLzwJrQS9JcnIgAEGizgJrQecASSAAQZfOAmtBCUlyIABBoM0Ca0HQAEkgAEH/zAJrQR9JcnJyDQEgAkGQzAJGIABBwMwCa0EvSXIgBEGqzAJGcg0BIABB8tECayIBQQ1JQb80IAF2QQFxcQ0AIABB4NICa0EdSSAAQYrSAmtBHElyIABBsNICa0EXSSAAQcTUAmtBCElyciAAQcDUAmtBA0kgAEGA1AJrQSlJciAAQfrTAmtBBUkgAEHm0wJrQQpJcnJyDQEgAEHP0wJGIABB4NMCa0EFSXIgAEGE0wJrQS9JIABB/tQCa0EySXJyIABB+tQCRiAAQeDUAmtBF0lycg0BIABBsdUCayIBQRJJQbG+CiABdkEBcXENACAAQYD2A2tBB0kgAEHw9ANrQeoASXIgAEGA8gNrQe4CSSAAQcuvA2tBMUlyciAAQbCvA2tBF0kgAEGA2AJrQaTXAElyIABB8NYCa0HzAEkgAEHc1gJrQQpJcnJyDQEgAEGw1gJrQStJDQEgAEF3cSIBQaDWAmtBB0kgAEGR1gJrQQZJciABQYHWAmtBBkkgAEHy1QJrQQNJcnIgAEHb1QJrQQNJIABB4NUCa0ELSXJyDQEgAEGT9gNrIgFBC0lBnwggAXZBAXFxDQAgAEGf9gNrQQpJIABBqvYDa0ENSXINASAAQbj2A2siAUENSUHfNiABdkEBcXENACAAQdL/A2tBBkkgAEF2cUHC/wNrQQZJciAAQeb+A2tB2QBJIABBwf4Da0EaSXJyIABBof4Da0EaSSAAQfb8A2tBhwFJciAAQfD8A2tBBUkgAEHw+wNrQQxJcnJyDQEgAEGS+wNrQTZJIABB0PoDa0HAAElyIABBxvYDa0HsAElyDQEgAEHT9wNrQesCSQ0AIABB2v8Da0EDSQ8LQQEPC0EBDwtBAQsyACAAQYD4A3FBgLADRgR/IABBCnRBgPg/cUG8oAEoAgAvAQJB/wdxckGAgARqBSAACwtdAQF/AkAgAEH4/wNxQShGIABBIWsiAUEFTUEAQQEgAXRBMXEbckUEQCAAQTprIgFB//8DcUElT0K/gICAoAMgAa2IQgGDUHINAQtBAQ8LIABB+wBrQf//A3FBBEkLQwEDfwJAIAJFDQADQCAALQAAIgQgAS0AACIFRgRAIAFBAWohASAAQQFqIQAgAkEBayICDQEMAgsLIAQgBWshAwsgAwt4AQF/QZgfKAIAIgEgAEEBdGoiAEEAOwEAQeQfIABBAmoiADYCAEHoHyAANgIAQcAfQQA2AgBByB9BADYCAEHEH0EANgIAQcwfQQA2AgBB1B9BADYCAEHQH0EANgIAQdgfQQA2AgBB4B9BADYCAEHcH0EANgIAIAELCABB7B8oAgALFQBBxB8oAgAoAgBBmB8oAgBrQQF1CxUAQcQfKAIAKAIEQZgfKAIAa0EBdQsVAEHQHygCACgCAEGYHygCAGtBAXULFQBB0B8oAgAoAgRBmB8oAgBrQQF1CxUAQdwfKAIAKAIAQZgfKAIAa0EBdQsVAEHcHygCACgCBEGYHygCAGtBAXULCgBBwB9BxB8QMQsKAEHMH0HQHxAxCwoAQdgfQdwfEDEL0UEBBX8Cf0GAwAAgATYCAEGYHyAANgIAIAIEQEGcHyACNgIACyADBEBBoB8gAzYCAAsgBARAQaQfIAQ2AgALQYjAAEH//wM7AQBBoOAAQaDAADYCAEGwoAFBsOAANgIAQbSgAUGAIDYCAEGMwABBrB8oAgA2AgBBvKABIABBAmsiAjYCAEHAoAEgAiABQQF0aiIDNgIAQYbAAEEAOwEAQYTAAEEAOwEAQZDAAEEAOgAAQewfQQA2AgBB8B9BADYCAEG4oAFBADoAAAJAAkAgAC8BAEEjRw0AIAAvAQJBIUcNAEEAIQIgAUECRg0BIABBBGohAANAIAAiAkECayADTw0BIABBAmohACACLwEAQQprDgQBAAABAAsACwNAQbygASACQQJqIgA2AgACQAJAAkAgAiADSQRAIAAvAQAiA0EJayIBQRdNQQBBASABdEGfgIAEcRsNAwJAAkACQAJAAkACQAJAAkACQAJAAkACQAJAQYbAAC8BACIFRQRAAkACQAJAIANB3wBrDg8CEBMTBhMFExMTARMTEwQACwJAIANBJ2sOCQ4ICRMTExMTDwALAkAgA0H7AGsOAwsTDAALIANBIkYNDSADQc8ARg0GIANB8gBHDRICQEEAEARFDQAgABAFRQ0AIAIQBgtBjMAAQbygASgCADYCAAwTCwJAIAJBBGpB7QBB8ABB7wBB8gBB9AAQB0UNACAAEAVFDQBBvKABQbygASgCACIBQQxqIgA2AgACQAJAAkACQAJAAkACQBARIgJBJ2sOCAIDAQIBAQEEAAsgAkEiRiACQfsARnINAQtBvKABKAIAIABGDQQLQYbAAC8BAEUNAkG8oAFBvKABKAIAQQJrNgIADAMLQYbAAEGGwAAvAQAiAEEBajsBAEGwoAEoAgAgAEECdGogATYCAAwCC0EFEAsMAQtBBhALC0G8oAEoAgAhAAtBjMAAIAA2AgAMEgtBACEDAkAgAkEEaiIBLwEAQekARw0AIAEvAQJB7gBHDQAgAS8BBEH0AEcNACABLwEGQeUARw0AIAEvAQhB8gBHDQAgAS8BCkHvAEcNACABLwEMQfAARw0AIAEvAQ5B0gBHDQAgAS8BEEHlAEcNACABLwESQfEARw0AIAEvARRB9QBHDQAgAS8BFkHpAEcNACABLwEYQfIARw0AIAEvARpB5QBHDQAgAS8BHEHXAEcNACABLwEeQekARw0AIAEvASBB7ABHDQAgAS8BIkHkAEcNACABLwEkQeMARw0AIAEvASZB4QBHDQAgAS8BKEHyAEcNACABLwEqQeQARiEDCwJAAkAgA0UNACAAEAVFBEAgAi8BAEEuRw0BC0G8oAEgAkEwajYCACACLwEwQShHDQFBvKABIAJBMmo2AgBBhsAAQQE7AQBBsKABKAIAQYzAACgCADYCAEEAEARFDQEgABAFRQ0BIAIQBgwBCyABQd8AQeUAQfgAQfAAQe8AQfIAQfQAEAhFDQAgABAFRQRAIAIvAQBBLkcNAQtBvKABIAJBEmo2AgAgAi8BEiIAQdMARgR/IAIvARRB9ABHDQEgAi8BFkHhAEcNASACLwEYQfIARw0BQbygASACQRpqNgIAIAIvARoFIAALQf//A3FBKEcNAEGwoAEoAgBBjMAAKAIANgIAQYbAAEEBOwEAQbygAUG8oAEoAgAiAEECajYCACAALwECQfIARw0AQQIQBBoLQYzAAEG8oAEoAgA2AgAMEQsCQCADQSdrDgkLBQcQEBAQEAwACwJAIANB4ABrDgYNEBADEAIACwJAIANB+wBrDgMIEAoACyADQSJGDQogA0HPAEYNAyADQe0ARw0PCyACQQRqQe8AQeQAQfUAQewAQeUAEAdFDQ4gABAFRQ0OQbygAUG8oAEoAgAiAEEMajYCAAJAAkAQEUEuRw0AQbygAUG8oAEoAgBBAmo2AgAQEUHlAEcNAEG8oAEoAgBBAmpB+ABB8ABB7wBB8gBB9ABB8wAQEEUNAEEBEAkMAQtBvKABIABBCmo2AgALDA4LIAJBBGpB+ABB8ABB7wBB8gBB9AAQB0UNDSAAEAVFDQ0gAi8BDkHzAEYEQEEAEAkMDgsgBQ0NQbygAUG8oAEoAgBBDGoiATYCABARIQACQCABQbygASgCAEYEQCAAECJFDQELQQcQCwsMDQsgABAFRQ0MIAIvAQRB7ABHDQwgAi8BBkHhAEcNDCACLwEIQfMARw0MIAIvAQpB8wBHDQwgAi8BDBAKRQ0MQbigAUEBOgAADAwLIAJBBGpB4gBB6gBB5QBB4wBB9AAQB0UNCyAAEAVFDQsgBUUhAUG8oAFBvKABKAIAIgBBDGo2AgAgAEEKaiECAkACQBARQS5HDQBBvKABQbygASgCAEECajYCAAJAEBEiAEHkAEYEQEG8oAEoAgAiAEECakHlAEHmAEHpAEHuAEHlABAXRQ0CQbygASAAQRxqNgIAIABBGmohAhARQShHDQJBvKABQbygASgCAEECajYCABAREBhFDQIQEUEsRw0CQbygAUG8oAEoAgBBAmo2AgAQESIAQSdHIABBIkdxDQJBvKABKAIAIQQgABAMQbygAUG8oAEoAgBBAmoiAzYCABARQSxHDQFBvKABQbygASgCAEECajYCABARQfsARw0BQbygAUG8oAEoAgBBAmo2AgAQESIAQeUARgRAQbygASgCACIAQQJqEBlFDQJBvKABIABBFGo2AgAQEUE6Rw0CQbygAUG8oAEoAgBBAmo2AgAQEUH0AEcNAkG8oAEoAgAiAC8BAkHyAEcNAiAALwEEQfUARw0CIAAvAQZB5QBHDQJBvKABIABBCGo2AgAQEUEsRw0CQbygAUG8oAEoAgBBAmo2AgAQESEACyAAQecARwRAIABB9gBHDQJBvKABKAIAIgAvAQJB4QBHDQIgAC8BBEHsAEcNAiAALwEGQfUARw0CIAAvAQhB5QBHDQJBvKABIABBCmo2AgAQEUE6Rw0CIAQgA0GcHygCABEBAEG8oAEgAjYCAAwEC0G8oAEoAgAiAC8BAkHlAEcNASAALwEEQfQARw0BQbygASAAQQZqNgIAEBEiAEE6RgR/QbygAUG8oAEoAgBBAmo2AgAQEUHmAEcNAkG8oAEoAgAiAEECakH1AEHuAEHjAEH0AEHpAEHvAEHuABAIRQ0CQbygASAAQRBqIgE2AgAQESIAQShHBEAgAUG8oAEoAgBGDQMgABAWRQ0DCxARBSAAC0EoRw0BQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0BQbygAUG8oAEoAgBBAmo2AgAQEUH7AEcNAUG8oAFBvKABKAIAQQJqNgIAEBFB8gBHDQFBvKABKAIAIgBBAmpB5QBB9ABB9QBB8gBB7gAQB0UNAUG8oAEgAEEMajYCABAREBZFDQECQAJAEBEiAEHbAEcEQCAAQS5HDQJBvKABQbygASgCAEECajYCABAREBYNAQwEC0G8oAFBvKABKAIAQQJqNgIAEBEiAEEnRyAAQSJHcQ0DIAAQDEG8oAFBvKABKAIAQQJqNgIAEBFB3QBHDQNBvKABQbygASgCAEECajYCAAsQESEACyAAQTtGBH9BvKABQbygASgCAEECajYCABARBSAAC0H9AEcNAUG8oAFBvKABKAIAQQJqNgIAEBEiAEEsRgR/QbygAUG8oAEoAgBBAmo2AgAQEQUgAAtB/QBHDQFBvKABQbygASgCAEECajYCABARQSlHDQEgBCADQZwfKAIAEQEADAMLIAFFIABB6wBHcg0BQbygASgCACIALwECQeUARw0BIAAvAQRB+QBHDQEgAC8BBkHzAEcNASAAQQZqIQJBvKABIABBCGo2AgAQEUEoRw0BQbygAUG8oAEoAgBBAmo2AgAQEUG8oAEoAgAhBhAWRQ0BQbygASgCABARQSlHDQFBvKABQbygASgCACICQQJqNgIAEBFBLkcNAUG8oAFBvKABKAIAQQJqNgIAEBFB5gBHDQFBvKABKAIAIgBBAmpB7wBB8gBBxQBB4QBB4wBB6AAQEEUNAUG8oAEgAEEOajYCABARQbygASgCACIAQQJrIQJBKEcNAUG8oAEgAEECajYCABARQeYARw0BQbygASgCACIAQQJqQfUAQe4AQeMAQfQAQekAQe8AQe4AEAhFDQFBvKABIABBEGo2AgAQEUEoRw0BQbygAUG8oAEoAgBBAmo2AgAQEUG8oAEoAgAhBxAWRQ0BQbygASgCACEBEBFBKUcNAUG8oAFBvKABKAIAQQJqNgIAEBFB+wBHDQFBvKABQbygASgCAEECajYCABARQekARw0BQbygASgCACIALwECQeYARw0BQbygASAAQQRqNgIAEBFBKEcNAUG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgASAHayIJECMNASAGayIFQQF1IQRBvKABIAAgCUEBdSIIQQF0ajYCAAJAAkACQBARIgBBIUcEQCAAQT1HDQVBvKABKAIAIgAvAQJBPUcNBSAALwEEQT1HDQVBvKABIABBBmo2AgAQESIBQSdHIAFBIkdxDQVBvKABKAIAIgBBAmpB5ABB5QBB5gBB4QBB9QBB7ABB9AAQCEUNBUG8oAEgAEEQajYCABARIAFHDQVBvKABQbygASgCAEECajYCABARQfwARw0FQbygASgCACIALwECQfwARw0FQbygASAAQQRqNgIAEBEaQbygASgCACIAIAcgCRAjDQVBvKABIAAgCEEBdGo2AgAQEUE9Rw0FQbygASgCACIALwECQT1HDQUgAC8BBEE9Rw0FQbygASAAQQZqNgIAEBEiA0EnRyADQSJHcQ0FQQAhAQJAQbygASgCACIAQQJqIgovAQBB3wBHDQAgCi8BAkHfAEcNACAKLwEEQeUARw0AIAovAQZB8wBHDQAgCi8BCEHNAEcNACAKLwEKQe8ARw0AIAovAQxB5ABHDQAgCi8BDkH1AEcNACAKLwEQQewARw0AIAovARJB5QBGIQELIAFFDQVBvKABIABBFmo2AgAQESADRw0FQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0FQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNBUG8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0FQbygASAAQQxqNgIAEBFBO0YEQEG8oAFBvKABKAIAQQJqNgIACxARIgBB6QBHDQNB6QAhAEG8oAEoAgAiAS8BAkHmAEcNA0G8oAEgAUEEajYCABARQShHDQVBvKABQbygASgCAEECaiIANgIAIAcgCBAaBEAQEUEpRw0GQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNBkG8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0GQbygASAAQQxqNgIAEBFBO0YEQEG8oAFBvKABKAIAQQJqNgIACxARIgBB6QBHDQRB6QAhAEG8oAEoAgAiAS8BAkHmAEcNBEG8oAEgAUEEajYCABARQShHDQZBvKABKAIAQQJqIQALQbygASAANgIAIAAgByAJECMNBUG8oAEgACAIQQF0ajYCABARQekARw0FQbygASgCACIALwECQe4ARw0FIAAvAQRBIEcNBUG8oAEgAEEGajYCABAREBhFDQUQEUEmRw0FQbygASgCACIALwECQSZHDQVBvKABIABBBGo2AgAQERAYRQ0FEBFB2wBHDQVBvKABQbygASgCAEECajYCABARGkG8oAEoAgAiACAHIAkQIw0FQbygASAAIAhBAXRqNgIAEBFB3QBHDQVBvKABQbygASgCAEECajYCABARQT1HDQVBvKABKAIAIgAvAQJBPUcNBSAALwEEQT1HDQVBvKABIABBBmo2AgAQERpBvKABKAIAIgAgBiAFECMNBUG8oAEgACAEQQF0ajYCABARQdsARw0FQbygAUG8oAEoAgBBAmo2AgAQERpBvKABKAIAIgAgByAJECMNBUG8oAEgACAIQQF0ajYCABARQd0ARw0FQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0FQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNBUG8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0FQbygASAAQQxqNgIAEBFBO0YNAQwCC0G8oAEoAgAiAC8BAkE9Rw0EIAAvAQRBPUcNBEG8oAEgAEEGajYCABARIgFBJ0cgAUEiR3ENBEG8oAEoAgAiAEECakHkAEHlAEHmAEHhAEH1AEHsAEH0ABAIRQ0EQbygASAAQRBqNgIAEBEgAUcNBEG8oAFBvKABKAIAQQJqNgIAEBEiAEEmRgR/QbygASgCACIALwECQSZHDQVBvKABIABBBGo2AgAQEUEhRw0FQbygAUG8oAEoAgBBAmo2AgACQAJAEBEiAEHPAEcNAEG8oAEoAgBBAmpB4gBB6gBB5QBB4wBB9ABBLhAQRQ0AIAcgCBAaRQ0HDAELIAAQFkUNABARQS5HDQZBvKABQbygASgCAEECajYCABARQegARw0GQbygASgCACIAQQJqQeEAQfMAQc8AQfcAQe4AEBdFDQZBvKABIABBHGo2AgAQEUEoRw0GQbygAUG8oAEoAgBBAmo2AgAQERpBvKABKAIAIgAgByAJECMNBkG8oAEgACAIQQF0ajYCABARQSlHDQZBvKABQbygASgCAEECajYCAAsQEQUgAAtBKUcNBAtBvKABQbygASgCAEECajYCAAsQESEACwJAAkAgABAYBEAQEUHbAEcNBEG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQRBvKABIAAgCEEBdGo2AgAQEUHdAEcNBEG8oAFBvKABKAIAQQJqNgIAEBFBPUcNBEG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAYgBRAjDQRBvKABIAAgBEEBdGo2AgAQEUHbAEcNBEG8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQRBvKABIAAgCEEBdGo2AgAQEUHdAEcNBEG8oAFBvKABKAIAQQJqNgIAEBEiAEE7Rg0BDAILIABBzwBHDQNBvKABKAIAIgBBAmpB4gBB6gBB5QBB4wBB9AAQB0UNA0G8oAEgAEEMajYCABARQS5HDQNBvKABQbygASgCAEECajYCABARQeQARw0DQbygASgCACIAQQJqQeUAQeYAQekAQe4AQeUAEBdFDQNBvKABIABBHGo2AgAQEUEoRw0DQbygAUG8oAEoAgBBAmo2AgAQERAYRQ0DEBFBLEcNA0G8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQNBvKABIAAgCEEBdGo2AgAQEUEsRw0DQbygAUG8oAEoAgBBAmo2AgAQEUH7AEcNA0G8oAFBvKABKAIAQQJqNgIAEBFB5QBHDQNBvKABKAIAIgBBAmoQGUUNA0G8oAEgAEEUajYCABARQTpHDQNBvKABQbygASgCAEECajYCABARQbygASgCACEBQfQARwRAIAEvAQJB8gBHDQQgAS8BBEH1AEcNBCABLwEGQeUARw0EC0G8oAEgAUEIajYCABARQSxHDQNBvKABQbygASgCAEECajYCABARQecARw0DQbygASgCACIALwECQeUARw0DIAAvAQRB9ABHDQNBvKABIABBBmo2AgAQESIAQTpGBH9BvKABQbygASgCAEECajYCABARQeYARw0EQbygASgCACIAQQJqQfUAQe4AQeMAQfQAQekAQe8AQe4AEAhFDQRBvKABIABBEGoiATYCABARIgBBKEcEQCABQbygASgCAEYNBSAAEBZFDQULEBEFIAALQShHDQNBvKABQbygASgCAEECajYCABARQSlHDQNBvKABQbygASgCAEECajYCABARQfsARw0DQbygAUG8oAEoAgBBAmo2AgAQEUHyAEcNA0G8oAEoAgAiAEECakHlAEH0AEH1AEHyAEHuABAHRQ0DQbygASAAQQxqNgIAEBEaQbygASgCACIAIAYgBRAjDQNBvKABIAAgBEEBdGo2AgAQEUHbAEcNA0G8oAFBvKABKAIAQQJqNgIAEBEaQbygASgCACIAIAcgCRAjDQNBvKABIAAgCEEBdGo2AgAQEUHdAEcNA0G8oAFBvKABKAIAQQJqNgIAEBEiAEE7RgR/QbygAUG8oAEoAgBBAmo2AgAQEQUgAAtB/QBHDQNBvKABQbygASgCAEECajYCABARIgBBLEYEf0G8oAFBvKABKAIAQQJqNgIAEBEFIAALQf0ARw0DQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0DQbygAUG8oAEoAgBBAmo2AgAQESIAQTtHDQELQbygAUG8oAEoAgBBAmo2AgAQESEACyAAQf0ARw0BQbygAUG8oAEoAgBBAmo2AgAQEUEpRw0BQbSgASgCACEDQYAgIQADQAJAIAAgA0cEQCAEIABBDGooAgAgAEEIaigCACIBa0EBdUcNASAGIAEgBRAjDQEgACgCACAAQQRqKAIAQaAfKAIAEQEAQbygASACNgIACwwECyAAQRBqIQAMAAsACyAEIANBpB8oAgARAQALQbygASACNgIACwwLC0GGwAAgBUEBajsBAEGwoAEoAgAgBUECdGpBjMAAKAIANgIADAoLQQgQC0HwHygCAAwNC0GGwAAgBUEBazsBAAwICyAFQdCgAWpBuKABLQAAOgAAQYbAACAFQQFqOwEAQbCgASgCACAFQQJ0akGMwAAoAgA2AgBBuKABQQA6AAAMBwtBAhALQQAMCgtBhsAAIAVBAWsiADsBAEGIwAAvAQAiASAFRgRAQYTAAEGEwAAvAQBBAWsiADsBAEGIwABBoOAAKAIAIABB//8DcUEBdGovAQA7AQAMBQsgAUH//wNGIABB//8DcSABT3INBUEDEAtB8B8oAgAMCQsgAxAMDAQLAkAgAi8BBCIAQSpHBEAgAEEvRw0BEA0MBgsQDgwFC0GQwAACfwJAAkACfwJAQYzAACgCACIGLwEAIgRBKUcgBEEoa0H//wNxQQdJcSAEQSFrIgBBBU1BAEEBIAB0QTFxG3JFBEAgBEE6ayIAQf//A3FBJU9Cv4CAgKACIACtiEIBg1ByDQELQQEMAQsgBEH9AEcgBEH7AGtB//8DcUEESXELBEACQAJAAkAgBEEraw4EAQUCAAULIAZBAmsvAQBBMGtB//8DcUEKSQ0DDAQLIAZBAmsvAQBBK0YNAgwDCyAGQQJrLwEAQS1GDQEMAgsCQCAEQf0ARwRAIARBL0YNASAEQSlHDQJBASEDAkBBsKABKAIAIAVBAnRqKAIAIgBB9wBB6ABB6QBB7ABB5QAQGw0AIABB5gBB7wBB8gAQHA0AIABB6QBB5gAQFCEDCyADRQ0CDAMLAn9BASEAAkACQAJAAkACQAJAQbCgASgCACAFQQJ0aigCACICLwEAIgFBO2sOBAUEBAEACwJAIAFB5QBrDgQDBAQCAAsgAUEpRg0EIAFB+QBHDQMgAkECa0HmAEHpAEHuAEHhAEHsAEHsABAdDAULIAJBAmsvAQBBPUYMBAsgAkECa0HjAEHhAEH0AEHjABAVDAMLIAJBAmtB5QBB7ABB8wAQHAwCC0EAIQALIAALDQIgBUHQoAFqLQAARQ0BDAILQZDAAC0AAA0BCwJ/QQAhAwJAAkACQAJAAkACQAJAAkACQCAGLwEAQeQAaw4UAAECCAgICAgICAMECAgFCAYICAcICwJAAkAgBkECay8BAEHpAGsOBAAJCQEJCyAGQQRrQfYAQe8AEBQMCQsgBkEEa0H5AEHpAEHlABAcDAgLAkACQCAGQQJrLwEAQfMAaw4CAAEICyAGQQRrLwEAIgBB4QBHBEAgAEHsAEcNCCAGQQZrQeUAEB4MCQsgBkEGa0HjABAeDAgLIAZBBGtB5ABB5QBB7ABB5QAQFQwHCyAGQQJrLwEAQe8ARw0FIAZBBGsvAQBB5QBHDQUgBkEGay8BACIAQfAARwRAIABB4wBHDQYgBkEIa0HpAEHuAEHzAEH0AEHhAEHuABAdDAcLIAZBCGtB9ABB+QAQFAwGC0EBIQMgBkECayIAQekAEB4NBCAAQfIAQeUAQfQAQfUAQfIAEBsMBQsgBkECa0HkABAeDAQLAn8CQCAGQQJrIgFBDGsiAkGYHygCACIASQ0AIAJB5ABB5QBB4gBB9QBB5wBB5wBB5QAQCEUNAEEBIAAgAkYNARogAUEOay8BABAPIQMLIAMLDAMLIAZBAmtB4QBB9wBB4QBB6QAQFQwCCyAGQQJrLwEAIgBB7wBHBEAgAEHlAEcNASAGQQRrQe4AEB4MAgsgBkEEa0H0AEHoAEHyABAcIQMLIAMLIQAgBEUNAEEBIABFDQEaCwJAA0BBwKABKAIAIQJBvKABKAIAIQADQCAAQQJqIQECQAJAIAAgAk8NAAJAAkACQCABLwEAIgNB2wBrDgIBAgALIAEhACADQQprDgQCBAQCAwtBvKABIAE2AgBBvKABKAIAIQBBwKABKAIAIQMCQAJAA0ACQCAAQQJqIQEgACADTw0AAkACQCABLwEAIgJB3ABrDgIBBAALIAEhACACQQprDgQBAgIBAgsgAEEEaiEADAELC0G8oAEgATYCAEEKEAsMAQtBvKABIAE2AgALDAQLIABBBGohAAwCC0G8oAEgATYCAEELEAsMAwsgA0EvRw0ACwtBvKABIAE2AgALQQALOgAADAMLQYjAAC8BAEH+/wNHDQFBBBALQfAfKAIADAYLQYbAAC8BABpB8B8oAgAiACAAQYjAAC8BAEH//wNHGyECDAQLQbygASgCACEAQcCgASgCACEDAkACQANAAkAgACIBQQJqIQAgASADTw0AAkACQCAALwEAIgJB3ABrDgUBAwMDBAALIAJBJEcNAiABLwEEQfsARw0CQYTAAEGEwAAvAQAiAEEBajsBAEGg4AAoAgAgAEEBdGpBiMAALwEAOwEAQbygASABQQRqNgIAQYjAAEGGwAAvAQBBAWoiADsBAEGGwAAgADsBAAwECyABQQRqIQAMAQsLQbygASAANgIAQQgQCwwBC0G8oAEgADYCAAsLQYzAAEG8oAEoAgA2AgALQcCgASgCACEDQbygASgCACECDAALAAsgAgsLRQEBfyACKAIAIgRBCGogAyAEG0HoHygCACIENgIAIAIgBDYCAEHoHyAEQQxqNgIAIARBADYCCCAEIAE2AgQgBCAANgIACyIBAX8gASABKAIAIgJBCGogACACGygCACICNgIAIAJBAEcLC6kXAgBBlAgLgRcLAAAAAgAAABkAAAACAAAAEgAAAAIAAAABAAAAAgAAAA4AAAADAAAADQAAACMAAAB6AAAARgAAADQAAAAMAQAAHAAAAAQAAAAwAAAAMAAAAB8AAAAOAAAAHQAAAAYAAAAlAAAACwAAAB0AAAADAAAAIwAAAAUAAAAHAAAAAgAAAAQAAAArAAAAnQAAABMAAAAjAAAABQAAACMAAAAFAAAAJwAAAAkAAAAzAAAAnQAAADYBAAAKAAAAFQAAAAsAAAAHAAAAmQAAAAUAAAADAAAAAAAAAAIAAAArAAAAAgAAAAEAAAAEAAAAAAAAAAMAAAAWAAAACwAAABYAAAAKAAAAHgAAAEIAAAASAAAAAgAAAAEAAAALAAAAFQAAAAsAAAAZAAAARwAAADcAAAAHAAAAAQAAAEEAAAAAAAAAEAAAAAMAAAACAAAAAgAAAAIAAAAcAAAAKwAAABwAAAAEAAAAHAAAACQAAAAHAAAAAgAAABsAAAAcAAAANQAAAAsAAAAVAAAACwAAABIAAAAOAAAAEQAAAG8AAABIAAAAOAAAADIAAAAOAAAAMgAAAA4AAAAjAAAAXQEAACkAAAAHAAAAAQAAAE8AAAAcAAAACwAAAAAAAAAJAAAAFQAAAGsAAAAUAAAAHAAAABYAAAANAAAANAAAAEwAAAAsAAAAIQAAABgAAAAbAAAAIwAAAB4AAAAAAAAAAwAAAAAAAAAJAAAAIgAAAAQAAAAAAAAADQAAAC8AAAAPAAAAAwAAABYAAAAAAAAAAgAAAAAAAAAkAAAAEQAAAAIAAAAYAAAAVQAAAAYAAAACAAAAAAAAAAIAAAADAAAAAgAAAA4AAAACAAAACQAAAAgAAAAuAAAAJwAAAAcAAAADAAAAAQAAAAMAAAAVAAAAAgAAAAYAAAACAAAAAQAAAAIAAAAEAAAABAAAAAAAAAATAAAAAAAAAA0AAAAEAAAAnwAAADQAAAATAAAAAwAAABUAAAACAAAAHwAAAC8AAAAVAAAAAQAAAAIAAAAAAAAAuQAAAC4AAAAqAAAAAwAAACUAAAAvAAAAFQAAAAAAAAA8AAAAKgAAAA4AAAAAAAAASAAAABoAAADmAAAAKwAAAHUAAAA/AAAAIAAAAAcAAAADAAAAAAAAAAMAAAAHAAAAAgAAAAEAAAACAAAAFwAAABAAAAAAAAAAAgAAAAAAAABfAAAABwAAAAMAAAAmAAAAEQAAAAAAAAACAAAAAAAAAB0AAAAAAAAACwAAACcAAAAIAAAAAAAAABYAAAAAAAAADAAAAC0AAAAUAAAAAAAAACMAAAA4AAAACAEAAAgAAAACAAAAJAAAABIAAAAAAAAAMgAAAB0AAABxAAAABgAAAAIAAAABAAAAAgAAACUAAAAWAAAAAAAAABoAAAAFAAAAAgAAAAEAAAACAAAAHwAAAA8AAAAAAAAASAEAABIAAAC+AAAAAAAAAFAAAACZAwAAZwAAAG4AAAASAAAAwwAAAL0KAAAuBAAA0g8AAEYCAAC6IQAAOAIAAAgAAAAeAAAAcgAAAB0AAAATAAAALwAAABEAAAADAAAAIAAAABQAAAAGAAAAEgAAALECAAA/AAAAgQAAAEoAAAAGAAAAAAAAAEMAAAAMAAAAQQAAAAEAAAACAAAAAAAAAB0AAAD3FwAACQAAANUEAAArAAAACAAAAPgiAAAeAQAAMgAAAAIAAAASAAAAAwAAAAkAAACLAQAABQkAAGoAAAAGAAAADAAAAAQAAAAIAAAACAAAAAkAAABnFwAAVAAAAAIAAABGAAAAAgAAAAEAAAADAAAAAAAAAAMAAAABAAAAAwAAAAMAAAACAAAACwAAAAIAAAAAAAAAAgAAAAYAAAACAAAAQAAAAAIAAAADAAAAAwAAAAcAAAACAAAABgAAAAIAAAAbAAAAAgAAAAMAAAACAAAABAAAAAIAAAAAAAAABAAAAAYAAAACAAAAUwEAAAMAAAAYAAAAAgAAABgAAAACAAAAHgAAAAIAAAAYAAAAAgAAAB4AAAACAAAAGAAAAAIAAAAeAAAAAgAAABgAAAACAAAAHgAAAAIAAAAYAAAAAgAAAAcAAAA1CQAALAAAAAsAAAAGAAAAEQAAAAAAAAByAQAAKwAAABUFAADEAAAAPAAAAEMAAAAIAAAAAAAAALUEAAADAAAAAgAAABoAAAACAAAAAQAAAAIAAAAAAAAAAwAAAAAAAAACAAAACQAAAAIAAAADAAAAAgAAAAAAAAACAAAAAAAAAAcAAAAAAAAABQAAAAAAAAACAAAAAAAAAAIAAAAAAAAAAgAAAAIAAAACAAAAAQAAAAIAAAAAAAAAAwAAAAAAAAACAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAABAAAAAgAAAAAAAAADAAAAAwAAAAIAAAAGAAAAAgAAAAMAAAACAAAAAwAAAAIAAAAAAAAAAgAAAAkAAAACAAAAEAAAAAYAAAACAAAAAgAAAAQAAAACAAAAEAAAAEURAADdpgAAIwAAADQQAAAMAAAA3QAAAAMAAACBFgAADwAAADAdAAAgDAAAHQIAAOMFAABKEwAA/QEAAAAAAADjAAAAAAAAAJYAAAAEAAAAJgEAAAkAAABYBQAAAgAAAAIAAAABAAAABgAAAAMAAAApAAAAAgAAAAUAAAAAAAAApgAAAAEAAAA+AgAAAwAAAAkAAAAJAAAAcgEAAAEAAACaAAAACgAAALAAAAACAAAANgAAAA4AAAAgAAAACQAAABAAAAADAAAALgAAAAoAAAA2AAAACQAAAAcAAAACAAAAJQAAAA0AAAACAAAACQAAAAYAAAABAAAALQAAAAAAAAANAAAAAgAAADEAAAANAAAACQAAAAMAAAACAAAACwAAAFMAAAALAAAABwAAAAAAAAChAAAACwAAAAYAAAAJAAAABwAAAAMAAAA4AAAAAQAAAAIAAAAGAAAAAwAAAAEAAAADAAAAAgAAAAoAAAAAAAAACwAAAAEAAAADAAAABgAAAAQAAAAEAAAAwQAAABEAAAAKAAAACQAAAAUAAAAAAAAAUgAAABMAAAANAAAACQAAANYAAAAGAAAAAwAAAAgAAAAcAAAAAQAAAFMAAAAQAAAAEAAAAAkAAABSAAAADAAAAAkAAAAJAAAAVAAAAA4AAAAFAAAACQAAAPMAAAAOAAAApgAAAAkAAABHAAAABQAAAAIAAAABAAAAAwAAAAMAAAACAAAAAAAAAAIAAAABAAAADQAAAAkAAAB4AAAABgAAAAMAAAAGAAAABAAAAAAAAAAdAAAACQAAACkAAAAGAAAAAgAAAAMAAAAJAAAAAAAAAAoAAAAKAAAALwAAAA8AAACWAQAABwAAAAIAAAAHAAAAEQAAAAkAAAA5AAAAFQAAAAIAAAANAAAAewAAAAUAAAAEAAAAAAAAAAIAAAABAAAAAgAAAAYAAAACAAAAAAAAAAkAAAAJAAAAMQAAAAQAAAACAAAAAQAAAAIAAAAEAAAACQAAAAkAAABKAQAAAwAAAGpLAAAJAAAAhwAAAAQAAAA8AAAABgAAABoAAAAJAAAA9gMAAAAAAAACAAAANgAAAAgAAAADAAAAUgAAAAAAAAAMAAAAAQAAAKxMAAABAAAAxxQAAAQAAAAEAAAABQAAAAkAAAAHAAAAAwAAAAYAAAAfAAAAAwAAAJUAAAACAAAAigUAADEAAAABAgAANgAAAAUAAAAxAAAACQAAAAAAAAAPAAAAAAAAABcAAAAEAAAAAgAAAA4AAABRBQAABgAAAAIAAAAQAAAAAwAAAAYAAAACAAAAAQAAAAIAAAAEAAAABgEAAAYAAAAKAAAACQAAAKMBAAANAAAA1wUAAAYAAABuAAAABgAAAAYAAAAJAAAAlxIAAAkAAAAHBQwA7wBBmB8LGlCMAAABAAAAAgAAAAMAAAAEAAAAAAQAAPAf";return"undefined"!=typeof Buffer?Buffer.from(A,"base64"):Uint8Array.from(atob(A),A=>A.charCodeAt(0))}let C;export function init(){return C||(C=(async()=>{const B=await WebAssembly.compile(I()),{exports:Q}=await WebAssembly.instantiate(B);A=Q})())}export function initSync(){if(A)return;const B=new WebAssembly.Module(I()),{exports:Q}=new WebAssembly.Instance(B);A=Q}
\ No newline at end of file
diff --git a/deps/cjs-module-lexer/src/README.md b/deps/cjs-module-lexer/src/README.md
index cc7ca50cc72243..addf5edc6b1193 100755
--- a/deps/cjs-module-lexer/src/README.md
+++ b/deps/cjs-module-lexer/src/README.md
@@ -456,6 +456,25 @@ If you need to build lib/lexer.wat (optional) you must first install
 [wabt](https://github.com/WebAssembly/wabt) as a sibling folder to this
 project. The wat file is then build by running `make lib/lexer.wat`
 
+### Creating a Release
+These are the steps to create and publish a release. You will need docker
+installed as well as having installed [wabt](https://github.com/WebAssembly/wabt)
+as outlined above:
+
+- [ ] Figure out if the release should be semver patch, minor or major based on the changes since
+  the last release and determine the new version.
+- [ ] Update the package.json version, and run a full build and test
+  - npm install
+  - npm run build
+  - npm run test
+- [ ] Commit and tag the changes, pushing up to main and the tag
+  - For example
+    - `git tag -a 1.4.2 -m "1.4.2"`
+    - `git push origin tag 1.4.2`
+- [ ] Create the GitHub release
+- [ ] Run npm publish from an account with access (asking somebody with access
+      the nodejs-foundation account is an option if you don't have access.
+      
 ### License
 
 MIT
diff --git a/deps/cjs-module-lexer/src/build/Makefile b/deps/cjs-module-lexer/src/build/Makefile
index f13c390b8cdb96..b8e96d82534f7d 100755
--- a/deps/cjs-module-lexer/src/build/Makefile
+++ b/deps/cjs-module-lexer/src/build/Makefile
@@ -1,10 +1,21 @@
+# These flags depend on the system and may be overridden
+WASM_CC := clang
+WASM_CFLAGS := --sysroot=/usr/share/wasi-sysroot
+WASM_LDFLAGS := -nostartfiles
+
+# These are project-specific and are expected to be kept intact
+WASM_TARGET := -target wasm32-unknown-wasi
+WASM_EXTRA_CFLAGS := -I include-wasm/ -Wno-logical-op-parentheses -Wno-parentheses -Oz
+WASM_EXTRA_LDFLAGS := -Wl,-z,stack-size=13312,--no-entry,--compress-relocations,--strip-all
+WASM_EXTRA_LDFLAGS += -Wl,--export=__heap_base,--export=parseCJS,--export=sa
+WASM_EXTRA_LDFLAGS += -Wl,--export=e,--export=re,--export=es,--export=ee
+WASM_EXTRA_LDFLAGS += -Wl,--export=rre,--export=ree,--export=res,--export=ru,--export=us,--export=ue
+
 lib/lexer.wasm: include-wasm/cjs-module-lexer.h src/lexer.c
 	@mkdir -p lib
-	clang --sysroot=/usr/share/wasi-sysroot -target wasm32-unknown-wasi src/lexer.c -I include-wasm -o lib/lexer.wasm -nostartfiles \
-	-Wl,-z,stack-size=13312,--no-entry,--compress-relocations,--strip-all,--export=__heap_base,\
-	--export=parseCJS,--export=sa,--export=e,--export=re,--export=es,--export=ee,--export=rre,--export=ree,--export=res,--export=ru,--export=us,--export=ue \
-	-Wno-logical-op-parentheses -Wno-parentheses \
-	-Oz
+	$(WASM_CC) $(WASM_CFLAGS) $(WASM_TARGET) $(WASM_EXTRA_CFLAGS) \
+        src/lexer.c -o lib/lexer.wasm \
+        $(WASM_LDFLAGS) $(WASM_EXTRA_LDFLAGS)
 
 optimize: lib/lexer.wasm
 	${WASM_OPT} -Oz lib/lexer.wasm -o lib/lexer.wasm
diff --git a/deps/cjs-module-lexer/src/package-lock.json b/deps/cjs-module-lexer/src/package-lock.json
index 3c5f50d681e7b3..e8de2e3e921611 100644
--- a/deps/cjs-module-lexer/src/package-lock.json
+++ b/deps/cjs-module-lexer/src/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "cjs-module-lexer",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "cjs-module-lexer",
-      "version": "2.0.0",
+      "version": "2.1.0",
       "license": "MIT",
       "devDependencies": {
         "@babel/cli": "^7.5.5",
diff --git a/deps/cjs-module-lexer/src/package.json b/deps/cjs-module-lexer/src/package.json
index d59353db6da501..9ef0db81e12b46 100755
--- a/deps/cjs-module-lexer/src/package.json
+++ b/deps/cjs-module-lexer/src/package.json
@@ -1,6 +1,6 @@
 {
   "name": "cjs-module-lexer",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "description": "Lexes CommonJS modules, returning their named exports metadata",
   "main": "lexer.js",
   "exports": {
diff --git a/src/cjs_module_lexer_version.h b/src/cjs_module_lexer_version.h
index da33536cce1b80..8d754aadde0121 100644
--- a/src/cjs_module_lexer_version.h
+++ b/src/cjs_module_lexer_version.h
@@ -2,5 +2,5 @@
 // Refer to tools/dep_updaters/update-cjs-module-lexer.sh
 #ifndef SRC_CJS_MODULE_LEXER_VERSION_H_
 #define SRC_CJS_MODULE_LEXER_VERSION_H_
-#define CJS_MODULE_LEXER_VERSION "2.0.0"
+#define CJS_MODULE_LEXER_VERSION "2.1.0"
 #endif  // SRC_CJS_MODULE_LEXER_VERSION_H_

From cc9b79ca70a3f9d5300b1471a04f63f04348d951 Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Wed, 5 Mar 2025 20:57:58 +0000
Subject: [PATCH 015/138] deps: upgrade openssl sources to
 quictls/openssl-3.0.16

PR-URL: https://github.com/nodejs/node/pull/57335
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 deps/openssl/openssl/CHANGES.md               |  33 +-
 .../openssl/Configurations/unix-Makefile.tmpl |   2 +-
 deps/openssl/openssl/Configure                |   5 +-
 deps/openssl/openssl/INSTALL.md               |   4 -
 deps/openssl/openssl/NEWS.md                  |  16 +
 deps/openssl/openssl/NOTES-NONSTOP.md         |   7 +-
 deps/openssl/openssl/README-OpenSSL.md        | 224 ----------
 deps/openssl/openssl/README.md                | 277 ++++++++----
 deps/openssl/openssl/VERSION.dat              |   8 +-
 deps/openssl/openssl/apps/asn1parse.c         |   5 +-
 deps/openssl/openssl/apps/cms.c               |  39 +-
 deps/openssl/openssl/apps/engine.c            |   8 +-
 deps/openssl/openssl/apps/info.c              |  13 -
 deps/openssl/openssl/apps/lib/http_server.c   |   7 +-
 deps/openssl/openssl/apps/lib/s_cb.c          |  24 +-
 deps/openssl/openssl/apps/lib/s_socket.c      |  13 +-
 deps/openssl/openssl/apps/lib/vms_term_sock.c |  10 +-
 deps/openssl/openssl/apps/passwd.c            |   3 +-
 deps/openssl/openssl/apps/pkcs12.c            |   5 +-
 deps/openssl/openssl/apps/pkeyutl.c           |   5 +-
 deps/openssl/openssl/apps/rehash.c            |   5 +
 deps/openssl/openssl/apps/smime.c             |  20 +-
 deps/openssl/openssl/apps/speed.c             | 373 ++++++++++++----
 deps/openssl/openssl/configdata.pm.in         |   4 +-
 deps/openssl/openssl/crypto/asn1/a_bitstr.c   |  41 +-
 deps/openssl/openssl/crypto/asn1/a_strnid.c   |  10 +-
 deps/openssl/openssl/crypto/asn1/a_time.c     |  57 ++-
 deps/openssl/openssl/crypto/asn1/asn1_gen.c   |   5 +-
 deps/openssl/openssl/crypto/asn1/asn_mime.c   |   2 +
 deps/openssl/openssl/crypto/bio/bio_addr.c    |   9 +-
 deps/openssl/openssl/crypto/bio/bio_sock.c    |   4 +-
 deps/openssl/openssl/crypto/bio/bss_log.c     |   2 +-
 .../openssl/crypto/bn/asm/armv8-mont.pl       |   4 +-
 deps/openssl/openssl/crypto/bn/bn_exp.c       |  23 +-
 deps/openssl/openssl/crypto/bn/bn_gf2m.c      |  28 +-
 deps/openssl/openssl/crypto/bn/rsaz_exp_x2.c  |   8 +-
 deps/openssl/openssl/crypto/cmp/cmp_client.c  |   5 +-
 deps/openssl/openssl/crypto/cms/cms_asn1.c    |  19 +-
 deps/openssl/openssl/crypto/cms/cms_dh.c      |   2 +-
 deps/openssl/openssl/crypto/cms/cms_env.c     |   9 -
 deps/openssl/openssl/crypto/cms/cms_err.c     | 102 ++---
 deps/openssl/openssl/crypto/cms/cms_kari.c    |   9 +-
 deps/openssl/openssl/crypto/cms/cms_lib.c     |  15 +-
 deps/openssl/openssl/crypto/cms/cms_local.h   |   2 +-
 deps/openssl/openssl/crypto/cms/cms_rsa.c     |   5 +-
 deps/openssl/openssl/crypto/cms/cms_sd.c      |  20 +-
 deps/openssl/openssl/crypto/cms/cms_smime.c   |   3 +-
 deps/openssl/openssl/crypto/core_fetch.c      |   5 +-
 deps/openssl/openssl/crypto/dso/dso_dl.c      |  13 +-
 deps/openssl/openssl/crypto/dso/dso_dlfcn.c   |   9 +-
 deps/openssl/openssl/crypto/dso/dso_win32.c   |  16 +-
 deps/openssl/openssl/crypto/ec/ec_asn1.c      |   2 +-
 deps/openssl/openssl/crypto/ec/ec_backend.c   |   8 +-
 deps/openssl/openssl/crypto/ec/ec_lib.c       |   9 +-
 deps/openssl/openssl/crypto/ec/ec_oct.c       |   4 +
 .../crypto/encode_decode/encoder_pkey.c       |   6 +-
 deps/openssl/openssl/crypto/err/openssl.txt   |   7 +-
 .../crypto/evp/ctrl_params_translate.c        |  12 +-
 deps/openssl/openssl/crypto/evp/m_sigver.c    |  12 +-
 .../openssl/openssl/crypto/http/http_client.c |  19 +-
 deps/openssl/openssl/crypto/http/http_lib.c   |  22 +-
 deps/openssl/openssl/crypto/info.c            |   5 -
 deps/openssl/openssl/crypto/pem/pem_pk8.c     |   4 +-
 deps/openssl/openssl/crypto/perlasm/x86asm.pl |   4 +-
 deps/openssl/openssl/crypto/pkcs12/p12_crt.c  |   6 +-
 deps/openssl/openssl/crypto/pkcs7/pk7_doit.c  |   6 +-
 deps/openssl/openssl/crypto/pkcs7/pk7_lib.c   |   5 +
 deps/openssl/openssl/crypto/sm2/sm2_sign.c    |  10 +-
 deps/openssl/openssl/crypto/srp/srp_vfy.c     |   2 +
 deps/openssl/openssl/crypto/threads_win.c     |   3 +-
 deps/openssl/openssl/crypto/trace.c           |   2 +-
 deps/openssl/openssl/crypto/ui/ui_util.c      |  12 +-
 deps/openssl/openssl/crypto/x509/v3_admis.c   |  34 +-
 deps/openssl/openssl/crypto/x509/v3_san.c     |   3 +-
 deps/openssl/openssl/crypto/x509/x509_cmp.c   |   4 +-
 deps/openssl/openssl/crypto/x509/x_all.c      |   4 +-
 deps/openssl/openssl/demos/cipher/aesccm.c    |   2 +-
 deps/openssl/openssl/doc/build.info           |   6 -
 .../openssl/doc/man1/openssl-ca.pod.in        |   2 +-
 .../openssl/doc/man1/openssl-cmp.pod.in       |  11 +-
 .../openssl/doc/man1/openssl-cms.pod.in       |   9 +-
 .../doc/man1/openssl-fipsinstall.pod.in       |   4 +
 .../openssl/doc/man1/openssl-info.pod.in      |   5 -
 .../openssl/doc/man1/openssl-ocsp.pod.in      |  30 +-
 .../openssl/doc/man1/openssl-pkeyutl.pod.in   |  77 +++-
 .../openssl/doc/man1/openssl-req.pod.in       |   4 +-
 .../openssl/doc/man1/openssl-s_client.pod.in  |  77 +++-
 .../openssl/doc/man1/openssl-s_server.pod.in  |  11 +-
 .../openssl/doc/man1/openssl-s_time.pod.in    |   1 +
 .../openssl/doc/man1/openssl-smime.pod.in     |   4 +-
 .../openssl/doc/man1/openssl-ts.pod.in        |   2 +
 .../doc/man1/openssl-verification-options.pod | 194 +++++----
 deps/openssl/openssl/doc/man1/openssl.pod     | 107 +----
 .../openssl/doc/man3/ASN1_TIME_set.pod        |  10 +-
 deps/openssl/openssl/doc/man3/ASN1_aux_cb.pod |   6 +-
 .../openssl/openssl/doc/man3/BIO_s_accept.pod |   6 +-
 .../openssl/doc/man3/BIO_s_connect.pod        |   2 +-
 deps/openssl/openssl/doc/man3/ECDSA_sign.pod  |   4 +-
 .../openssl/doc/man3/EVP_EncryptInit.pod      |  16 +-
 .../openssl/doc/man3/EVP_PKEY_decapsulate.pod |   9 +-
 .../openssl/doc/man3/EVP_PKEY_encapsulate.pod |   7 +-
 .../openssl/doc/man3/OSSL_CMP_CTX_new.pod     |   6 +-
 .../doc/man3/OSSL_CMP_validate_msg.pod        |   4 +-
 .../openssl/doc/man3/OSSL_HTTP_parse_url.pod  |  11 +-
 .../openssl/doc/man3/OSSL_HTTP_transfer.pod   |   6 +-
 deps/openssl/openssl/doc/man3/OSSL_PARAM.pod  |   2 +-
 .../openssl/doc/man3/OSSL_trace_enabled.pod   |   8 +-
 .../openssl/doc/man3/OpenSSL_version.pod      |   8 -
 .../openssl/doc/man3/SSL_CIPHER_get_name.pod  |  13 -
 deps/openssl/openssl/doc/man3/SSL_CTX_new.pod |  10 +-
 .../doc/man3/SSL_CTX_set_quic_method.pod      | 262 ------------
 .../doc/man3/SSL_get_shared_sigalgs.pod       |   2 +-
 deps/openssl/openssl/doc/man3/SSL_set_bio.pod |   9 +
 .../openssl/doc/man3/X509V3_set_ctx.pod       |   5 +-
 .../openssl/doc/man3/X509_STORE_CTX_new.pod   |  19 +-
 .../openssl/doc/man3/X509_add_cert.pod        |   3 +-
 .../openssl/doc/man3/X509_load_http.pod       |   3 +
 .../openssl/openssl/doc/man7/EVP_KDF-HKDF.pod |   2 +
 deps/openssl/openssl/doc/man7/EVP_KDF-KB.pod  |   2 +
 .../openssl/doc/man7/EVP_KDF-PBKDF2.pod       |   2 +
 deps/openssl/openssl/doc/man7/EVP_KDF-SS.pod  |   2 +
 .../openssl/doc/man7/EVP_KDF-SSHKDF.pod       |   2 +
 .../openssl/doc/man7/EVP_KDF-TLS13_KDF.pod    |   2 +
 .../openssl/doc/man7/EVP_KDF-TLS1_PRF.pod     |   2 +
 .../openssl/doc/man7/EVP_KDF-X942-ASN1.pod    |   2 +
 .../openssl/openssl/doc/man7/EVP_KDF-X963.pod |   2 +
 .../openssl/doc/man7/EVP_SIGNATURE-DSA.pod    |   4 +-
 deps/openssl/openssl/doc/man7/openssl-env.pod |  93 ++++
 deps/openssl/openssl/doc/man7/provider.pod    |  12 +
 deps/openssl/openssl/engines/e_afalg.c        |   4 +-
 deps/openssl/openssl/engines/e_loader_attic.c |   2 +-
 deps/openssl/openssl/include/crypto/bn.h      |   5 +-
 deps/openssl/openssl/include/crypto/bn_conf.h |   1 -
 deps/openssl/openssl/include/crypto/cmserr.h  |   2 +-
 .../openssl/openssl/include/crypto/dso_conf.h |   1 -
 deps/openssl/openssl/include/openssl/asn1.h   |   1 -
 deps/openssl/openssl/include/openssl/asn1t.h  |   1 -
 deps/openssl/openssl/include/openssl/bio.h    |   1 -
 deps/openssl/openssl/include/openssl/cmp.h    |   1 -
 deps/openssl/openssl/include/openssl/cms.h    |   1 -
 deps/openssl/openssl/include/openssl/cmserr.h |   3 +-
 deps/openssl/openssl/include/openssl/conf.h   |   1 -
 .../openssl/include/openssl/configuration.h   |   1 -
 deps/openssl/openssl/include/openssl/crmf.h   |   1 -
 deps/openssl/openssl/include/openssl/crypto.h |   1 -
 deps/openssl/openssl/include/openssl/ct.h     |   1 -
 deps/openssl/openssl/include/openssl/err.h    |   1 -
 deps/openssl/openssl/include/openssl/ess.h    |   1 -
 .../openssl/openssl/include/openssl/fipskey.h |   1 -
 deps/openssl/openssl/include/openssl/http.h   |   5 +-
 deps/openssl/openssl/include/openssl/lhash.h  |   1 -
 deps/openssl/openssl/include/openssl/ocsp.h   |   1 -
 .../openssl/include/openssl/opensslv.h        |   1 -
 deps/openssl/openssl/include/openssl/pkcs12.h |   1 -
 deps/openssl/openssl/include/openssl/pkcs7.h  |   1 -
 deps/openssl/openssl/include/openssl/quic.h   |  19 -
 .../openssl/include/openssl/safestack.h       |   1 -
 deps/openssl/openssl/include/openssl/srp.h    |   1 -
 deps/openssl/openssl/include/openssl/ssl.h    |   1 -
 deps/openssl/openssl/include/openssl/ssl.h.in |  69 ---
 deps/openssl/openssl/include/openssl/sslerr.h |   2 -
 deps/openssl/openssl/include/openssl/tls1.h   |   4 -
 deps/openssl/openssl/include/openssl/ui.h     |   1 -
 deps/openssl/openssl/include/openssl/x509.h   |   1 -
 .../openssl/include/openssl/x509_vfy.h        |   1 -
 deps/openssl/openssl/include/openssl/x509v3.h |   1 -
 .../openssl/providers/fips-sources.checksums  | 254 +++++------
 deps/openssl/openssl/providers/fips.checksum  |   2 +-
 .../implementations/ciphers/cipher_aes_ocb.c  |  12 +-
 .../encode_decode/encode_key2text.c           |   3 +-
 .../providers/implementations/kdfs/hkdf.c     |   2 +-
 .../providers/implementations/kdfs/scrypt.c   |   5 +-
 .../providers/implementations/kem/rsa_kem.c   |  54 ++-
 .../implementations/keymgmt/dsa_kmgmt.c       |   2 +-
 .../implementations/keymgmt/ecx_kmgmt.c       |   2 +-
 .../keymgmt/mac_legacy_kmgmt.c                |   6 +-
 .../implementations/signature/eddsa_sig.c     |   3 +-
 .../implementations/storemgmt/file_store.c    |   2 +-
 deps/openssl/openssl/ssl/build.info           |   5 +-
 deps/openssl/openssl/ssl/s3_msg.c             |  10 -
 deps/openssl/openssl/ssl/ssl_ciph.c           |  34 --
 deps/openssl/openssl/ssl/ssl_err.c            |   4 -
 deps/openssl/openssl/ssl/ssl_lib.c            | 105 -----
 deps/openssl/openssl/ssl/ssl_local.h          |  61 ---
 deps/openssl/openssl/ssl/ssl_quic.c           | 378 ----------------
 deps/openssl/openssl/ssl/statem/extensions.c  |  69 ---
 .../openssl/ssl/statem/extensions_clnt.c      |  85 ----
 .../openssl/ssl/statem/extensions_srvr.c      |  93 +---
 deps/openssl/openssl/ssl/statem/statem.c      |  26 +-
 deps/openssl/openssl/ssl/statem/statem_clnt.c |   8 -
 deps/openssl/openssl/ssl/statem/statem_lib.c  |  39 +-
 .../openssl/openssl/ssl/statem/statem_local.h |  39 --
 deps/openssl/openssl/ssl/statem/statem_quic.c | 117 -----
 deps/openssl/openssl/ssl/statem/statem_srvr.c |  28 +-
 deps/openssl/openssl/ssl/tls13_enc.c          | 246 +----------
 deps/openssl/openssl/test/acvp_test.c         |   2 +-
 .../openssl/test/bio_pw_callback_test.c       | 402 ++++++++++++++++++
 deps/openssl/openssl/test/build.info          |   6 +-
 deps/openssl/openssl/test/cmactest.c          |   8 +-
 deps/openssl/openssl/test/conf_include_test.c |   2 +-
 deps/openssl/openssl/test/drbgtest.c          |   2 +-
 deps/openssl/openssl/test/ec_internal_test.c  |  51 +++
 deps/openssl/openssl/test/enginetest.c        |   4 +-
 deps/openssl/openssl/test/evp_kdf_test.c      |  28 +-
 deps/openssl/openssl/test/evp_libctx_test.c   | 126 +++---
 deps/openssl/openssl/test/ext_internal_test.c |   7 -
 deps/openssl/openssl/test/hmactest.c          |  12 +-
 deps/openssl/openssl/test/memleaktest.c       |   4 +-
 .../openssl/test/nocache-and-default.cnf      |  18 +
 deps/openssl/openssl/test/p_test.c            |  34 +-
 .../openssl/openssl/test/pkcs12_format_test.c |   9 +-
 deps/openssl/openssl/test/property_test.c     |  41 +-
 .../test/recipes/03-test_fipsinstall.t        |   4 +
 .../test/recipes/04-test_encoder_decoder.t    |  29 +-
 .../openssl/test/recipes/20-test_nocache.t    |  34 ++
 .../openssl/test/recipes/25-test_verify.t     |   8 +-
 .../30-test_evp_data/evpkdf_tls13_kdf.txt     |  10 +
 .../test/recipes/61-test_bio_pw_callback.t    |  20 +
 .../private_key.pem                           |  30 ++
 .../openssl/test/recipes/80-test_cmp_http.t   |   4 +-
 .../80-test_cmp_http_data/test_connection.csv |   4 +-
 .../openssl/test/recipes/80-test_cms.t        |  81 +++-
 deps/openssl/openssl/test/sslapitest.c        | 369 +---------------
 deps/openssl/openssl/test/testutil/tests.c    |   3 +-
 deps/openssl/openssl/test/threadstest.c       |   2 +-
 deps/openssl/openssl/test/tls13secretstest.c  |   7 -
 .../openssl/util/check-format-commit.sh       | 193 +++++----
 deps/openssl/openssl/util/check-format.pl     |  14 +-
 deps/openssl/openssl/util/libssl.num          |  16 -
 deps/openssl/openssl/util/mkbuildinf.pl       |  12 +-
 deps/openssl/openssl/util/other.syms          |   2 -
 .../openssl/util/perl/OpenSSL/Template.pm     |   9 +
 232 files changed, 2754 insertions(+), 3535 deletions(-)
 delete mode 100644 deps/openssl/openssl/README-OpenSSL.md
 delete mode 100644 deps/openssl/openssl/doc/man3/SSL_CTX_set_quic_method.pod
 delete mode 100644 deps/openssl/openssl/include/crypto/bn_conf.h
 delete mode 100644 deps/openssl/openssl/include/crypto/dso_conf.h
 delete mode 100644 deps/openssl/openssl/include/openssl/asn1.h
 delete mode 100644 deps/openssl/openssl/include/openssl/asn1t.h
 delete mode 100644 deps/openssl/openssl/include/openssl/bio.h
 delete mode 100644 deps/openssl/openssl/include/openssl/cmp.h
 delete mode 100644 deps/openssl/openssl/include/openssl/cms.h
 delete mode 100644 deps/openssl/openssl/include/openssl/conf.h
 delete mode 100644 deps/openssl/openssl/include/openssl/configuration.h
 delete mode 100644 deps/openssl/openssl/include/openssl/crmf.h
 delete mode 100644 deps/openssl/openssl/include/openssl/crypto.h
 delete mode 100644 deps/openssl/openssl/include/openssl/ct.h
 delete mode 100644 deps/openssl/openssl/include/openssl/err.h
 delete mode 100644 deps/openssl/openssl/include/openssl/ess.h
 delete mode 100644 deps/openssl/openssl/include/openssl/fipskey.h
 delete mode 100644 deps/openssl/openssl/include/openssl/lhash.h
 delete mode 100644 deps/openssl/openssl/include/openssl/ocsp.h
 delete mode 100644 deps/openssl/openssl/include/openssl/opensslv.h
 delete mode 100644 deps/openssl/openssl/include/openssl/pkcs12.h
 delete mode 100644 deps/openssl/openssl/include/openssl/pkcs7.h
 delete mode 100644 deps/openssl/openssl/include/openssl/quic.h
 delete mode 100644 deps/openssl/openssl/include/openssl/safestack.h
 delete mode 100644 deps/openssl/openssl/include/openssl/srp.h
 delete mode 100644 deps/openssl/openssl/include/openssl/ssl.h
 delete mode 100644 deps/openssl/openssl/include/openssl/ui.h
 delete mode 100644 deps/openssl/openssl/include/openssl/x509.h
 delete mode 100644 deps/openssl/openssl/include/openssl/x509_vfy.h
 delete mode 100644 deps/openssl/openssl/include/openssl/x509v3.h
 delete mode 100644 deps/openssl/openssl/ssl/ssl_quic.c
 delete mode 100644 deps/openssl/openssl/ssl/statem/statem_quic.c
 create mode 100644 deps/openssl/openssl/test/bio_pw_callback_test.c
 create mode 100644 deps/openssl/openssl/test/nocache-and-default.cnf
 create mode 100644 deps/openssl/openssl/test/recipes/20-test_nocache.t
 create mode 100644 deps/openssl/openssl/test/recipes/61-test_bio_pw_callback.t
 create mode 100644 deps/openssl/openssl/test/recipes/61-test_bio_pw_callback_data/private_key.pem

diff --git a/deps/openssl/openssl/CHANGES.md b/deps/openssl/openssl/CHANGES.md
index be359160542604..5b0193bc3955c6 100644
--- a/deps/openssl/openssl/CHANGES.md
+++ b/deps/openssl/openssl/CHANGES.md
@@ -28,11 +28,36 @@ breaking changes, and mappings for the large list of deprecated functions.
 
 [Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod
 
-### Changes between 3.0.15 and 3.0.15+quic [3 Sep 2024]
+### Changes between 3.0.15 and 3.0.16 [11 Feb 2025]
 
-* Add QUIC API support from BoringSSL
+ * Fixed timing side-channel in ECDSA signature computation.
 
-   *Todd Short*
+   There is a timing signal of around 300 nanoseconds when the top word of
+   the inverted ECDSA nonce value is zero. This can happen with significant
+   probability only for some of the supported elliptic curves. In particular
+   the NIST P-521 curve is affected. To be able to measure this leak, the
+   attacker process must either be located in the same physical computer or
+   must have a very fast network connection with low latency.
+
+   ([CVE-2024-13176])
+
+   *Tomáš Mráz*
+
+ * Fixed possible OOB memory access with invalid low-level GF(2^m) elliptic
+   curve parameters.
+
+   Use of the low-level GF(2^m) elliptic curve APIs with untrusted
+   explicit values for the field polynomial can lead to out-of-bounds memory
+   reads or writes.
+   Applications working with "exotic" explicit binary (GF(2^m)) curve
+   parameters, that make it possible to represent invalid field polynomials
+   with a zero constant term, via the above or similar APIs, may terminate
+   abruptly as a result of reading or writing outside of array bounds. Remote
+   code execution cannot easily be ruled out.
+
+   ([CVE-2024-9143])
+
+   *Viktor Dukhovni*
 
 ### Changes between 3.0.14 and 3.0.15 [3 Sep 2024]
 
@@ -19928,6 +19953,8 @@ ndif
 
 <!-- Links -->
 
+[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
+[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
 [CVE-2024-6119]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-6119
 [CVE-2024-5535]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-5535
 [CVE-2024-4741]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-4741
diff --git a/deps/openssl/openssl/Configurations/unix-Makefile.tmpl b/deps/openssl/openssl/Configurations/unix-Makefile.tmpl
index 644540397de596..d2b0797a7edf9d 100644
--- a/deps/openssl/openssl/Configurations/unix-Makefile.tmpl
+++ b/deps/openssl/openssl/Configurations/unix-Makefile.tmpl
@@ -1688,7 +1688,7 @@ EOF
       } elsif ($makedep_scheme eq 'gcc' && !grep /\.rc$/, @srcs) {
           $recipe .= <<"EOF";
 $obj: $deps
-	$cmd $incs $defs $cmdflags -MMD -MF $dep.tmp -MT \$\@ -c -o \$\@ $srcs
+	$cmd $incs $defs $cmdflags -MMD -MF $dep.tmp -c -o \$\@ $srcs
 	\@touch $dep.tmp
 	\@if cmp $dep.tmp $dep > /dev/null 2> /dev/null; then \\
 		rm -f $dep.tmp; \\
diff --git a/deps/openssl/openssl/Configure b/deps/openssl/openssl/Configure
index 1aa660a46c4dc4..0c60d1da1659bd 100755
--- a/deps/openssl/openssl/Configure
+++ b/deps/openssl/openssl/Configure
@@ -467,7 +467,6 @@ my @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -578,7 +577,6 @@ my @disable_cascades = (
                              "sm3", "sm4", "srp",
                              "srtp", "ssl3-method", "ssl-trace",
                              "ts", "ui-console", "whirlpool",
-                             "quic",
                              "fips-securitychecks" ],
     sub { $config{processor} eq "386" }
                         => [ "sse2" ],
@@ -586,7 +584,7 @@ my @disable_cascades = (
     "ssl3-method"       => [ "ssl3" ],
     "zlib"              => [ "zlib-dynamic" ],
     "des"               => [ "mdc2" ],
-    "ec"                => [ "ec2m", "ecdsa", "ecdh", "sm2", "gost", "quic" ],
+    "ec"                => [ "ec2m", "ecdsa", "ecdh", "sm2", "gost" ],
     "dgram"             => [ "dtls", "sctp" ],
     "sock"              => [ "dgram" ],
     "dtls"              => [ @dtls ],
@@ -637,7 +635,6 @@ my @disable_cascades = (
     "legacy"            => [ "md2" ],
 
     "cmp"               => [ "crmf" ],
-    "tls1_3"            => [ "quic" ],
 
     "fips"              => [ "fips-securitychecks", "acvp-tests" ],
 
diff --git a/deps/openssl/openssl/INSTALL.md b/deps/openssl/openssl/INSTALL.md
index 107a9b56e4c689..47d64b1a39d8e2 100644
--- a/deps/openssl/openssl/INSTALL.md
+++ b/deps/openssl/openssl/INSTALL.md
@@ -829,10 +829,6 @@ Don't use POSIX IO capabilities.
 
 Don't build support for Pre-Shared Key based ciphersuites.
 
-### no-quic
-
-Don't build support for QUIC API from BoringSSL.
-
 ### no-rdrand
 
 Don't use hardware RDRAND capabilities.
diff --git a/deps/openssl/openssl/NEWS.md b/deps/openssl/openssl/NEWS.md
index e0a81703ee8dc3..007fc9786ef810 100644
--- a/deps/openssl/openssl/NEWS.md
+++ b/deps/openssl/openssl/NEWS.md
@@ -18,6 +18,20 @@ OpenSSL Releases
 OpenSSL 3.0
 -----------
 
+### Major changes between OpenSSL 3.0.15 and OpenSSL 3.0.16 [11 Feb 2025]
+
+OpenSSL 3.0.16 is a security patch release. The most severe CVE fixed in this
+release is Low.
+
+This release incorporates the following bug fixes and mitigations:
+
+  * Fixed timing side-channel in ECDSA signature computation.
+    ([CVE-2024-13176])
+
+  * Fixed possible OOB memory access with invalid low-level GF(2^m) elliptic
+    curve parameters.
+    ([CVE-2024-9143])
+
 ### Major changes between OpenSSL 3.0.14 and OpenSSL 3.0.15 [3 Sep 2024]
 
 OpenSSL 3.0.15 is a security patch release. The most severe CVE fixed in this
@@ -1495,6 +1509,8 @@ OpenSSL 0.9.x
 
 <!-- Links -->
 
+[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
+[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
 [CVE-2024-6119]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-6119
 [CVE-2024-5535]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-5535
 [CVE-2024-4741]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-4741
diff --git a/deps/openssl/openssl/NOTES-NONSTOP.md b/deps/openssl/openssl/NOTES-NONSTOP.md
index ab13de7d3a760a..9441647604c7bb 100644
--- a/deps/openssl/openssl/NOTES-NONSTOP.md
+++ b/deps/openssl/openssl/NOTES-NONSTOP.md
@@ -119,12 +119,9 @@ correctly, you also need the `COMP_ROOT` set, as in:
 
 `COMP_ROOT` needs to be in Windows form.
 
-`Configure` must specify the `no-makedepend` option otherwise errors will
-result when running the build because the c99 cross-compiler does not support
-the `gcc -MT` option. An example of a `Configure` command to be run from the
-OpenSSL directory is:
+An example of a `Configure` command to be run from the OpenSSL directory is:
 
-    ./Configure nonstop-nsx_64 no-makedepend --with-rand-seed=rdcpu
+    ./Configure nonstop-nsx_64 --with-rand-seed=rdcpu
 
 Do not forget to include any OpenSSL cross-compiling prefix and certificate
 options when creating your libraries.
diff --git a/deps/openssl/openssl/README-OpenSSL.md b/deps/openssl/openssl/README-OpenSSL.md
deleted file mode 100644
index 5184a461bb17cd..00000000000000
--- a/deps/openssl/openssl/README-OpenSSL.md
+++ /dev/null
@@ -1,224 +0,0 @@
-Welcome to the OpenSSL Project
-==============================
-
-[![openssl logo]][www.openssl.org]
-
-[![github actions ci badge]][github actions ci]
-[![appveyor badge]][appveyor jobs]
-
-OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit
-for the Transport Layer Security (TLS) protocol formerly known as the
-Secure Sockets Layer (SSL) protocol. The protocol implementation is based
-on a full-strength general purpose cryptographic library, which can also
-be used stand-alone.
-
-OpenSSL is descended from the SSLeay library developed by Eric A. Young
-and Tim J. Hudson.
-
-The official Home Page of the OpenSSL Project is [www.openssl.org].
-
-Table of Contents
-=================
-
- - [Overview](#overview)
- - [Download](#download)
- - [Build and Install](#build-and-install)
- - [Documentation](#documentation)
- - [License](#license)
- - [Support](#support)
- - [Contributing](#contributing)
- - [Legalities](#legalities)
-
-Overview
-========
-
-The OpenSSL toolkit includes:
-
-- **libssl**
-  an implementation of all TLS protocol versions up to TLSv1.3 ([RFC 8446]).
-
-- **libcrypto**
-  a full-strength general purpose cryptographic library. It constitutes the
-  basis of the TLS implementation, but can also be used independently.
-
-- **openssl**
-  the OpenSSL command line tool, a swiss army knife for cryptographic tasks,
-  testing and analyzing. It can be used for
-  - creation of key parameters
-  - creation of X.509 certificates, CSRs and CRLs
-  - calculation of message digests
-  - encryption and decryption
-  - SSL/TLS client and server tests
-  - handling of S/MIME signed or encrypted mail
-  - and more...
-
-Download
-========
-
-For Production Use
-------------------
-
-Source code tarballs of the official releases can be downloaded from
-[www.openssl.org/source](https://www.openssl.org/source).
-The OpenSSL project does not distribute the toolkit in binary form.
-
-However, for a large variety of operating systems precompiled versions
-of the OpenSSL toolkit are available. In particular on Linux and other
-Unix operating systems it is normally recommended to link against the
-precompiled shared libraries provided by the distributor or vendor.
-
-For Testing and Development
----------------------------
-
-Although testing and development could in theory also be done using
-the source tarballs, having a local copy of the git repository with
-the entire project history gives you much more insight into the
-code base.
-
-The official OpenSSL Git Repository is located at [git.openssl.org].
-There is a GitHub mirror of the repository at [github.com/openssl/openssl],
-which is updated automatically from the former on every commit.
-
-A local copy of the Git Repository can be obtained by cloning it from
-the original OpenSSL repository using
-
-    git clone git://git.openssl.org/openssl.git
-
-or from the GitHub mirror using
-
-    git clone https://github.com/openssl/openssl.git
-
-If you intend to contribute to OpenSSL, either to fix bugs or contribute
-new features, you need to fork the OpenSSL repository openssl/openssl on
-GitHub and clone your public fork instead.
-
-    git clone https://github.com/yourname/openssl.git
-
-This is necessary, because all development of OpenSSL nowadays is done via
-GitHub pull requests. For more details, see [Contributing](#contributing).
-
-Build and Install
-=================
-
-After obtaining the Source, have a look at the [INSTALL](INSTALL.md) file for
-detailed instructions about building and installing OpenSSL. For some
-platforms, the installation instructions are amended by a platform specific
-document.
-
- * [Notes for UNIX-like platforms](NOTES-UNIX.md)
- * [Notes for Android platforms](NOTES-ANDROID.md)
- * [Notes for Windows platforms](NOTES-WINDOWS.md)
- * [Notes for the DOS platform with DJGPP](NOTES-DJGPP.md)
- * [Notes for the OpenVMS platform](NOTES-VMS.md)
- * [Notes on Perl](NOTES-PERL.md)
- * [Notes on Valgrind](NOTES-VALGRIND.md)
-
-Specific notes on upgrading to OpenSSL 3.0 from previous versions can be found
-in the [migration_guide(7ossl)] manual page.
-
-Documentation
-=============
-
-Manual Pages
-------------
-
-The manual pages for the master branch and all current stable releases are
-available online.
-
-- [OpenSSL master](https://www.openssl.org/docs/manmaster)
-- [OpenSSL 3.0](https://www.openssl.org/docs/man3.0)
-- [OpenSSL 1.1.1](https://www.openssl.org/docs/man1.1.1)
-
-Wiki
-----
-
-There is a Wiki at [wiki.openssl.org] which is currently not very active.
-It contains a lot of useful information, not all of which is up to date.
-
-License
-=======
-
-OpenSSL is licensed under the Apache License 2.0, which means that
-you are free to get and use it for commercial and non-commercial
-purposes as long as you fulfill its conditions.
-
-See the [LICENSE.txt](LICENSE.txt) file for more details.
-
-Support
-=======
-
-There are various ways to get in touch. The correct channel depends on
-your requirement. see the [SUPPORT](SUPPORT.md) file for more details.
-
-Contributing
-============
-
-If you are interested and willing to contribute to the OpenSSL project,
-please take a look at the [CONTRIBUTING](CONTRIBUTING.md) file.
-
-Legalities
-==========
-
-A number of nations restrict the use or export of cryptography. If you are
-potentially subject to such restrictions you should seek legal advice before
-attempting to develop or distribute cryptographic code.
-
-Copyright
-=========
-
-Copyright (c) 1998-2024 The OpenSSL Project
-
-Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
-
-All rights reserved.
-
-<!-- Links  -->
-
-[www.openssl.org]:
-    <https://www.openssl.org>
-    "OpenSSL Homepage"
-
-[git.openssl.org]:
-    <https://git.openssl.org>
-    "OpenSSL Git Repository"
-
-[git.openssl.org]:
-    <https://git.openssl.org>
-    "OpenSSL Git Repository"
-
-[github.com/openssl/openssl]:
-    <https://github.com/openssl/openssl>
-    "OpenSSL GitHub Mirror"
-
-[wiki.openssl.org]:
-    <https://wiki.openssl.org>
-    "OpenSSL Wiki"
-
-[migration_guide(7ossl)]:
-    <https://www.openssl.org/docs/man3.0/man7/migration_guide.html>
-    "OpenSSL Migration Guide"
-
-[RFC 8446]:
-     <https://tools.ietf.org/html/rfc8446>
-
-<!-- Logos and Badges -->
-
-[openssl logo]:
-    doc/images/openssl.svg
-    "OpenSSL Logo"
-
-[github actions ci badge]:
-    <https://github.com/openssl/openssl/workflows/GitHub%20CI/badge.svg>
-    "GitHub Actions CI Status"
-
-[github actions ci]:
-    <https://github.com/openssl/openssl/actions?query=workflow%3A%22GitHub+CI%22>
-    "GitHub Actions CI"
-
-[appveyor badge]:
-    <https://ci.appveyor.com/api/projects/status/8e10o7xfrg73v98f/branch/master?svg=true>
-    "AppVeyor Build Status"
-
-[appveyor jobs]:
-    <https://ci.appveyor.com/project/openssl/openssl/branch/master>
-    "AppVeyor Jobs"
diff --git a/deps/openssl/openssl/README.md b/deps/openssl/openssl/README.md
index 702cc3979a1826..477f5cbb7d1273 100644
--- a/deps/openssl/openssl/README.md
+++ b/deps/openssl/openssl/README.md
@@ -1,113 +1,212 @@
-What This Is
-============
+Welcome to the OpenSSL Project
+==============================
 
-This is a fork of [OpenSSL](https://www.openssl.org) to enable QUIC. In addition
-to the website, the official source distribution is at
-<https://github.com/openssl/openssl>. The OpenSSL `README` can be found at
-[README-OpenSSL.md](https://github.com/quictls/openssl/blob/openssl-3.0.15%2Bquic/README-OpenSSL.md)
+[![openssl logo]][www.openssl.org]
 
-This fork adds APIs that can be used by QUIC implementations for connection
-handshakes. Quoting the IETF Working group
-[charter](https://datatracker.ietf.org/wg/quic/about/), QUIC is a "UDP-based,
-stream-multiplexing, encrypted transport protocol." If you don't need QUIC, you
-should use the official OpenSSL distributions.
+[![github actions ci badge]][github actions ci]
+[![appveyor badge]][appveyor jobs]
 
-The APIs here are used by Microsoft's
-[MsQuic](https://github.com/microsoft/msquic) and Google's
-[Chromium QUIC](https://chromium.googlesource.com/chromium/src/+/master/net/quic/)
+OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit
+for the Transport Layer Security (TLS) protocol formerly known as the
+Secure Sockets Layer (SSL) protocol. The protocol implementation is based
+on a full-strength general purpose cryptographic library, which can also
+be used stand-alone.
 
-We are not in competition with OpenSSL project. We informed them of
-our plans to fork the code before we went public. We do not speak for the
-OpenSSL project, and can only point to a
-[blog post](https://www.openssl.org/blog/blog/2020/02/17/QUIC-and-OpenSSL/) and
-[openssl-project email](https://github.com/quictls/openssl/discussions/54)
-that provides their view of QUIC support.
+OpenSSL is descended from the SSLeay library developed by Eric A. Young
+and Tim J. Hudson.
 
-As stated in their blog post, the OpenSSL team is focused on their 3.0 release
-(released 2021-09-07), and does not intend to add QUIC functionality to 1.1.x.
-There is a community need for a QUIC-capable TLS library. This fork is intended
-as stopgap solution to enable higher level frameworks and runtimes to use QUIC
-with the proven and reliable TLS functionality from OpenSSL. This fork will be
-maintained until OpenSSL officially provides reasonable support for QUIC
-implementations.
+The official Home Page of the OpenSSL Project is [www.openssl.org].
 
-This fork can be considered a supported version of
-[OpenSSL PR 8797](https://github.com/openssl/openssl/pull/8797).
-We will endeavor to track OpenSSL releases within a day or so, and there is an
-item below about how we'll follow their tagging.
+Table of Contents
+=================
 
-On to the questions and answers.
+ - [Overview](#overview)
+ - [Download](#download)
+ - [Build and Install](#build-and-install)
+ - [Documentation](#documentation)
+ - [License](#license)
+ - [Support](#support)
+ - [Contributing](#contributing)
+ - [Legalities](#legalities)
 
-What about branches?
---------------------
+Overview
+========
 
-We don't want to conflict with OpenSSL branch names. Our current plan is to append
-`+quic`. Release tags are likely to be the QUIC branch with `-releaseX` appended.
-For example, the OpenSSL tag `openssl-3.0.0` would have a branch named
-`openssl-3.0.0+quic` and a release tag of `openssl-3.0.0+quic-release1`.
+The OpenSSL toolkit includes:
 
-How are you keeping current with OpenSSL?
------------------------------------------
+- **libssl**
+  an implementation of all TLS protocol versions up to TLSv1.3 ([RFC 8446]).
 
-(In other words, "What about rebasing?")
+- **libcrypto**
+  a full-strength general purpose cryptographic library. It constitutes the
+  basis of the TLS implementation, but can also be used independently.
 
-Our plan is to always rebase on top of an upstream release tag. In particular:
+- **openssl**
+  the OpenSSL command line tool, a swiss army knife for cryptographic tasks,
+  testing and analyzing. It can be used for
+  - creation of key parameters
+  - creation of X.509 certificates, CSRs and CRLs
+  - calculation of message digests
+  - encryption and decryption
+  - SSL/TLS client and server tests
+  - handling of S/MIME signed or encrypted mail
+  - and more...
 
-- The changes for QUIC will always be at the tip of the branch -- you will know what
-  is from the original OpenSSL and what is for QUIC.
-- New versions are quickly created once upstream creates a new tag.
-- The use of git commands (such as `cherry`) can be used to ensure that all changes
-  have moved forward with minimal or no changes. You will be able to see
-  "QUIC: Add X" on all branches and the commit itself will be nearly identical on
-  all branches, and any changes to that can be easily identified.
+Download
+========
 
-What about library names?
--------------------------
+For Production Use
+------------------
 
-Library names will be the same, but will use a different version number. The version
-numbers for the current OpenSSL libraries are `1.1` (for the 1.1.0 and 1.1.1 branches)
-and `3` (for the 3.0 branch). We will be prefixing `81` (ASCII for 'Q') to
-the version numbers to generate a unique version number.
+Source code tarballs of the official releases can be downloaded from
+[openssl-library.org/source/](https://openssl-library.org/source/).
+The OpenSSL project does not distribute the toolkit in binary form.
 
-- `libcrypto.so.81.3` vs `libcrypto.so.3`
-- `libcrypto.so.81.1.1` vs `libcrypto.so.1.1`
-- `libssl.so.81.3` vs `libssl.so.3`
-- `libssl.so.81.1.1` vs `libssl.so.1.1`
+However, for a large variety of operating systems precompiled versions
+of the OpenSSL toolkit are available. In particular on Linux and other
+Unix operating systems it is normally recommended to link against the
+precompiled shared libraries provided by the distributor or vendor.
 
-The SONAME of these libraries are all different, guaranteeing the correct library
-will be used.
+For Testing and Development
+---------------------------
 
-...and the executable?
-----------------------
+Although testing and development could in theory also be done using
+the source tarballs, having a local copy of the git repository with
+the entire project history gives you much more insight into the
+code base.
 
-We currently do not have any plans to change the name, mainly because we
-haven't made any changes there. If you see a need, please open an issue.
+The main OpenSSL Git repository is private.
+There is a public GitHub mirror of it at [github.com/openssl/openssl],
+which is updated automatically from the former on every commit.
 
-The `openssl version` command will report that it is `+quic` enabled.
+A local copy of the Git repository can be obtained by cloning it from
+the GitHub mirror using
 
-...and FIPS?
-------------
+    git clone https://github.com/openssl/openssl.git
+
+If you intend to contribute to OpenSSL, either to fix bugs or contribute
+new features, you need to fork the GitHub mirror and clone your public fork
+instead.
+
+    git clone https://github.com/yourname/openssl.git
+
+This is necessary, because all development of OpenSSL nowadays is done via
+GitHub pull requests. For more details, see [Contributing](#contributing).
+
+Build and Install
+=================
+
+After obtaining the Source, have a look at the [INSTALL](INSTALL.md) file for
+detailed instructions about building and installing OpenSSL. For some
+platforms, the installation instructions are amended by a platform specific
+document.
+
+ * [Notes for UNIX-like platforms](NOTES-UNIX.md)
+ * [Notes for Android platforms](NOTES-ANDROID.md)
+ * [Notes for Windows platforms](NOTES-WINDOWS.md)
+ * [Notes for the DOS platform with DJGPP](NOTES-DJGPP.md)
+ * [Notes for the OpenVMS platform](NOTES-VMS.md)
+ * [Notes on Perl](NOTES-PERL.md)
+ * [Notes on Valgrind](NOTES-VALGRIND.md)
+
+Specific notes on upgrading to OpenSSL 3.0 from previous versions can be found
+in the [migration_guide(7ossl)] manual page.
+
+Documentation
+=============
 
-We are not doing anything with FIPS. This is actually good news: you should
-be able to load the OpenSSL 3.0 FIPS module into an application built against
-this fork and everything should Just Work&#8482;.
-
-How can I contribute?
----------------------
-
-We want any code here to be acceptable to OpenSSL. This means that all contributors
-must have signed the appropriate
-[contributor license agreements](https://www.openssl.org/policies/cla.html). We
-will not ask for copies of any paperwork, you just need to tell us that you've
-done so (and we might verify with OpenSSL). We are only interested in making it
-easier and better for at least the mentioned QUIC implementations to use a variant
-of OpenSSL. If you have a pull request that changes the TLS protocol, or adds
-assembly support for a new CPU, or otherwise is not specific to enabling QUIC,
-please contribute that to OpenSSL. This fork is intended to be a clean extension
-to OpenSSL, with the deltas being specific to QUIC.
-
-Who are you?
+Manual Pages
 ------------
 
-This is a collaborative effort between [Akamai](https://www.akamai.com) and
-[Microsoft](https://www.microsoft.com). We welcome anyone to contribute!
+The manual pages for the master branch and all current stable releases are
+available online.
+
+- [OpenSSL master](https://www.openssl.org/docs/manmaster)
+- [OpenSSL 3.0](https://www.openssl.org/docs/man3.0)
+- [OpenSSL 1.1.1](https://www.openssl.org/docs/man1.1.1)
+
+Wiki
+----
+
+There is a Wiki at [wiki.openssl.org] which is currently not very active.
+It contains a lot of useful information, not all of which is up to date.
+
+License
+=======
+
+OpenSSL is licensed under the Apache License 2.0, which means that
+you are free to get and use it for commercial and non-commercial
+purposes as long as you fulfill its conditions.
+
+See the [LICENSE.txt](LICENSE.txt) file for more details.
+
+Support
+=======
+
+There are various ways to get in touch. The correct channel depends on
+your requirement. see the [SUPPORT](SUPPORT.md) file for more details.
+
+Contributing
+============
+
+If you are interested and willing to contribute to the OpenSSL project,
+please take a look at the [CONTRIBUTING](CONTRIBUTING.md) file.
+
+Legalities
+==========
+
+A number of nations restrict the use or export of cryptography. If you are
+potentially subject to such restrictions you should seek legal advice before
+attempting to develop or distribute cryptographic code.
+
+Copyright
+=========
+
+Copyright (c) 1998-2025 The OpenSSL Project
+
+Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
+
+All rights reserved.
+
+<!-- Links  -->
+
+[www.openssl.org]:
+    <https://www.openssl.org>
+    "OpenSSL Homepage"
+
+[github.com/openssl/openssl]:
+    <https://github.com/openssl/openssl>
+    "OpenSSL GitHub Mirror"
+
+[wiki.openssl.org]:
+    <https://wiki.openssl.org>
+    "OpenSSL Wiki"
+
+[migration_guide(7ossl)]:
+    <https://www.openssl.org/docs/man3.0/man7/migration_guide.html>
+    "OpenSSL Migration Guide"
+
+[RFC 8446]:
+     <https://tools.ietf.org/html/rfc8446>
+
+<!-- Logos and Badges -->
+
+[openssl logo]:
+    doc/images/openssl.svg
+    "OpenSSL Logo"
+
+[github actions ci badge]:
+    <https://github.com/openssl/openssl/workflows/GitHub%20CI/badge.svg>
+    "GitHub Actions CI Status"
+
+[github actions ci]:
+    <https://github.com/openssl/openssl/actions?query=workflow%3A%22GitHub+CI%22>
+    "GitHub Actions CI"
+
+[appveyor badge]:
+    <https://ci.appveyor.com/api/projects/status/8e10o7xfrg73v98f/branch/master?svg=true>
+    "AppVeyor Build Status"
+
+[appveyor jobs]:
+    <https://ci.appveyor.com/project/openssl/openssl/branch/master>
+    "AppVeyor Jobs"
diff --git a/deps/openssl/openssl/VERSION.dat b/deps/openssl/openssl/VERSION.dat
index 9f3b18e8899778..4b7eb91a451a90 100644
--- a/deps/openssl/openssl/VERSION.dat
+++ b/deps/openssl/openssl/VERSION.dat
@@ -1,7 +1,7 @@
 MAJOR=3
 MINOR=0
-PATCH=15
+PATCH=16
 PRE_RELEASE_TAG=
-BUILD_METADATA=quic
-RELEASE_DATE="3 Sep 2024"
-SHLIB_VERSION=81.3
+BUILD_METADATA=
+RELEASE_DATE="11 Feb 2025"
+SHLIB_VERSION=3
diff --git a/deps/openssl/openssl/apps/asn1parse.c b/deps/openssl/openssl/apps/asn1parse.c
index f0bfd1d45fc423..129b867c8cc744 100644
--- a/deps/openssl/openssl/apps/asn1parse.c
+++ b/deps/openssl/openssl/apps/asn1parse.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -127,7 +127,8 @@ int asn1parse_main(int argc, char **argv)
             dump = strtol(opt_arg(), NULL, 0);
             break;
         case OPT_STRPARSE:
-            sk_OPENSSL_STRING_push(osk, opt_arg());
+            if (sk_OPENSSL_STRING_push(osk, opt_arg()) <= 0)
+                goto end;
             break;
         case OPT_GENSTR:
             genstr = opt_arg();
diff --git a/deps/openssl/openssl/apps/cms.c b/deps/openssl/openssl/apps/cms.c
index abb9f196a76090..dce227ef2db5ab 100644
--- a/deps/openssl/openssl/apps/cms.c
+++ b/deps/openssl/openssl/apps/cms.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -494,13 +494,15 @@ int cms_main(int argc, char **argv)
             if (rr_from == NULL
                 && (rr_from = sk_OPENSSL_STRING_new_null()) == NULL)
                 goto end;
-            sk_OPENSSL_STRING_push(rr_from, opt_arg());
+            if (sk_OPENSSL_STRING_push(rr_from, opt_arg()) <= 0)
+                goto end;
             break;
         case OPT_RR_TO:
             if (rr_to == NULL
                 && (rr_to = sk_OPENSSL_STRING_new_null()) == NULL)
                 goto end;
-            sk_OPENSSL_STRING_push(rr_to, opt_arg());
+            if (sk_OPENSSL_STRING_push(rr_to, opt_arg()) <= 0)
+                goto end;
             break;
         case OPT_PRINT:
             noout = print = 1;
@@ -577,13 +579,15 @@ int cms_main(int argc, char **argv)
                 if (sksigners == NULL
                     && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(sksigners, signerfile);
+                if (sk_OPENSSL_STRING_push(sksigners, signerfile) <= 0)
+                    goto end;
                 if (keyfile == NULL)
                     keyfile = signerfile;
                 if (skkeys == NULL
                     && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(skkeys, keyfile);
+                if (sk_OPENSSL_STRING_push(skkeys, keyfile) <= 0)
+                    goto end;
                 keyfile = NULL;
             }
             signerfile = opt_arg();
@@ -601,12 +605,14 @@ int cms_main(int argc, char **argv)
                 if (sksigners == NULL
                     && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(sksigners, signerfile);
+                if (sk_OPENSSL_STRING_push(sksigners, signerfile) <= 0)
+                    goto end;
                 signerfile = NULL;
                 if (skkeys == NULL
                     && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(skkeys, keyfile);
+                if (sk_OPENSSL_STRING_push(skkeys, keyfile) <= 0)
+                    goto end;
             }
             keyfile = opt_arg();
             break;
@@ -660,7 +666,8 @@ int cms_main(int argc, char **argv)
                     key_param->next = nparam;
                 key_param = nparam;
             }
-            sk_OPENSSL_STRING_push(key_param->param, opt_arg());
+            if (sk_OPENSSL_STRING_push(key_param->param, opt_arg()) <= 0)
+                goto end;
             break;
         case OPT_V_CASES:
             if (!opt_verify(o, vpm))
@@ -749,12 +756,14 @@ int cms_main(int argc, char **argv)
             if (sksigners == NULL
                 && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
                 goto end;
-            sk_OPENSSL_STRING_push(sksigners, signerfile);
+            if (sk_OPENSSL_STRING_push(sksigners, signerfile) <= 0)
+                goto end;
             if (skkeys == NULL && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
                 goto end;
             if (keyfile == NULL)
                 keyfile = signerfile;
-            sk_OPENSSL_STRING_push(skkeys, keyfile);
+            if (sk_OPENSSL_STRING_push(skkeys, keyfile) <= 0)
+                goto end;
         }
         if (sksigners == NULL) {
             BIO_printf(bio_err, "No signer certificate specified\n");
@@ -1014,8 +1023,15 @@ int cms_main(int argc, char **argv)
             pwri_tmp = NULL;
         }
         if (!(flags & CMS_STREAM)) {
-            if (!CMS_final(cms, in, NULL, flags))
+            if (!CMS_final(cms, in, NULL, flags)) {
+                if (originator != NULL
+                    && ERR_GET_REASON(ERR_peek_error())
+                    == CMS_R_ERROR_UNSUPPORTED_STATIC_KEY_AGREEMENT) {
+                    BIO_printf(bio_err, "Cannot use originator for encryption\n");
+                    goto end;
+                }
                 goto end;
+            }
         }
     } else if (operation == SMIME_ENCRYPTED_ENCRYPT) {
         cms = CMS_EncryptedData_encrypt_ex(in, cipher, secret_key,
@@ -1261,6 +1277,7 @@ int cms_main(int argc, char **argv)
     X509_free(cert);
     X509_free(recip);
     X509_free(signer);
+    X509_free(originator);
     EVP_PKEY_free(key);
     EVP_CIPHER_free(cipher);
     EVP_CIPHER_free(wrap_cipher);
diff --git a/deps/openssl/openssl/apps/engine.c b/deps/openssl/openssl/apps/engine.c
index 1b0f64309c6f97..c83bdfc150c388 100644
--- a/deps/openssl/openssl/apps/engine.c
+++ b/deps/openssl/openssl/apps/engine.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -352,10 +352,12 @@ int engine_main(int argc, char **argv)
             test_avail++;
             break;
         case OPT_PRE:
-            sk_OPENSSL_STRING_push(pre_cmds, opt_arg());
+            if (sk_OPENSSL_STRING_push(pre_cmds, opt_arg()) <= 0)
+                goto end;
             break;
         case OPT_POST:
-            sk_OPENSSL_STRING_push(post_cmds, opt_arg());
+            if (sk_OPENSSL_STRING_push(post_cmds, opt_arg()) <= 0)
+                goto end;
             break;
         }
     }
diff --git a/deps/openssl/openssl/apps/info.c b/deps/openssl/openssl/apps/info.c
index 66f3ef2587e2ef..c68603652f218b 100644
--- a/deps/openssl/openssl/apps/info.c
+++ b/deps/openssl/openssl/apps/info.c
@@ -10,15 +10,11 @@
 #include <openssl/crypto.h>
 #include "apps.h"
 #include "progs.h"
-#include <openssl/quic.h>
 
 typedef enum OPTION_choice {
     OPT_COMMON,
     OPT_CONFIGDIR, OPT_ENGINESDIR, OPT_MODULESDIR, OPT_DSOEXT, OPT_DIRNAMESEP,
     OPT_LISTSEP, OPT_SEEDS, OPT_CPUSETTINGS
-#ifndef OPENSSL_NO_QUIC
-    , OPT_QUIC
-#endif
 } OPTION_CHOICE;
 
 const OPTIONS info_options[] = {
@@ -36,9 +32,6 @@ const OPTIONS info_options[] = {
     {"listsep", OPT_LISTSEP, '-', "List separator character"},
     {"seeds", OPT_SEEDS, '-', "Seed sources"},
     {"cpusettings", OPT_CPUSETTINGS, '-', "CPU settings info"},
-#ifndef OPENSSL_NO_QUIC
-    {"quic", OPT_QUIC, '-', "QUIC info"},
-#endif
     {NULL}
 };
 
@@ -91,12 +84,6 @@ int info_main(int argc, char **argv)
             type = OPENSSL_INFO_CPU_SETTINGS;
             dirty++;
             break;
-#ifndef OPENSSL_NO_QUIC
-        case OPT_QUIC:
-            type = OPENSSL_INFO_QUIC;
-            dirty++;
-            break;
-#endif
         }
     }
     if (opt_num_rest() != 0)
diff --git a/deps/openssl/openssl/apps/lib/http_server.c b/deps/openssl/openssl/apps/lib/http_server.c
index a7fe5e1a58b0ab..33ae886d4a1cbe 100644
--- a/deps/openssl/openssl/apps/lib/http_server.c
+++ b/deps/openssl/openssl/apps/lib/http_server.c
@@ -220,14 +220,17 @@ BIO *http_server_init_bio(const char *prog, const char *port)
 {
     BIO *acbio = NULL, *bufbio;
     int asock;
+    char name[40];
 
+    snprintf(name, sizeof(name), "[::]:%s", port); /* port may be "0" */
     bufbio = BIO_new(BIO_f_buffer());
     if (bufbio == NULL)
         goto err;
     acbio = BIO_new(BIO_s_accept());
     if (acbio == NULL
-        || BIO_set_bind_mode(acbio, BIO_BIND_REUSEADDR) < 0
-        || BIO_set_accept_port(acbio, port) < 0) {
+        || BIO_set_accept_ip_family(acbio, BIO_FAMILY_IPANY) <= 0 /* IPv4/6 */
+        || BIO_set_bind_mode(acbio, BIO_BIND_REUSEADDR) <= 0
+        || BIO_set_accept_name(acbio, name) <= 0) {
         log_message(prog, LOG_ERR, "Error setting up accept BIO");
         goto err;
     }
diff --git a/deps/openssl/openssl/apps/lib/s_cb.c b/deps/openssl/openssl/apps/lib/s_cb.c
index 6440b496099e2d..9f33c24c4e352f 100644
--- a/deps/openssl/openssl/apps/lib/s_cb.c
+++ b/deps/openssl/openssl/apps/lib/s_cb.c
@@ -240,10 +240,10 @@ static const char *get_sigtype(int nid)
         return "ECDSA";
 
     case NID_ED25519:
-        return "Ed25519";
+        return "ed25519";
 
     case NID_ED448:
-        return "Ed448";
+        return "ed448";
 
     case NID_id_GostR3410_2001:
         return "gost2001";
@@ -288,6 +288,26 @@ static int do_print_sigalgs(BIO *out, SSL *s, int shared)
             SSL_get_sigalgs(s, i, &sign_nid, &hash_nid, NULL, &rsign, &rhash);
         if (i)
             BIO_puts(out, ":");
+        switch (rsign | rhash << 8) {
+        case 0x0809:
+            BIO_puts(out, "rsa_pss_pss_sha256");
+            continue;
+        case 0x080a:
+            BIO_puts(out, "rsa_pss_pss_sha384");
+            continue;
+        case 0x080b:
+            BIO_puts(out, "rsa_pss_pss_sha512");
+            continue;
+        case 0x081a:
+            BIO_puts(out, "ecdsa_brainpoolP256r1_sha256");
+            continue;
+        case 0x081b:
+            BIO_puts(out, "ecdsa_brainpoolP384r1_sha384");
+            continue;
+        case 0x081c:
+            BIO_puts(out, "ecdsa_brainpoolP512r1_sha512");
+            continue;
+        }
         sstr = get_sigtype(sign_nid);
         if (sstr)
             BIO_printf(out, "%s", sstr);
diff --git a/deps/openssl/openssl/apps/lib/s_socket.c b/deps/openssl/openssl/apps/lib/s_socket.c
index 059afe47b90491..8c6020d01692c7 100644
--- a/deps/openssl/openssl/apps/lib/s_socket.c
+++ b/deps/openssl/openssl/apps/lib/s_socket.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -380,6 +380,12 @@ int do_server(int *accept_sock, const char *host, const char *port,
                 BIO_closesocket(asock);
                 break;
             }
+
+            if (naccept != -1)
+                naccept--;
+            if (naccept == 0)
+                BIO_closesocket(asock);
+
             BIO_set_tcp_ndelay(sock, 1);
             i = (*cb)(sock, type, protocol, context);
 
@@ -410,11 +416,12 @@ int do_server(int *accept_sock, const char *host, const char *port,
 
             BIO_closesocket(sock);
         } else {
+            if (naccept != -1)
+                naccept--;
+
             i = (*cb)(asock, type, protocol, context);
         }
 
-        if (naccept != -1)
-            naccept--;
         if (i < 0 || naccept == 0) {
             BIO_closesocket(asock);
             ret = i;
diff --git a/deps/openssl/openssl/apps/lib/vms_term_sock.c b/deps/openssl/openssl/apps/lib/vms_term_sock.c
index 97fb3943265c42..1a413376b20b44 100644
--- a/deps/openssl/openssl/apps/lib/vms_term_sock.c
+++ b/deps/openssl/openssl/apps/lib/vms_term_sock.c
@@ -353,7 +353,7 @@ static int CreateSocketPair (int SocketFamily,
     /*
     ** Get the binary (64-bit) time of the specified timeout value
     */
-    sprintf (AscTimeBuff, "0 0:0:%02d.00", SOCKET_PAIR_TIMEOUT_VALUE);
+    BIO_snprintf(AscTimeBuff, sizeof(AscTimeBuff), "0 0:0:%02d.00", SOCKET_PAIR_TIMEOUT_VALUE);
     AscTimeDesc.dsc$w_length = strlen (AscTimeBuff);
     AscTimeDesc.dsc$a_pointer = AscTimeBuff;
     status = sys$bintim (&AscTimeDesc, BinTimeBuff);
@@ -567,10 +567,10 @@ static void LogMessage (char *msg, ...)
     /*
     ** Format the message buffer
     */
-    sprintf (MsgBuff, "%02d-%s-%04d %02d:%02d:%02d [%08X] %s\n",
-             LocTime->tm_mday, Month[LocTime->tm_mon],
-             (LocTime->tm_year + 1900), LocTime->tm_hour, LocTime->tm_min,
-             LocTime->tm_sec, pid, msg);
+    BIO_snprintf(MsgBuff, sizeof(MsgBuff), "%02d-%s-%04d %02d:%02d:%02d [%08X] %s\n",
+                 LocTime->tm_mday, Month[LocTime->tm_mon],
+                 (LocTime->tm_year + 1900), LocTime->tm_hour, LocTime->tm_min,
+                 LocTime->tm_sec, pid, msg);
 
     /*
     ** Get any variable arguments and add them to the print of the message
diff --git a/deps/openssl/openssl/apps/passwd.c b/deps/openssl/openssl/apps/passwd.c
index 64b2e76c147ae4..31d8bdd87cb6d9 100644
--- a/deps/openssl/openssl/apps/passwd.c
+++ b/deps/openssl/openssl/apps/passwd.c
@@ -589,7 +589,8 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt)
     OPENSSL_strlcat(out_buf, ascii_dollar, sizeof(out_buf));
     if (rounds_custom) {
         char tmp_buf[80]; /* "rounds=999999999" */
-        sprintf(tmp_buf, "rounds=%u", rounds);
+
+        BIO_snprintf(tmp_buf, sizeof(tmp_buf), "rounds=%u", rounds);
 #ifdef CHARSET_EBCDIC
         /* In case we're really on a ASCII based platform and just pretend */
         if (tmp_buf[0] != 0x72)  /* ASCII 'r' */
diff --git a/deps/openssl/openssl/apps/pkcs12.c b/deps/openssl/openssl/apps/pkcs12.c
index ab78903ee9cdcf..5146699f1672a5 100644
--- a/deps/openssl/openssl/apps/pkcs12.c
+++ b/deps/openssl/openssl/apps/pkcs12.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -305,7 +305,8 @@ int pkcs12_main(int argc, char **argv)
             if (canames == NULL
                 && (canames = sk_OPENSSL_STRING_new_null()) == NULL)
                 goto end;
-            sk_OPENSSL_STRING_push(canames, opt_arg());
+            if (sk_OPENSSL_STRING_push(canames, opt_arg()) <= 0)
+                goto end;
             break;
         case OPT_IN:
             infile = opt_arg();
diff --git a/deps/openssl/openssl/apps/pkeyutl.c b/deps/openssl/openssl/apps/pkeyutl.c
index 3c9f9025a1609d..5e5047137632b6 100644
--- a/deps/openssl/openssl/apps/pkeyutl.c
+++ b/deps/openssl/openssl/apps/pkeyutl.c
@@ -81,10 +81,11 @@ const OPTIONS pkeyutl_options[] = {
 
     OPT_SECTION("Output"),
     {"out", OPT_OUT, '>', "Output file - default stdout"},
-    {"asn1parse", OPT_ASN1PARSE, '-', "asn1parse the output data"},
+    {"asn1parse", OPT_ASN1PARSE, '-',
+     "parse the output as ASN.1 data to check its DER encoding and print errors"},
     {"hexdump", OPT_HEXDUMP, '-', "Hex dump output"},
     {"verifyrecover", OPT_VERIFYRECOVER, '-',
-     "Verify with public key, recover original data"},
+     "Verify RSA signature, recovering original signature input data"},
 
     OPT_SECTION("Signing/Derivation"),
     {"digest", OPT_DIGEST, 's',
diff --git a/deps/openssl/openssl/apps/rehash.c b/deps/openssl/openssl/apps/rehash.c
index 85eee3857942dd..6e0ca3642c4027 100644
--- a/deps/openssl/openssl/apps/rehash.c
+++ b/deps/openssl/openssl/apps/rehash.c
@@ -559,6 +559,11 @@ int rehash_main(int argc, char **argv)
     } else if ((env = getenv(X509_get_default_cert_dir_env())) != NULL) {
         char lsc[2] = { LIST_SEPARATOR_CHAR, '\0' };
         m = OPENSSL_strdup(env);
+        if (m == NULL) {
+            BIO_puts(bio_err, "out of memory\n");
+            errs = 1;
+            goto end;
+        }
         for (e = strtok(m, lsc); e != NULL; e = strtok(NULL, lsc))
             errs += do_dir(e, h);
         OPENSSL_free(m);
diff --git a/deps/openssl/openssl/apps/smime.c b/deps/openssl/openssl/apps/smime.c
index 651294e46daa92..790a8d06ad0c3d 100644
--- a/deps/openssl/openssl/apps/smime.c
+++ b/deps/openssl/openssl/apps/smime.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -279,13 +279,15 @@ int smime_main(int argc, char **argv)
                 if (sksigners == NULL
                     && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(sksigners, signerfile);
+                if (sk_OPENSSL_STRING_push(sksigners, signerfile) <= 0)
+                    goto end;
                 if (keyfile == NULL)
                     keyfile = signerfile;
                 if (skkeys == NULL
                     && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(skkeys, keyfile);
+                if (sk_OPENSSL_STRING_push(skkeys, keyfile) <= 0)
+                    goto end;
                 keyfile = NULL;
             }
             signerfile = opt_arg();
@@ -310,12 +312,14 @@ int smime_main(int argc, char **argv)
                 if (sksigners == NULL
                     && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(sksigners, signerfile);
+                if (sk_OPENSSL_STRING_push(sksigners, signerfile) <= 0)
+                    goto end;
                 signerfile = NULL;
                 if (skkeys == NULL
                     && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(skkeys, keyfile);
+                if (sk_OPENSSL_STRING_push(skkeys, keyfile) <= 0)
+                    goto end;
             }
             keyfile = opt_arg();
             break;
@@ -390,12 +394,14 @@ int smime_main(int argc, char **argv)
             if (sksigners == NULL
                 && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
                 goto end;
-            sk_OPENSSL_STRING_push(sksigners, signerfile);
+            if (sk_OPENSSL_STRING_push(sksigners, signerfile) <= 0)
+                goto end;
             if (!skkeys && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
                 goto end;
             if (!keyfile)
                 keyfile = signerfile;
-            sk_OPENSSL_STRING_push(skkeys, keyfile);
+            if (sk_OPENSSL_STRING_push(skkeys, keyfile) <= 0)
+                goto end;
         }
         if (sksigners == NULL) {
             BIO_printf(bio_err, "No signer certificate specified\n");
diff --git a/deps/openssl/openssl/apps/speed.c b/deps/openssl/openssl/apps/speed.c
index d8e2c70e6128b5..bafcacf7775ef6 100644
--- a/deps/openssl/openssl/apps/speed.c
+++ b/deps/openssl/openssl/apps/speed.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
@@ -456,6 +456,14 @@ static double sm2_results[SM2_NUM][2];    /* 2 ops: sign then verify */
 #define COND(unused_cond) (run && count < INT_MAX)
 #define COUNT(d) (count)
 
+#define TAG_LEN 16
+
+static unsigned int mode_op; /* AE Mode of operation */
+static unsigned int aead = 0; /* AEAD flag */
+static unsigned char aead_iv[12]; /* For AEAD modes */
+static unsigned char aad[EVP_AEAD_TLS1_AAD_LEN] = { 0xcc };
+static int aead_ivlen = sizeof(aead_iv);
+
 typedef struct loopargs_st {
     ASYNC_JOB *inprogress_job;
     ASYNC_WAIT_CTX *wait_ctx;
@@ -464,6 +472,7 @@ typedef struct loopargs_st {
     unsigned char *buf_malloc;
     unsigned char *buf2_malloc;
     unsigned char *key;
+    unsigned char tag[TAG_LEN];
     size_t buflen;
     size_t sigsize;
     EVP_PKEY_CTX *rsa_sign_ctx[RSA_NUM];
@@ -727,12 +736,8 @@ static int EVP_Update_loop(void *args)
     unsigned char *buf = tempargs->buf;
     EVP_CIPHER_CTX *ctx = tempargs->ctx;
     int outl, count, rc;
-    unsigned char faketag[16] = { 0xcc };
 
     if (decrypt) {
-        if (EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) {
-            (void)EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(faketag), faketag);
-        }
         for (count = 0; COND(c[D_EVP][testnum]); count++) {
             rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
             if (rc != 1) {
@@ -757,74 +762,159 @@ static int EVP_Update_loop(void *args)
 }
 
 /*
+ * To make AEAD benchmarking more relevant perform TLS-like operations,
+ * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
+ * payload length is not actually limited by 16KB...
  * CCM does not support streaming. For the purpose of performance measurement,
  * each message is encrypted using the same (key,iv)-pair. Do not use this
  * code in your application.
  */
-static int EVP_Update_loop_ccm(void *args)
+static int EVP_Update_loop_aead_enc(void *args)
 {
     loopargs_t *tempargs = *(loopargs_t **) args;
     unsigned char *buf = tempargs->buf;
+    unsigned char *key = tempargs->key;
     EVP_CIPHER_CTX *ctx = tempargs->ctx;
-    int outl, count;
-    unsigned char tag[12];
-
-    if (decrypt) {
-        for (count = 0; COND(c[D_EVP][testnum]); count++) {
-            (void)EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag),
-                                      tag);
-            /* reset iv */
-            (void)EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
-            /* counter is reset on every update */
-            (void)EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
+    int outl, count, realcount = 0;
+
+    for (count = 0; COND(c[D_EVP][testnum]); count++) {
+        /* Set length of iv (Doesn't apply to SIV mode) */
+        if (mode_op != EVP_CIPH_SIV_MODE) {
+            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
+                                     aead_ivlen, NULL)) {
+                BIO_printf(bio_err, "\nFailed to set iv length\n");
+                ERR_print_errors(bio_err);
+                exit(1);
+            }
         }
-    } else {
-        for (count = 0; COND(c[D_EVP][testnum]); count++) {
-            /* restore iv length field */
-            (void)EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
-            /* counter is reset on every update */
-            (void)EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
+        /* Set tag_len (Not for GCM/SIV at encryption stage) */
+        if (mode_op != EVP_CIPH_GCM_MODE
+            && mode_op != EVP_CIPH_SIV_MODE) {
+            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+                                     TAG_LEN, NULL)) {
+                BIO_printf(bio_err, "\nFailed to set tag length\n");
+                ERR_print_errors(bio_err);
+                exit(1);
+            }
+        }
+        if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, aead_iv, -1)) {
+            BIO_printf(bio_err, "\nFailed to set key and iv\n");
+            ERR_print_errors(bio_err);
+            exit(1);
+        }
+        /* Set total length of input. Only required for CCM */
+        if (mode_op == EVP_CIPH_CCM_MODE) {
+            if (!EVP_EncryptUpdate(ctx, NULL, &outl,
+                                   NULL, lengths[testnum])) {
+                BIO_printf(bio_err, "\nCouldn't set input text length\n");
+                ERR_print_errors(bio_err);
+                exit(1);
+            }
         }
+        if (aead) {
+            if (!EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad))) {
+                BIO_printf(bio_err, "\nCouldn't insert AAD when encrypting\n");
+                ERR_print_errors(bio_err);
+                exit(1);
+            }
+        }
+        if (!EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum])) {
+            BIO_printf(bio_err, "\nFailed to encrypt the data\n");
+            ERR_print_errors(bio_err);
+            exit(1);
+        }
+        if (EVP_EncryptFinal_ex(ctx, buf, &outl))
+            realcount++;
     }
-    if (decrypt)
-        (void)EVP_DecryptFinal_ex(ctx, buf, &outl);
-    else
-        (void)EVP_EncryptFinal_ex(ctx, buf, &outl);
-    return count;
+    return realcount;
 }
 
 /*
  * To make AEAD benchmarking more relevant perform TLS-like operations,
  * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
  * payload length is not actually limited by 16KB...
+ * CCM does not support streaming. For the purpose of performance measurement,
+ * each message is decrypted using the same (key,iv)-pair. Do not use this
+ * code in your application.
+ * For decryption, we will use buf2 to preserve the input text in buf.
  */
-static int EVP_Update_loop_aead(void *args)
+static int EVP_Update_loop_aead_dec(void *args)
 {
     loopargs_t *tempargs = *(loopargs_t **) args;
     unsigned char *buf = tempargs->buf;
+    unsigned char *outbuf = tempargs->buf2;
+    unsigned char *key = tempargs->key;
+    unsigned char tag[TAG_LEN];
     EVP_CIPHER_CTX *ctx = tempargs->ctx;
-    int outl, count;
-    unsigned char aad[13] = { 0xcc };
-    unsigned char faketag[16] = { 0xcc };
+    int outl, count, realcount = 0;
+
+    for (count = 0; COND(c[D_EVP][testnum]); count++) {
+        /* Set the length of iv (Doesn't apply to SIV mode) */
+        if (mode_op != EVP_CIPH_SIV_MODE) {
+            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
+                                     aead_ivlen, NULL)) {
+                BIO_printf(bio_err, "\nFailed to set iv length\n");
+                ERR_print_errors(bio_err);
+                exit(1);
+            }
+        }
 
-    if (decrypt) {
-        for (count = 0; COND(c[D_EVP][testnum]); count++) {
-            (void)EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
-            (void)EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
-                                      sizeof(faketag), faketag);
-            (void)EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
-            (void)EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
-            (void)EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
+        /* Set the tag length (Doesn't apply to SIV mode) */
+        if (mode_op != EVP_CIPH_SIV_MODE
+            && mode_op != EVP_CIPH_GCM_MODE) {
+            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+                                     TAG_LEN, NULL)) {
+                BIO_printf(bio_err, "\nFailed to set tag length\n");
+                ERR_print_errors(bio_err);
+                exit(1);
+            }
         }
-    } else {
-        for (count = 0; COND(c[D_EVP][testnum]); count++) {
-            (void)EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
-            (void)EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
-            (void)EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
-            (void)EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
+        if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, aead_iv, -1)) {
+            BIO_printf(bio_err, "\nFailed to set key and iv\n");
+            ERR_print_errors(bio_err);
+            exit(1);
+        }
+        /* Set iv before decryption (Doesn't apply to SIV mode) */
+        if (mode_op != EVP_CIPH_SIV_MODE) {
+            if (!EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, aead_iv)) {
+                BIO_printf(bio_err, "\nFailed to set iv\n");
+                ERR_print_errors(bio_err);
+                exit(1);
+            }
+        }
+        memcpy(tag, tempargs->tag, TAG_LEN);
+
+        if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+                                 TAG_LEN, tag)) {
+            BIO_printf(bio_err, "\nFailed to set tag\n");
+            ERR_print_errors(bio_err);
+            exit(1);
+        }
+        /* Set the total length of cipher text. Only required for CCM */
+        if (mode_op == EVP_CIPH_CCM_MODE) {
+            if (!EVP_DecryptUpdate(ctx, NULL, &outl,
+                                   NULL, lengths[testnum])) {
+                BIO_printf(bio_err, "\nCouldn't set cipher text length\n");
+                ERR_print_errors(bio_err);
+                exit(1);
+            }
+        }
+        if (aead) {
+            if (!EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad))) {
+                BIO_printf(bio_err, "\nCouldn't insert AAD when decrypting\n");
+                ERR_print_errors(bio_err);
+                exit(1);
+            }
+        }
+        if (!EVP_DecryptUpdate(ctx, outbuf, &outl, buf, lengths[testnum])) {
+            BIO_printf(bio_err, "\nFailed to decrypt the data\n");
+            ERR_print_errors(bio_err);
+            exit(1);
         }
+        if (EVP_DecryptFinal_ex(ctx, outbuf, &outl))
+            realcount++;
     }
-    return count;
+    return realcount;
 }
 
 static long rsa_c[RSA_NUM][2];  /* # RSA iteration test */
@@ -1370,11 +1460,11 @@ int speed_main(int argc, char **argv)
     OPTION_CHOICE o;
     int async_init = 0, multiblock = 0, pr_header = 0;
     uint8_t doit[ALGOR_NUM] = { 0 };
-    int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
+    int ret = 1, misalign = 0, lengths_single = 0;
     long count = 0;
     unsigned int size_num = SIZE_NUM;
     unsigned int i, k, loopargs_len = 0, async_jobs = 0;
-    int keylen;
+    int keylen = 0;
     int buflen;
     BIGNUM *bn = NULL;
     EVP_PKEY_CTX *genctx = NULL;
@@ -2001,15 +2091,14 @@ int speed_main(int argc, char **argv)
     if (doit[D_HMAC]) {
         static const char hmac_key[] = "This is a key...";
         int len = strlen(hmac_key);
+        size_t hmac_name_len = sizeof("hmac()") + strlen(evp_mac_mdname);
         OSSL_PARAM params[3];
 
         mac = EVP_MAC_fetch(app_get0_libctx(), "HMAC", app_get0_propq());
         if (mac == NULL || evp_mac_mdname == NULL)
             goto end;
-
-        evp_hmac_name = app_malloc(sizeof("hmac()") + strlen(evp_mac_mdname),
-                                   "HMAC name");
-        sprintf(evp_hmac_name, "hmac(%s)", evp_mac_mdname);
+        evp_hmac_name = app_malloc(hmac_name_len, "HMAC name");
+        BIO_snprintf(evp_hmac_name, hmac_name_len, "hmac(%s)", evp_mac_mdname);
         names[D_HMAC] = evp_hmac_name;
 
         params[0] =
@@ -2213,12 +2302,20 @@ int speed_main(int argc, char **argv)
         }
     }
 
+    /*-
+     * There are three scenarios for D_EVP:
+     * 1- Using authenticated encryption (AE) e.g. CCM, GCM, OCB etc.
+     * 2- Using AE + associated data (AD) i.e. AEAD using CCM, GCM, OCB etc.
+     * 3- Not using AE or AD e.g. ECB, CBC, CFB etc.
+     */
     if (doit[D_EVP]) {
         if (evp_cipher != NULL) {
-            int (*loopfunc) (void *) = EVP_Update_loop;
+            int (*loopfunc) (void *);
+            int outlen = 0;
+            unsigned int ae_mode = 0;
 
-            if (multiblock && (EVP_CIPHER_get_flags(evp_cipher) &
-                               EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
+            if (multiblock && (EVP_CIPHER_get_flags(evp_cipher)
+                               & EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
                 multiblock_speed(evp_cipher, lengths_single, &seconds);
                 ret = 0;
                 goto end;
@@ -2226,16 +2323,26 @@ int speed_main(int argc, char **argv)
 
             names[D_EVP] = EVP_CIPHER_get0_name(evp_cipher);
 
-            if (EVP_CIPHER_get_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
-                loopfunc = EVP_Update_loop_ccm;
-            } else if (aead && (EVP_CIPHER_get_flags(evp_cipher) &
-                                EVP_CIPH_FLAG_AEAD_CIPHER)) {
-                loopfunc = EVP_Update_loop_aead;
+            mode_op = EVP_CIPHER_get_mode(evp_cipher);
+
+            if (aead) {
                 if (lengths == lengths_list) {
                     lengths = aead_lengths_list;
                     size_num = OSSL_NELEM(aead_lengths_list);
                 }
             }
+            if (mode_op == EVP_CIPH_GCM_MODE
+                || mode_op == EVP_CIPH_CCM_MODE
+                || mode_op == EVP_CIPH_OCB_MODE
+                || mode_op == EVP_CIPH_SIV_MODE) {
+                ae_mode = 1;
+                if (decrypt)
+                    loopfunc = EVP_Update_loop_aead_dec;
+                else
+                    loopfunc = EVP_Update_loop_aead_enc;
+            } else {
+                loopfunc = EVP_Update_loop;
+            }
 
             for (testnum = 0; testnum < size_num; testnum++) {
                 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
@@ -2247,37 +2354,144 @@ int speed_main(int argc, char **argv)
                         BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
                         exit(1);
                     }
-                    if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
-                                           NULL, iv, decrypt ? 0 : 1)) {
-                        BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
+
+                    /*
+                     * For AE modes, we must first encrypt the data to get
+                     * a valid tag that enables us to decrypt. If we don't
+                     * encrypt first, we won't have a valid tag that enables
+                     * authenticity and hence decryption will fail.
+                     */
+                    if (!EVP_CipherInit_ex(loopargs[k].ctx,
+                                           evp_cipher, NULL, NULL, NULL,
+                                           ae_mode ? 1 : !decrypt)) {
+                        BIO_printf(bio_err, "\nCouldn't init the context\n");
                         ERR_print_errors(bio_err);
                         exit(1);
                     }
 
+                    /* Padding isn't needed */
                     EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
 
                     keylen = EVP_CIPHER_CTX_get_key_length(loopargs[k].ctx);
                     loopargs[k].key = app_malloc(keylen, "evp_cipher key");
                     EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
-                    if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
-                                           loopargs[k].key, NULL, -1)) {
-                        BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
-                        ERR_print_errors(bio_err);
-                        exit(1);
-                    }
-                    OPENSSL_clear_free(loopargs[k].key, keylen);
 
-                    /* SIV mode only allows for a single Update operation */
-                    if (EVP_CIPHER_get_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
-                        (void)EVP_CIPHER_CTX_ctrl(loopargs[k].ctx,
-                                                  EVP_CTRL_SET_SPEED, 1, NULL);
+                    if (!ae_mode) {
+                        if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
+                                               loopargs[k].key, iv, -1)) {
+                            BIO_printf(bio_err, "\nFailed to set the key\n");
+                            ERR_print_errors(bio_err);
+                            exit(1);
+                        }
+                    } else if (mode_op == EVP_CIPH_SIV_MODE) {
+                        EVP_CIPHER_CTX_ctrl(loopargs[k].ctx,
+                                            EVP_CTRL_SET_SPEED, 1, NULL);
+                    }
+                    if (ae_mode && decrypt) {
+                        /* Set length of iv (Doesn't apply to SIV mode) */
+                        if (mode_op != EVP_CIPH_SIV_MODE) {
+                            if (!EVP_CIPHER_CTX_ctrl(loopargs[k].ctx,
+                                                     EVP_CTRL_AEAD_SET_IVLEN,
+                                                     aead_ivlen, NULL)) {
+                                BIO_printf(bio_err, "\nFailed to set iv length\n");
+                                ERR_print_errors(bio_err);
+                                exit(1);
+                            }
+                        }
+                        /* Set tag_len (Not for SIV at encryption stage) */
+                        if (mode_op != EVP_CIPH_GCM_MODE
+                            && mode_op != EVP_CIPH_SIV_MODE) {
+                            if (!EVP_CIPHER_CTX_ctrl(loopargs[k].ctx,
+                                                     EVP_CTRL_AEAD_SET_TAG,
+                                                     TAG_LEN, NULL)) {
+                                BIO_printf(bio_err,
+                                           "\nFailed to set tag length\n");
+                                ERR_print_errors(bio_err);
+                                exit(1);
+                            }
+                        }
+                        if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
+                                               loopargs[k].key, aead_iv, -1)) {
+                            BIO_printf(bio_err, "\nFailed to set the key\n");
+                            ERR_print_errors(bio_err);
+                            exit(1);
+                        }
+                        /* Set total length of input. Only required for CCM */
+                        if (mode_op == EVP_CIPH_CCM_MODE) {
+                            if (!EVP_EncryptUpdate(loopargs[k].ctx, NULL,
+                                                   &outlen, NULL,
+                                                   lengths[testnum])) {
+                                BIO_printf(bio_err,
+                                           "\nCouldn't set input text length\n");
+                                ERR_print_errors(bio_err);
+                                exit(1);
+                            }
+                        }
+                        if (aead) {
+                            if (!EVP_EncryptUpdate(loopargs[k].ctx, NULL,
+                                                   &outlen, aad, sizeof(aad))) {
+                                BIO_printf(bio_err,
+                                           "\nCouldn't insert AAD when encrypting\n");
+                                ERR_print_errors(bio_err);
+                                exit(1);
+                            }
+                        }
+                        if (!EVP_EncryptUpdate(loopargs[k].ctx, loopargs[k].buf,
+                                               &outlen, loopargs[k].buf,
+                                               lengths[testnum])) {
+                            BIO_printf(bio_err,
+                                       "\nFailed to to encrypt the data\n");
+                            ERR_print_errors(bio_err);
+                            exit(1);
+                        }
+
+                        if (!EVP_EncryptFinal_ex(loopargs[k].ctx,
+                                                 loopargs[k].buf, &outlen)) {
+                            BIO_printf(bio_err,
+                                       "\nFailed finalize the encryption\n");
+                            ERR_print_errors(bio_err);
+                            exit(1);
+                        }
+
+                        if (!EVP_CIPHER_CTX_ctrl(loopargs[k].ctx,
+                                                 EVP_CTRL_AEAD_GET_TAG,
+                                                 TAG_LEN, &loopargs[k].tag)) {
+                            BIO_printf(bio_err, "\nFailed to get the tag\n");
+                            ERR_print_errors(bio_err);
+                            exit(1);
+                        }
+
+                        EVP_CIPHER_CTX_free(loopargs[k].ctx);
+                        loopargs[k].ctx = EVP_CIPHER_CTX_new();
+                        if (loopargs[k].ctx == NULL) {
+                            BIO_printf(bio_err,
+                                       "\nEVP_CIPHER_CTX_new failure\n");
+                            exit(1);
+                        }
+                        if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher,
+                                               NULL, NULL, NULL, 0)) {
+                            BIO_printf(bio_err,
+                                       "\nFailed initializing the context\n");
+                            ERR_print_errors(bio_err);
+                            exit(1);
+                        }
+
+                        EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
+
+                        /* SIV only allows for one Update operation */
+                        if (mode_op == EVP_CIPH_SIV_MODE)
+                            EVP_CIPHER_CTX_ctrl(loopargs[k].ctx,
+                                                EVP_CTRL_SET_SPEED, 1, NULL);
+                    }
                 }
 
                 Time_F(START);
                 count = run_benchmark(async_jobs, loopfunc, loopargs);
                 d = Time_F(STOP);
-                for (k = 0; k < loopargs_len; k++)
+                for (k = 0; k < loopargs_len; k++) {
+                    OPENSSL_clear_free(loopargs[k].key, keylen);
                     EVP_CIPHER_CTX_free(loopargs[k].ctx);
+                }
                 print_result(D_EVP, testnum, count, d);
             }
         } else if (evp_md_name != NULL) {
@@ -2297,6 +2511,7 @@ int speed_main(int argc, char **argv)
     }
 
     if (doit[D_EVP_CMAC]) {
+        size_t len = sizeof("cmac()") + strlen(evp_mac_ciphername);
         OSSL_PARAM params[3];
         EVP_CIPHER *cipher = NULL;
 
@@ -2312,9 +2527,8 @@ int speed_main(int argc, char **argv)
             BIO_printf(bio_err, "\nRequested CMAC cipher with unsupported key length.\n");
             goto end;
         }
-        evp_cmac_name = app_malloc(sizeof("cmac()")
-                                   + strlen(evp_mac_ciphername), "CMAC name");
-        sprintf(evp_cmac_name, "cmac(%s)", evp_mac_ciphername);
+        evp_cmac_name = app_malloc(len, "CMAC name");
+        BIO_snprintf(evp_cmac_name, len, "cmac(%s)", evp_mac_ciphername);
         names[D_EVP_CMAC] = evp_cmac_name;
 
         params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_CIPHER,
@@ -3675,7 +3889,6 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
         print_message(alg_name, 0, mblengths[j], seconds->sym);
         Time_F(START);
         for (count = 0; run && count < INT_MAX; count++) {
-            unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
             EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
             size_t len = mblengths[j];
             int packlen;
diff --git a/deps/openssl/openssl/configdata.pm.in b/deps/openssl/openssl/configdata.pm.in
index 04b901144f4779..a4ae907299953f 100644
--- a/deps/openssl/openssl/configdata.pm.in
+++ b/deps/openssl/openssl/configdata.pm.in
@@ -145,7 +145,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -167,7 +167,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/openssl/crypto/asn1/a_bitstr.c b/deps/openssl/openssl/crypto/asn1/a_bitstr.c
index 4930d5022ee393..549c0e88554978 100644
--- a/deps/openssl/openssl/crypto/asn1/a_bitstr.c
+++ b/deps/openssl/openssl/crypto/asn1/a_bitstr.c
@@ -36,25 +36,30 @@ int ossl_i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
                 if (a->data[len - 1])
                     break;
             }
-            j = a->data[len - 1];
-            if (j & 0x01)
+
+            if (len == 0) {
                 bits = 0;
-            else if (j & 0x02)
-                bits = 1;
-            else if (j & 0x04)
-                bits = 2;
-            else if (j & 0x08)
-                bits = 3;
-            else if (j & 0x10)
-                bits = 4;
-            else if (j & 0x20)
-                bits = 5;
-            else if (j & 0x40)
-                bits = 6;
-            else if (j & 0x80)
-                bits = 7;
-            else
-                bits = 0;       /* should not happen */
+            } else {
+                j = a->data[len - 1];
+                if (j & 0x01)
+                    bits = 0;
+                else if (j & 0x02)
+                    bits = 1;
+                else if (j & 0x04)
+                    bits = 2;
+                else if (j & 0x08)
+                    bits = 3;
+                else if (j & 0x10)
+                    bits = 4;
+                else if (j & 0x20)
+                    bits = 5;
+                else if (j & 0x40)
+                    bits = 6;
+                else if (j & 0x80)
+                    bits = 7;
+                else
+                    bits = 0;       /* should not happen */
+            }
         }
     } else
         bits = 0;
diff --git a/deps/openssl/openssl/crypto/asn1/a_strnid.c b/deps/openssl/openssl/crypto/asn1/a_strnid.c
index d052935661d362..20cfabc8a7a41c 100644
--- a/deps/openssl/openssl/crypto/asn1/a_strnid.c
+++ b/deps/openssl/openssl/crypto/asn1/a_strnid.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -39,10 +39,10 @@ unsigned long ASN1_STRING_get_default_mask(void)
  * This function sets the default to various "flavours" of configuration.
  * based on an ASCII string. Currently this is:
  * MASK:XXXX : a numerical mask value.
- * nobmp : Don't use BMPStrings (just Printable, T61).
- * pkix : PKIX recommendation in RFC2459.
- * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004).
- * default:   the default value, Printable, T61, BMP.
+ * default   : use Printable, IA5, T61, BMP, and UTF8 string types
+ * nombstr   : any string type except variable-sized BMPStrings or UTF8Strings
+ * pkix      : PKIX recommendation in RFC2459
+ * utf8only  : this is the default, use UTF8Strings
  */
 
 int ASN1_STRING_set_default_mask_asc(const char *p)
diff --git a/deps/openssl/openssl/crypto/asn1/a_time.c b/deps/openssl/openssl/crypto/asn1/a_time.c
index 9b3074e47e84a5..5ef6d0d1cd1c64 100644
--- a/deps/openssl/openssl/crypto/asn1/a_time.c
+++ b/deps/openssl/openssl/crypto/asn1/a_time.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -488,9 +488,9 @@ int ASN1_TIME_print_ex(BIO *bp, const ASN1_TIME *tm, unsigned long flags)
 int ossl_asn1_time_print_ex(BIO *bp, const ASN1_TIME *tm, unsigned long flags)
 {
     char *v;
-    int gmt = 0, l;
+    int l;
     struct tm stm;
-    const char upper_z = 0x5A, period = 0x2E;
+    const char period = 0x2E;
 
     /* ossl_asn1_time_to_tm will check the time type */
     if (!ossl_asn1_time_to_tm(&stm, tm))
@@ -498,8 +498,6 @@ int ossl_asn1_time_print_ex(BIO *bp, const ASN1_TIME *tm, unsigned long flags)
 
     l = tm->length;
     v = (char *)tm->data;
-    if (v[l - 1] == upper_z)
-        gmt = 1;
 
     if (tm->type == V_ASN1_GENERALIZEDTIME) {
         char *f = NULL;
@@ -510,39 +508,36 @@ int ossl_asn1_time_print_ex(BIO *bp, const ASN1_TIME *tm, unsigned long flags)
          * 'fraction point' in a GeneralizedTime string.
          */
         if (tm->length > 15 && v[14] == period) {
-            f = &v[14];
-            f_len = 1;
-            while (14 + f_len < l && ossl_ascii_isdigit(f[f_len]))
+            /* exclude the . itself */
+            f = &v[15];
+            f_len = 0;
+            while (15 + f_len < l && ossl_ascii_isdigit(f[f_len]))
                 ++f_len;
         }
 
-        if ((flags & ASN1_DTFLGS_TYPE_MASK) == ASN1_DTFLGS_ISO8601) {
-            return BIO_printf(bp, "%4d-%02d-%02d %02d:%02d:%02d%.*s%s",
-                          stm.tm_year + 1900, stm.tm_mon + 1,
-                          stm.tm_mday, stm.tm_hour,
-                          stm.tm_min, stm.tm_sec, f_len, f,
-                          (gmt ? "Z" : "")) > 0;
-        }
-        else {
-            return BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s",
-                          _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour,
-                          stm.tm_min, stm.tm_sec, f_len, f, stm.tm_year + 1900,
-                          (gmt ? " GMT" : "")) > 0;
+        if (f_len > 0) {
+            if ((flags & ASN1_DTFLGS_TYPE_MASK) == ASN1_DTFLGS_ISO8601) {
+                return BIO_printf(bp, "%4d-%02d-%02d %02d:%02d:%02d.%.*sZ",
+                                  stm.tm_year + 1900, stm.tm_mon + 1,
+                                  stm.tm_mday, stm.tm_hour,
+                                  stm.tm_min, stm.tm_sec, f_len, f) > 0;
+            } else {
+                return BIO_printf(bp, "%s %2d %02d:%02d:%02d.%.*s %d GMT",
+                                  _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour,
+                                  stm.tm_min, stm.tm_sec, f_len, f,
+                                  stm.tm_year + 1900) > 0;
+            }
         }
-    } else {
-        if ((flags & ASN1_DTFLGS_TYPE_MASK) == ASN1_DTFLGS_ISO8601) {
-            return BIO_printf(bp, "%4d-%02d-%02d %02d:%02d:%02d%s",
+    }
+    if ((flags & ASN1_DTFLGS_TYPE_MASK) == ASN1_DTFLGS_ISO8601) {
+        return BIO_printf(bp, "%4d-%02d-%02d %02d:%02d:%02dZ",
                           stm.tm_year + 1900, stm.tm_mon + 1,
                           stm.tm_mday, stm.tm_hour,
-                          stm.tm_min, stm.tm_sec,
-                          (gmt ? "Z" : "")) > 0;
-        }
-        else {
-            return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s",
+                          stm.tm_min, stm.tm_sec) > 0;
+    } else {
+        return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d GMT",
                           _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour,
-                          stm.tm_min, stm.tm_sec, stm.tm_year + 1900,
-                          (gmt ? " GMT" : "")) > 0;
-        }
+                          stm.tm_min, stm.tm_sec, stm.tm_year + 1900) > 0;
     }
 }
 
diff --git a/deps/openssl/openssl/crypto/asn1/asn1_gen.c b/deps/openssl/openssl/crypto/asn1/asn1_gen.c
index 402ab34e6a46f7..152dc870a5580b 100644
--- a/deps/openssl/openssl/crypto/asn1/asn1_gen.c
+++ b/deps/openssl/openssl/crypto/asn1/asn1_gen.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -498,7 +498,8 @@ static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
 static int asn1_str2tag(const char *tagstr, int len)
 {
     unsigned int i;
-    static const struct tag_name_st *tntmp, tnst[] = {
+    const struct tag_name_st *tntmp;
+    static const struct tag_name_st tnst[] = {
         ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN),
         ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN),
         ASN1_GEN_STR("NULL", V_ASN1_NULL),
diff --git a/deps/openssl/openssl/crypto/asn1/asn_mime.c b/deps/openssl/openssl/crypto/asn1/asn_mime.c
index 9fc52d0476264a..8bb7089292d0f3 100644
--- a/deps/openssl/openssl/crypto/asn1/asn_mime.c
+++ b/deps/openssl/openssl/crypto/asn1/asn_mime.c
@@ -300,6 +300,8 @@ int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
 
     if (ctype_nid == NID_pkcs7_enveloped) {
         msg_type = "enveloped-data";
+    } else if (ctype_nid == NID_id_smime_ct_authEnvelopedData) {
+        msg_type = "authEnveloped-data";
     } else if (ctype_nid == NID_pkcs7_signed) {
         if (econt_nid == NID_id_smime_ct_receipt)
             msg_type = "signed-receipt";
diff --git a/deps/openssl/openssl/crypto/bio/bio_addr.c b/deps/openssl/openssl/crypto/bio/bio_addr.c
index 04d62f45b198ef..d462f424d3a406 100644
--- a/deps/openssl/openssl/crypto/bio/bio_addr.c
+++ b/deps/openssl/openssl/crypto/bio/bio_addr.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -547,8 +547,13 @@ int BIO_parse_hostserv(const char *hostserv, char **host, char **service,
             *service = NULL;
         } else {
             *service = OPENSSL_strndup(p, pl);
-            if (*service == NULL)
+            if (*service == NULL) {
+                if (h != NULL && host != NULL) {
+                    OPENSSL_free(*host);
+                    *host = NULL;
+                }
                 goto memerr;
+            }
         }
     }
 
diff --git a/deps/openssl/openssl/crypto/bio/bio_sock.c b/deps/openssl/openssl/crypto/bio/bio_sock.c
index 12e6a68e3a25d8..84496de6f6bda4 100644
--- a/deps/openssl/openssl/crypto/bio/bio_sock.c
+++ b/deps/openssl/openssl/crypto/bio/bio_sock.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -222,7 +222,7 @@ int BIO_get_accept_socket(char *host, int bind_mode)
         return INVALID_SOCKET;
 
     if (BIO_sock_init() != 1)
-        return INVALID_SOCKET;
+        goto err;
 
     if (BIO_lookup(h, p, BIO_LOOKUP_SERVER, AF_UNSPEC, SOCK_STREAM, &res) != 0)
         goto err;
diff --git a/deps/openssl/openssl/crypto/bio/bss_log.c b/deps/openssl/openssl/crypto/bio/bss_log.c
index 82abfd5cec6305..63b30e300fec49 100644
--- a/deps/openssl/openssl/crypto/bio/bss_log.c
+++ b/deps/openssl/openssl/crypto/bio/bss_log.c
@@ -281,7 +281,7 @@ static void xsyslog(BIO *bp, int priority, const char *string)
         break;
     }
 
-    sprintf(pidbuf, "[%lu] ", GetCurrentProcessId());
+    BIO_snprintf(pidbuf, sizeof(pidbuf), "[%lu] ", GetCurrentProcessId());
     lpszStrings[0] = pidbuf;
     lpszStrings[1] = string;
 
diff --git a/deps/openssl/openssl/crypto/bn/asm/armv8-mont.pl b/deps/openssl/openssl/crypto/bn/asm/armv8-mont.pl
index 54d2e8245f15a8..3192eab3092a7b 100755
--- a/deps/openssl/openssl/crypto/bn/asm/armv8-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/armv8-mont.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -84,10 +84,12 @@
 	cmp	$num,#32
 	b.le	.Lscalar_impl
 #ifndef	__KERNEL__
+#ifndef	__AARCH64EB__
 	adrp	x17,OPENSSL_armv8_rsa_neonized
 	ldr	w17,[x17,#:lo12:OPENSSL_armv8_rsa_neonized]
 	cbnz	w17, bn_mul8x_mont_neon
 #endif
+#endif
 
 .Lscalar_impl:
 	tst	$num,#7
diff --git a/deps/openssl/openssl/crypto/bn/bn_exp.c b/deps/openssl/openssl/crypto/bn/bn_exp.c
index 598a592ca13972..0e563ad823c728 100644
--- a/deps/openssl/openssl/crypto/bn/bn_exp.c
+++ b/deps/openssl/openssl/crypto/bn/bn_exp.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -606,7 +606,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
  * out by Colin Percival,
  * http://www.daemonology.net/hyperthreading-considered-harmful/)
  */
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
                               const BIGNUM *m, BN_CTX *ctx,
                               BN_MONT_CTX *in_mont)
 {
@@ -623,10 +623,6 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
     unsigned int t4 = 0;
 #endif
 
-    bn_check_top(a);
-    bn_check_top(p);
-    bn_check_top(m);
-
     if (!BN_is_odd(m)) {
         ERR_raise(ERR_LIB_BN, BN_R_CALLED_WITH_EVEN_MODULUS);
         return 0;
@@ -1146,7 +1142,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
             goto err;
     } else
 #endif
-    if (!BN_from_montgomery(rr, &tmp, mont, ctx))
+    if (!bn_from_mont_fixed_top(rr, &tmp, mont, ctx))
         goto err;
     ret = 1;
  err:
@@ -1160,6 +1156,19 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
     return ret;
 }
 
+int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *in_mont)
+{
+    bn_check_top(a);
+    bn_check_top(p);
+    bn_check_top(m);
+    if (!bn_mod_exp_mont_fixed_top(rr, a, p, m, ctx, in_mont))
+        return 0;
+    bn_correct_top(rr);
+    return 1;
+}
+
 int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
                          const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
 {
diff --git a/deps/openssl/openssl/crypto/bn/bn_gf2m.c b/deps/openssl/openssl/crypto/bn/bn_gf2m.c
index c811ae82d6b15a..bcc66613cc14d7 100644
--- a/deps/openssl/openssl/crypto/bn/bn_gf2m.c
+++ b/deps/openssl/openssl/crypto/bn/bn_gf2m.c
@@ -15,6 +15,7 @@
 #include "bn_local.h"
 
 #ifndef OPENSSL_NO_EC2M
+# include <openssl/ec.h>
 
 /*
  * Maximum number of iterations before BN_GF2m_mod_solve_quad_arr should
@@ -1140,16 +1141,26 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 /*
  * Convert the bit-string representation of a polynomial ( \sum_{i=0}^n a_i *
  * x^i) into an array of integers corresponding to the bits with non-zero
- * coefficient.  Array is terminated with -1. Up to max elements of the array
- * will be filled.  Return value is total number of array elements that would
- * be filled if array was large enough.
+ * coefficient.  The array is intended to be suitable for use with
+ * `BN_GF2m_mod_arr()`, and so the constant term of the polynomial must not be
+ * zero.  This translates to a requirement that the input BIGNUM `a` is odd.
+ *
+ * Given sufficient room, the array is terminated with -1.  Up to max elements
+ * of the array will be filled.
+ *
+ * The return value is total number of array elements that would be filled if
+ * array was large enough, including the terminating `-1`.  It is `0` when `a`
+ * is not odd or the constant term is zero contrary to requirement.
+ *
+ * The return value is also `0` when the leading exponent exceeds
+ * `OPENSSL_ECC_MAX_FIELD_BITS`, this guards against CPU exhaustion attacks,
  */
 int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max)
 {
     int i, j, k = 0;
     BN_ULONG mask;
 
-    if (BN_is_zero(a))
+    if (!BN_is_odd(a))
         return 0;
 
     for (i = a->top - 1; i >= 0; i--) {
@@ -1167,12 +1178,13 @@ int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max)
         }
     }
 
-    if (k < max) {
+    if (k > 0 && p[0] > OPENSSL_ECC_MAX_FIELD_BITS)
+        return 0;
+
+    if (k < max)
         p[k] = -1;
-        k++;
-    }
 
-    return k;
+    return k + 1;
 }
 
 /*
diff --git a/deps/openssl/openssl/crypto/bn/rsaz_exp_x2.c b/deps/openssl/openssl/crypto/bn/rsaz_exp_x2.c
index b19050dfee8c86..4a2a6752f672ed 100644
--- a/deps/openssl/openssl/crypto/bn/rsaz_exp_x2.c
+++ b/deps/openssl/openssl/crypto/bn/rsaz_exp_x2.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2020, Intel Corporation. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
@@ -495,11 +495,7 @@ static void to_words52(BN_ULONG *out, int out_len,
         out_len--;
     }
 
-    while (out_len > 0) {
-        *out = 0;
-        out_len--;
-        out++;
-    }
+    memset(out, 0, out_len * sizeof(BN_ULONG));
 }
 
 static ossl_inline void put_digit52(uint8_t *pStr, int strLen, uint64_t digit)
diff --git a/deps/openssl/openssl/crypto/cmp/cmp_client.c b/deps/openssl/openssl/crypto/cmp/cmp_client.c
index df334cc0019822..4c8dbfdcd739ad 100644
--- a/deps/openssl/openssl/crypto/cmp/cmp_client.c
+++ b/deps/openssl/openssl/crypto/cmp/cmp_client.c
@@ -107,9 +107,12 @@ static int save_statusInfo(OSSL_CMP_CTX *ctx, OSSL_CMP_PKISI *si)
     ss = si->statusString; /* may be NULL */
     for (i = 0; i < sk_ASN1_UTF8STRING_num(ss); i++) {
         ASN1_UTF8STRING *str = sk_ASN1_UTF8STRING_value(ss, i);
+        ASN1_UTF8STRING *dup = ASN1_STRING_dup(str);
 
-        if (!sk_ASN1_UTF8STRING_push(ctx->statusString, ASN1_STRING_dup(str)))
+        if (dup == NULL || !sk_ASN1_UTF8STRING_push(ctx->statusString, dup)) {
+            ASN1_UTF8STRING_free(dup);
             return 0;
+        }
     }
     return 1;
 }
diff --git a/deps/openssl/openssl/crypto/cms/cms_asn1.c b/deps/openssl/openssl/crypto/cms/cms_asn1.c
index 72cd14317d47ea..95095201592323 100644
--- a/deps/openssl/openssl/crypto/cms/cms_asn1.c
+++ b/deps/openssl/openssl/crypto/cms/cms_asn1.c
@@ -51,6 +51,7 @@ static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
         EVP_PKEY_free(si->pkey);
         X509_free(si->signer);
         EVP_MD_CTX_free(si->mctx);
+        EVP_PKEY_CTX_free(si->pctx);
     }
     return 1;
 }
@@ -89,11 +90,21 @@ ASN1_SEQUENCE(CMS_OriginatorInfo) = {
         ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
 } static_ASN1_SEQUENCE_END(CMS_OriginatorInfo)
 
-ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {
+static int cms_ec_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                     void *exarg)
+{
+    CMS_EncryptedContentInfo *ec = (CMS_EncryptedContentInfo *)*pval;
+
+    if (operation == ASN1_OP_FREE_POST)
+        OPENSSL_clear_free(ec->key, ec->keylen);
+    return 1;
+}
+
+ASN1_NDEF_SEQUENCE_cb(CMS_EncryptedContentInfo, cms_ec_cb) = {
         ASN1_SIMPLE(CMS_EncryptedContentInfo, contentType, ASN1_OBJECT),
         ASN1_SIMPLE(CMS_EncryptedContentInfo, contentEncryptionAlgorithm, X509_ALGOR),
         ASN1_IMP_OPT(CMS_EncryptedContentInfo, encryptedContent, ASN1_OCTET_STRING_NDEF, 0)
-} static_ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo)
+} ASN1_NDEF_SEQUENCE_END_cb(CMS_EncryptedContentInfo, CMS_EncryptedContentInfo)
 
 ASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = {
         ASN1_EMBED(CMS_KeyTransRecipientInfo, version, INT32),
@@ -317,6 +328,10 @@ static int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
             return 0;
         break;
 
+    case ASN1_OP_FREE_POST:
+        OPENSSL_free(cms->ctx.propq);
+        break;
+
     }
     return 1;
 }
diff --git a/deps/openssl/openssl/crypto/cms/cms_dh.c b/deps/openssl/openssl/crypto/cms/cms_dh.c
index 2f54ed2673a988..3f931d6e6fef32 100644
--- a/deps/openssl/openssl/crypto/cms/cms_dh.c
+++ b/deps/openssl/openssl/crypto/cms/cms_dh.c
@@ -34,7 +34,7 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
     if (OBJ_obj2nid(aoid) != NID_dhpublicnumber)
         goto err;
     /* Only absent parameters allowed in RFC XXXX */
-    if (atype != V_ASN1_UNDEF && atype == V_ASN1_NULL)
+    if (atype != V_ASN1_UNDEF && atype != V_ASN1_NULL)
         goto err;
 
     pk = EVP_PKEY_CTX_get0_pkey(pctx);
diff --git a/deps/openssl/openssl/crypto/cms/cms_env.c b/deps/openssl/openssl/crypto/cms/cms_env.c
index 99cf1dcb396ca5..445a16fb771f27 100644
--- a/deps/openssl/openssl/crypto/cms/cms_env.c
+++ b/deps/openssl/openssl/crypto/cms/cms_env.c
@@ -51,15 +51,6 @@ static int cms_get_enveloped_type(const CMS_ContentInfo *cms)
     return ret;
 }
 
-void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf)
-{
-    if (cms_get_enveloped_type_simple(cinf) != 0) {
-        CMS_EncryptedContentInfo *ec = ossl_cms_get0_env_enc_content(cinf);
-        if (ec != NULL)
-            OPENSSL_clear_free(ec->key, ec->keylen);
-    }
-}
-
 CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms)
 {
     if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
diff --git a/deps/openssl/openssl/crypto/cms/cms_err.c b/deps/openssl/openssl/crypto/cms/cms_err.c
index 4bd6a0dc1bf101..e67d783be29078 100644
--- a/deps/openssl/openssl/crypto/cms/cms_err.c
+++ b/deps/openssl/openssl/crypto/cms/cms_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -20,77 +20,79 @@ static const ERR_STRING_DATA CMS_str_reasons[] = {
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ADD_SIGNER_ERROR), "add signer error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ATTRIBUTE_ERROR), "attribute error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_ALREADY_PRESENT),
-    "certificate already present"},
+     "certificate already present"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_HAS_NO_KEYID),
-    "certificate has no keyid"},
+     "certificate has no keyid"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_VERIFY_ERROR),
-    "certificate verify error"},
+     "certificate verify error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_AEAD_SET_TAG_ERROR),
-    "cipher aead set tag error"},
+     "cipher aead set tag error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_GET_TAG), "cipher get tag"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_INITIALISATION_ERROR),
-    "cipher initialisation error"},
+     "cipher initialisation error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR),
-    "cipher parameter initialisation error"},
+     "cipher parameter initialisation error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CMS_DATAFINAL_ERROR),
-    "cms datafinal error"},
+     "cms datafinal error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CMS_LIB), "cms lib"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENTIDENTIFIER_MISMATCH),
-    "contentidentifier mismatch"},
+     "contentidentifier mismatch"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_NOT_FOUND), "content not found"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_MISMATCH),
-    "content type mismatch"},
+     "content type mismatch"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA),
-    "content type not compressed data"},
+     "content type not compressed data"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA),
-    "content type not enveloped data"},
+     "content type not enveloped data"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA),
-    "content type not signed data"},
+     "content type not signed data"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_VERIFY_ERROR),
-    "content verify error"},
+     "content verify error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CTRL_ERROR), "ctrl error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CTRL_FAILURE), "ctrl failure"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_DECODE_ERROR), "decode error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_DECRYPT_ERROR), "decrypt error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_GETTING_PUBLIC_KEY),
-    "error getting public key"},
+     "error getting public key"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE),
-    "error reading messagedigest attribute"},
+     "error reading messagedigest attribute"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_SETTING_KEY), "error setting key"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_SETTING_RECIPIENTINFO),
-    "error setting recipientinfo"},
+     "error setting recipientinfo"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_UNSUPPORTED_STATIC_KEY_AGREEMENT),
+     "error unsupported static key agreement"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ESS_SIGNING_CERTID_MISMATCH_ERROR),
-    "ess signing certid mismatch error"},
+     "ess signing certid mismatch error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_ENCRYPTED_KEY_LENGTH),
-    "invalid encrypted key length"},
+     "invalid encrypted key length"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER),
-    "invalid key encryption parameter"},
+     "invalid key encryption parameter"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_KEY_LENGTH), "invalid key length"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_LABEL), "invalid label"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_OAEP_PARAMETERS),
-    "invalid oaep parameters"},
+     "invalid oaep parameters"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_KDF_PARAMETER_ERROR),
-    "kdf parameter error"},
+     "kdf parameter error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MD_BIO_INIT_ERROR), "md bio init error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH),
-    "messagedigest attribute wrong length"},
+     "messagedigest attribute wrong length"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MESSAGEDIGEST_WRONG_LENGTH),
-    "messagedigest wrong length"},
+     "messagedigest wrong length"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MSGSIGDIGEST_ERROR), "msgsigdigest error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE),
-    "msgsigdigest verification failure"},
+     "msgsigdigest verification failure"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MSGSIGDIGEST_WRONG_LENGTH),
-    "msgsigdigest wrong length"},
+     "msgsigdigest wrong length"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NEED_ONE_SIGNER), "need one signer"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_A_SIGNED_RECEIPT),
-    "not a signed receipt"},
+     "not a signed receipt"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_ENCRYPTED_DATA), "not encrypted data"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_KEK), "not kek"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_KEY_AGREEMENT), "not key agreement"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_KEY_TRANSPORT), "not key transport"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_PWRI), "not pwri"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
-    "not supported for this key type"},
+     "not supported for this key type"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_CIPHER), "no cipher"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_CONTENT), "no content"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_CONTENT_TYPE), "no content type"},
@@ -100,9 +102,9 @@ static const ERR_STRING_DATA CMS_str_reasons[] = {
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_KEY_OR_CERT), "no key or cert"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MATCHING_DIGEST), "no matching digest"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MATCHING_RECIPIENT),
-    "no matching recipient"},
+     "no matching recipient"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MATCHING_SIGNATURE),
-    "no matching signature"},
+     "no matching signature"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MSGSIGDIGEST), "no msgsigdigest"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_PASSWORD), "no password"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_PRIVATE_KEY), "no private key"},
@@ -111,56 +113,56 @@ static const ERR_STRING_DATA CMS_str_reasons[] = {
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_SIGNERS), "no signers"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_PEER_KEY_ERROR), "peer key error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
-    "private key does not match certificate"},
+     "private key does not match certificate"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_RECEIPT_DECODE_ERROR),
-    "receipt decode error"},
+     "receipt decode error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_RECIPIENT_ERROR), "recipient error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SHARED_INFO_ERROR), "shared info error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND),
-    "signer certificate not found"},
+     "signer certificate not found"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SIGNFINAL_ERROR), "signfinal error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SMIME_TEXT_ERROR), "smime text error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_STORE_INIT_ERROR), "store init error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_COMPRESSED_DATA),
-    "type not compressed data"},
+     "type not compressed data"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_DATA), "type not data"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_DIGESTED_DATA),
-    "type not digested data"},
+     "type not digested data"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_ENCRYPTED_DATA),
-    "type not encrypted data"},
+     "type not encrypted data"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_ENVELOPED_DATA),
-    "type not enveloped data"},
+     "type not enveloped data"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNABLE_TO_FINALIZE_CONTEXT),
-    "unable to finalize context"},
+     "unable to finalize context"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNKNOWN_CIPHER), "unknown cipher"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNKNOWN_DIGEST_ALGORITHM),
-    "unknown digest algorithm"},
+     "unknown digest algorithm"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNKNOWN_ID), "unknown id"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
-    "unsupported compression algorithm"},
+     "unsupported compression algorithm"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM),
-    "unsupported content encryption algorithm"},
+     "unsupported content encryption algorithm"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_CONTENT_TYPE),
-    "unsupported content type"},
+     "unsupported content type"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_ENCRYPTION_TYPE),
-    "unsupported encryption type"},
+     "unsupported encryption type"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_KEK_ALGORITHM),
-    "unsupported kek algorithm"},
+     "unsupported kek algorithm"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM),
-    "unsupported key encryption algorithm"},
+     "unsupported key encryption algorithm"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_LABEL_SOURCE),
-    "unsupported label source"},
+     "unsupported label source"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE),
-    "unsupported recipientinfo type"},
+     "unsupported recipientinfo type"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_RECIPIENT_TYPE),
-    "unsupported recipient type"},
+     "unsupported recipient type"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_SIGNATURE_ALGORITHM),
-    "unsupported signature algorithm"},
+     "unsupported signature algorithm"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_TYPE), "unsupported type"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNWRAP_ERROR), "unwrap error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNWRAP_FAILURE), "unwrap failure"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_VERIFICATION_FAILURE),
-    "verification failure"},
+     "verification failure"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_WRAP_ERROR), "wrap error"},
     {0, NULL}
 };
diff --git a/deps/openssl/openssl/crypto/cms/cms_kari.c b/deps/openssl/openssl/crypto/cms/cms_kari.c
index a2f422a78d8b5c..8e9e6a5d148c8e 100644
--- a/deps/openssl/openssl/crypto/cms/cms_kari.c
+++ b/deps/openssl/openssl/crypto/cms/cms_kari.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2013-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -502,6 +502,13 @@ int ossl_cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
         oik->d.originatorKey = M_ASN1_new_of(CMS_OriginatorPublicKey);
         if (!oik->d.originatorKey)
             return 0;
+    } else {
+        /*
+         * Currently it is not possible to get public key as it is not stored
+         * during kari initialization.
+         */
+        ERR_raise(ERR_LIB_CMS, CMS_R_ERROR_UNSUPPORTED_STATIC_KEY_AGREEMENT);
+        return 0;
     }
     /* Initialise KDF algorithm */
     if (!ossl_cms_env_asn1_ctrl(ri, 0))
diff --git a/deps/openssl/openssl/crypto/cms/cms_lib.c b/deps/openssl/openssl/crypto/cms/cms_lib.c
index 8b135e95aacc81..67b35627ba5e6b 100644
--- a/deps/openssl/openssl/crypto/cms/cms_lib.c
+++ b/deps/openssl/openssl/crypto/cms/cms_lib.c
@@ -22,6 +22,7 @@
 static STACK_OF(CMS_CertificateChoices)
 **cms_get0_certificate_choices(CMS_ContentInfo *cms);
 
+IMPLEMENT_ASN1_ALLOC_FUNCTIONS(CMS_ContentInfo)
 IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
 
 CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a,
@@ -68,20 +69,6 @@ CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq)
     return ci;
 }
 
-CMS_ContentInfo *CMS_ContentInfo_new(void)
-{
-    return CMS_ContentInfo_new_ex(NULL, NULL);
-}
-
-void CMS_ContentInfo_free(CMS_ContentInfo *cms)
-{
-    if (cms != NULL) {
-        ossl_cms_env_enc_content_free(cms);
-        OPENSSL_free(cms->ctx.propq);
-        ASN1_item_free((ASN1_VALUE *)cms, ASN1_ITEM_rptr(CMS_ContentInfo));
-    }
-}
-
 const CMS_CTX *ossl_cms_get0_cmsctx(const CMS_ContentInfo *cms)
 {
     return cms != NULL ? &cms->ctx : NULL;
diff --git a/deps/openssl/openssl/crypto/cms/cms_local.h b/deps/openssl/openssl/crypto/cms/cms_local.h
index 253f6819e43542..1e0e0910d1d181 100644
--- a/deps/openssl/openssl/crypto/cms/cms_local.h
+++ b/deps/openssl/openssl/crypto/cms/cms_local.h
@@ -368,6 +368,7 @@ struct CMS_Receipt_st {
 
 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
 DECLARE_ASN1_ITEM(CMS_SignerInfo)
+DECLARE_ASN1_ITEM(CMS_EncryptedContentInfo)
 DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
 DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
 DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
@@ -444,7 +445,6 @@ BIO *ossl_cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
 int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain);
 BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms);
 int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio);
-void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf);
 CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms);
 CMS_AuthEnvelopedData *ossl_cms_get0_auth_enveloped(CMS_ContentInfo *cms);
 CMS_EncryptedContentInfo *ossl_cms_get0_env_enc_content(const CMS_ContentInfo *cms);
diff --git a/deps/openssl/openssl/crypto/cms/cms_rsa.c b/deps/openssl/openssl/crypto/cms/cms_rsa.c
index 12bc8184389701..5e26e89d501223 100644
--- a/deps/openssl/openssl/crypto/cms/cms_rsa.c
+++ b/deps/openssl/openssl/crypto/cms/cms_rsa.c
@@ -223,7 +223,10 @@ static int rsa_cms_sign(CMS_SignerInfo *si)
         os = ossl_rsa_ctx_to_pss_string(pkctx);
         if (os == NULL)
             return 0;
-        return X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os);
+        if (X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os))
+            return 1;
+        ASN1_STRING_free(os);
+        return 0;
     }
 
     params[0] = OSSL_PARAM_construct_octet_string(
diff --git a/deps/openssl/openssl/crypto/cms/cms_sd.c b/deps/openssl/openssl/crypto/cms/cms_sd.c
index 3a21664e9da212..4758d048386eb0 100644
--- a/deps/openssl/openssl/crypto/cms/cms_sd.c
+++ b/deps/openssl/openssl/crypto/cms/cms_sd.c
@@ -482,8 +482,12 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
                                          ossl_cms_ctx_get0_libctx(ctx),
                                          ossl_cms_ctx_get0_propq(ctx),
                                          pk, NULL) <= 0) {
+            si->pctx = NULL;
             goto err;
         }
+        else {
+            EVP_MD_CTX_set_flags(si->mctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
+        }
     }
 
     if (!sd->signerInfos)
@@ -725,6 +729,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
         unsigned int mdlen;
 
         pctx = si->pctx;
+        si->pctx = NULL;
         if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
             goto err;
         siglen = EVP_PKEY_get_size(si->pkey);
@@ -813,6 +818,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
                                   ossl_cms_ctx_get0_propq(ctx), si->pkey,
                                   NULL) <= 0)
             goto err;
+        EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
         si->pctx = pctx;
     }
 
@@ -884,9 +890,16 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
         goto err;
     }
     mctx = si->mctx;
+    if (si->pctx != NULL) {
+        EVP_PKEY_CTX_free(si->pctx);
+        si->pctx = NULL;
+    }
     if (EVP_DigestVerifyInit_ex(mctx, &si->pctx, EVP_MD_get0_name(md), libctx,
-                                propq, si->pkey, NULL) <= 0)
+                                propq, si->pkey, NULL) <= 0) {
+        si->pctx = NULL;
         goto err;
+    }
+    EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
 
     if (!cms_sd_asn1_ctrl(si, 1))
         goto err;
@@ -1003,8 +1016,11 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
         if (EVP_PKEY_CTX_set_signature_md(pkctx, md) <= 0)
             goto err;
         si->pctx = pkctx;
-        if (!cms_sd_asn1_ctrl(si, 1))
+        if (!cms_sd_asn1_ctrl(si, 1)) {
+            si->pctx = NULL;
             goto err;
+        }
+        si->pctx = NULL;
         r = EVP_PKEY_verify(pkctx, si->signature->data,
                             si->signature->length, mval, mlen);
         if (r <= 0) {
diff --git a/deps/openssl/openssl/crypto/cms/cms_smime.c b/deps/openssl/openssl/crypto/cms/cms_smime.c
index d7719267c8c83d..65da2452fcea7e 100644
--- a/deps/openssl/openssl/crypto/cms/cms_smime.c
+++ b/deps/openssl/openssl/crypto/cms/cms_smime.c
@@ -236,7 +236,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher,
     if (cms == NULL)
         return NULL;
     if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
-        return NULL;
+        goto err;
 
     if (!(flags & CMS_DETACHED))
         CMS_set_detached(cms, 0);
@@ -245,6 +245,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher,
         || CMS_final(cms, in, NULL, flags))
         return cms;
 
+ err:
     CMS_ContentInfo_free(cms);
     return NULL;
 }
diff --git a/deps/openssl/openssl/crypto/core_fetch.c b/deps/openssl/openssl/crypto/core_fetch.c
index 38db36ee1f75e9..c063515fc04d92 100644
--- a/deps/openssl/openssl/crypto/core_fetch.c
+++ b/deps/openssl/openssl/crypto/core_fetch.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -120,7 +120,8 @@ static void ossl_method_construct_this(OSSL_PROVIDER *provider,
      * It is *expected* that the put function increments the refcnt
      * of the passed method.
      */
-    data->mcm->put(data->store, method, provider, algo->algorithm_names,
+    data->mcm->put(no_store ? data->store : NULL,
+                   method, provider, algo->algorithm_names,
                    algo->property_definition, data->mcm_data);
 
     /* refcnt-- because we're dropping the reference */
diff --git a/deps/openssl/openssl/crypto/dso/dso_dl.c b/deps/openssl/openssl/crypto/dso/dso_dl.c
index f4e6e5f4573f66..05b63cf1d9c232 100644
--- a/deps/openssl/openssl/crypto/dso/dso_dl.c
+++ b/deps/openssl/openssl/crypto/dso/dso_dl.c
@@ -235,13 +235,12 @@ static char *dl_name_converter(DSO *dso, const char *filename)
         ERR_raise(ERR_LIB_DSO, DSO_R_NAME_TRANSLATION_FAILED);
         return NULL;
     }
-    if (transform) {
-        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-            sprintf(translated, "lib%s%s", filename, DSO_EXTENSION);
-        else
-            sprintf(translated, "%s%s", filename, DSO_EXTENSION);
-    } else
-        sprintf(translated, "%s", filename);
+    if (transform)
+        BIO_snprintf(translated, rsize,
+                     (DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0
+                     ? "lib%s%s" : "%s%s", filename, DSO_EXTENSION);
+    else
+        BIO_snprintf(translated, rsize, "%s", filename);
     return translated;
 }
 
diff --git a/deps/openssl/openssl/crypto/dso/dso_dlfcn.c b/deps/openssl/openssl/crypto/dso/dso_dlfcn.c
index 6a988cc727913e..1107da5fe6575e 100644
--- a/deps/openssl/openssl/crypto/dso/dso_dlfcn.c
+++ b/deps/openssl/openssl/crypto/dso/dso_dlfcn.c
@@ -271,11 +271,12 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename)
     }
     if (transform) {
         if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-            sprintf(translated, "lib%s" DSO_EXTENSION, filename);
+            BIO_snprintf(translated, rsize, "lib%s" DSO_EXTENSION, filename);
         else
-            sprintf(translated, "%s" DSO_EXTENSION, filename);
-    } else
-        sprintf(translated, "%s", filename);
+            BIO_snprintf(translated, rsize, "%s" DSO_EXTENSION, filename);
+    } else {
+        BIO_snprintf(translated, rsize, "%s", filename);
+    }
     return translated;
 }
 
diff --git a/deps/openssl/openssl/crypto/dso/dso_win32.c b/deps/openssl/openssl/crypto/dso/dso_win32.c
index 4d3059d43879f8..91a1a9d9aeb577 100644
--- a/deps/openssl/openssl/crypto/dso/dso_win32.c
+++ b/deps/openssl/openssl/crypto/dso/dso_win32.c
@@ -454,24 +454,20 @@ static char *win32_name_converter(DSO *dso, const char *filename)
     char *translated;
     int len, transform;
 
-    len = strlen(filename);
     transform = ((strstr(filename, "/") == NULL) &&
                  (strstr(filename, "\\") == NULL) &&
                  (strstr(filename, ":") == NULL));
+    /* If transform != 0, then we convert to %s.dll, else just dupe filename */
+
+    len = strlen(filename) + 1;
     if (transform)
-        /* We will convert this to "%s.dll" */
-        translated = OPENSSL_malloc(len + 5);
-    else
-        /* We will simply duplicate filename */
-        translated = OPENSSL_malloc(len + 1);
+        len += strlen(".dll");
+    translated = OPENSSL_malloc(len);
     if (translated == NULL) {
         ERR_raise(ERR_LIB_DSO, DSO_R_NAME_TRANSLATION_FAILED);
         return NULL;
     }
-    if (transform)
-        sprintf(translated, "%s.dll", filename);
-    else
-        sprintf(translated, "%s", filename);
+    BIO_snprintf(translated, len, "%s%s", filename, transform ? ".dll" : "");
     return translated;
 }
 
diff --git a/deps/openssl/openssl/crypto/ec/ec_asn1.c b/deps/openssl/openssl/crypto/ec/ec_asn1.c
index 7a0b35a594311b..c018f392894d9e 100644
--- a/deps/openssl/openssl/crypto/ec/ec_asn1.c
+++ b/deps/openssl/openssl/crypto/ec/ec_asn1.c
@@ -1161,7 +1161,7 @@ int i2o_ECPublicKey(const EC_KEY *a, unsigned char **out)
     size_t buf_len = 0;
     int new_buffer = 0;
 
-    if (a == NULL) {
+    if (a == NULL || a->pub_key == NULL) {
         ERR_raise(ERR_LIB_EC, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
diff --git a/deps/openssl/openssl/crypto/ec/ec_backend.c b/deps/openssl/openssl/crypto/ec/ec_backend.c
index 98e2c418e416c8..cad576fc48a142 100644
--- a/deps/openssl/openssl/crypto/ec/ec_backend.c
+++ b/deps/openssl/openssl/crypto/ec/ec_backend.c
@@ -616,14 +616,8 @@ EC_KEY *ossl_ec_key_dup(const EC_KEY *src, int selection)
             || !EC_GROUP_copy(ret->group, src->group))
             goto err;
 
-        if (src->meth != NULL) {
-#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
-            if (src->engine != NULL && ENGINE_init(src->engine) == 0)
-                goto err;
-            ret->engine = src->engine;
-#endif
+        if (src->meth != NULL)
             ret->meth = src->meth;
-        }
     }
 
     /*  copy the public key */
diff --git a/deps/openssl/openssl/crypto/ec/ec_lib.c b/deps/openssl/openssl/crypto/ec/ec_lib.c
index b1696d93bd6dd0..a082876fb4798e 100644
--- a/deps/openssl/openssl/crypto/ec/ec_lib.c
+++ b/deps/openssl/openssl/crypto/ec/ec_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
@@ -20,6 +20,7 @@
 #include <openssl/err.h>
 #include <openssl/opensslv.h>
 #include "crypto/ec.h"
+#include "crypto/bn.h"
 #include "internal/nelem.h"
 #include "ec_local.h"
 
@@ -1262,10 +1263,10 @@ static int ec_field_inverse_mod_ord(const EC_GROUP *group, BIGNUM *r,
     if (!BN_sub(e, group->order, e))
         goto err;
     /*-
-     * Exponent e is public.
-     * No need for scatter-gather or BN_FLG_CONSTTIME.
+     * Although the exponent is public we want the result to be
+     * fixed top.
      */
-    if (!BN_mod_exp_mont(r, x, e, group->order, ctx, group->mont_data))
+    if (!bn_mod_exp_mont_fixed_top(r, x, e, group->order, ctx, group->mont_data))
         goto err;
 
     ret = 1;
diff --git a/deps/openssl/openssl/crypto/ec/ec_oct.c b/deps/openssl/openssl/crypto/ec/ec_oct.c
index 790a0b29077176..2b77e9738883e0 100644
--- a/deps/openssl/openssl/crypto/ec/ec_oct.c
+++ b/deps/openssl/openssl/crypto/ec/ec_oct.c
@@ -74,6 +74,10 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point,
                           point_conversion_form_t form, unsigned char *buf,
                           size_t len, BN_CTX *ctx)
 {
+    if (point == NULL) {
+        ERR_raise(ERR_LIB_EC, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
     if (group->meth->point2oct == 0
         && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
         ERR_raise(ERR_LIB_EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
diff --git a/deps/openssl/openssl/crypto/encode_decode/encoder_pkey.c b/deps/openssl/openssl/crypto/encode_decode/encoder_pkey.c
index 3a24317cf4d6cf..39266a95309dcd 100644
--- a/deps/openssl/openssl/crypto/encode_decode/encoder_pkey.c
+++ b/deps/openssl/openssl/crypto/encode_decode/encoder_pkey.c
@@ -186,9 +186,13 @@ encoder_construct_pkey(OSSL_ENCODER_INSTANCE *encoder_inst, void *arg)
         const OSSL_PROVIDER *e_prov = OSSL_ENCODER_get0_provider(encoder);
 
         if (k_prov != e_prov) {
+            int selection = data->selection;
+
+            if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
+                selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
             data->encoder_inst = encoder_inst;
 
-            if (!evp_keymgmt_export(pk->keymgmt, pk->keydata, data->selection,
+            if (!evp_keymgmt_export(pk->keymgmt, pk->keydata, selection,
                                     &encoder_import_cb, data))
                 return NULL;
             data->obj = data->constructed_obj;
diff --git a/deps/openssl/openssl/crypto/err/openssl.txt b/deps/openssl/openssl/crypto/err/openssl.txt
index 003e2981095676..756fafdfa24aff 100644
--- a/deps/openssl/openssl/crypto/err/openssl.txt
+++ b/deps/openssl/openssl/crypto/err/openssl.txt
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -307,6 +307,8 @@ CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE:114:\
 	error reading messagedigest attribute
 CMS_R_ERROR_SETTING_KEY:115:error setting key
 CMS_R_ERROR_SETTING_RECIPIENTINFO:116:error setting recipientinfo
+CMS_R_ERROR_UNSUPPORTED_STATIC_KEY_AGREEMENT:196:\
+	error unsupported static key agreement
 CMS_R_ESS_SIGNING_CERTID_MISMATCH_ERROR:183:ess signing certid mismatch error
 CMS_R_INVALID_ENCRYPTED_KEY_LENGTH:117:invalid encrypted key length
 CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER:176:invalid key encryption parameter
@@ -1388,8 +1390,6 @@ SSL_R_MISSING_ECDSA_SIGNING_CERT:381:missing ecdsa signing cert
 SSL_R_MISSING_FATAL:256:missing fatal
 SSL_R_MISSING_PARAMETERS:290:missing parameters
 SSL_R_MISSING_PSK_KEX_MODES_EXTENSION:310:missing psk kex modes extension
-SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION:801:\
-	missing quic transport parameters extension
 SSL_R_MISSING_RSA_CERTIFICATE:168:missing rsa certificate
 SSL_R_MISSING_RSA_ENCRYPTING_CERT:169:missing rsa encrypting cert
 SSL_R_MISSING_RSA_SIGNING_CERT:170:missing rsa signing cert
@@ -1540,7 +1540,6 @@ SSL_R_VERSION_TOO_LOW:396:version too low
 SSL_R_WRONG_CERTIFICATE_TYPE:383:wrong certificate type
 SSL_R_WRONG_CIPHER_RETURNED:261:wrong cipher returned
 SSL_R_WRONG_CURVE:378:wrong curve
-SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED:800:wrong encryption level received
 SSL_R_WRONG_SIGNATURE_LENGTH:264:wrong signature length
 SSL_R_WRONG_SIGNATURE_SIZE:265:wrong signature size
 SSL_R_WRONG_SIGNATURE_TYPE:370:wrong signature type
diff --git a/deps/openssl/openssl/crypto/evp/ctrl_params_translate.c b/deps/openssl/openssl/crypto/evp/ctrl_params_translate.c
index de6c215e205a22..44d0895bcf1447 100644
--- a/deps/openssl/openssl/crypto/evp/ctrl_params_translate.c
+++ b/deps/openssl/openssl/crypto/evp/ctrl_params_translate.c
@@ -1210,6 +1210,8 @@ static int fix_ecdh_cofactor(enum state state,
         /* The initial value for |ctx->action_type| must not be zero. */
         if (!ossl_assert(ctx->action_type != NONE))
             return 0;
+    } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == NONE) {
+        ctx->action_type = GET;
     }
 
     if ((ret = default_check(state, translation, ctx)) <= 0)
@@ -1235,6 +1237,8 @@ static int fix_ecdh_cofactor(enum state state,
         }
     } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == GET) {
         ctx->p1 = -2;
+    } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == GET) {
+        ctx->p1 = ret;
     }
 
     return ret;
@@ -2800,8 +2804,14 @@ static int evp_pkey_ctx_setget_params_to_ctrl(EVP_PKEY_CTX *pctx,
         /*
          * In POST, we pass the return value as p1, allowing the fixup_args
          * function to put it to good use, or maybe affect it.
+         *
+         * NOTE: even though EVP_PKEY_CTX_ctrl return value is documented
+         * as return positive on Success and 0 or negative on falure. There
+         * maybe parameters (e.g. ecdh_cofactor), which actually return 0
+         * as success value. That is why we do POST_PARAMS_TO_CTRL for 0
+         * value as well
          */
-        if (ret > 0) {
+        if (ret >= 0) {
             ctx.p1 = ret;
             fixup(POST_PARAMS_TO_CTRL, translation, &ctx);
             ret = ctx.p1;
diff --git a/deps/openssl/openssl/crypto/evp/m_sigver.c b/deps/openssl/openssl/crypto/evp/m_sigver.c
index 76a6814b424bec..efd2c05c85cf09 100644
--- a/deps/openssl/openssl/crypto/evp/m_sigver.c
+++ b/deps/openssl/openssl/crypto/evp/m_sigver.c
@@ -662,8 +662,12 @@ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
 {
     EVP_PKEY_CTX *pctx = ctx->pctx;
 
-    if (pctx != NULL
-            && pctx->operation == EVP_PKEY_OP_VERIFYCTX
+    if (pctx == NULL) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
+        return -1;
+    }
+
+    if (pctx->operation == EVP_PKEY_OP_VERIFYCTX
             && pctx->op.sig.algctx != NULL
             && pctx->op.sig.signature != NULL) {
         if (pctx->op.sig.signature->digest_verify != NULL)
@@ -672,8 +676,8 @@ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
                                                          tbs, tbslen);
     } else {
         /* legacy */
-        if (ctx->pctx->pmeth != NULL && ctx->pctx->pmeth->digestverify != NULL)
-            return ctx->pctx->pmeth->digestverify(ctx, sigret, siglen, tbs, tbslen);
+        if (pctx->pmeth != NULL && pctx->pmeth->digestverify != NULL)
+            return pctx->pmeth->digestverify(ctx, sigret, siglen, tbs, tbslen);
     }
 
     if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0)
diff --git a/deps/openssl/openssl/crypto/http/http_client.c b/deps/openssl/openssl/crypto/http/http_client.c
index 4b96a6b9e9e240..c86db4405b8f19 100644
--- a/deps/openssl/openssl/crypto/http/http_client.c
+++ b/deps/openssl/openssl/crypto/http/http_client.c
@@ -851,6 +851,20 @@ int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP_REQ_CTX *rctx,
 
 #ifndef OPENSSL_NO_SOCK
 
+static const char *explict_or_default_port(const char *hostserv, const char *port, int use_ssl)
+{
+    if (port == NULL) {
+        char *service = NULL;
+
+        if (!BIO_parse_hostserv(hostserv, NULL, &service, BIO_PARSE_PRIO_HOST))
+            return NULL;
+        if (service == NULL) /* implicit port */
+            port = use_ssl ? OSSL_HTTPS_PORT : OSSL_HTTP_PORT;
+        OPENSSL_free(service);
+    } /* otherwise take the explicitly given port */
+    return port;
+}
+
 /* set up a new connection BIO, to HTTP server or to HTTP(S) proxy if given */
 static BIO *http_new_bio(const char *server /* optionally includes ":port" */,
                          const char *server_port /* explicit server port */,
@@ -870,8 +884,7 @@ static BIO *http_new_bio(const char *server /* optionally includes ":port" */,
         port = proxy_port;
     }
 
-    if (port == NULL && strchr(host, ':') == NULL)
-        port = use_ssl ? OSSL_HTTPS_PORT : OSSL_HTTP_PORT;
+    port = explict_or_default_port(host, port, use_ssl);
 
     cbio = BIO_new_connect(host /* optionally includes ":port" */);
     if (cbio == NULL)
@@ -958,8 +971,6 @@ OSSL_HTTP_REQ_CTX *OSSL_HTTP_open(const char *server, const char *port,
         }
         if (port != NULL && *port == '\0')
             port = NULL;
-        if (port == NULL && strchr(server, ':') == NULL)
-            port = use_ssl ? OSSL_HTTPS_PORT : OSSL_HTTP_PORT;
         proxy = OSSL_HTTP_adapt_proxy(proxy, no_proxy, server, use_ssl);
         if (proxy != NULL
             && !OSSL_HTTP_parse_url(proxy, NULL /* use_ssl */, NULL /* user */,
diff --git a/deps/openssl/openssl/crypto/http/http_lib.c b/deps/openssl/openssl/crypto/http/http_lib.c
index 30c1cd04fc0052..9c41f57541d74b 100644
--- a/deps/openssl/openssl/crypto/http/http_lib.c
+++ b/deps/openssl/openssl/crypto/http/http_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2001-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -9,11 +9,18 @@
 
 #include <stdio.h>       /* for sscanf() */
 #include <string.h>
+#ifndef OPENSSL_NO_SOCK
+# include "../bio/bio_local.h" /* for NI_MAXHOST */
+#endif
 #include <openssl/http.h>
 #include <openssl/httperr.h>
 #include <openssl/bio.h> /* for BIO_snprintf() */
 #include <openssl/err.h>
 #include "internal/cryptlib.h" /* for ossl_assert() */
+#ifndef NI_MAXHOST
+# define NI_MAXHOST 255
+#endif
+#include "crypto/ctype.h" /* for ossl_isspace() */
 
 static void init_pstring(char **pstr)
 {
@@ -251,10 +258,17 @@ static int use_proxy(const char *no_proxy, const char *server)
 {
     size_t sl;
     const char *found = NULL;
+    char host[NI_MAXHOST];
 
     if (!ossl_assert(server != NULL))
         return 0;
     sl = strlen(server);
+    if (sl >= 2 && sl < sizeof(host) + 2 && server[0] == '[' && server[sl - 1] == ']') {
+        /* strip leading '[' and trailing ']' from escaped IPv6 address */
+        sl -= 2;
+        strncpy(host, server + 1, sl);
+        server = host;
+    }
 
     /*
      * using environment variable names, both lowercase and uppercase variants,
@@ -268,8 +282,8 @@ static int use_proxy(const char *no_proxy, const char *server)
     if (no_proxy != NULL)
         found = strstr(no_proxy, server);
     while (found != NULL
-           && ((found != no_proxy && found[-1] != ' ' && found[-1] != ',')
-               || (found[sl] != '\0' && found[sl] != ' ' && found[sl] != ',')))
+           && ((found != no_proxy && !ossl_isspace(found[-1]) && found[-1] != ',')
+               || (found[sl] != '\0' && !ossl_isspace(found[sl]) && found[sl] != ',')))
         found = strstr(found + 1, server);
     return found == NULL;
 }
@@ -285,7 +299,7 @@ const char *OSSL_HTTP_adapt_proxy(const char *proxy, const char *no_proxy,
     if (proxy == NULL)
         proxy = ossl_safe_getenv(use_ssl ? "https_proxy" : "http_proxy");
     if (proxy == NULL)
-        proxy = ossl_safe_getenv(use_ssl ? OPENSSL_HTTP_PROXY : OPENSSL_HTTPS_PROXY);
+        proxy = ossl_safe_getenv(use_ssl ? OPENSSL_HTTPS_PROXY : OPENSSL_HTTP_PROXY);
 
     if (proxy == NULL || *proxy == '\0' || !use_proxy(no_proxy, server))
         return NULL;
diff --git a/deps/openssl/openssl/crypto/info.c b/deps/openssl/openssl/crypto/info.c
index f5fa92e1580add..a0dc2e80136f87 100644
--- a/deps/openssl/openssl/crypto/info.c
+++ b/deps/openssl/openssl/crypto/info.c
@@ -14,7 +14,6 @@
 #include "internal/cryptlib.h"
 #include "e_os.h"
 #include "buildinf.h"
-#include <openssl/quic.h>
 
 #if defined(__arm__) || defined(__arm) || defined(__aarch64__)
 # include "arm_arch.h"
@@ -200,10 +199,6 @@ const char *OPENSSL_info(int t)
         if (ossl_cpu_info_str[0] != '\0')
             return ossl_cpu_info_str + strlen(CPUINFO_PREFIX);
         break;
-#ifndef OPENSSL_NO_QUIC
-    case OPENSSL_INFO_QUIC:
-        return "QUIC";
-#endif
     default:
         break;
     }
diff --git a/deps/openssl/openssl/crypto/pem/pem_pk8.c b/deps/openssl/openssl/crypto/pem/pem_pk8.c
index 1592e351edef16..6e84f0afd05d03 100644
--- a/deps/openssl/openssl/crypto/pem/pem_pk8.c
+++ b/deps/openssl/openssl/crypto/pem/pem_pk8.c
@@ -173,7 +173,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
     X509_SIG *p8 = NULL;
     int klen;
     EVP_PKEY *ret;
-    char psbuf[PEM_BUFSIZE];
+    char psbuf[PEM_BUFSIZE + 1]; /* reserve one byte at the end */
 
     p8 = d2i_PKCS8_bio(bp, NULL);
     if (p8 == NULL)
@@ -182,7 +182,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
         klen = cb(psbuf, PEM_BUFSIZE, 0, u);
     else
         klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
-    if (klen < 0) {
+    if (klen < 0 || klen > PEM_BUFSIZE) {
         ERR_raise(ERR_LIB_PEM, PEM_R_BAD_PASSWORD_READ);
         X509_SIG_free(p8);
         return NULL;
diff --git a/deps/openssl/openssl/crypto/perlasm/x86asm.pl b/deps/openssl/openssl/crypto/perlasm/x86asm.pl
index 98a7159a5f131c..8dcde9eacaa3d1 100644
--- a/deps/openssl/openssl/crypto/perlasm/x86asm.pl
+++ b/deps/openssl/openssl/crypto/perlasm/x86asm.pl
@@ -174,9 +174,9 @@ sub ::vprotd
 
 sub ::endbranch
 {
-    &::generic("%ifdef __CET__\n");
+    &::generic("#ifdef __CET__\n");
     &::data_byte(0xf3,0x0f,0x1e,0xfb);
-    &::generic("%endif\n");
+    &::generic("#endif\n");
 }
 
 # label management
diff --git a/deps/openssl/openssl/crypto/pkcs12/p12_crt.c b/deps/openssl/openssl/crypto/pkcs12/p12_crt.c
index 1a48e5c611da5c..3c7d5ff97c52ab 100644
--- a/deps/openssl/openssl/crypto/pkcs12/p12_crt.c
+++ b/deps/openssl/openssl/crypto/pkcs12/p12_crt.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -210,8 +210,10 @@ PKCS12_SAFEBAG *PKCS12_add_key_ex(STACK_OF(PKCS12_SAFEBAG) **pbags,
     /* Make a PKCS#8 structure */
     if ((p8 = EVP_PKEY2PKCS8(key)) == NULL)
         goto err;
-    if (key_usage && !PKCS8_add_keyusage(p8, key_usage))
+    if (key_usage && !PKCS8_add_keyusage(p8, key_usage)) {
+        PKCS8_PRIV_KEY_INFO_free(p8);
         goto err;
+    }
     if (nid_key != -1) {
         /* This call does not take ownership of p8 */
         bag = PKCS12_SAFEBAG_create_pkcs8_encrypt_ex(nid_key, pass, -1, NULL, 0,
diff --git a/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c b/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c
index d7791e5c4f4705..e9de097da186be 100644
--- a/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c
+++ b/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c
@@ -1023,6 +1023,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
     STACK_OF(X509_ATTRIBUTE) *sk;
     BIO *btmp;
     EVP_PKEY *pkey;
+    unsigned char *abuf = NULL;
     const PKCS7_CTX *ctx = ossl_pkcs7_get0_ctx(p7);
     OSSL_LIB_CTX *libctx = ossl_pkcs7_ctx_get0_libctx(ctx);
     const char *propq = ossl_pkcs7_ctx_get0_propq(ctx);
@@ -1072,7 +1073,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
 
     sk = si->auth_attr;
     if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
-        unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
+        unsigned char md_dat[EVP_MAX_MD_SIZE];
         unsigned int md_len;
         int alen;
         ASN1_OCTET_STRING *message_digest;
@@ -1114,8 +1115,6 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
         }
         if (!EVP_VerifyUpdate(mdc_tmp, abuf, alen))
             goto err;
-
-        OPENSSL_free(abuf);
     }
 
     os = si->enc_digest;
@@ -1133,6 +1132,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
     }
     ret = 1;
  err:
+    OPENSSL_free(abuf);
     EVP_MD_CTX_free(mdc_tmp);
     EVP_MD_free(fetched_md);
     return ret;
diff --git a/deps/openssl/openssl/crypto/pkcs7/pk7_lib.c b/deps/openssl/openssl/crypto/pkcs7/pk7_lib.c
index 5ce591f758f7ff..bdd620526969da 100644
--- a/deps/openssl/openssl/crypto/pkcs7/pk7_lib.c
+++ b/deps/openssl/openssl/crypto/pkcs7/pk7_lib.c
@@ -28,6 +28,11 @@ long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
     /* NOTE(emilia): does not support detached digested data. */
     case PKCS7_OP_SET_DETACHED_SIGNATURE:
         if (nid == NID_pkcs7_signed) {
+            if (p7->d.sign == NULL) {
+                ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
+                ret = 0;
+                break;
+            }
             ret = p7->detached = (int)larg;
             if (ret && PKCS7_type_is_data(p7->d.sign->contents)) {
                 ASN1_OCTET_STRING *os;
diff --git a/deps/openssl/openssl/crypto/sm2/sm2_sign.c b/deps/openssl/openssl/crypto/sm2/sm2_sign.c
index 71ccfcfc4c3dee..2097cd2fca8695 100644
--- a/deps/openssl/openssl/crypto/sm2/sm2_sign.c
+++ b/deps/openssl/openssl/crypto/sm2/sm2_sign.c
@@ -331,12 +331,10 @@ static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig,
     OSSL_LIB_CTX *libctx = ossl_ec_key_get_libctx(key);
 
     ctx = BN_CTX_new_ex(libctx);
-    pt = EC_POINT_new(group);
-    if (ctx == NULL || pt == NULL) {
+    if (ctx == NULL) {
         ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE);
         goto done;
     }
-
     BN_CTX_start(ctx);
     t = BN_CTX_get(ctx);
     x1 = BN_CTX_get(ctx);
@@ -345,6 +343,12 @@ static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig,
         goto done;
     }
 
+    pt = EC_POINT_new(group);
+    if (pt == NULL) {
+        ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE);
+        goto done;
+    }
+
     /*
      * B1: verify whether r' in [1,n-1], verification failed if not
      * B2: verify whether s' in [1,n-1], verification failed if not
diff --git a/deps/openssl/openssl/crypto/srp/srp_vfy.c b/deps/openssl/openssl/crypto/srp/srp_vfy.c
index 96d511ffe6368e..4b842dfd912973 100644
--- a/deps/openssl/openssl/crypto/srp/srp_vfy.c
+++ b/deps/openssl/openssl/crypto/srp/srp_vfy.c
@@ -216,6 +216,8 @@ int SRP_user_pwd_set1_ids(SRP_user_pwd *vinfo, const char *id,
 {
     OPENSSL_free(vinfo->id);
     OPENSSL_free(vinfo->info);
+    vinfo->id = NULL;
+    vinfo->info = NULL;
     if (id != NULL && NULL == (vinfo->id = OPENSSL_strdup(id)))
         return 0;
     return (info == NULL || NULL != (vinfo->info = OPENSSL_strdup(info)));
diff --git a/deps/openssl/openssl/crypto/threads_win.c b/deps/openssl/openssl/crypto/threads_win.c
index dbeda74d73a70a..43f36ee6a333ba 100644
--- a/deps/openssl/openssl/crypto/threads_win.c
+++ b/deps/openssl/openssl/crypto/threads_win.c
@@ -212,7 +212,8 @@ int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b)
 
 int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock)
 {
-    *ret = (int)InterlockedExchangeAdd((long volatile *)val, (long)amount) + amount;
+    *ret = (int)InterlockedExchangeAdd((LONG volatile *)val, (LONG)amount)
+        + amount;
     return 1;
 }
 
diff --git a/deps/openssl/openssl/crypto/trace.c b/deps/openssl/openssl/crypto/trace.c
index 3df9b5a51e9941..90a6350bebae5a 100644
--- a/deps/openssl/openssl/crypto/trace.c
+++ b/deps/openssl/openssl/crypto/trace.c
@@ -473,7 +473,7 @@ BIO *OSSL_trace_begin(int category)
     char *prefix = NULL;
 
     category = ossl_trace_get_category(category);
-    if (category < 0)
+    if (category < 0 || !OSSL_trace_enabled(category))
         return NULL;
 
     channel = trace_channels[category].bio;
diff --git a/deps/openssl/openssl/crypto/ui/ui_util.c b/deps/openssl/openssl/crypto/ui/ui_util.c
index 59b00b225adfa2..554bf7985659ed 100644
--- a/deps/openssl/openssl/crypto/ui/ui_util.c
+++ b/deps/openssl/openssl/crypto/ui/ui_util.c
@@ -105,14 +105,18 @@ static int ui_read(UI *ui, UI_STRING *uis)
     switch (UI_get_string_type(uis)) {
     case UIT_PROMPT:
         {
-            char result[PEM_BUFSIZE + 1];
+            int len;
+            char result[PEM_BUFSIZE + 1]; /* reserve one byte at the end */
             const struct pem_password_cb_data *data =
                 UI_method_get_ex_data(UI_get_method(ui), ui_method_data_index);
             int maxsize = UI_get_result_maxsize(uis);
-            int len = data->cb(result,
-                               maxsize > PEM_BUFSIZE ? PEM_BUFSIZE : maxsize,
-                               data->rwflag, UI_get0_user_data(ui));
 
+            if (maxsize > PEM_BUFSIZE)
+                maxsize = PEM_BUFSIZE;
+            len = data->cb(result, maxsize, data->rwflag,
+                           UI_get0_user_data(ui));
+            if (len > maxsize)
+                return -1;
             if (len >= 0)
                 result[len] = '\0';
             if (len < 0)
diff --git a/deps/openssl/openssl/crypto/x509/v3_admis.c b/deps/openssl/openssl/crypto/x509/v3_admis.c
index 3bce232ed2fe83..53259c29f569d9 100644
--- a/deps/openssl/openssl/crypto/x509/v3_admis.c
+++ b/deps/openssl/openssl/crypto/x509/v3_admis.c
@@ -67,11 +67,10 @@ const X509V3_EXT_METHOD ossl_v3_ext_admission = {
     NULL                    /* extension-specific data */
 };
 
-
 static int i2r_NAMING_AUTHORITY(const struct v3_ext_method *method, void *in,
                                 BIO *bp, int ind)
 {
-    NAMING_AUTHORITY * namingAuthority = (NAMING_AUTHORITY*) in;
+    NAMING_AUTHORITY *namingAuthority = (NAMING_AUTHORITY *) in;
 
     if (namingAuthority == NULL)
         return 0;
@@ -81,14 +80,14 @@ static int i2r_NAMING_AUTHORITY(const struct v3_ext_method *method, void *in,
         && namingAuthority->namingAuthorityUrl == NULL)
         return 0;
 
-    if (BIO_printf(bp, "%*snamingAuthority: ", ind, "") <= 0)
+    if (BIO_printf(bp, "%*snamingAuthority:\n", ind, "") <= 0)
         goto err;
 
     if (namingAuthority->namingAuthorityId != NULL) {
         char objbuf[128];
         const char *ln = OBJ_nid2ln(OBJ_obj2nid(namingAuthority->namingAuthorityId));
 
-        if (BIO_printf(bp, "%*s  admissionAuthorityId: ", ind, "") <= 0)
+        if (BIO_printf(bp, "%*s  namingAuthorityId: ", ind, "") <= 0)
             goto err;
 
         OBJ_obj2txt(objbuf, sizeof(objbuf), namingAuthority->namingAuthorityId, 1);
@@ -130,9 +129,10 @@ static int i2r_ADMISSION_SYNTAX(const struct v3_ext_method *method, void *in,
     }
 
     for (i = 0; i < sk_ADMISSIONS_num(admission->contentsOfAdmissions); i++) {
-        ADMISSIONS* entry = sk_ADMISSIONS_value(admission->contentsOfAdmissions, i);
+        ADMISSIONS *entry = sk_ADMISSIONS_value(admission->contentsOfAdmissions, i);
 
-        if (BIO_printf(bp, "%*sEntry %0d:\n", ind, "", 1 + i) <= 0) goto err;
+        if (BIO_printf(bp, "%*sEntry %0d:\n", ind, "", 1 + i) <= 0)
+            goto err;
 
         if (entry->admissionAuthority != NULL) {
             if (BIO_printf(bp, "%*s  admissionAuthority:\n", ind, "") <= 0
@@ -143,12 +143,12 @@ static int i2r_ADMISSION_SYNTAX(const struct v3_ext_method *method, void *in,
         }
 
         if (entry->namingAuthority != NULL) {
-            if (i2r_NAMING_AUTHORITY(method, entry->namingAuthority, bp, ind) <= 0)
+            if (i2r_NAMING_AUTHORITY(method, entry->namingAuthority, bp, ind + 2) <= 0)
                 goto err;
         }
 
         for (j = 0; j < sk_PROFESSION_INFO_num(entry->professionInfos); j++) {
-            PROFESSION_INFO* pinfo = sk_PROFESSION_INFO_value(entry->professionInfos, j);
+            PROFESSION_INFO *pinfo = sk_PROFESSION_INFO_value(entry->professionInfos, j);
 
             if (BIO_printf(bp, "%*s  Profession Info Entry %0d:\n", ind, "", 1 + j) <= 0)
                 goto err;
@@ -161,7 +161,7 @@ static int i2r_ADMISSION_SYNTAX(const struct v3_ext_method *method, void *in,
             }
 
             if (pinfo->namingAuthority != NULL) {
-                if (i2r_NAMING_AUTHORITY(method, pinfo->namingAuthority, bp, ind + 2) <= 0)
+                if (i2r_NAMING_AUTHORITY(method, pinfo->namingAuthority, bp, ind + 4) <= 0)
                     goto err;
             }
 
@@ -170,7 +170,7 @@ static int i2r_ADMISSION_SYNTAX(const struct v3_ext_method *method, void *in,
                 if (BIO_printf(bp, "%*s    Info Entries:\n", ind, "") <= 0)
                     goto err;
                 for (k = 0; k < sk_ASN1_STRING_num(pinfo->professionItems); k++) {
-                    ASN1_STRING* val = sk_ASN1_STRING_value(pinfo->professionItems, k);
+                    ASN1_STRING *val = sk_ASN1_STRING_value(pinfo->professionItems, k);
 
                     if (BIO_printf(bp, "%*s      ", ind, "") <= 0
                         || ASN1_STRING_print(bp, val) <= 0
@@ -183,7 +183,7 @@ static int i2r_ADMISSION_SYNTAX(const struct v3_ext_method *method, void *in,
                 if (BIO_printf(bp, "%*s    Profession OIDs:\n", ind, "") <= 0)
                     goto err;
                 for (k = 0; k < sk_ASN1_OBJECT_num(pinfo->professionOIDs); k++) {
-                    ASN1_OBJECT* obj = sk_ASN1_OBJECT_value(pinfo->professionOIDs, k);
+                    ASN1_OBJECT *obj = sk_ASN1_OBJECT_value(pinfo->professionOIDs, k);
                     const char *ln = OBJ_nid2ln(OBJ_obj2nid(obj));
                     char objbuf[128];
 
@@ -207,31 +207,29 @@ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(const NAMING_AUTHORITY *n)
     return n->namingAuthorityId;
 }
 
-void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n, ASN1_OBJECT* id)
+void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n, ASN1_OBJECT *id)
 {
     ASN1_OBJECT_free(n->namingAuthorityId);
     n->namingAuthorityId = id;
 }
 
-const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
-    const NAMING_AUTHORITY *n)
+const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(const NAMING_AUTHORITY *n)
 {
     return n->namingAuthorityUrl;
 }
 
-void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n, ASN1_IA5STRING* u)
+void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n, ASN1_IA5STRING *u)
 {
     ASN1_IA5STRING_free(n->namingAuthorityUrl);
     n->namingAuthorityUrl = u;
 }
 
-const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
-    const NAMING_AUTHORITY *n)
+const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(const NAMING_AUTHORITY *n)
 {
     return n->namingAuthorityText;
 }
 
-void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n, ASN1_STRING* t)
+void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n, ASN1_STRING *t)
 {
     ASN1_IA5STRING_free(n->namingAuthorityText);
     n->namingAuthorityText = t;
diff --git a/deps/openssl/openssl/crypto/x509/v3_san.c b/deps/openssl/openssl/crypto/x509/v3_san.c
index 34ca16a6d72dae..d4999f1fc6c713 100644
--- a/deps/openssl/openssl/crypto/x509/v3_san.c
+++ b/deps/openssl/openssl/crypto/x509/v3_san.c
@@ -336,7 +336,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
 
 static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
 {
-    GENERAL_NAMES *ialt;
+    GENERAL_NAMES *ialt = NULL;
     GENERAL_NAME *gen;
     X509_EXTENSION *ext;
     int i, num;
@@ -371,6 +371,7 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
     return 1;
 
  err:
+    sk_GENERAL_NAME_free(ialt);
     return 0;
 
 }
diff --git a/deps/openssl/openssl/crypto/x509/x509_cmp.c b/deps/openssl/openssl/crypto/x509/x509_cmp.c
index 989fb8faa9f465..f2c3a568198d8f 100644
--- a/deps/openssl/openssl/crypto/x509/x509_cmp.c
+++ b/deps/openssl/openssl/crypto/x509/x509_cmp.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -196,6 +196,8 @@ int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags)
         ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
+    if (cert == NULL)
+        return 0;
     if ((flags & X509_ADD_FLAG_NO_DUP) != 0) {
         /*
          * not using sk_X509_set_cmp_func() and sk_X509_find()
diff --git a/deps/openssl/openssl/crypto/x509/x_all.c b/deps/openssl/openssl/crypto/x509/x_all.c
index e58c9ab1c117b4..158e11a8649c5f 100644
--- a/deps/openssl/openssl/crypto/x509/x_all.c
+++ b/deps/openssl/openssl/crypto/x509/x_all.c
@@ -92,11 +92,13 @@ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
 static ASN1_VALUE *simple_get_asn1(const char *url, BIO *bio, BIO *rbio,
                                    int timeout, const ASN1_ITEM *it)
 {
+    size_t max_resp_len = (it == ASN1_ITEM_rptr(X509_CRL)) ?
+        OSSL_HTTP_DEFAULT_MAX_CRL_LEN : OSSL_HTTP_DEFAULT_MAX_RESP_LEN;
     BIO *mem = OSSL_HTTP_get(url, NULL /* proxy */, NULL /* no_proxy */,
                              bio, rbio, NULL /* cb */, NULL /* arg */,
                              1024 /* buf_size */, NULL /* headers */,
                              NULL /* expected_ct */, 1 /* expect_asn1 */,
-                             OSSL_HTTP_DEFAULT_MAX_RESP_LEN, timeout);
+                             max_resp_len, timeout);
     ASN1_VALUE *res = ASN1_item_d2i_bio(it, mem, NULL);
 
     BIO_free(mem);
diff --git a/deps/openssl/openssl/demos/cipher/aesccm.c b/deps/openssl/openssl/demos/cipher/aesccm.c
index 5a2d4281506e15..f4430e727b2f51 100644
--- a/deps/openssl/openssl/demos/cipher/aesccm.c
+++ b/deps/openssl/openssl/demos/cipher/aesccm.c
@@ -94,7 +94,7 @@ int aes_ccm_encrypt(void)
     if ((cipher = EVP_CIPHER_fetch(libctx, "AES-192-CCM", propq)) == NULL)
         goto err;
 
-    /* Set nonce length if default 96 bits is not appropriate */
+    /* Default nonce length for AES-CCM is 7 bytes (56 bits). */
     params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN,
                                             &ccm_nonce_len);
     /* Set tag length */
diff --git a/deps/openssl/openssl/doc/build.info b/deps/openssl/openssl/doc/build.info
index f7791462739589..0279e2390a3242 100644
--- a/deps/openssl/openssl/doc/build.info
+++ b/deps/openssl/openssl/doc/build.info
@@ -2271,10 +2271,6 @@ DEPEND[html/man3/SSL_CTX_set_psk_client_callback.html]=man3/SSL_CTX_set_psk_clie
 GENERATE[html/man3/SSL_CTX_set_psk_client_callback.html]=man3/SSL_CTX_set_psk_client_callback.pod
 DEPEND[man/man3/SSL_CTX_set_psk_client_callback.3]=man3/SSL_CTX_set_psk_client_callback.pod
 GENERATE[man/man3/SSL_CTX_set_psk_client_callback.3]=man3/SSL_CTX_set_psk_client_callback.pod
-DEPEND[html/man3/SSL_CTX_set_quic_method.html]=man3/SSL_CTX_set_quic_method.pod
-GENERATE[html/man3/SSL_CTX_set_quic_method.html]=man3/SSL_CTX_set_quic_method.pod
-DEPEND[man/man3/SSL_CTX_set_quic_method.3]=man3/SSL_CTX_set_quic_method.pod
-GENERATE[man/man3/SSL_CTX_set_quic_method.3]=man3/SSL_CTX_set_quic_method.pod
 DEPEND[html/man3/SSL_CTX_set_quiet_shutdown.html]=man3/SSL_CTX_set_quiet_shutdown.pod
 GENERATE[html/man3/SSL_CTX_set_quiet_shutdown.html]=man3/SSL_CTX_set_quiet_shutdown.pod
 DEPEND[man/man3/SSL_CTX_set_quiet_shutdown.3]=man3/SSL_CTX_set_quiet_shutdown.pod
@@ -3355,7 +3351,6 @@ html/man3/SSL_CTX_set_msg_callback.html \
 html/man3/SSL_CTX_set_num_tickets.html \
 html/man3/SSL_CTX_set_options.html \
 html/man3/SSL_CTX_set_psk_client_callback.html \
-html/man3/SSL_CTX_set_quic_method.html \
 html/man3/SSL_CTX_set_quiet_shutdown.html \
 html/man3/SSL_CTX_set_read_ahead.html \
 html/man3/SSL_CTX_set_record_padding_callback.html \
@@ -3964,7 +3959,6 @@ man/man3/SSL_CTX_set_msg_callback.3 \
 man/man3/SSL_CTX_set_num_tickets.3 \
 man/man3/SSL_CTX_set_options.3 \
 man/man3/SSL_CTX_set_psk_client_callback.3 \
-man/man3/SSL_CTX_set_quic_method.3 \
 man/man3/SSL_CTX_set_quiet_shutdown.3 \
 man/man3/SSL_CTX_set_read_ahead.3 \
 man/man3/SSL_CTX_set_record_padding_callback.3 \
diff --git a/deps/openssl/openssl/doc/man1/openssl-ca.pod.in b/deps/openssl/openssl/doc/man1/openssl-ca.pod.in
index 1d497e848e796e..1c07db3c8ef167 100644
--- a/deps/openssl/openssl/doc/man1/openssl-ca.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-ca.pod.in
@@ -701,7 +701,7 @@ A sample configuration file with the relevant sections for this command:
 
  default_days   = 365                   # how long to certify for
  default_crl_days= 30                   # how long before next CRL
- default_md     = md5                   # md to use
+ default_md     = sha256                # md to use
 
  policy         = policy_any            # default policy
  email_in_dn    = no                    # Don't add the email into cert DN
diff --git a/deps/openssl/openssl/doc/man1/openssl-cmp.pod.in b/deps/openssl/openssl/doc/man1/openssl-cmp.pod.in
index 9240916fce40fe..889a59cd497ecd 100644
--- a/deps/openssl/openssl/doc/man1/openssl-cmp.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-cmp.pod.in
@@ -453,8 +453,11 @@ Reason numbers defined in RFC 5280 are:
 
 =item B<-server> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>
 
-The DNS hostname or IP address and optionally port
+The I<host> domain name or IP address and optionally I<port>
 of the CMP server to connect to using HTTP(S).
+IP address may be for v4 or v6, such as C<127.0.0.1> or C<[::1]> for localhost.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
+
 This option excludes I<-port> and I<-use_mock_srv>.
 It is ignored if I<-rspin> is given with enough filename arguments.
 
@@ -468,6 +471,7 @@ If a path is included it provides the default value for the B<-path> option.
 
 The HTTP(S) proxy server to use for reaching the CMP server unless B<-no_proxy>
 applies, see below.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
 The proxy port defaults to 80 or 443 if the scheme is C<https>; apart from that
 the optional C<http://> or C<https://> prefix is ignored (note that TLS may be
 selected by B<-tls_used>), as well as any path, userinfo, and query, and fragment
@@ -969,8 +973,9 @@ This excludes the B<-server> and B<-port> options.
 
 =item B<-port> I<number>
 
-Act as HTTP-based CMP server mock-up listening on the given port.
-This excludes the B<-server> and B<-use_mock_srv> options.
+Act as HTTP-based CMP server mock-up listening on the given local port.
+The client may address the server via, e.g., C<127.0.0.1> or C<[::1]>.
+This option excludes the B<-server> and B<-use_mock_srv> options.
 The B<-rspin>, B<-rspout>, B<-reqin>, and B<-reqout> options
 so far are not supported in this mode.
 
diff --git a/deps/openssl/openssl/doc/man1/openssl-cms.pod.in b/deps/openssl/openssl/doc/man1/openssl-cms.pod.in
index 65a61ee97f1d6a..f4d12312b7cbcb 100644
--- a/deps/openssl/openssl/doc/man1/openssl-cms.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-cms.pod.in
@@ -191,6 +191,10 @@ to the output file.
 Verify signed data. Expects a signed data on input and outputs
 the signed data. Both clear text and opaque signing is supported.
 
+By default, validation of signer certificates and their chain
+is done w.r.t. the S/MIME signing (C<smimesign>) purpose.
+For details see L<openssl-verification-options(1)/Certificate Extensions>.
+
 =item B<-resign>
 
 Resign a message: take an existing message and one or more new signers.
@@ -374,7 +378,8 @@ See L<openssl-format-options(1)> for details.
 =item B<-originator> I<file>
 
 A certificate of the originator of the encrypted message. Necessary for
-decryption when Key Agreement is in use for a shared key.
+decryption when Key Agreement is in use for a shared key. Currently, not
+allowed for encryption.
 
 =item B<-recip> I<file>
 
@@ -902,7 +907,7 @@ The B<-engine> option was deprecated in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man1/openssl-fipsinstall.pod.in b/deps/openssl/openssl/doc/man1/openssl-fipsinstall.pod.in
index 97e2ae910c170b..57758597cdaeb4 100644
--- a/deps/openssl/openssl/doc/man1/openssl-fipsinstall.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-fipsinstall.pod.in
@@ -239,6 +239,10 @@ L<fips_config(5)>,
 L<OSSL_PROVIDER-FIPS(7)>,
 L<EVP_MAC(3)>
 
+=head1 HISTORY
+
+The B<openssl-fipsinstall> application was added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/deps/openssl/openssl/doc/man1/openssl-info.pod.in b/deps/openssl/openssl/doc/man1/openssl-info.pod.in
index fe7abee4867673..0e91bb28ee10d3 100644
--- a/deps/openssl/openssl/doc/man1/openssl-info.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-info.pod.in
@@ -17,7 +17,6 @@ B<openssl info>
 [B<-listsep>]
 [B<-seeds>]
 [B<-cpusettings>]
-[B<-quic>]
 
 =head1 DESCRIPTION
 
@@ -74,10 +73,6 @@ Outputs the randomness seed sources.
 
 Outputs the OpenSSL CPU settings info.
 
-=item B<-quic>
-
-Outputs the OpenSSL QUIC info.
-
 =back
 
 =head1 HISTORY
diff --git a/deps/openssl/openssl/doc/man1/openssl-ocsp.pod.in b/deps/openssl/openssl/doc/man1/openssl-ocsp.pod.in
index fbad5079af6756..fd23a44df063fd 100644
--- a/deps/openssl/openssl/doc/man1/openssl-ocsp.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-ocsp.pod.in
@@ -30,8 +30,8 @@ B<openssl> B<ocsp>
 [B<-respin> I<file>]
 [B<-url> I<URL>]
 [B<-host> I<host>:I<port>]
-[B<-path>]
-[B<-proxy> I<[http[s]://][userinfo@]host[:port][/path]>]
+[B<-path> I<pathname>]
+[B<-proxy> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>]
 [B<-no_proxy> I<addresses>]
 [B<-header>]
 [B<-timeout> I<seconds>]
@@ -160,24 +160,32 @@ with B<-serial>, B<-cert> and B<-host> options).
 
 =item B<-url> I<responder_url>
 
-Specify the responder URL. Both HTTP and HTTPS (SSL/TLS) URLs can be specified.
+Specify the responder host and optionally port and path via a URL.
+Both HTTP and HTTPS (SSL/TLS) URLs can be specified.
 The optional userinfo and fragment components are ignored.
 Any given query component is handled as part of the path component.
+For details, see the B<-host> and B<-path> options described next.
 
-=item B<-host> I<hostname>:I<port>, B<-path> I<pathname>
+=item B<-host> I<host>:I<port>, B<-path> I<pathname>
 
 If the B<-host> option is present then the OCSP request is sent to the host
-I<hostname> on port I<port>. The B<-path> option specifies the HTTP pathname
-to use or "/" by default.  This is equivalent to specifying B<-url> with scheme
-http:// and the given hostname, port, and pathname.
+I<host> on port I<port>.
+The I<host> may be a domain name or an IP (v4 or v6) address,
+such as C<127.0.0.1> or C<[::1]> for localhost.
+If it is an IPv6 address, it must be enclosed in C<[> and C<]>.
 
-=item B<-proxy> I<[http[s]://][userinfo@]host[:port][/path]>
+The B<-path> option specifies the HTTP pathname to use or "/" by default.
+This is equivalent to specifying B<-url> with scheme
+http:// and the given I<host>, I<port>, and optional I<pathname>.
+
+=item B<-proxy> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>
 
 The HTTP(S) proxy server to use for reaching the OCSP server unless B<-no_proxy>
 applies, see below.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
 The proxy port defaults to 80 or 443 if the scheme is C<https>; apart from that
 the optional C<http://> or C<https://> prefix is ignored,
-as well as any userinfo and path components.
+as well as any userinfo, path, query, and fragment components.
 Defaults to the environment variable C<http_proxy> if set, else C<HTTP_PROXY>
 in case no TLS is used, otherwise C<https_proxy> if set, else C<HTTPS_PROXY>.
 
@@ -369,8 +377,8 @@ subject name.
 
 =item B<-port> I<portnum>
 
-Port to listen for OCSP requests on. The port may also be specified
-using the B<url> option.
+Port to listen for OCSP requests on. Both IPv4 and IPv6 are possible.
+The port may also be specified using the B<-url> option.
 A C<0> argument indicates that any available port shall be chosen automatically.
 
 =item B<-ignore_err>
diff --git a/deps/openssl/openssl/doc/man1/openssl-pkeyutl.pod.in b/deps/openssl/openssl/doc/man1/openssl-pkeyutl.pod.in
index cf3427a35c0b35..2f6ef0021d1446 100644
--- a/deps/openssl/openssl/doc/man1/openssl-pkeyutl.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-pkeyutl.pod.in
@@ -44,6 +44,8 @@ B<openssl> B<pkeyutl>
 This command can be used to perform low-level public key
 operations using any supported algorithm.
 
+By default the signing operation (see B<-sign> option) is assumed.
+
 =head1 OPTIONS
 
 =over 4
@@ -59,20 +61,29 @@ if this option is not specified.
 
 =item B<-rawin>
 
-This indicates that the input data is raw data, which is not hashed by any
-message digest algorithm. The user can specify a digest algorithm by using
-the B<-digest> option. This option can only be used with B<-sign> and
-B<-verify> and must be used with the Ed25519 and Ed448 algorithms.
+This indicates that the signature or verification input data is raw data,
+which is not hashed by any message digest algorithm.
+Except with EdDSA,
+the user can specify a digest algorithm by using the B<-digest> option.
+For signature algorithms like RSA, DSA and ECDSA,
+the default digest algorithm is SHA-256. For SM2, it is SM3.
+
+This option can only be used with B<-sign> and B<-verify>.
+For EdDSA (the Ed25519 and Ed448 algorithms) this option is required.
 
 =item B<-digest> I<algorithm>
 
-This specifies the digest algorithm which is used to hash the input data before
-signing or verifying it with the input key. This option could be omitted if the
-signature algorithm does not require one (for instance, EdDSA). If this option
-is omitted but the signature algorithm requires one, a default value will be
-used. For signature algorithms like RSA, DSA and ECDSA, SHA-256 will be the
-default digest algorithm. For SM2, it will be SM3. If this option is present,
-then the B<-rawin> option must be also specified.
+This option can only be used with B<-sign> and B<-verify>.
+It specifies the digest algorithm that is used to hash the input data
+before signing or verifying it with the input key. This option could be omitted
+if the signature algorithm does not require preprocessing the input through
+a pluggable hash function before signing (for instance, EdDSA). If this option
+is omitted but the signature algorithm requires one and the B<-rawin> option
+is given, a default value will be used (see B<-rawin> for details).
+If this option is present, then the B<-rawin> option is required.
+
+At this time, HashEdDSA (the ph or "prehash" variant of EdDSA) is not supported,
+so the B<-digest> option cannot be used with EdDSA.
 
 =item B<-out> I<filename>
 
@@ -81,7 +92,7 @@ default.
 
 =item B<-sigfile> I<file>
 
-Signature file, required for B<-verify> operations only
+Signature file, required and allowed for B<-verify> operations only
 
 =item B<-inkey> I<filename>|I<uri>
 
@@ -117,21 +128,42 @@ The input is a certificate containing a public key.
 =item B<-rev>
 
 Reverse the order of the input buffer. This is useful for some libraries
-(such as CryptoAPI) which represent the buffer in little endian format.
+(such as CryptoAPI) which represent the buffer in little-endian format.
+This cannot be used in conjunction with B<-rawin>.
 
 =item B<-sign>
 
-Sign the input data (which must be a hash) and output the signed result. This
-requires a private key.
+Sign the input data and output the signed result. This requires a private key.
+Using a message digest operation along with this is recommended,
+when applicable, see the B<-rawin> and B<-digest> options for details.
+Otherwise, the input data given with the B<-in> option is assumed to already
+be a digest, but this may then require an additional B<-pkeyopt> C<digest:>I<md>
+in some cases (e.g., RSA with the default PKCS#1 padding mode).
+Even for other algorithms like ECDSA, where the additional B<-pkeyopt> option
+does not affect signature output, it is recommended, as it enables
+checking that the input length is consistent with the intended digest.
 
 =item B<-verify>
 
-Verify the input data (which must be a hash) against the signature file and
-indicate if the verification succeeded or failed.
+Verify the input data against the signature given with the B<-sigfile> option
+and indicate if the verification succeeded or failed.
+The input data given with the B<-in> option is assumed to be a hash value
+unless the B<-rawin> option is specified or implied.
+With raw data, when a digest algorithm is applicable, though it may be inferred
+from the signature or take a default value, it should also be specified.
 
 =item B<-verifyrecover>
 
-Verify the input data (which must be a hash) and output the recovered data.
+Verify the given signature and output the recovered data (signature payload).
+For example, in case of RSA PKCS#1 the recovered data is the B<EMSA-PKCS-v1_5>
+DER encoding of the digest algorithm OID and value as specified in
+L<RFC8017 Section 9.2|https://datatracker.ietf.org/doc/html/rfc8017#section-9.2>.
+
+Note that here the input given with the B<-in> option is not a signature input
+(as with the B<-sign> and B<-verify> options) but a signature output value,
+typically produced using the B<-sign> option.
+
+This option is available only for use with RSA keys.
 
 =item B<-encrypt>
 
@@ -175,8 +207,9 @@ hex dump the output data.
 
 =item B<-asn1parse>
 
-Parse the ASN.1 output data, this is useful when combined with the
-B<-verifyrecover> option when an ASN1 structure is signed.
+Parse the ASN.1 output data to check its DER encoding and print any errors.
+When combined with the B<-verifyrecover> option, this may be useful only in case
+an ASN.1 DER-encoded structure had been signed directly (without hashing it).
 
 {- $OpenSSL::safe::opt_engine_item -}
 
@@ -200,8 +233,8 @@ engine I<id> for crypto operations.
 The operations and options supported vary according to the key algorithm
 and its implementation. The OpenSSL operations and options are indicated below.
 
-Unless otherwise mentioned all algorithms support the B<digest:>I<alg> option
-which specifies the digest in use for sign, verify and verifyrecover operations.
+Unless otherwise mentioned, all algorithms support the B<digest:>I<alg> option,
+which specifies the digest in use for the signing and verification operations.
 The value I<alg> should represent a digest name as used in the
 EVP_get_digestbyname() function for example B<sha1>. This value is not used to
 hash the input data. It is used (by some algorithms) for sanity-checking the
diff --git a/deps/openssl/openssl/doc/man1/openssl-req.pod.in b/deps/openssl/openssl/doc/man1/openssl-req.pod.in
index a56f548de8ee08..7ba599b54a0696 100644
--- a/deps/openssl/openssl/doc/man1/openssl-req.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-req.pod.in
@@ -638,7 +638,7 @@ Sample configuration file prompting for field values:
  attributes             = req_attributes
  req_extensions         = v3_ca
 
- dirstring_type = nobmp
+ dirstring_type = nombstr
 
  [ req_distinguished_name ]
  countryName                    = Country Name (2 letter code)
@@ -778,7 +778,7 @@ The <-nodes> option was deprecated in OpenSSL 3.0, too; use B<-noenc> instead.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man1/openssl-s_client.pod.in b/deps/openssl/openssl/doc/man1/openssl-s_client.pod.in
index bd6171aa265c69..caebe10bffb8d0 100644
--- a/deps/openssl/openssl/doc/man1/openssl-s_client.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-s_client.pod.in
@@ -10,11 +10,11 @@ openssl-s_client - SSL/TLS client program
 B<openssl> B<s_client>
 [B<-help>]
 [B<-ssl_config> I<section>]
-[B<-connect> I<host:port>]
+[B<-connect> I<host>:I<port>]
 [B<-host> I<hostname>]
 [B<-port> I<port>]
-[B<-bind> I<host:port>]
-[B<-proxy> I<host:port>]
+[B<-bind> I<host>:I<port>]
+[B<-proxy> I<host>:I<port>]
 [B<-proxy_user> I<userid>]
 [B<-proxy_pass> I<arg>]
 [B<-unix> I<path>]
@@ -157,6 +157,7 @@ This specifies the host and optional port to connect to. It is possible to
 select the host and port using the optional target positional argument instead.
 If neither this nor the target positional argument are specified then an attempt
 is made to connect to the local host on port 4433.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
 
 =item B<-host> I<hostname>
 
@@ -166,17 +167,19 @@ Host to connect to; use B<-connect> instead.
 
 Connect to the specified port; use B<-connect> instead.
 
-=item B<-bind> I<host:port>
+=item B<-bind> I<host>:I<port>
 
 This specifies the host address and or port to bind as the source for the
 connection.  For Unix-domain sockets the port is ignored and the host is
 used as the source socket address.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
 
-=item B<-proxy> I<host:port>
+=item B<-proxy> I<host>:I<port>
 
 When used with the B<-connect> flag, the program uses the host and port
 specified with this flag and issues an HTTP CONNECT command to connect
 to the desired server.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
 
 =item B<-proxy_user> I<userid>
 
@@ -260,7 +263,9 @@ See L<openssl-format-options(1)> for details.
 
 =item B<-crl_download>
 
-Download CRL from distribution points in the certificate.
+Download CRL from distribution points in the certificate. Note that this option
+is ignored if B<-crl_check> option is not provided. Note that the maximum size
+of CRL is limited by L<X509_CRL_load_http(3)> function.
 
 =item B<-key> I<filename>|I<uri>
 
@@ -282,14 +287,20 @@ see L<openssl-passphrase-options(1)>.
 
 The verify depth to use. This specifies the maximum length of the
 server certificate chain and turns on server certificate verification.
-Currently the verify operation continues after errors so all the problems
+Unless the B<-verify_return_error> option is given,
+the verify operation continues after errors so all the problems
 with a certificate chain can be seen. As a side effect the connection
 will never fail due to a server certificate verify failure.
 
+By default, validation of server certificates and their chain
+is done w.r.t. the (D)TLS Server (C<sslserver>) purpose.
+For details see L<openssl-verification-options(1)/Certificate Extensions>.
+
 =item B<-verify_return_error>
 
-Return verification errors instead of continuing. This will typically
-abort the handshake with a fatal error.
+Turns on server certificate verification, like with B<-verify>,
+but returns verification errors instead of continuing.
+This will typically abort the handshake with a fatal error.
 
 =item B<-verify_quiet>
 
@@ -799,10 +810,11 @@ proceed unless the B<-verify_return_error> option is used.
 
 =item I<host>:I<port>
 
-Rather than providing B<-connect>, the target hostname and optional port may
+Rather than providing B<-connect>, the target host and optional port may
 be provided as a single positional argument after all options. If neither this
 nor B<-connect> are provided, falls back to attempting to connect to
 I<localhost> on port I<4433>.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
 
 =back
 
@@ -881,6 +893,51 @@ option: any verify errors are then returned aborting the handshake.
 The B<-bind> option may be useful if the server or a firewall requires
 connections to come from some particular address and or port.
 
+=head2 Note on Non-Interactive Use
+
+When B<s_client> is run in a non-interactive environment (e.g., a cron job or
+a script without a valid I<stdin>), it may close the connection prematurely,
+especially with TLS 1.3. To prevent this, you can use the B<-ign_eof> flag,
+which keeps B<s_client> running even after reaching EOF from I<stdin>.
+
+For example:
+
+ openssl s_client -connect <server address>:443 -tls1_3
+                  -sess_out /path/to/tls_session_params_file
+                  -ign_eof </dev/null
+
+However, relying solely on B<-ign_eof> can lead to issues if the server keeps
+the connection open, expecting the client to close first. In such cases, the
+client may hang indefinitely. This behavior is not uncommon, particularly with
+protocols where the server waits for a graceful disconnect from the client.
+
+For example, when connecting to an SMTP server, the session may pause if the
+server expects a QUIT command before closing:
+
+ $ openssl s_client -brief -ign_eof -starttls smtp
+                    -connect <server address>:25 </dev/null
+ CONNECTION ESTABLISHED
+ Protocol version: TLSv1.3
+ Ciphersuite: TLS_AES_256_GCM_SHA384
+ ...
+ 250 CHUNKING
+ [long pause]
+
+To avoid such hangs, it's better to use an application-level command to
+initiate a clean disconnect. For SMTP, you can send a QUIT command:
+
+ printf 'QUIT\r\n' | openssl s_client -connect <server address>:25
+                                      -starttls smtp -brief -ign_eof
+
+Similarly, for HTTP/1.1 connections, including a `Connection: close` header
+ensures the server closes the connection after responding:
+
+ printf 'GET / HTTP/1.1\r\nHost: <server address>\r\nConnection: close\r\n\r\n'
+     | openssl s_client -connect <server address>:443 -brief
+
+These approaches help manage the connection closure gracefully and prevent
+hangs caused by the server waiting for the client to initiate the disconnect.
+
 =head1 BUGS
 
 Because this program has a lot of options and also because some of the
diff --git a/deps/openssl/openssl/doc/man1/openssl-s_server.pod.in b/deps/openssl/openssl/doc/man1/openssl-s_server.pod.in
index 99a252a8225453..f0825ad33d1fc3 100644
--- a/deps/openssl/openssl/doc/man1/openssl-s_server.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-s_server.pod.in
@@ -74,7 +74,7 @@ B<openssl> B<s_server>
 [B<-status>]
 [B<-status_verbose>]
 [B<-status_timeout> I<int>]
-[B<-proxy> I<[http[s]://][userinfo@]host[:port][/path]>]
+[B<-proxy> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>]
 [B<-no_proxy> I<addresses>]
 [B<-status_url> I<val>]
 [B<-status_file> I<infile>]
@@ -202,6 +202,10 @@ must supply a certificate or an error occurs.
 If the cipher suite cannot request a client certificate (for example an
 anonymous cipher suite or PSK) this option has no effect.
 
+By default, validation of any supplied client certificate and its chain
+is done w.r.t. the (D)TLS Client (C<sslclient>) purpose.
+For details see L<openssl-verification-options(1)/Certificate Extensions>.
+
 =item B<-cert> I<infile>
 
 The certificate to use, most servers cipher suites require the use of a
@@ -504,13 +508,14 @@ a verbose printout of the OCSP response.
 
 Sets the timeout for OCSP response to I<int> seconds.
 
-=item B<-proxy> I<[http[s]://][userinfo@]host[:port][/path]>
+=item B<-proxy> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>
 
 The HTTP(S) proxy server to use for reaching the OCSP server unless B<-no_proxy>
 applies, see below.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
 The proxy port defaults to 80 or 443 if the scheme is C<https>; apart from that
 the optional C<http://> or C<https://> prefix is ignored,
-as well as any userinfo and path components.
+as well as any userinfo, path, query, and fragment components.
 Defaults to the environment variable C<http_proxy> if set, else C<HTTP_PROXY>
 in case no TLS is used, otherwise C<https_proxy> if set, else C<HTTPS_PROXY>.
 
diff --git a/deps/openssl/openssl/doc/man1/openssl-s_time.pod.in b/deps/openssl/openssl/doc/man1/openssl-s_time.pod.in
index 2b82cf1e98377d..ca41f59362f942 100644
--- a/deps/openssl/openssl/doc/man1/openssl-s_time.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-s_time.pod.in
@@ -50,6 +50,7 @@ Print out a usage message.
 =item B<-connect> I<host>:I<port>
 
 This specifies the host and optional port to connect to.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
 
 =item B<-www> I<page>
 
diff --git a/deps/openssl/openssl/doc/man1/openssl-smime.pod.in b/deps/openssl/openssl/doc/man1/openssl-smime.pod.in
index 0b5dbb5df8f7fc..ffd09704f834e5 100644
--- a/deps/openssl/openssl/doc/man1/openssl-smime.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-smime.pod.in
@@ -394,9 +394,9 @@ Verify a message and extract the signer's certificate if successful:
 
 Send encrypted mail using triple DES:
 
- openssl smime -encrypt -in in.txt -from steve@openssl.org \
+ openssl smime -encrypt -in in.txt -out mail.msg -from steve@openssl.org \
         -to someone@somewhere -subject "Encrypted message" \
-        -des3 user.pem -out mail.msg
+        -des3 user.pem
 
 Sign and encrypt mail:
 
diff --git a/deps/openssl/openssl/doc/man1/openssl-ts.pod.in b/deps/openssl/openssl/doc/man1/openssl-ts.pod.in
index 5f4895b34d6c4c..cd6dfd5305f037 100644
--- a/deps/openssl/openssl/doc/man1/openssl-ts.pod.in
+++ b/deps/openssl/openssl/doc/man1/openssl-ts.pod.in
@@ -584,10 +584,12 @@ To verify a timestamp reply that includes the certificate chain:
         -CAfile cacert.pem
 
 To verify a timestamp token against the original data file:
+
   openssl ts -verify -data design2.txt -in design2.tsr \
         -CAfile cacert.pem
 
 To verify a timestamp token against a message imprint:
+
   openssl ts -verify -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
          -in design2.tsr -CAfile cacert.pem
 
diff --git a/deps/openssl/openssl/doc/man1/openssl-verification-options.pod b/deps/openssl/openssl/doc/man1/openssl-verification-options.pod
index bf9ed9c1a62e1c..17fcd4eb79f586 100644
--- a/deps/openssl/openssl/doc/man1/openssl-verification-options.pod
+++ b/deps/openssl/openssl/doc/man1/openssl-verification-options.pod
@@ -24,8 +24,9 @@ The most important of them are detailed in the following sections.
 In a nutshell, a valid chain of certificates needs to be built up and verified
 starting from the I<target certificate> that is to be verified
 and ending in a certificate that due to some policy is trusted.
-Verification is done relative to the given I<purpose>, which is the intended use
-of the target certificate, such as SSL server, or by default for any purpose.
+Certificate validation can be performed in the context of a I<purpose>, which
+is a high-level specification of the intended use of the target certificate,
+such as C<sslserver> for TLS servers, or (by default) for any purpose.
 
 The details of how each OpenSSL command handles errors
 are documented on the specific command page.
@@ -150,16 +151,17 @@ the chain components and their links are checked thoroughly.
 The first step is to check that each certificate is well-formed.
 Part of these checks are enabled only if the B<-x509_strict> option is given.
 
-The second step is to check the extensions of every untrusted certificate
-for consistency with the supplied purpose.
-If the B<-purpose> option is not given then no such checks are done
-except for SSL/TLS connection setup,
-where by default C<sslserver> or C<sslclient>, are checked.
-The target or "leaf" certificate, as well as any other untrusted certificates,
-must have extensions compatible with the specified purpose.
-All certificates except the target or "leaf" must also be valid CA certificates.
-The precise extensions required are described in more detail in
-L<openssl-x509(1)/CERTIFICATE EXTENSIONS>.
+The second step is to check the X.509v3 extensions of every certificate
+for consistency with the intended specific purpose, if any.
+If the B<-purpose> option is not given then no such checks are done except for
+CMS signature checking, where by default C<smimesign> is checked, and SSL/(D)TLS
+connection setup, where by default C<sslserver> or C<sslclient> are checked.
+The X.509v3 extensions of the target or "leaf" certificate
+must be compatible with the specified purpose.
+All other certificates down the chain are checked to be valid CA certificates,
+and possibly also further non-standard checks are performed.
+The precise extensions required are described in detail
+in the L</Certificate Extensions> section below.
 
 The third step is to check the trust settings on the last certificate
 (which typically is a self-signed root CA certificate).
@@ -455,13 +457,16 @@ Set policy variable inhibit-policy-mapping (see RFC5280).
 
 =item B<-purpose> I<purpose>
 
-The intended use for the certificate.
-Currently defined purposes are C<sslclient>, C<sslserver>, C<nssslserver>,
+A high-level specification of the intended use of the target certificate.
+Currently predefined purposes are C<sslclient>, C<sslserver>, C<nssslserver>,
 C<smimesign>, C<smimeencrypt>, C<crlsign>, C<ocsphelper>, C<timestampsign>,
 and C<any>.
 If peer certificate verification is enabled, by default the TLS implementation
-as well as the commands B<s_client> and B<s_server> check for consistency
-with TLS server or TLS client use, respectively.
+and thus the commands L<openssl-s_client(1)> and L<openssl-s_server(1)>
+check for consistency with
+TLS server (C<sslserver>) or TLS client use (C<sslclient>), respectively.
+By default, CMS signature validation, which can be done via L<openssl-cms(1)>,
+checks for consistency with S/MIME signing use (C<smimesign>).
 
 While IETF RFC 5280 says that B<id-kp-serverAuth> and B<id-kp-clientAuth>
 are only for WWW use, in practice they are used for all kinds of TLS clients
@@ -491,19 +496,20 @@ the subject certificate.
 
 =item B<-verify_name> I<name>
 
-Use default verification policies like trust model and required certificate
-policies identified by I<name>.
+Use a set of verification parameters, also known as verification method,
+identified by I<name>. The currently predefined methods are named C<ssl_client>,
+C<ssl_server>, C<smime_sign> with alias C<pkcs7>, and C<default>.
+These mimic the combinations of purpose and trust settings used in SSL/(D)TLS,
+and CMS/PKCS7 (including S/MIME).
+
+The verification parameters include the trust model, various flags that can
+partly be set also via other command-line options, and the verification purpose,
+which in turn implies certificate key usage and extended key usage requirements.
+
 The trust model determines which auxiliary trust or reject OIDs are applicable
 to verifying the given certificate chain.
 They can be given using the B<-addtrust> and B<-addreject> options
 for L<openssl-x509(1)>.
-Supported policy names include: B<default>, B<pkcs7>, B<smime_sign>,
-B<ssl_client>, B<ssl_server>.
-These mimics the combinations of purpose and trust settings used in SSL, CMS
-and S/MIME.
-As of OpenSSL 1.1.0, the trust model is inferred from the purpose when not
-specified, so the B<-verify_name> options are functionally equivalent to the
-corresponding B<-purpose> settings.
 
 =back
 
@@ -548,9 +554,8 @@ This option has no effect and is retained for backward compatibility only.
 
 =head2 Certificate Extensions
 
-Options like B<-purpose> lead to checking the certificate extensions,
-which determine what the target certificate and intermediate CA certificates
-can be used for.
+Options like B<-purpose> and B<-verify_name> trigger the processing of specific
+certificate extensions, which determine what certificates can be used for.
 
 =head3 Basic Constraints
 
@@ -574,87 +579,117 @@ keyCertSign bit set if the keyUsage extension is present.
 
 =head3 Extended Key Usage
 
-The extKeyUsage (EKU) extension places additional restrictions on the
-certificate uses. If this extension is present (whether critical or not)
-the key can only be used for the purposes specified.
-
-A complete description of each check is given below. The comments about
+The extKeyUsage (EKU) extension places additional restrictions on
+certificate use. If this extension is present (whether critical or not)
+in an end-entity certficiate, the key is allowed only for the uses specified,
+while the special EKU B<anyExtendedKeyUsage> allows for all uses.
+
+Note that according to RFC 5280 section 4.2.1.12,
+the Extended Key Usage extension will appear only in end-entity certificates,
+and consequently the standard certification path validation described
+in its section 6 does not include EKU checks for CA certificates.
+The CA/Browser Forum requires for TLS server, S/MIME, and code signing use
+the presence of respective EKUs in subordinate CA certificates (while excluding
+them for root CA certificates), while taking over from RFC 5280
+the certificate validity concept and certificate path validation.
+
+For historic reasons, OpenSSL has its own way of interpreting and checking
+EKU extensions on CA certificates, which may change in the future.
+It does not require the presence of EKU extensions in CA certificates,
+but in case the verification purpose is
+C<sslclient>, C<nssslserver>, C<sslserver>, C<smimesign>, or C<smimeencrypt>,
+it checks that any present EKU extension (that does not contain
+B<anyExtendedKeyUsage>) contains the respective EKU as detailed below.
+Moreover, it does these checks even for trust anchor certificates.
+
+=head3 Checks Implied by Specific Predefined Policies
+
+A specific description of each check is given below. The comments about
 basicConstraints and keyUsage and X.509v1 certificates above apply to B<all>
 CA certificates.
 
-
 =over 4
 
-=item B<SSL Client>
+=item B<(D)TLS Client> (C<sslclient>)
 
-The extended key usage extension must be absent or include the "web client
-authentication" OID.  The keyUsage extension must be absent or it must have the
-digitalSignature bit set.  The Netscape certificate type must be absent
-or it must have the SSL client bit set.
+Any given extended key usage extension must allow for C<clientAuth>
+("TLS WWW client authentication").
 
-=item B<SSL Client CA>
+For target certificates,
+the key usage must allow for C<digitalSignature> and/or C<keyAgreement>.
+The Netscape certificate type must be absent or have the SSL client bit set.
 
-The extended key usage extension must be absent or include the "web client
-authentication" OID.
-The Netscape certificate type must be absent or it must have the SSL CA bit set.
-This is used as a work around if the basicConstraints extension is absent.
+For all other certificates the normal CA checks apply. In addition,
+the Netscape certificate type must be absent or have the SSL CA bit set.
+This is used as a workaround if the basicConstraints extension is absent.
 
-=item B<SSL Server>
+=item B<(D)TLS Server> (C<sslserver>)
 
-The extended key usage extension must be absent or include the "web server
-authentication" and/or one of the SGC OIDs.  The keyUsage extension must be
-absent or it
-must have the digitalSignature, the keyEncipherment set or both bits set.
-The Netscape certificate type must be absent or have the SSL server bit set.
+Any given extended key usage extension must allow for C<serverAuth>
+("TLS WWW server authentication") and/or include one of the SGC OIDs.
 
-=item B<SSL Server CA>
+For target certificates, the key usage must
+allow for C<digitalSignature>, C<keyEncipherment>, and/or C<keyAgreement>.
+The Netscape certificate type must be absent or have the SSL server bit set.
 
-The extended key usage extension must be absent or include the "web server
-authentication" and/or one of the SGC OIDs.  The Netscape certificate type must
-be absent or the SSL CA bit must be set.
-This is used as a work around if the basicConstraints extension is absent.
+For all other certificates the normal CA checks apply. In addition,
+the Netscape certificate type must be absent or have the SSL CA bit set.
+This is used as a workaround if the basicConstraints extension is absent.
 
-=item B<Netscape SSL Server>
+=item B<Netscape SSL Server> (C<nssslserver>)
 
-For Netscape SSL clients to connect to an SSL server it must have the
-keyEncipherment bit set if the keyUsage extension is present. This isn't
+In addition to what has been described for B<sslserver>, for a Netscape
+SSL client to connect to an SSL server, its EE certficate must have the
+B<keyEncipherment> bit set if the keyUsage extension is present. This isn't
 always valid because some cipher suites use the key for digital signing.
 Otherwise it is the same as a normal SSL server.
 
-=item B<Common S/MIME Client Tests>
+=item B<Common S/MIME Checks>
 
-The extended key usage extension must be absent or include the "email
-protection" OID.  The Netscape certificate type must be absent or should have the
-S/MIME bit set. If the S/MIME bit is not set in the Netscape certificate type
+Any given extended key usage extension must allow for C<emailProtection>.
+
+For target certificates,
+the Netscape certificate type must be absent or should have the S/MIME bit set.
+If the S/MIME bit is not set in the Netscape certificate type
 then the SSL client bit is tolerated as an alternative but a warning is shown.
 This is because some Verisign certificates don't set the S/MIME bit.
 
-=item B<S/MIME Signing>
+For all other certificates the normal CA checks apply. In addition,
+the Netscape certificate type must be absent or have the S/MIME CA bit set.
+This is used as a workaround if the basicConstraints extension is absent.
+
+=item B<S/MIME Signing> (C<smimesign>)
+
+In addition to the common S/MIME checks, for target certficiates
+the key usage must allow for C<digitalSignature> and/or B<nonRepudiation>.
+
+=item B<S/MIME Encryption> (C<smimeencrypt>)
+
+In addition to the common S/MIME checks, for target certficiates
+the key usage must allow for C<keyEncipherment>.
 
-In addition to the common S/MIME client tests the digitalSignature bit or
-the nonRepudiation bit must be set if the keyUsage extension is present.
+=item B<CRL Signing> (C<crlsign>)
 
-=item B<S/MIME Encryption>
+For target certificates, the key usage must allow for C<cRLSign>.
 
-In addition to the common S/MIME tests the keyEncipherment bit must be set
-if the keyUsage extension is present.
+For all other certifcates the normal CA checks apply.
+Except in this case the basicConstraints extension must be present.
 
-=item B<S/MIME CA>
+=item B<OCSP Helper> (C<ocsphelper>)
 
-The extended key usage extension must be absent or include the "email
-protection" OID.  The Netscape certificate type must be absent or must have the
-S/MIME CA bit set.
-This is used as a work around if the basicConstraints extension is absent.
+For target certificates, no checks are performed at this stage,
+but special checks apply; see L<OCSP_basic_verify(3)>.
 
-=item B<CRL Signing>
+For all other certifcates the normal CA checks apply.
 
-The keyUsage extension must be absent or it must have the CRL signing bit
-set.
+=item B<Timestamp Signing> (C<timestampsign>)
 
-=item B<CRL Signing CA>
+For target certificates, if the key usage extension is present, it must include
+C<digitalSignature> and/or C<nonRepudiation> and must not include other bits.
+The EKU extension must be present and contain C<timeStamping> only.
+Moreover, it must be marked as critical.
 
-The normal CA tests apply. Except in this case the basicConstraints extension
-must be present.
+For all other certifcates the normal CA checks apply.
 
 =back
 
@@ -671,6 +706,7 @@ only the first one (in the mentioned order of locations) is recognised.
 =head1 SEE ALSO
 
 L<X509_verify_cert(3)>,
+L<OCSP_basic_verify(3)>,
 L<openssl-verify(1)>,
 L<openssl-ocsp(1)>,
 L<openssl-ts(1)>,
diff --git a/deps/openssl/openssl/doc/man1/openssl.pod b/deps/openssl/openssl/doc/man1/openssl.pod
index 201428e8700479..4865e5c33e6eba 100644
--- a/deps/openssl/openssl/doc/man1/openssl.pod
+++ b/deps/openssl/openssl/doc/man1/openssl.pod
@@ -653,111 +653,22 @@ See L<property(7)> for a more detailed description.
 
 =head1 ENVIRONMENT
 
-The OpenSSL library can be take some configuration parameters from the
-environment.  Some of these variables are listed below.  For information
-about specific commands, see L<openssl-engine(1)>,
-L<openssl-rehash(1)>, and L<tsget(1)>.
-
-For information about the use of environment variables in configuration,
-see L<config(5)/ENVIRONMENT>.
-
-For information about querying or specifying CPU architecture flags, see
-L<OPENSSL_ia32cap(3)>, and L<OPENSSL_s390xcap(3)>.
+The OpenSSL libraries can take some configuration parameters from the
+environment.
 
 For information about all environment variables used by the OpenSSL libraries,
+such as B<OPENSSL_CONF>, B<OPENSSL_MODULES>, and B<OPENSSL_TRACE>,
 see L<openssl-env(7)>.
 
-=over 4
-
-=item B<OPENSSL_TRACE=>I<name>[,...]
-
-Enable tracing output of OpenSSL library, by name.
-This output will only make sense if you know OpenSSL internals well.
-Also, it might not give you any output at all, depending on how
-OpenSSL was built.
-
-The value is a comma separated list of names, with the following
-available:
-
-=over 4
-
-=item B<TRACE>
-
-Traces the OpenSSL trace API itself.
-
-=item B<INIT>
-
-Traces OpenSSL library initialization and cleanup.
-
-=item B<TLS>
-
-Traces the TLS/SSL protocol.
-
-=item B<TLS_CIPHER>
-
-Traces the ciphers used by the TLS/SSL protocol.
-
-=item B<CONF>
-
-Show details about provider and engine configuration.
-
-=item B<ENGINE_TABLE>
-
-The function that is used by RSA, DSA (etc) code to select registered
-ENGINEs, cache defaults and functional references (etc), will generate
-debugging summaries.
-
-=item B<ENGINE_REF_COUNT>
-
-Reference counts in the ENGINE structure will be monitored with a line
-of generated for each change.
-
-=item B<PKCS5V2>
-
-Traces PKCS#5 v2 key generation.
-
-=item B<PKCS12_KEYGEN>
-
-Traces PKCS#12 key generation.
-
-=item B<PKCS12_DECRYPT>
-
-Traces PKCS#12 decryption.
-
-=item B<X509V3_POLICY>
-
-Generates the complete policy tree at various points during X.509 v3
-policy evaluation.
-
-=item B<BN_CTX>
-
-Traces BIGNUM context operations.
-
-=item B<CMP>
-
-Traces CMP client and server activity.
-
-=item B<STORE>
-
-Traces STORE operations.
-
-=item B<DECODER>
-
-Traces decoder operations.
-
-=item B<ENCODER>
-
-Traces encoder operations.
-
-=item B<REF_COUNT>
-
-Traces decrementing certain ASN.1 structure references.
+For information about the use of environment variables in configuration,
+see L<config(5)/ENVIRONMENT>.
 
-=back
+For information about specific commands, see L<openssl-engine(1)>,
+L<openssl-rehash(1)>, and L<tsget(1)>.
 
-=back
+For information about querying or specifying CPU architecture flags, see
+L<OPENSSL_ia32cap(3)>, and L<OPENSSL_s390xcap(3)>.
 
-=head1 SEE ALSO
 
 L<openssl-asn1parse(1)>,
 L<openssl-ca(1)>,
diff --git a/deps/openssl/openssl/doc/man3/ASN1_TIME_set.pod b/deps/openssl/openssl/doc/man3/ASN1_TIME_set.pod
index 66d9fefe1af6e5..bdef3fdbb15562 100644
--- a/deps/openssl/openssl/doc/man3/ASN1_TIME_set.pod
+++ b/deps/openssl/openssl/doc/man3/ASN1_TIME_set.pod
@@ -102,8 +102,8 @@ functions check the syntax of the time structure I<s>.
 
 The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print()
 functions print the time structure I<s> to BIO I<b> in human readable
-format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example
-"Feb  3 00:55:52 2015 GMT", which does not include a newline.
+format. It will be of the format MMM DD HH:MM:SS[.s*] YYYY GMT, for example
+"Feb E<32>3 00:55:52 2015 GMT", which does not include a newline.
 If the time structure has invalid format it prints out "Bad time value" and
 returns an error. The output for generalized time may include a fractional part
 following the second.
@@ -179,6 +179,10 @@ starting with B<ASN1_UTCTIME> and B<ASN1_GENERALIZEDTIME> act only on that
 specific time format. The functions starting with B<ASN1_TIME> will operate on
 either format.
 
+Users familiar with RFC822 should note that when specifying the flag
+B<ASN1_DTFLGS_RFC822> the year will be formatted as documented above,
+i.e., using 4 digits, not 2 as specified in RFC822.
+
 =head1 BUGS
 
 ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do
@@ -272,7 +276,7 @@ The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.
 
 =head1 COPYRIGHT
 
-Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/ASN1_aux_cb.pod b/deps/openssl/openssl/doc/man3/ASN1_aux_cb.pod
index f87b51d5efac26..9963ea1350252e 100644
--- a/deps/openssl/openssl/doc/man3/ASN1_aux_cb.pod
+++ b/deps/openssl/openssl/doc/man3/ASN1_aux_cb.pod
@@ -87,7 +87,7 @@ found for the purposes of reference counting.
 =item I<asn1_cb>
 
 A callback that will be invoked at various points during the processing of
-the the B<ASN1_VALLUE>. See below for further details.
+the B<ASN1_VALUE>. See below for further details.
 
 =item I<enc_offset>
 
@@ -97,7 +97,7 @@ will be saved if the B<ASN1_AFLG_ENCODING> flag has been set.
 =item I<asn1_const_cb>
 
 A callback that will be invoked at various points during the processing of
-the the B<ASN1_VALLUE>. This is used in preference to the I<asn1_cb> callback if
+the B<ASN1_VALUE>. This is used in preference to the I<asn1_cb> callback if
 the B<ASN1_AFLG_CONST_CB> flag is set. See below for further details.
 
 =back
@@ -274,7 +274,7 @@ B<ASN1_OP_GET0_PROPQ> operation types were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BIO_s_accept.pod b/deps/openssl/openssl/doc/man3/BIO_s_accept.pod
index 25a752998caeb5..22b3d35b737488 100644
--- a/deps/openssl/openssl/doc/man3/BIO_s_accept.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_s_accept.pod
@@ -169,16 +169,16 @@ BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.
 BIO_do_accept(),
 BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(),
 BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode()
-return 1 for success and <=0 for failure.
+return 1 for success and <= 0 for failure.
 
 BIO_get_accept_name() returns the accept name or NULL on error.
 BIO_get_peer_name() returns the peer name or NULL on error.
 
 BIO_get_accept_port() returns the accept port as a string or NULL on error.
 BIO_get_peer_port() returns the peer port as a string or NULL on error.
-BIO_get_accept_ip_family() returns the IP family or <=0 on error.
+BIO_get_accept_ip_family() returns the IP family or <= 0 on error.
 
-BIO_get_bind_mode() returns the set of B<BIO_BIND> flags, or <=0 on failure.
+BIO_get_bind_mode() returns the set of B<BIO_BIND> flags, or <= 0 on failure.
 
 BIO_new_accept() returns a BIO or NULL on error.
 
diff --git a/deps/openssl/openssl/doc/man3/BIO_s_connect.pod b/deps/openssl/openssl/doc/man3/BIO_s_connect.pod
index ab813b32d03159..a3c9e6428e470d 100644
--- a/deps/openssl/openssl/doc/man3/BIO_s_connect.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_s_connect.pod
@@ -59,7 +59,7 @@ a single call: that is it creates a new connect BIO with hostname B<name>.
 
 BIO_set_conn_hostname() uses the string B<name> to set the hostname.
 The hostname can be an IP address; if the address is an IPv6 one, it
-must be enclosed with brackets C<[> and C<]>.
+must be enclosed in brackets C<[> and C<]>.
 The hostname can also include the port in the form hostname:port;
 see L<BIO_parse_hostserv(3)> and BIO_set_conn_port() for details.
 
diff --git a/deps/openssl/openssl/doc/man3/ECDSA_sign.pod b/deps/openssl/openssl/doc/man3/ECDSA_sign.pod
index 7e5646665335a0..88e851885a0108 100644
--- a/deps/openssl/openssl/doc/man3/ECDSA_sign.pod
+++ b/deps/openssl/openssl/doc/man3/ECDSA_sign.pod
@@ -52,7 +52,7 @@ size use L<EVP_PKEY_sign(3)> with a NULL I<sig> parameter.
 
 ECDSA_sign() computes a digital signature of the I<dgstlen> bytes hash value
 I<dgst> using the private EC key I<eckey>. The DER encoded signatures is
-stored in I<sig> and its length is returned in I<sig_len>. Note: I<sig> must
+stored in I<sig> and its length is returned in I<siglen>. Note: I<sig> must
 point to ECDSA_size(eckey) bytes of memory. The parameter I<type> is currently
 ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with I<kinv>
 and I<rp> set to NULL.
@@ -82,7 +82,7 @@ used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().
 ECDSA_sign_ex() computes a digital signature of the I<dgstlen> bytes hash value
 I<dgst> using the private EC key I<eckey> and the optional pre-computed values
 I<kinv> and I<rp>. The DER encoded signature is stored in I<sig> and its
-length is returned in I<sig_len>. Note: I<sig> must point to ECDSA_size(eckey)
+length is returned in I<siglen>. Note: I<sig> must point to ECDSA_size(eckey)
 bytes of memory. The parameter I<type> is ignored.
 
 ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is
diff --git a/deps/openssl/openssl/doc/man3/EVP_EncryptInit.pod b/deps/openssl/openssl/doc/man3/EVP_EncryptInit.pod
index f037d135c9da06..a4635f994c2f9a 100644
--- a/deps/openssl/openssl/doc/man3/EVP_EncryptInit.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_EncryptInit.pod
@@ -1284,6 +1284,15 @@ indicates whether the operation was successful. If it does not indicate success,
 the authentication operation has failed and any output data B<MUST NOT> be used
 as it is corrupted.
 
+Please note that the number of authenticated bytes returned by
+EVP_CipherUpdate() depends on the cipher used. Stream ciphers, such as ChaCha20
+or ciphers in GCM mode, can handle 1 byte at a time, resulting in an effective
+"block" size of 1. Conversely, ciphers in OCB mode must process data one block
+at a time, and the block size is returned.
+
+Regardless of the returned size, it is safe to pass unpadded data to an
+EVP_CipherUpdate() call in a single operation.
+
 =head2 GCM and OCB Modes
 
 The following I<ctrl>s are supported in GCM and OCB modes.
@@ -1319,10 +1328,9 @@ For GCM, this call is only valid when decrypting data.
 For OCB, this call is valid when decrypting data to set the expected tag,
 and when encrypting to set the desired tag length.
 
-In OCB mode, calling this when encrypting with C<tag> set to C<NULL> sets the
-tag length. The tag length can only be set before specifying an IV. If this is
-not called prior to setting the IV during encryption, then a default tag length
-is used.
+In OCB mode, calling this with C<tag> set to C<NULL> sets the tag length.
+The tag length can only be set before specifying an IV. If this is not called
+prior to setting the IV, then a default tag length is used.
 
 For OCB AES, the default tag length is 16 (i.e. 128 bits).  It is also the
 maximum tag length for OCB.
diff --git a/deps/openssl/openssl/doc/man3/EVP_PKEY_decapsulate.pod b/deps/openssl/openssl/doc/man3/EVP_PKEY_decapsulate.pod
index 819291627bb8b8..cd6f5f0221a2bb 100644
--- a/deps/openssl/openssl/doc/man3/EVP_PKEY_decapsulate.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_PKEY_decapsulate.pod
@@ -25,10 +25,13 @@ specifying the private key to use.
 The EVP_PKEY_decapsulate() function performs a private key decapsulation
 operation using I<ctx>. The data to be decapsulated is specified using the
 I<wrapped> and I<wrappedlen> parameters.
-If I<unwrapped> is NULL then the maximum size of the output secret buffer
+If I<unwrapped> is NULL then the size of the output secret buffer
 is written to I<*unwrappedlen>. If I<unwrapped> is not NULL and the
 call is successful then the decapsulated secret data is written to I<unwrapped>
-and the amount of data written to I<*unwrappedlen>.
+and the amount of data written to I<*unwrappedlen>.  Note that, if I<unwrappedlen>
+is not NULL in this call, the value it points to must be initialised to the length of
+I<unwrapped>, so that the call can validate it is of sufficient size to hold the
+result of the operation.
 
 =head1 NOTES
 
@@ -57,7 +60,7 @@ Decapsulate data using RSA:
  unsigned char *secret = NULL;;
 
  ctx = EVP_PKEY_CTX_new_from_pkey(libctx, rsa_priv_key, NULL);
- if (ctx = NULL)
+ if (ctx == NULL)
      /* Error */
  if (EVP_PKEY_decapsulate_init(ctx, NULL) <= 0)
      /* Error */
diff --git a/deps/openssl/openssl/doc/man3/EVP_PKEY_encapsulate.pod b/deps/openssl/openssl/doc/man3/EVP_PKEY_encapsulate.pod
index 0ee7d627904d13..eb51836d795122 100644
--- a/deps/openssl/openssl/doc/man3/EVP_PKEY_encapsulate.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_PKEY_encapsulate.pod
@@ -35,7 +35,10 @@ unless I<genkeylen> is NULL.
 If I<wrappedkey> is not NULL and the call is successful then the
 internally generated key is written to I<genkey> and its size is written to
 I<*genkeylen>. The encapsulated version of the generated key is written to
-I<wrappedkey> and its size is written to I<*wrappedkeylen>.
+I<wrappedkey> and its size is written to I<*wrappedkeylen>.  Note that if
+I<wrappedlen> is not NULL, then the value it points to must initially hold the size of
+the  I<unwrapped> buffer so that its size can be validated by the call, ensuring
+it is large enough to hold the result written to I<wrapped>.
 
 =head1 NOTES
 
@@ -63,7 +66,7 @@ Encapsulate an RSASVE key (for RSA keys).
  unsigned char *out = NULL, *secret = NULL;
 
  ctx = EVP_PKEY_CTX_new_from_pkey(libctx, rsa_pub_key, NULL);
- if (ctx = NULL)
+ if (ctx == NULL)
      /* Error */
  if (EVP_PKEY_encapsulate_init(ctx, NULL) <= 0)
      /* Error */
diff --git a/deps/openssl/openssl/doc/man3/OSSL_CMP_CTX_new.pod b/deps/openssl/openssl/doc/man3/OSSL_CMP_CTX_new.pod
index cab88ae88c9102..f2a38b0adef44f 100644
--- a/deps/openssl/openssl/doc/man3/OSSL_CMP_CTX_new.pod
+++ b/deps/openssl/openssl/doc/man3/OSSL_CMP_CTX_new.pod
@@ -355,8 +355,10 @@ If TLS is not used this defaults to the value of
 the environment variable C<http_proxy> if set, else C<HTTP_PROXY>.
 Otherwise defaults to the value of C<https_proxy> if set, else C<HTTPS_PROXY>.
 An empty proxy string specifies not to use a proxy.
-Else the format is C<[http[s]://]address[:port][/path]>,
-where any path given is ignored.
+Otherwise the format is
+C<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>,
+where any given userinfo, path, query, and fragment is ignored.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
 The default port number is 80, or 443 in case C<https:> is given.
 
 OSSL_CMP_CTX_set1_no_proxy() sets the list of server hostnames not to use
diff --git a/deps/openssl/openssl/doc/man3/OSSL_CMP_validate_msg.pod b/deps/openssl/openssl/doc/man3/OSSL_CMP_validate_msg.pod
index 555624a4035836..c5e68065beff0f 100644
--- a/deps/openssl/openssl/doc/man3/OSSL_CMP_validate_msg.pod
+++ b/deps/openssl/openssl/doc/man3/OSSL_CMP_validate_msg.pod
@@ -44,7 +44,7 @@ any self-issued certificate from the I<msg> extraCerts field may be used
 as a trust anchor for the path verification of an 'acceptable' cert if it can be
 used also to validate the issued certificate returned in the IP message. This is
 according to TS 33.310 [Network Domain Security (NDS); Authentication Framework
-(AF)] document specified by the The 3rd Generation Partnership Project (3GPP).
+(AF)] document specified by The 3rd Generation Partnership Project (3GPP).
 Note that using this option is dangerous as the certificate obtained this way
 has not been authenticated (at least not at CMP level).
 Taking it over as a trust anchor implements trust-on-first-use (TOFU).
@@ -77,7 +77,7 @@ The OpenSSL CMP support was added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/OSSL_HTTP_parse_url.pod b/deps/openssl/openssl/doc/man3/OSSL_HTTP_parse_url.pod
index 768f0acdb14c72..4379c122d66ac4 100644
--- a/deps/openssl/openssl/doc/man3/OSSL_HTTP_parse_url.pod
+++ b/deps/openssl/openssl/doc/man3/OSSL_HTTP_parse_url.pod
@@ -42,20 +42,25 @@ take any further default value from the C<HTTP_PROXY>
 environment variable, or from C<HTTPS_PROXY> if I<use_ssl> is nonzero.
 If I<no_proxy> is NULL, take any default exclusion value from the C<no_proxy>
 environment variable, or else from C<NO_PROXY>.
-Return the determined proxy hostname unless the exclusion contains I<server>.
+Return the determined proxy host unless the exclusion value,
+which is a list of proxy hosts separated by C<,> and/or whitespace,
+contains I<server>.
 Otherwise return NULL.
+When I<server> is a string delimited by C<[> and C<]>, which are used for IPv6
+addresses, the enclosing C<[> and C<]> are stripped prior to comparison.
 
 OSSL_parse_url() parses its input string I<url> as a URL of the form
 C<[scheme://][userinfo@]host[:port][/path][?query][#fragment]> and splits it up
 into scheme, userinfo, host, port, path, query, and fragment components.
 The host (or server) component may be a DNS name or an IP address
-where IPv6 addresses should be enclosed in square brackets C<[> and C<]>.
+where IPv6 addresses must be enclosed in square brackets C<[> and C<]>.
 The port component is optional and defaults to C<0>.
 If given, it must be in decimal form.  If the I<pport_num> argument is not NULL
 the integer value of the port number is assigned to I<*pport_num> on success.
 The path component is also optional and defaults to C</>.
 Each non-NULL result pointer argument I<pscheme>, I<puser>, I<phost>, I<pport>,
 I<ppath>, I<pquery>, and I<pfrag>, is assigned the respective url component.
+Any IPv6 address in I<*phost> is enclosed in C<[> and C<]>.
 On success, they are guaranteed to contain non-NULL string pointers, else NULL.
 It is the responsibility of the caller to free them using L<OPENSSL_free(3)>.
 If I<pquery> is NULL, any given query component is handled as part of the path.
@@ -70,7 +75,7 @@ and the scheme is C<https>, else 0.
 The port component is optional and defaults to C<443> if the scheme is C<https>,
 else C<80>.
 Note that relative paths must be given with a leading C</>,
-otherwise the first path element is interpreted as the hostname.
+otherwise the first path element is interpreted as the host.
 
 Calling the deprecated function OCSP_parse_url(url, host, port, path, ssl)
 is equivalent to
diff --git a/deps/openssl/openssl/doc/man3/OSSL_HTTP_transfer.pod b/deps/openssl/openssl/doc/man3/OSSL_HTTP_transfer.pod
index 716e365ef50db0..6da1d91b9f37fa 100644
--- a/deps/openssl/openssl/doc/man3/OSSL_HTTP_transfer.pod
+++ b/deps/openssl/openssl/doc/man3/OSSL_HTTP_transfer.pod
@@ -77,12 +77,14 @@ If TLS is not used this defaults to the environment variable C<http_proxy>
 if set, else C<HTTP_PROXY>.
 If I<use_ssl> != 0 it defaults to C<https_proxy> if set, else C<HTTPS_PROXY>.
 An empty proxy string C<""> forbids using a proxy.
-Else the format is
+Otherwise, the format is
 C<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>,
 where any userinfo, path, query, and fragment given is ignored.
+If the host string is an IPv6 address, it must be enclosed in C<[> and C<]>.
 The default proxy port number is 80, or 443 in case "https:" is given.
 The HTTP client functions connect via the given proxy unless the I<server>
-is found in the optional list I<no_proxy> of proxy hostnames (if not NULL;
+is found in the optional list I<no_proxy> of proxy hostnames or IP addresses
+separated by C<,> and/or whitespace (if not NULL;
 default is the environment variable C<no_proxy> if set, else C<NO_PROXY>).
 Proxying plain HTTP is supported directly,
 while using a proxy for HTTPS connections requires a suitable callback function
diff --git a/deps/openssl/openssl/doc/man3/OSSL_PARAM.pod b/deps/openssl/openssl/doc/man3/OSSL_PARAM.pod
index 1e5bf06cf767a7..22fd0f0d7dd7f3 100644
--- a/deps/openssl/openssl/doc/man3/OSSL_PARAM.pod
+++ b/deps/openssl/openssl/doc/man3/OSSL_PARAM.pod
@@ -11,7 +11,7 @@ OSSL_PARAM - a structure to pass or request object parameters
  typedef struct ossl_param_st OSSL_PARAM;
  struct ossl_param_st {
      const char *key;             /* the name of the parameter */
-     unsigned char data_type;     /* declare what kind of content is in data */
+     unsigned int data_type;      /* declare what kind of content is in data */
      void *data;                  /* value being passed in or out */
      size_t data_size;            /* data size */
      size_t return_size;          /* returned size */
diff --git a/deps/openssl/openssl/doc/man3/OSSL_trace_enabled.pod b/deps/openssl/openssl/doc/man3/OSSL_trace_enabled.pod
index f9c9dffd8c6a8a..bad5b15153539f 100644
--- a/deps/openssl/openssl/doc/man3/OSSL_trace_enabled.pod
+++ b/deps/openssl/openssl/doc/man3/OSSL_trace_enabled.pod
@@ -88,9 +88,10 @@ but rather uses a set of convenience macros, see the L</Macros> section below.
 OSSL_trace_enabled() can be used to check if tracing for the given
 I<category> is enabled.
 
-OSSL_trace_begin() is used to starts a tracing section, and get the
-channel for the given I<category> in form of a BIO.
+OSSL_trace_begin() is used to start a tracing section,
+and get the channel for the given I<category> in form of a BIO.
 This BIO can only be used for output.
+The pointer returned is NULL if the category is invalid or not enabled.
 
 OSSL_trace_end() is used to end a tracing section.
 
@@ -187,6 +188,9 @@ expands to
 
 =head1 NOTES
 
+It is not needed to guard trace output function calls like
+I<OSSL_TRACE(category, ...)> by I<OSSL_TRACE_ENABLED(category)>.
+
 If producing the trace output requires carrying out auxiliary calculations,
 this auxiliary code should be placed inside a conditional block which is
 executed only if the trace category is enabled.
diff --git a/deps/openssl/openssl/doc/man3/OpenSSL_version.pod b/deps/openssl/openssl/doc/man3/OpenSSL_version.pod
index 946bb151bafeb1..e1cf16e2a109b9 100644
--- a/deps/openssl/openssl/doc/man3/OpenSSL_version.pod
+++ b/deps/openssl/openssl/doc/man3/OpenSSL_version.pod
@@ -211,14 +211,6 @@ automatically configured but may be set via an environment variable.
 The value has the same syntax as the environment variable.
 For x86 the string looks like C<OPENSSL_ia32cap=0x123:0x456>.
 
-=item OPENSSL_INFO_QUIC
-
-This is only defined when compiling with a QUIC-enabled version of
-OpenSSL. At run time, this will return "QUIC" if QUIC is supported.
-
-This can be used as a build time flag to determine if OpenSSL has
-QUIC enabled.
-
 =back
 
 For an unknown I<t>, NULL is returned.
diff --git a/deps/openssl/openssl/doc/man3/SSL_CIPHER_get_name.pod b/deps/openssl/openssl/doc/man3/SSL_CIPHER_get_name.pod
index a55ad4d980f9b9..09b7280bdd581b 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CIPHER_get_name.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CIPHER_get_name.pod
@@ -13,7 +13,6 @@ SSL_CIPHER_get_digest_nid,
 SSL_CIPHER_get_handshake_digest,
 SSL_CIPHER_get_kx_nid,
 SSL_CIPHER_get_auth_nid,
-SSL_CIPHER_get_prf_nid,
 SSL_CIPHER_is_aead,
 SSL_CIPHER_find,
 SSL_CIPHER_get_id,
@@ -35,7 +34,6 @@ SSL_CIPHER_get_protocol_id
  const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
  int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
  int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
- int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
  int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
  const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
  uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
@@ -93,15 +91,6 @@ TLS 1.3 cipher suites) B<NID_auth_any> is returned. Examples (not comprehensive)
  NID_auth_ecdsa
  NID_auth_psk
 
-SSL_CIPHER_get_prf_nid() retuns the pseudo-random function NID for B<c>. If B<c> is
-a pre-TLS-1.2 cipher, it returns B<NID_md5_sha1> but note these ciphers use
-SHA-256 in TLS 1.2. Other return values may be treated uniformly in all
-applicable versions. Examples (not comprehensive):
-
- NID_md5_sha1
- NID_sha256
- NID_sha384
-
 SSL_CIPHER_is_aead() returns 1 if the cipher B<c> is AEAD (e.g. GCM or
 ChaCha20/Poly1305), and 0 if it is not AEAD.
 
@@ -212,8 +201,6 @@ required to enable this function.
 
 The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.
 
-The SSL_CIPHER_get_prf_nid() function was added in OpenSSL 3.0.0.
-
 =head1 COPYRIGHT
 
 Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_new.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_new.pod
index f467f93659b575..627d9e7f0dc36d 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_new.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CTX_new.pod
@@ -104,10 +104,12 @@ On session establishment, by default, no peer credentials verification is done.
 This must be explicitly requested, typically using L<SSL_CTX_set_verify(3)>.
 For verifying peer certificates many options can be set using various functions
 such as L<SSL_CTX_load_verify_locations(3)> and L<SSL_CTX_set1_param(3)>.
-The L<X509_VERIFY_PARAM_set_purpose(3)> function can be used, also in conjunction
-with L<SSL_CTX_get0_param(3)>, to set the intended purpose of the session.
-The default is B<X509_PURPOSE_SSL_SERVER> on the client side
+
+The SSL/(D)TLS implementation uses the L<X509_STORE_CTX_set_default(3)>
+function to prepare checks for B<X509_PURPOSE_SSL_SERVER> on the client side
 and B<X509_PURPOSE_SSL_CLIENT> on the server side.
+The L<X509_VERIFY_PARAM_set_purpose(3)> function can be used, also in conjunction
+with L<SSL_CTX_get0_param(3)>, to override the default purpose of the session.
 
 The SSL_CTX object uses I<method> as the connection method.
 Three method variants are available: a generic method (for either client or
@@ -228,7 +230,7 @@ SSL_CTX_up_ref() returns 1 for success and 0 for failure.
 
 =head1 SEE ALSO
 
-L<SSL_CTX_set_options(3)>, L<SSL_CTX_free(3)>,
+L<SSL_CTX_set_options(3)>, L<SSL_CTX_free(3)>, L<X509_STORE_CTX_set_default(3)>,
 SSL_CTX_set_verify(3), L<SSL_CTX_set1_param(3)>, L<SSL_CTX_get0_param(3)>,
 L<SSL_connect(3)>, L<SSL_accept(3)>,
 L<SSL_CTX_set_min_proto_version(3)>, L<ssl(7)>, L<SSL_set_connect_state(3)>
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_set_quic_method.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_set_quic_method.pod
deleted file mode 100644
index aab5e38889b041..00000000000000
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_set_quic_method.pod
+++ /dev/null
@@ -1,262 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_QUIC_METHOD,
-OSSL_ENCRYPTION_LEVEL,
-SSL_CTX_set_quic_method,
-SSL_set_quic_method,
-SSL_set_quic_transport_params,
-SSL_get_peer_quic_transport_params,
-SSL_quic_max_handshake_flight_len,
-SSL_quic_read_level,
-SSL_quic_write_level,
-SSL_provide_quic_data,
-SSL_process_quic_post_handshake,
-SSL_is_quic,
-SSL_get_peer_quic_transport_version,
-SSL_get_quic_transport_version,
-SSL_set_quic_transport_version,
-SSL_set_quic_use_legacy_codepoint,
-SSL_set_quic_early_data_enabled
-- QUIC support
-
-=head1 SYNOPSIS
-
- #include <openssl/ssl.h>
-
- typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
- typedef enum ssl_encryption_level_t OSSL_ENCRYPTION_LEVEL;
-
- int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
- int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
- int SSL_set_quic_transport_params(SSL *ssl,
-                                   const uint8_t *params,
-                                   size_t params_len);
- void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                         const uint8_t **out_params,
-                                         size_t *out_params_len);
- size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
- OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
- OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
- int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                           const uint8_t *data, size_t len);
- int SSL_process_quic_post_handshake(SSL *ssl);
- int SSL_is_quic(SSL *ssl);
-
- void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
- void SSL_set_quic_transport_version(SSL *ssl, int version);
- int SSL_get_quic_transport_version(const SSL *ssl);
- int SSL_get_peer_quic_transport_version(const SSL *ssl);
- void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_quic_method() and SSL_set_quic_method() configures the QUIC methods.
-This should only be configured with a minimum version of TLS 1.3. B<quic_method>
-must remain valid for the lifetime of B<ctx> or B<ssl>. Calling this disables
-the SSL_OP_ENABLE_MIDDLEBOX_COMPAT option, which is not required for QUIC.
-
-SSL_set_quic_transport_params() configures B<ssl> to send B<params> (of length
-B<params_len>) in the quic_transport_parameters extension in either the
-ClientHello or EncryptedExtensions handshake message. This extension will
-only be sent if the TLS version is at least 1.3, and for a server, only if
-the client sent the extension. The buffer pointed to by B<params> only need be
-valid for the duration of the call to this function.
-
-SSL_get_peer_quic_transport_params() provides the caller with the value of the
-quic_transport_parameters extension sent by the peer. A pointer to the buffer
-containing the TransportParameters will be put in B<*out_params>, and its
-length in B<*out_params_len>. This buffer will be valid for the lifetime of the
-B<ssl>. If no params were received from the peer, B<*out_params_len> will be 0.
-
-SSL_quic_max_handshake_flight_len() returns the maximum number of bytes
-that may be received at the given encryption level. This function should be
-used to limit buffering in the QUIC implementation.
-
-See L<https://tools.ietf.org/html/RFC9000#section-4>.
-
-SSL_quic_read_level() returns the current read encryption level.
-
-SSL_quic_write_level() returns the current write encryption level.
-
-SSL_provide_quic_data() is used to provide data from QUIC CRYPTO frames to the
-state machine, at a particular encryption level B<level>. It is an error to
-call this function with an encryption level less than the current read level.
-It returns one on success and zero on error.
-
-SSL_process_quic_post_handshake() processes any data that QUIC has provided
-after the handshake has completed. This includes NewSessionTicket messages
-sent by the server.
-
-SSL_is_quic() indicates whether a connection uses QUIC.  A given B<SSL>
-or B<SSL_CTX> can only be used with QUIC or TLS, but not both.
-
-SSL_set_quic_use_legacy_codepoint() specifies the legacy extension codepoint
-in manner compatible with some versions of BoringSSL.
-
-SSL_set_quic_transport_version() specifies the quic transport version that
-allows for backwards and forwards compatibility. If set to 0 (default) the
-server will use the highest version the client sent. If set to 0 (default)
-the client will send both extensions.
-
-SSL_get_quic_transport_version() returns the value set by
-SSL_set_quic_transport_version().
-
-SSL_get_peer_quic_transport_version() returns the version the that was
-negotiated.
-
-SSL_set_quic_early_data_enabled() enables QUIC early data if a nonzero
-value is passed.  Clients must set a resumed session before calling this
-function.  Servers must additionally call SSL_CTX_set_max_early_data() or
-SSL_set_max_early_data() with 0xffffffffu as the argument, so that any
-issued session tickets indicate that server is able to accept early data.
-
-=head1 NOTES
-
-These APIs are implementations of BoringSSL's QUIC APIs.
-
-QUIC acts as an underlying transport for the TLS 1.3 handshake. The following
-functions allow a QUIC implementation to serve as the underlying transport as
-described in RFC9001.
-
-When configured for QUIC, SSL_do_handshake() will drive the handshake as
-before, but it will not use the configured B<BIO>. It will call functions from
-the configured B<SSL_QUIC_METHOD> to configure secrets and send data. If data
-is needed from the peer, it will return B<SSL_ERROR_WANT_READ>. When received,
-the caller should call SSL_provide_quic_data() and then SSL_do_handshake() to
-continue the handshake. After the handshake is complete, the caller should call
-SSL_provide_quic_data() for any post-handshake data, followed by
-SSL_process_quic_post_handshake() to process it. It is an error to call
-SSL_read()/SSL_read_ex() and SSL_write()/SSL_write_ex() in QUIC.
-
-Note that secrets for an encryption level may be available to QUIC before the
-level is active in TLS. Callers should use SSL_quic_read_level() to determine
-the active read level for SSL_provide_quic_data(). SSL_do_handshake() will
-pass the active write level to add_handshake_data() when writing data. Callers
-can use SSL_quic_write_level() to query the active write level when
-generating their own errors.
-
-See L<https://tools.ietf.org/html/RFC9001#section-4.1> for more details.
-
-To avoid amplifying DoS attacks, the QUIC implementation must limit the amount
-of data being queued up. The implementation can call
-SSL_quic_max_handshake_flight_len() to get the maximum buffer length at each
-encryption level.
-
-RFC9001 defines a new TLS extension "quic_transport_parameters"
-used by QUIC for each endpoint to unilaterally declare its supported
-transport parameters. The contents of the extension are specified in
-L<https://tools.ietf.org/html/RFC9000#section-18> (as
-a sequence of tag/length/value parameters) along with the interpretation of the
-various parameters and the rules for their processing.
-
-OpenSSL handles this extension as an opaque byte string. The caller is
-responsible for serializing and parsing it.
-
-=head2 OSSL_ENCRYPTION_LEVEL
-
-B<OSSL_ENCRYPTION_LEVEL> (B<enum ssl_encryption_level_t>) represents the
-encryption levels:
-
-=over 4
-
-=item ssl_encryption_initial
-
-The initial encryption level that is used for client and server hellos.
-
-=item ssl_encryption_early_data
-
-The encryption level for early data. This is a write-level for the client
-and a read-level for the server.
-
-=item ssl_encryption_handshake
-
-The encryption level for the remainder of the handshake.
-
-=item ssl_encryption_application
-
-The encryption level for the application data.
-
-=back
-
-=head2 SSL_QUIC_METHOD
-
-The B<SSL_QUIC_METHOD> (B<struct ssl_quic_method_st>) describes the
-QUIC methods.
-
- struct ssl_quic_method_st {
-     int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                   const uint8_t *read_secret,
-                                   const uint8_t *write_secret, size_t secret_len);
-     int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                               const uint8_t *data, size_t len);
-     int (*flush_flight)(SSL *ssl);
-     int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
- };
- typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-set_encryption_secrets() configures the read and write secrets for the given
-encryption level. This function will always be called before an encryption
-level other than B<ssl_encryption_initial> is used. Note, however, that
-secrets for a level may be configured before TLS is ready to send or accept
-data at that level.
-
-When reading packets at a given level, the QUIC implementation must send
-ACKs at the same level, so this function provides read and write secrets
-together. The exception is B<ssl_encryption_early_data>, where secrets are
-only available in the client to server direction. The other secret will be
-NULL. The server acknowledges such data at B<ssl_encryption_application>,
-which will be configured in the same SSL_do_handshake() call.
-
-add_handshake_data() adds handshake data to the current flight at the given
-encryption level. It returns one on success and zero on error.
-
-OpenSSL will pack data from a single encryption level together, but a
-single handshake flight may include multiple encryption levels. Callers
-should defer writing data to the network until flush_flight() to better
-pack QUIC packets into transport datagrams.
-
-flush_flight() is called when the current flight is complete and should be
-written to the transport. Note a flight may contain data at several
-encryption levels.
-
-send_alert() sends a fatal alert at the specified encryption level.
-
-All QUIC methods return 1 on success and 0 on error.
-
-=head1 RETURN VALUES
-
-SSL_CTX_set_quic_method(),
-SSL_set_quic_method(),
-SSL_set_quic_transport_params(), and
-SSL_process_quic_post_handshake()
-return 1 on success, and 0 on error.
-
-SSL_quic_read_level() and SSL_quic_write_level() return the current
-encryption level as an B<OSSL_ENCRYPTION_LEVEL>
-(B<enum ssl_encryption_level_t>).
-
-SSL_quic_max_handshake_flight_len() returns the maximum length in bytes of a
-flight for a given encryption level.
-
-SSL_is_quic() returns 1 if QUIC is being used, 0 if not.
-
-=head1 SEE ALSO
-
-L<ssl(7)>, L<SSL_CIPHER_get_prf_nid(3)>, L<SSL_do_handshake(3)>
-
-=head1 HISTORY
-
-These functions were added in OpenSSL 3.0.0.
-
-=head1 COPYRIGHT
-
-Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/deps/openssl/openssl/doc/man3/SSL_get_shared_sigalgs.pod b/deps/openssl/openssl/doc/man3/SSL_get_shared_sigalgs.pod
index c18114cdf47200..cb9ce025002fed 100644
--- a/deps/openssl/openssl/doc/man3/SSL_get_shared_sigalgs.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_get_shared_sigalgs.pod
@@ -64,7 +64,7 @@ ordered according to configuration and peer preferences.
 The raw values correspond to the on the wire form as defined by RFC5246 et al.
 The NIDs are OpenSSL equivalents. For example if the peer sent sha256(4) and
 rsa(1) then B<*rhash> would be 4, B<*rsign> 1, B<*phash> NID_sha256, B<*psig>
-NID_rsaEncryption and B<*psighash> NID_sha256WithRSAEncryption.
+NID_rsaEncryption and B<*psignhash> NID_sha256WithRSAEncryption.
 
 If a signature algorithm is not recognised the corresponding NIDs
 will be set to B<NID_undef>. This may be because the value is not supported,
diff --git a/deps/openssl/openssl/doc/man3/SSL_set_bio.pod b/deps/openssl/openssl/doc/man3/SSL_set_bio.pod
index c666dc466ecd2d..aaffeedf779b65 100644
--- a/deps/openssl/openssl/doc/man3/SSL_set_bio.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_set_bio.pod
@@ -23,6 +23,9 @@ function, any existing B<rbio> that was previously set will also be freed via a
 call to L<BIO_free_all(3)> (this includes the case where the B<rbio> is set to
 the same value as previously).
 
+If using a custom BIO, B<rbio> must implement either
+L<BIO_meth_set_read_ex(3)> or L<BIO_meth_set_read(3)>.
+
 SSL_set0_wbio() works in the same as SSL_set0_rbio() except that it connects
 the BIO B<wbio> for the write operations of the B<ssl> object. Note that if the
 rbio and wbio are the same then SSL_set0_rbio() and SSL_set0_wbio() each take
@@ -30,6 +33,12 @@ ownership of one reference. Therefore, it may be necessary to increment the
 number of references available using L<BIO_up_ref(3)> before calling the set0
 functions.
 
+If using a custom BIO, B<wbio> must implement
+L<BIO_meth_set_write_ex(3)> or L<BIO_meth_set_write(3)>. It additionally must
+implement L<BIO_flush(3)> using B<BIO_CTRL_FLUSH> and L<BIO_meth_set_ctrl(3)>.
+If flushing is unnecessary with B<wbio>, L<BIO_flush(3)> should return one and
+do nothing.
+
 SSL_set_bio() is similar to SSL_set0_rbio() and SSL_set0_wbio() except
 that it connects both the B<rbio> and the B<wbio> at the same time, and
 transfers the ownership of B<rbio> and B<wbio> to B<ssl> according to
diff --git a/deps/openssl/openssl/doc/man3/X509V3_set_ctx.pod b/deps/openssl/openssl/doc/man3/X509V3_set_ctx.pod
index 8287802e41b2f7..7819c344f7510e 100644
--- a/deps/openssl/openssl/doc/man3/X509V3_set_ctx.pod
+++ b/deps/openssl/openssl/doc/man3/X509V3_set_ctx.pod
@@ -42,8 +42,7 @@ or not) to provide fallback data for the authority key identifier extension.
 
 =head1 RETURN VALUES
 
-X509V3_set_ctx() and X509V3_set_issuer_pkey()
-return 1 on success and 0 on error.
+X509V3_set_issuer_pkey() returns 1 on success and 0 on error.
 
 =head1 SEE ALSO
 
@@ -57,7 +56,7 @@ CTX_TEST was deprecated in OpenSSL 3.0; use X509V3_CTX_TEST instead.
 
 =head1 COPYRIGHT
 
-Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/X509_STORE_CTX_new.pod b/deps/openssl/openssl/doc/man3/X509_STORE_CTX_new.pod
index c508a1d3fc1b88..9929a98e0cf5af 100644
--- a/deps/openssl/openssl/doc/man3/X509_STORE_CTX_new.pod
+++ b/deps/openssl/openssl/doc/man3/X509_STORE_CTX_new.pod
@@ -74,6 +74,12 @@ X509_STORE_CTX_free() completely frees up I<ctx>. After this call I<ctx>
 is no longer valid.
 If I<ctx> is NULL nothing is done.
 
+X509_STORE_CTX_init() sets up I<ctx> for a subsequent verification operation.
+
+X509_STORE_CTX_init() initializes the internal state and resources of the
+given I<ctx>. Among others, it sets the verification parameters associcated
+with the method name C<default>, which includes the C<any> purpose,
+and takes over callback function pointers from I<trust_store> (unless NULL).
 It must be called before each call to L<X509_verify_cert(3)> or
 L<X509_STORE_CTX_verify(3)>, i.e., a context is only good for one verification.
 If you want to verify a further certificate or chain with the same I<ctx>
@@ -144,12 +150,13 @@ by I<ctx> to be I<chain>.
 Ownership of the chain is transferred to I<ctx>,
 and so it should not be free'd by the caller.
 
-X509_STORE_CTX_set_default() looks up and sets the default verification
-method to I<name>. This uses the function X509_VERIFY_PARAM_lookup() to
-find an appropriate set of parameters from the purpose identifier I<name>.
-Currently defined purposes are C<sslclient>, C<sslserver>, C<nssslserver>,
-C<smimesign>, C<smimeencrypt>, C<crlsign>, C<ocsphelper>, C<timestampsign>,
-and C<any>.
+X509_STORE_CTX_set_default() looks up and sets the default verification method.
+This uses the function X509_VERIFY_PARAM_lookup() to find
+the set of parameters associated with the given verification method I<name>.
+Among others, the parameters determine the trust model and verification purpose.
+More detail, including the list of currently predefined methods,
+is described for the B<-verify_name> command-line option
+in L<openssl-verification-options(1)/Verification Options>.
 
 X509_STORE_CTX_set_verify() provides the capability for overriding the default
 verify function. This function is responsible for verifying chain signatures and
diff --git a/deps/openssl/openssl/doc/man3/X509_add_cert.pod b/deps/openssl/openssl/doc/man3/X509_add_cert.pod
index 907164e9710ef9..f59b93ba54d4bc 100644
--- a/deps/openssl/openssl/doc/man3/X509_add_cert.pod
+++ b/deps/openssl/openssl/doc/man3/X509_add_cert.pod
@@ -16,6 +16,7 @@ X509 certificate list addition functions
 =head1 DESCRIPTION
 
 X509_add_cert() adds a certificate I<cert> to the given list I<sk>.
+It is an error for the I<cert> argument to be NULL.
 
 X509_add_certs() adds a list of certificate I<certs> to the given list I<sk>.
 The I<certs> argument may be NULL, which implies no effect.
@@ -66,7 +67,7 @@ were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/X509_load_http.pod b/deps/openssl/openssl/doc/man3/X509_load_http.pod
index a147c43caa3fde..e17330b05587f7 100644
--- a/deps/openssl/openssl/doc/man3/X509_load_http.pod
+++ b/deps/openssl/openssl/doc/man3/X509_load_http.pod
@@ -27,6 +27,9 @@ see L<openssl_user_macros(7)>:
 X509_load_http() and X509_CRL_load_http() loads a certificate or a CRL,
 respectively, in ASN.1 format using HTTP from the given B<url>.
 
+Maximum size of the HTTP response is 100 kB for certificates and 32 MB for CRLs
+and hard coded in the functions.
+
 If B<bio> is given and B<rbio> is NULL then this BIO is used instead of an
 internal one for connecting, writing the request, and reading the response.
 If both B<bio> and B<rbio> are given (which may be memory BIOs, for instance)
diff --git a/deps/openssl/openssl/doc/man7/EVP_KDF-HKDF.pod b/deps/openssl/openssl/doc/man7/EVP_KDF-HKDF.pod
index 5fc0a73241cca4..b563efa5f5d756 100644
--- a/deps/openssl/openssl/doc/man7/EVP_KDF-HKDF.pod
+++ b/deps/openssl/openssl/doc/man7/EVP_KDF-HKDF.pod
@@ -15,6 +15,8 @@ and "extracts" from it a fixed-length pseudorandom key K. The second stage
 "expands" the key K into several additional pseudorandom keys (the output
 of the KDF).
 
+The output is considered to be keying material.
+
 =head2 Identity
 
 "HKDF" is the name for this implementation; it
diff --git a/deps/openssl/openssl/doc/man7/EVP_KDF-KB.pod b/deps/openssl/openssl/doc/man7/EVP_KDF-KB.pod
index 6e25882d674c6e..78b81673a5bdab 100644
--- a/deps/openssl/openssl/doc/man7/EVP_KDF-KB.pod
+++ b/deps/openssl/openssl/doc/man7/EVP_KDF-KB.pod
@@ -10,6 +10,8 @@ The EVP_KDF-KB algorithm implements the Key-Based key derivation function
 (KBKDF).  KBKDF derives a key from repeated application of a keyed MAC to an
 input secret (and other optional values).
 
+The output is considered to be keying material.
+
 =head2 Identity
 
 "KBKDF" is the name for this implementation; it can be used with the
diff --git a/deps/openssl/openssl/doc/man7/EVP_KDF-PBKDF2.pod b/deps/openssl/openssl/doc/man7/EVP_KDF-PBKDF2.pod
index e6cadc8b826d35..9a90f7583abe6d 100644
--- a/deps/openssl/openssl/doc/man7/EVP_KDF-PBKDF2.pod
+++ b/deps/openssl/openssl/doc/man7/EVP_KDF-PBKDF2.pod
@@ -13,6 +13,8 @@ The EVP_KDF-PBKDF2 algorithm implements the PBKDF2 password-based key
 derivation function, as described in SP800-132; it derives a key from a password
 using a salt and iteration count.
 
+The output is considered to be a cryptographic key.
+
 =head2 Identity
 
 "PBKDF2" is the name for this implementation; it
diff --git a/deps/openssl/openssl/doc/man7/EVP_KDF-SS.pod b/deps/openssl/openssl/doc/man7/EVP_KDF-SS.pod
index c8d19691a797b8..6640703eef1c01 100644
--- a/deps/openssl/openssl/doc/man7/EVP_KDF-SS.pod
+++ b/deps/openssl/openssl/doc/man7/EVP_KDF-SS.pod
@@ -11,6 +11,8 @@ SSKDF derives a key using input such as a shared secret key (that was generated
 during the execution of a key establishment scheme) and fixedinfo.
 SSKDF is also informally referred to as 'Concat KDF'.
 
+The output is considered to be keying material.
+
 =head2 Auxiliary function
 
 The implementation uses a selectable auxiliary function H, which can be one of:
diff --git a/deps/openssl/openssl/doc/man7/EVP_KDF-SSHKDF.pod b/deps/openssl/openssl/doc/man7/EVP_KDF-SSHKDF.pod
index c7a3263f455ad2..a5b153947558e2 100644
--- a/deps/openssl/openssl/doc/man7/EVP_KDF-SSHKDF.pod
+++ b/deps/openssl/openssl/doc/man7/EVP_KDF-SSHKDF.pod
@@ -15,6 +15,8 @@ Five inputs are required to perform key derivation: The hashing function
 (for example SHA256), the Initial Key, the Exchange Hash, the Session ID,
 and the derivation key type.
 
+The output is considered to be keying material.
+
 =head2 Identity
 
 "SSHKDF" is the name for this implementation; it
diff --git a/deps/openssl/openssl/doc/man7/EVP_KDF-TLS13_KDF.pod b/deps/openssl/openssl/doc/man7/EVP_KDF-TLS13_KDF.pod
index d588b121faf5a3..7fad55ca61f1bc 100644
--- a/deps/openssl/openssl/doc/man7/EVP_KDF-TLS13_KDF.pod
+++ b/deps/openssl/openssl/doc/man7/EVP_KDF-TLS13_KDF.pod
@@ -12,6 +12,8 @@ the B<EVP_KDF> API.
 The EVP_KDF-TLS13_KDF algorithm implements the HKDF key derivation function
 as used by TLS 1.3.
 
+The output is considered to be keying material.
+
 =head2 Identity
 
 "TLS13-KDF" is the name for this implementation; it
diff --git a/deps/openssl/openssl/doc/man7/EVP_KDF-TLS1_PRF.pod b/deps/openssl/openssl/doc/man7/EVP_KDF-TLS1_PRF.pod
index 8a60e97315549c..90b357e70f0bb2 100644
--- a/deps/openssl/openssl/doc/man7/EVP_KDF-TLS1_PRF.pod
+++ b/deps/openssl/openssl/doc/man7/EVP_KDF-TLS1_PRF.pod
@@ -11,6 +11,8 @@ Support for computing the B<TLS1> PRF through the B<EVP_KDF> API.
 The EVP_KDF-TLS1_PRF algorithm implements the PRF used by TLS versions up to
 and including TLS 1.2.
 
+The output is considered to be keying material.
+
 =head2 Identity
 
 "TLS1-PRF" is the name for this implementation; it
diff --git a/deps/openssl/openssl/doc/man7/EVP_KDF-X942-ASN1.pod b/deps/openssl/openssl/doc/man7/EVP_KDF-X942-ASN1.pod
index a5786ab83faa8a..17464738b511b4 100644
--- a/deps/openssl/openssl/doc/man7/EVP_KDF-X942-ASN1.pod
+++ b/deps/openssl/openssl/doc/man7/EVP_KDF-X942-ASN1.pod
@@ -13,6 +13,8 @@ contains a 32 bit counter as well as optional fields for "partyu-info",
 "partyv-info", "supp-pubinfo" and "supp-privinfo".
 This kdf is used by Cryptographic Message Syntax (CMS).
 
+The output is considered to be keying material.
+
 =head2 Identity
 
 "X942KDF-ASN1" or "X942KDF" is the name for this implementation; it
diff --git a/deps/openssl/openssl/doc/man7/EVP_KDF-X963.pod b/deps/openssl/openssl/doc/man7/EVP_KDF-X963.pod
index 3d6f4372cf3122..ca2f7c1df0efcc 100644
--- a/deps/openssl/openssl/doc/man7/EVP_KDF-X963.pod
+++ b/deps/openssl/openssl/doc/man7/EVP_KDF-X963.pod
@@ -10,6 +10,8 @@ The EVP_KDF-X963 algorithm implements the key derivation function (X963KDF).
 X963KDF is used by Cryptographic Message Syntax (CMS) for EC KeyAgreement, to
 derive a key using input such as a shared secret key and shared info.
 
+The output is considered to be keying material.
+
 =head2 Identity
 
 "X963KDF" is the name for this implementation; it
diff --git a/deps/openssl/openssl/doc/man7/EVP_SIGNATURE-DSA.pod b/deps/openssl/openssl/doc/man7/EVP_SIGNATURE-DSA.pod
index 5a42d6b1cd224f..326a86ee0b42cd 100644
--- a/deps/openssl/openssl/doc/man7/EVP_SIGNATURE-DSA.pod
+++ b/deps/openssl/openssl/doc/man7/EVP_SIGNATURE-DSA.pod
@@ -7,7 +7,9 @@ EVP_SIGNATURE-DSA
 
 =head1 DESCRIPTION
 
-Support for computing DSA signatures.
+Support for computing DSA signatures. The signature produced with
+L<EVP_PKEY_sign(3)> is DER encoded ASN.1 in the form described in
+RFC 3279, section 2.2.2.
 See L<EVP_PKEY-DSA(7)> for information related to DSA keys.
 
 =head2 Signature Parameters
diff --git a/deps/openssl/openssl/doc/man7/openssl-env.pod b/deps/openssl/openssl/doc/man7/openssl-env.pod
index a2443d54d82291..c7dbd2277dc68b 100644
--- a/deps/openssl/openssl/doc/man7/openssl-env.pod
+++ b/deps/openssl/openssl/doc/man7/openssl-env.pod
@@ -51,6 +51,99 @@ See L<OPENSSL_malloc(3)>.
 Specifies the directory from which cryptographic providers are loaded.
 Equivalently, the generic B<-provider-path> command-line option may be used.
 
+=item B<OPENSSL_TRACE>
+
+By default the OpenSSL trace feature is disabled statically.
+To enable it, OpenSSL must be built with tracing support,
+which may be configured like this: C<./config enable-trace>
+
+Unless OpenSSL tracing support is generally disabled,
+enable trace output of specific parts of OpenSSL libraries, by name.
+This output usually makes sense only if you know OpenSSL internals well.
+
+The value of this environment varialble is a comma-separated list of names,
+with the following available:
+
+=over 4
+
+=item B<TRACE>
+
+Traces the OpenSSL trace API itself.
+
+=item B<INIT>
+
+Traces OpenSSL library initialization and cleanup.
+
+=item B<TLS>
+
+Traces the TLS/SSL protocol.
+
+=item B<TLS_CIPHER>
+
+Traces the ciphers used by the TLS/SSL protocol.
+
+=item B<CONF>
+
+Show details about provider and engine configuration.
+
+=item B<ENGINE_TABLE>
+
+The function that is used by RSA, DSA (etc) code to select registered
+ENGINEs, cache defaults and functional references (etc), will generate
+debugging summaries.
+
+=item B<ENGINE_REF_COUNT>
+
+Reference counts in the ENGINE structure will be monitored with a line
+of generated for each change.
+
+=item B<PKCS5V2>
+
+Traces PKCS#5 v2 key generation.
+
+=item B<PKCS12_KEYGEN>
+
+Traces PKCS#12 key generation.
+
+=item B<PKCS12_DECRYPT>
+
+Traces PKCS#12 decryption.
+
+=item B<X509V3_POLICY>
+
+Generates the complete policy tree at various points during X.509 v3
+policy evaluation.
+
+=item B<BN_CTX>
+
+Traces BIGNUM context operations.
+
+=item B<CMP>
+
+Traces CMP client and server activity.
+
+=item B<STORE>
+
+Traces STORE operations.
+
+=item B<DECODER>
+
+Traces decoder operations.
+
+=item B<ENCODER>
+
+Traces encoder operations.
+
+=item B<REF_COUNT>
+
+Traces decrementing certain ASN.1 structure references.
+
+=item B<HTTP>
+
+Traces the HTTP client and server, such as messages being sent and received.
+
+=back
+
 =item B<OPENSSL_WIN32_UTF8>
 
 If set, then L<UI_OpenSSL(3)> returns UTF-8 encoded strings, rather than
diff --git a/deps/openssl/openssl/doc/man7/provider.pod b/deps/openssl/openssl/doc/man7/provider.pod
index a061fc4709d0bb..08ac1d02907ff5 100644
--- a/deps/openssl/openssl/doc/man7/provider.pod
+++ b/deps/openssl/openssl/doc/man7/provider.pod
@@ -227,6 +227,18 @@ MODE is only present where applicable.
 Other aliases may exist for example where standards bodies or common practice
 use alternative names or names that OpenSSL has used historically.
 
+=head3 Provider dependencies
+
+Providers may depend for their proper operation on the availability of
+(functionality implemented in) other providers. As there is no mechanism to
+express such dependencies towards the OpenSSL core, provider authors must
+take care that such dependencies are either completely avoided or made visible
+to users, e.g., by documentation and/or defensive programming, e.g.,
+outputting error messages if required external dependencies are not available,
+e.g., when no provider implementing the required functionality has been
+activated. In particular, provider initialization should not depend on other
+providers already having been initialized.
+
 =head1 OPENSSL PROVIDERS
 
 OpenSSL provides a number of its own providers. These are the default, base,
diff --git a/deps/openssl/openssl/engines/e_afalg.c b/deps/openssl/openssl/engines/e_afalg.c
index ec4e21c582c8e8..58d58ef24ec4aa 100644
--- a/deps/openssl/openssl/engines/e_afalg.c
+++ b/deps/openssl/openssl/engines/e_afalg.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -165,7 +165,7 @@ static ossl_inline int io_getevents(aio_context_t ctx, long min, long max,
             ts32.tv_sec = (__kernel_long_t) timeout->tv_sec;
             ts32.tv_nsec = (__kernel_long_t) timeout->tv_nsec;
 
-            return syscall(__NR_io_getevents, ctx, min, max, events, ts32);
+            return syscall(__NR_io_getevents, ctx, min, max, events, &ts32);
         } else {
             return syscall(__NR_io_getevents, ctx, min, max, events, NULL);
         }
diff --git a/deps/openssl/openssl/engines/e_loader_attic.c b/deps/openssl/openssl/engines/e_loader_attic.c
index a20e04da1a5b47..08c9c16cbbfd3f 100644
--- a/deps/openssl/openssl/engines/e_loader_attic.c
+++ b/deps/openssl/openssl/engines/e_loader_attic.c
@@ -988,7 +988,7 @@ static OSSL_STORE_LOADER_CTX *file_open_ex
 #ifdef _WIN32
         /* Windows file: URIs with a drive letter start with a / */
         if (p[0] == '/' && p[2] == ':' && p[3] == '/') {
-            char c = tolower(p[1]);
+            char c = tolower((unsigned char)p[1]);
 
             if (c >= 'a' && c <= 'z') {
                 p++;
diff --git a/deps/openssl/openssl/include/crypto/bn.h b/deps/openssl/openssl/include/crypto/bn.h
index c5f328156d3a9c..0b8489bb75509c 100644
--- a/deps/openssl/openssl/include/crypto/bn.h
+++ b/deps/openssl/openssl/include/crypto/bn.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -73,6 +73,9 @@ int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words);
  */
 int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
                           BN_MONT_CTX *mont, BN_CTX *ctx);
+int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *in_mont);
 int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
                          BN_CTX *ctx);
 int bn_from_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
diff --git a/deps/openssl/openssl/include/crypto/bn_conf.h b/deps/openssl/openssl/include/crypto/bn_conf.h
deleted file mode 100644
index 79400c6472a49c..00000000000000
--- a/deps/openssl/openssl/include/crypto/bn_conf.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/bn_conf.h"
diff --git a/deps/openssl/openssl/include/crypto/cmserr.h b/deps/openssl/openssl/include/crypto/cmserr.h
index 1de2f9c7d51de9..f53530ae235295 100644
--- a/deps/openssl/openssl/include/crypto/cmserr.h
+++ b/deps/openssl/openssl/include/crypto/cmserr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/include/crypto/dso_conf.h b/deps/openssl/openssl/include/crypto/dso_conf.h
deleted file mode 100644
index e7f2afa9872320..00000000000000
--- a/deps/openssl/openssl/include/crypto/dso_conf.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/dso_conf.h"
diff --git a/deps/openssl/openssl/include/openssl/asn1.h b/deps/openssl/openssl/include/openssl/asn1.h
deleted file mode 100644
index cd9fc7cc706c37..00000000000000
--- a/deps/openssl/openssl/include/openssl/asn1.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/asn1.h"
diff --git a/deps/openssl/openssl/include/openssl/asn1t.h b/deps/openssl/openssl/include/openssl/asn1t.h
deleted file mode 100644
index 6ff4f574949bbd..00000000000000
--- a/deps/openssl/openssl/include/openssl/asn1t.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/asn1t.h"
diff --git a/deps/openssl/openssl/include/openssl/bio.h b/deps/openssl/openssl/include/openssl/bio.h
deleted file mode 100644
index dcece3cb4d6ebf..00000000000000
--- a/deps/openssl/openssl/include/openssl/bio.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/bio.h"
diff --git a/deps/openssl/openssl/include/openssl/cmp.h b/deps/openssl/openssl/include/openssl/cmp.h
deleted file mode 100644
index 7c8a6dc96fc360..00000000000000
--- a/deps/openssl/openssl/include/openssl/cmp.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/cmp.h"
diff --git a/deps/openssl/openssl/include/openssl/cms.h b/deps/openssl/openssl/include/openssl/cms.h
deleted file mode 100644
index 33a00775c9fa76..00000000000000
--- a/deps/openssl/openssl/include/openssl/cms.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/cms.h"
diff --git a/deps/openssl/openssl/include/openssl/cmserr.h b/deps/openssl/openssl/include/openssl/cmserr.h
index f2d7708f10c8d6..52a186520fe453 100644
--- a/deps/openssl/openssl/include/openssl/cmserr.h
+++ b/deps/openssl/openssl/include/openssl/cmserr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -49,6 +49,7 @@
 #  define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE      114
 #  define CMS_R_ERROR_SETTING_KEY                          115
 #  define CMS_R_ERROR_SETTING_RECIPIENTINFO                116
+#  define CMS_R_ERROR_UNSUPPORTED_STATIC_KEY_AGREEMENT     196
 #  define CMS_R_ESS_SIGNING_CERTID_MISMATCH_ERROR          183
 #  define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH               117
 #  define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER           176
diff --git a/deps/openssl/openssl/include/openssl/conf.h b/deps/openssl/openssl/include/openssl/conf.h
deleted file mode 100644
index 2712886cafcd78..00000000000000
--- a/deps/openssl/openssl/include/openssl/conf.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/conf.h"
diff --git a/deps/openssl/openssl/include/openssl/configuration.h b/deps/openssl/openssl/include/openssl/configuration.h
deleted file mode 100644
index 8ffad996047c5e..00000000000000
--- a/deps/openssl/openssl/include/openssl/configuration.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/configuration.h"
diff --git a/deps/openssl/openssl/include/openssl/crmf.h b/deps/openssl/openssl/include/openssl/crmf.h
deleted file mode 100644
index 4103852ecb21c2..00000000000000
--- a/deps/openssl/openssl/include/openssl/crmf.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/crmf.h"
diff --git a/deps/openssl/openssl/include/openssl/crypto.h b/deps/openssl/openssl/include/openssl/crypto.h
deleted file mode 100644
index 6d0e701ebd3c19..00000000000000
--- a/deps/openssl/openssl/include/openssl/crypto.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/crypto.h"
diff --git a/deps/openssl/openssl/include/openssl/ct.h b/deps/openssl/openssl/include/openssl/ct.h
deleted file mode 100644
index 7ebb84387135be..00000000000000
--- a/deps/openssl/openssl/include/openssl/ct.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/ct.h"
diff --git a/deps/openssl/openssl/include/openssl/err.h b/deps/openssl/openssl/include/openssl/err.h
deleted file mode 100644
index bf482070474781..00000000000000
--- a/deps/openssl/openssl/include/openssl/err.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/err.h"
diff --git a/deps/openssl/openssl/include/openssl/ess.h b/deps/openssl/openssl/include/openssl/ess.h
deleted file mode 100644
index 64cc016225119f..00000000000000
--- a/deps/openssl/openssl/include/openssl/ess.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/ess.h"
diff --git a/deps/openssl/openssl/include/openssl/fipskey.h b/deps/openssl/openssl/include/openssl/fipskey.h
deleted file mode 100644
index c012013d98d4e8..00000000000000
--- a/deps/openssl/openssl/include/openssl/fipskey.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/fipskey.h"
diff --git a/deps/openssl/openssl/include/openssl/http.h b/deps/openssl/openssl/include/openssl/http.h
index f7ab214265e474..c63762b70deb5c 100644
--- a/deps/openssl/openssl/include/openssl/http.h
+++ b/deps/openssl/openssl/include/openssl/http.h
@@ -33,8 +33,9 @@ extern "C" {
 # define OPENSSL_HTTP_PROXY "HTTP_PROXY"
 # define OPENSSL_HTTPS_PROXY "HTTPS_PROXY"
 
-#define OSSL_HTTP_DEFAULT_MAX_LINE_LEN (4 * 1024)
-#define OSSL_HTTP_DEFAULT_MAX_RESP_LEN (100 * 1024)
+# define OSSL_HTTP_DEFAULT_MAX_LINE_LEN (4 * 1024)
+# define OSSL_HTTP_DEFAULT_MAX_RESP_LEN (100 * 1024)
+# define OSSL_HTTP_DEFAULT_MAX_CRL_LEN (32 * 1024 * 1024)
 
 /* Low-level HTTP API */
 OSSL_HTTP_REQ_CTX *OSSL_HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio, int buf_size);
diff --git a/deps/openssl/openssl/include/openssl/lhash.h b/deps/openssl/openssl/include/openssl/lhash.h
deleted file mode 100644
index 8d824f5cfe6274..00000000000000
--- a/deps/openssl/openssl/include/openssl/lhash.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/lhash.h"
diff --git a/deps/openssl/openssl/include/openssl/ocsp.h b/deps/openssl/openssl/include/openssl/ocsp.h
deleted file mode 100644
index 5b13afedf36bb6..00000000000000
--- a/deps/openssl/openssl/include/openssl/ocsp.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/ocsp.h"
diff --git a/deps/openssl/openssl/include/openssl/opensslv.h b/deps/openssl/openssl/include/openssl/opensslv.h
deleted file mode 100644
index 078cfba40fbe73..00000000000000
--- a/deps/openssl/openssl/include/openssl/opensslv.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/opensslv.h"
diff --git a/deps/openssl/openssl/include/openssl/pkcs12.h b/deps/openssl/openssl/include/openssl/pkcs12.h
deleted file mode 100644
index 2d7e2c08e99175..00000000000000
--- a/deps/openssl/openssl/include/openssl/pkcs12.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/pkcs12.h"
diff --git a/deps/openssl/openssl/include/openssl/pkcs7.h b/deps/openssl/openssl/include/openssl/pkcs7.h
deleted file mode 100644
index b553f9d0f053b0..00000000000000
--- a/deps/openssl/openssl/include/openssl/pkcs7.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/pkcs7.h"
diff --git a/deps/openssl/openssl/include/openssl/quic.h b/deps/openssl/openssl/include/openssl/quic.h
deleted file mode 100644
index f95e9e8819e572..00000000000000
--- a/deps/openssl/openssl/include/openssl/quic.h
+++ /dev/null
@@ -1,19 +0,0 @@
-/*
- * Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef OPENSSL_QUIC_H
-# define OPENSSL_QUIC_H
-# pragma once
-# ifndef OPENSSL_NO_QUIC
-
-/* moved from crypto.h.in to avoid breaking FIPS checksums */
-# define OPENSSL_INFO_QUIC                     2000
-
-# endif /* OPENSSL_NO_QUIC */
-#endif /* OPENSSL_QUIC_H */
diff --git a/deps/openssl/openssl/include/openssl/safestack.h b/deps/openssl/openssl/include/openssl/safestack.h
deleted file mode 100644
index 989eafb33023b9..00000000000000
--- a/deps/openssl/openssl/include/openssl/safestack.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/safestack.h"
diff --git a/deps/openssl/openssl/include/openssl/srp.h b/deps/openssl/openssl/include/openssl/srp.h
deleted file mode 100644
index 9df42dad4c3127..00000000000000
--- a/deps/openssl/openssl/include/openssl/srp.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/srp.h"
diff --git a/deps/openssl/openssl/include/openssl/ssl.h b/deps/openssl/openssl/include/openssl/ssl.h
deleted file mode 100644
index eb74ca98a9759a..00000000000000
--- a/deps/openssl/openssl/include/openssl/ssl.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/ssl.h"
diff --git a/deps/openssl/openssl/include/openssl/ssl.h.in b/deps/openssl/openssl/include/openssl/ssl.h.in
index 677a20be15d941..105b4a4a3c8bda 100644
--- a/deps/openssl/openssl/include/openssl/ssl.h.in
+++ b/deps/openssl/openssl/include/openssl/ssl.h.in
@@ -2521,75 +2521,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/openssl/include/openssl/sslerr.h b/deps/openssl/openssl/include/openssl/sslerr.h
index b159ef8127c044..1e36405e32c0b7 100644
--- a/deps/openssl/openssl/include/openssl/sslerr.h
+++ b/deps/openssl/openssl/include/openssl/sslerr.h
@@ -161,7 +161,6 @@
 # define SSL_R_MISSING_FATAL                              256
 # define SSL_R_MISSING_PARAMETERS                         290
 # define SSL_R_MISSING_PSK_KEX_MODES_EXTENSION            310
-# define SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION 801
 # define SSL_R_MISSING_RSA_CERTIFICATE                    168
 # define SSL_R_MISSING_RSA_ENCRYPTING_CERT                169
 # define SSL_R_MISSING_RSA_SIGNING_CERT                   170
@@ -336,7 +335,6 @@
 # define SSL_R_WRONG_CERTIFICATE_TYPE                     383
 # define SSL_R_WRONG_CIPHER_RETURNED                      261
 # define SSL_R_WRONG_CURVE                                378
-# define SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED            800
 # define SSL_R_WRONG_SIGNATURE_LENGTH                     264
 # define SSL_R_WRONG_SIGNATURE_SIZE                       265
 # define SSL_R_WRONG_SIGNATURE_TYPE                       370
diff --git a/deps/openssl/openssl/include/openssl/tls1.h b/deps/openssl/openssl/include/openssl/tls1.h
index d005d3c16dfff9..91558fa8d1a5d4 100644
--- a/deps/openssl/openssl/include/openssl/tls1.h
+++ b/deps/openssl/openssl/include/openssl/tls1.h
@@ -151,10 +151,6 @@ extern "C" {
 /* Temporary extension type */
 # define TLSEXT_TYPE_renegotiate                 0xff01
 
-    /* ExtensionType value from RFC9001 */
-# define TLSEXT_TYPE_quic_transport_parameters_draft   0xffa5
-# define TLSEXT_TYPE_quic_transport_parameters         0x0039
-
 # ifndef OPENSSL_NO_NEXTPROTONEG
 /* This is not an IANA defined extension number */
 #  define TLSEXT_TYPE_next_proto_neg              13172
diff --git a/deps/openssl/openssl/include/openssl/ui.h b/deps/openssl/openssl/include/openssl/ui.h
deleted file mode 100644
index f5edb766b4fc6c..00000000000000
--- a/deps/openssl/openssl/include/openssl/ui.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/ui.h"
diff --git a/deps/openssl/openssl/include/openssl/x509.h b/deps/openssl/openssl/include/openssl/x509.h
deleted file mode 100644
index ed28bd68cb2474..00000000000000
--- a/deps/openssl/openssl/include/openssl/x509.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/x509.h"
diff --git a/deps/openssl/openssl/include/openssl/x509_vfy.h b/deps/openssl/openssl/include/openssl/x509_vfy.h
deleted file mode 100644
index 9270a3ee09750a..00000000000000
--- a/deps/openssl/openssl/include/openssl/x509_vfy.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/x509_vfy.h"
diff --git a/deps/openssl/openssl/include/openssl/x509v3.h b/deps/openssl/openssl/include/openssl/x509v3.h
deleted file mode 100644
index 5629ae9a3a90af..00000000000000
--- a/deps/openssl/openssl/include/openssl/x509v3.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/x509v3.h"
diff --git a/deps/openssl/openssl/providers/fips-sources.checksums b/deps/openssl/openssl/providers/fips-sources.checksums
index 2075eca274d6f1..1ab5d0348c6ca2 100644
--- a/deps/openssl/openssl/providers/fips-sources.checksums
+++ b/deps/openssl/openssl/providers/fips-sources.checksums
@@ -4,71 +4,71 @@ c049a936d74100fcced225f575d46662792a6a0039777d2d4df0cf61eff90a68  crypto/aes/aes
 c1e674d08683a25bc053f6233f73a0d0b3a90aafe591ff57b702c7da1582e4a5  crypto/aes/aes_local.h
 a2466f18da5847c7d9fbced17524633c10ce024671a72f53f9c9c55b9b9923dd  crypto/aes/aes_misc.c
 6979c133f76f4623e62e6e970deae70fa025e713a72b71aead5a048d49e47f6f  crypto/aes/asm/aes-586.pl
-2eef5f20f1410b48bdaaafa24ded24f56f34c4ca79db1d38fa6bf1b3b19535bf  crypto/aes/asm/aes-armv4.pl
-38c2cf8ed3910efd89d8721e1b0763a8fde073b91f6529d251165a0496ef9555  crypto/aes/asm/aes-c64xplus.pl
+92be9ff608331a432e95247a8f4fb9e46897d0cb76f2b6db809b61d44287964a  crypto/aes/asm/aes-armv4.pl
+953897f86e2de9fa27ef411155ab3aed133af94885f1507e76449c142da78656  crypto/aes/asm/aes-c64xplus.pl
 00196f01f5218ad731e6a058d406078f7228a9756d9d73f51c0d0c2a68f885af  crypto/aes/asm/aes-ia64.S
-b4ef595194fe1692e1ab2b561f385da01b277cf004902e8fc99e8ac5389bbd35  crypto/aes/asm/aes-mips.pl
-123c4498c94040b70708fdd911cb08c6411b020b4cf3eb761d6fa22c583c3e6f  crypto/aes/asm/aes-parisc.pl
-7a7f2f90791415ef4ffc1ba2a6f6b6fe994bfe0e03d3bf9dab6e428e6874695c  crypto/aes/asm/aes-ppc.pl
-d139e5ad69560fd0ffd8aa2e72304e463650cea4c657be7a90e0d1eb782d580a  crypto/aes/asm/aes-s390x.pl
-133ba35d77002abcd430414749c4e98c4a319630da898e45ff8dbc5800176df1  crypto/aes/asm/aes-sparcv9.pl
-c98690249d490d23e6fee84f672f1463ffc029427110a4329244a59e4e4aaed8  crypto/aes/asm/aes-x86_64.pl
-7ec99947b47e56595f0b085b8bda0b3113112f694e78b1f71b63ecd1f0fa2c67  crypto/aes/asm/aesfx-sparcv9.pl
-ab94a27e533e164bcf09898a6f6019f43609d51a3b374cf75482dcf2914d464e  crypto/aes/asm/aesni-mb-x86_64.pl
-74939261340a0056eb9333fff1c843c8758b9f93de3d94650cd6d2899c6790d8  crypto/aes/asm/aesni-sha1-x86_64.pl
-ce91f0893a2a35fdf4c024ccb0fd8329b30fdbd955f0ae011ab948101ee14951  crypto/aes/asm/aesni-sha256-x86_64.pl
+88b6f8396cd9d86004743d5c3b0f72b7b8c3d5a2b00b0bbb761ba91ae5a7cdc8  crypto/aes/asm/aes-mips.pl
+7ff9c96ef3d591d45d776fa4b244601ea0d9328e289aeab1e1b92436ce7d02ad  crypto/aes/asm/aes-parisc.pl
+f1244cdeadcb4e48f35bc5df19d4cfaf07e0086ad951b84f07ff6966501faa5b  crypto/aes/asm/aes-ppc.pl
+ecbfe826f4c514810c3ee20e265f4f621149694c298554b2682e5de4f029f14f  crypto/aes/asm/aes-s390x.pl
+ee4e8cacef972942d2a89c1a83c984df9cad87c61a54383403c5c4864c403ba1  crypto/aes/asm/aes-sparcv9.pl
+2b3b9ac56bf54334d053857a24bdb08592151e8a7a60b89b8195846b7f8ee7b5  crypto/aes/asm/aes-x86_64.pl
+c56c324667b67d726e040d70379efba5b270e2937f403c1b5979018b836903c7  crypto/aes/asm/aesfx-sparcv9.pl
+14359dc32b7f4e5c08227fb9ac8f9232c1287399463b233fec4a2ab0c19f68d1  crypto/aes/asm/aesni-mb-x86_64.pl
+2fe016e8098d1c959b6199ce98e91dfed9a3a543d6b068daf88d4c4c402701ec  crypto/aes/asm/aesni-sha1-x86_64.pl
+1d3acabadedb88d1327eeb76201ea9b3f4814f44898018ffae6c73e3f400b89b  crypto/aes/asm/aesni-sha256-x86_64.pl
 4ff74d4e629a88ef5a9e3d3f5b340fc0a4793d16d7cc7f1b70da62512a856248  crypto/aes/asm/aesni-x86.pl
-30103cfe3b29d06b34feff48a927e0fa649e9109d35a3db64b09cfeb15426fa2  crypto/aes/asm/aesni-x86_64.pl
-f3490c936a80e012c49e577ec6e1d4d36df324dfef6264e788e6225e20b5fd52  crypto/aes/asm/aesp8-ppc.pl
-a5807ed92ec8a16d123061487c385bf1f65e50878cee95c8e8096844454129f8  crypto/aes/asm/aest4-sparcv9.pl
-d34cf129a8c63e2b77a74117ed4440a4f35408dabd90e21e70eae92d208fa516  crypto/aes/asm/aesv8-armx.pl
-a0b578b7d2787c91013547df07dfa73d8d7a420446dd624c66f7c55159817eb2  crypto/aes/asm/bsaes-armv7.pl
-34accd08242a6bf4a751105f89b0c4de2cd7e54320753587815647abff7124de  crypto/aes/asm/bsaes-x86_64.pl
-d9bc047db9b2f54f27fe0d6e2ede9239b4a1f57a14bf89fa3cfba6b836599386  crypto/aes/asm/vpaes-armv8.pl
-516421b1a321b842f879ad69e7b82ae3e1f3efc8288c83bb34d6577996e85787  crypto/aes/asm/vpaes-ppc.pl
+c7c6694480bb5319690f94826139a93f5c460ebea6dba101b520a76cb956ec93  crypto/aes/asm/aesni-x86_64.pl
+0489a10fbb1a8ca3652848d5c1e14e519501e189bad3e5827a573c26df359691  crypto/aes/asm/aesp8-ppc.pl
+e397a5781893e97dd90a5a52049633be12a43f379ec5751bca2a6350c39444c8  crypto/aes/asm/aest4-sparcv9.pl
+e3955352a92d56905d63e68937e4758f13190a14a10a3dcb1e5c641c49913c0c  crypto/aes/asm/aesv8-armx.pl
+5e8005fdb6641df465bdda20c3476f7176e6bcd63d5073044a0c02a327c7f172  crypto/aes/asm/bsaes-armv7.pl
+0726a2c4c15c27a12b2f7d5e16863df4a1b1daa7b7d9b728f621b2b224d290e6  crypto/aes/asm/bsaes-x86_64.pl
+1ff94d6bf6c8ae4809f64657eb89260fe3cb22137f649d3c73f72cb190258196  crypto/aes/asm/vpaes-armv8.pl
+c3541865cd02d81101cdbab4877ed82772e6980d2c677b9008b38fa1b26d36d4  crypto/aes/asm/vpaes-ppc.pl
 3ec24185750a995377516bc2fb2eae8b1c52094c6fff093bff591837fc12d6c3  crypto/aes/asm/vpaes-x86.pl
-47bedbe6a04254eede121e71f11a657b1f1940aee1916bbfc04fa9fb8454f9b8  crypto/aes/asm/vpaes-x86_64.pl
-1c9a2a0e8cee4a1283c74b2e306f46f79890f6d236394de2a80d1994fd411d1d  crypto/alphacpuid.pl
-7a37cadacdbecb50304228dfcb087ad7fbb6e31f6ab69c52dd161e79afb2f9ca  crypto/arm64cpuid.pl
+060bb6620f50af9afecdf97df051b45b9a50be9daf343dfec1cbb29693ce00a4  crypto/aes/asm/vpaes-x86_64.pl
+2bc67270155e2d6c7da87d9070e005ee79cea18311004907edfd6a078003532a  crypto/alphacpuid.pl
+0255a480b78bdcc71f76676f496962a9828eb900f53b7be13be96ae3f67fe6db  crypto/arm64cpuid.pl
 e0daf54f72dd8fd1bc537d93f34e2a6a887a9ed6027bb33e15a327ef5ff37a42  crypto/armcap.c
-24cc7611225df0e20e414c14e80516c36d48bf99659946e85a876d8757356686  crypto/armv4cpuid.pl
+a43f2c1eef16146943745f684f2add7d186924932a47abf7fb0760cba02804e6  crypto/armv4cpuid.pl
 16739d54200fb81ca7835b5814f965022a2ab41589c7787e2697e3ea72d4fafa  crypto/asn1_dsa.c
-155eff9d747eed808398cfa2af4b276dfc1f9aac8a0f9d801b314ab3f2bf5b56  crypto/bn/asm/alpha-mont.pl
-894cc71b2d783e4e1b54dbef45e9e9280165a2c43981ebdd03282f0e90914928  crypto/bn/asm/armv4-gf2m.pl
-0d2e31dc9cdce02c619adfc9ac720ccf7171384e76a84cdf0e686a805dd7006e  crypto/bn/asm/armv4-mont.pl
-d7df31176f725c1ae7241fee8f681fdcf2ab9eb4d3cc6c80d49c2248ae40a56a  crypto/bn/asm/armv8-mont.pl
+819c9fd2b0cae9aab81c3cbd1815c2e22949d75f132f649b5883812d0bbaa39a  crypto/bn/asm/alpha-mont.pl
+0070595128b250b9ebdebe48ce53d2d27ca16ec4f7c6c8bd169ab2e4a913b2d1  crypto/bn/asm/armv4-gf2m.pl
+8c1c53a725b8a4f92b8a353bfeeb393be94198df41c912e3270f9e654417b250  crypto/bn/asm/armv4-mont.pl
+a0d926004bddb4613552ffa325fac57ab64b085255f2e72881d8478f55890f5a  crypto/bn/asm/armv8-mont.pl
 cb4ad7b7461fcb8e2a0d52881158d0211b79544842d4eae36fc566869a2d62c8  crypto/bn/asm/bn-586.pl
-10fb73a6cc1bc064ebdcf6d7fe3c7407ea1c28b0d65ad0123046f8b1518fa75a  crypto/bn/asm/c64xplus-gf2m.pl
+636da7e2a66272a81f9c99e90b36c6f132ad6236c739e8b9f2e7315f30b72edd  crypto/bn/asm/c64xplus-gf2m.pl
 c86664fb974362ee52a454c83c2c4b23fd5b7d64b3c9e23ef1e0dfd130a46ee5  crypto/bn/asm/co-586.pl
-b88190d748056e6a64988bf1a3d19efc4c292e3d338a65f4505cf769a2041077  crypto/bn/asm/ia64-mont.pl
+199b9b100f194a2a128c14f2a71be5a04d50d069666d90ca5b69baee1318ccb7  crypto/bn/asm/ia64-mont.pl
 a511aafbf76647a0c83705d4491c898a5584d300aa449fa6166c8803372946eb  crypto/bn/asm/ia64.S
-fee42cabeeb87cdf0fa0a6ff3698b2fe98a8a47d10a756052df572097161a8b9  crypto/bn/asm/mips-mont.pl
-b197a8e1be79b8c21f8d26b34b9a282ca42ec4bcd1f3212fde3889747082a1f7  crypto/bn/asm/mips.pl
-13df09cee06a21669137294f92e5c31b4bf05a8035be6800c1cb4403d7cd8290  crypto/bn/asm/parisc-mont.pl
-25c96e545b4981d45557eb14ea5c83aa2d6375ae0df806cb6e6ded2f59ddfed3  crypto/bn/asm/ppc-mont.pl
-1c057083546fa1a3bb1b9819dc5110f5a3b11b7bf5a2fb275012323bd7412403  crypto/bn/asm/ppc.pl
+687c5d6606fdfd0e242005972d15db74a9cbac2b8a9a54a56fcb1e99d3880ff3  crypto/bn/asm/mips-mont.pl
+8aca83d2ec45a40af15e59cff1ac2dc33737a3d25f0a0b74d401fa778a5c5eb8  crypto/bn/asm/mips.pl
+b27ec5181e387e812925bb26823b830f49d7a6e4971b6d11ea583f5632a1504b  crypto/bn/asm/parisc-mont.pl
+9973523b361db963eea4938a7a8a3adc692e1a4e1aec4fa1f1e57dc93da37921  crypto/bn/asm/ppc-mont.pl
+59cd27e1e10c4984b7fb684b27f491e7634473b1bcff197a07e0ca653124aa9a  crypto/bn/asm/ppc.pl
 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  crypto/bn/asm/ppc64-mont-fixed.pl
-fe9278a2504fb40257637a4718081775c29c4eb81f87a8528e5c85f8d0c6281a  crypto/bn/asm/ppc64-mont.pl
-94b2d5cf0faf2efddeb5fb7c575dabc35c1791715cc9299d59a01d9f96cb2d6f  crypto/bn/asm/rsaz-avx2.pl
-cd0861a565231f67252e172420f6914fe47a324b35916c29f6304491447fe84c  crypto/bn/asm/rsaz-avx512.pl
-c19c717d87dd1ba74f138af05c044c05f5d025e26323637f46ba54a8c871a378  crypto/bn/asm/rsaz-x86_64.pl
-ae26becda9f6d30e9edde8bb89c251a0c40a9a6c879c4cdaec273d8c09af9cd6  crypto/bn/asm/s390x-gf2m.pl
-2700337ef133d6688047a1a8e1c671db06016aae777679923ce2b301896762cf  crypto/bn/asm/s390x-mont.pl
+a25be64867ab837d93855af232e2bfa71b85b2c6f00e35e620fdc5618187fb6f  crypto/bn/asm/ppc64-mont.pl
+231579e532443665020d4d522d9f11713d9c5d5c814b95b434b0f65452e16de4  crypto/bn/asm/rsaz-avx2.pl
+1657600d320ea549b527b2d878a7658533d60d26eeb38f42ea470fc612f9bb53  crypto/bn/asm/rsaz-avx512.pl
+31e84dc905b13e38850071528d3abbfcaf8910bbc8b46f38d19c2b386a5f838e  crypto/bn/asm/rsaz-x86_64.pl
+30fedf48dfc5fec1c2044b6c226dd9fc42a92522cc589797a23a79d452bdd2cf  crypto/bn/asm/s390x-gf2m.pl
+590388d69d7ac3a0e9af4014792f4f0fdb9552719e8fb48ebc7e5dfca2a491d4  crypto/bn/asm/s390x-mont.pl
 aa02597f3dc09cfbc190aedb75711859ba0f3efff87067ebfba1ec78ebee40d7  crypto/bn/asm/s390x.S
-87d49e83a7df467097fdfc577aa206be9ee622c40fcbbbe5133b35d9783b7816  crypto/bn/asm/sparct4-mont.pl
+2f7cbc2c3d93b1bbc4953dda38b9ae0ab3a0a8331a0418d94d9b286183736c9e  crypto/bn/asm/sparct4-mont.pl
 ca21a9ccbc54e19fb7c2e6cdf286ce7cb08b0fba960c777c6edce5c57ccc2101  crypto/bn/asm/sparcv8.S
 fbc93c8dbbecefe66086f58fe9719ed87b13b2cdc61454a10e841228296fecef  crypto/bn/asm/sparcv8plus.S
-2ec1497fa06826f7bc574239e425dd8dda0d4a2743e1fe87669ede900291fcb6  crypto/bn/asm/sparcv9-gf2m.pl
-1f490fe184c7a51b2d0646a59e69aa659bfe51270ad21594951b8d7b785bac38  crypto/bn/asm/sparcv9-mont.pl
-277dcb7faa1913b25fd43946c50039bcdd45cb643fd9ddeedd6c207cefa4dd50  crypto/bn/asm/sparcv9a-mont.pl
+127832c1e3d298aad805236776488f5f8836b6a0fdbce3f6b42678163df3909f  crypto/bn/asm/sparcv9-gf2m.pl
+1622f04a8918724ac0e8804baf285fdafa0eeaaecc36c7facd459d0ff13a8cac  crypto/bn/asm/sparcv9-mont.pl
+b69083f78b4b4f7097de4462d16649532fb82c453a82cdd9cc1393122661d6e2  crypto/bn/asm/sparcv9a-mont.pl
 d404375a21d33396824a3da212d6646d4f3150dd141ee4b4a250aefae3482efb  crypto/bn/asm/via-mont.pl
-d632edf9b9bab7d2cd2d616512a98d15cf4b3ebba7a8e7b83650d654ceb52ecb  crypto/bn/asm/vis3-mont.pl
+d24f3e97239c8eed5efc721521b025b7256c15e67a54ea6b5c4cf8f7cd0f89ea  crypto/bn/asm/vis3-mont.pl
 89278854f44d95be916516609ce6f79dcd346bab52574b9b6336a9952aa94bee  crypto/bn/asm/x86-gf2m.pl
 90d4ae234c08267adce9ed38d56e0edc223f7480cb9605f5d7399d0b3914c6be  crypto/bn/asm/x86-mont.pl
 d444ca73875e97e0ea88b20e4c02f2fcf3850e8b9311e3b67a2d04fe2796d543  crypto/bn/asm/x86_64-gcc.c
-a5481ca55d94dc7ebdc93173610d38ae2569cea1fe9b5180debe0ab94e455ce1  crypto/bn/asm/x86_64-gf2m.pl
-d8cc080824a72774cb3343a3d50ddf8f41a5b8321203d4c9a764762b62498b96  crypto/bn/asm/x86_64-mont.pl
-03788cb685268e6a50ddfa742ea1fe937570c9b86f2ebc88ee35f3304f67c045  crypto/bn/asm/x86_64-mont5.pl
+709ddee92e9222ee0ed27bfb90db556e85e2d302e4a9131afa25fdc14c4d858f  crypto/bn/asm/x86_64-gf2m.pl
+da7f7780d27eed164797e5334cd45b35d9c113e86afaca051463aef9a8fd787c  crypto/bn/asm/x86_64-mont.pl
+259fb8d7f40c0dba46920b1f169d5b37de03b0fda645463d19e3ae2b56de851d  crypto/bn/asm/x86_64-mont5.pl
 0ea8185a037a2951bb3d1e590bbbdeac305176d5e618f3e43a04c09733a9de34  crypto/bn/bn_add.c
 759c2b9df808b3562fe8b0c7778dbadbf35f261e14fc2d5090d18c35b4181760  crypto/bn/bn_asm.c
 14bd5a35c05fcf454854b92fb30b356d7ac618c1eb699dd798f6ad2936d1f5ee  crypto/bn/bn_blind.c
@@ -77,10 +77,10 @@ d8cc080824a72774cb3343a3d50ddf8f41a5b8321203d4c9a764762b62498b96  crypto/bn/asm/
 2893b6d03d4850d09c15959941b0759bbb50d8c20e873bed088e7cde4e15a65a  crypto/bn/bn_ctx.c
 d94295953ab91469fe2b9da2a542b8ea11ac38551ecde8f8202b7f645c2dea16  crypto/bn/bn_dh.c
 74b63a4515894592b7241fb30b91b21510beaa3d397809e3d74bc9a73e879d18  crypto/bn/bn_div.c
-49e59eac540db304ab0ca7bee3ba9d45f89548fff98155561bbdb6602d0aab1d  crypto/bn/bn_exp.c
+46357d2d30109ae59482332adf604a5ef1bd64c7de08cc808db028c45190ba93  crypto/bn/bn_exp.c
 ec2b6e3af6df473a23e7f1a8522f2554cb0eb5d34e3282458c4a66d242278434  crypto/bn/bn_exp2.c
 baba7c8ae95af6aa36bc9f4be3a2eed33d500451e568ca4bfc6bc7cb48d4f7ea  crypto/bn/bn_gcd.c
-5fbb1ab8463cd5544a1d95cf7996b6387ae634984a42256b7a21482ce3ac30a2  crypto/bn/bn_gf2m.c
+99325cf50bf72b5d77048c20d7fa4f80a179dc6357023745f9a58c8e914ae136  crypto/bn/bn_gf2m.c
 081e8a6abc23599307dab3b1a92113a65e0bf8717cbc40c970c7469350bc4581  crypto/bn/bn_intern.c
 602ed46fbfe12c899dfb7d9d99ff0dbfff96b454fce3cd02817f3e2488dd9192  crypto/bn/bn_kron.c
 81a4afc27dd1e90c4bfa81c8d385214ce8a2b5884537752944a71ebebd91f4b0  crypto/bn/bn_lib.c
@@ -101,14 +101,14 @@ a5c5c9f99961a5a7f22a3dcdce964c8a330f822be17f08652223a20fed747d0a  crypto/bn/bn_r
 24e62baa56e02f2db6454e10168b7c7fa7638db9221b9acda1803d43f38f36e0  crypto/bn/bn_word.c
 be27115efd36f0077a3ec26b1ff1f586b0b8969ba05d8ffa34b2ff4badf227bf  crypto/bn/rsaz_exp.c
 c4d64da1cdc732ea918fccd6a7bb2746b03365dd26f7ba1e74e08c307ca4c58e  crypto/bn/rsaz_exp.h
-5b82cb8dbf3087c2e671871cb0a92e4039223a51af533a2ee996f3bfd47453a7  crypto/bn/rsaz_exp_x2.c
+9bc3bf8965f98915f9019d2f516345e73c435c5bd8ad94bb4b7057809a7d1383  crypto/bn/rsaz_exp_x2.c
 834db8ff36006e5cb53e09ca6c44290124bd23692f4341ea6563b66fcade4cea  crypto/bsearch.c
 c39334b70e1394e43f378ae8d31b6e6dc125e4d9181e6536d38e649c4eaadb75  crypto/buffer/buffer.c
-d2bfdfd96b182741d2d51f91478ffcc48491b0da44662bc1c32bc506b3eef1ba  crypto/c64xpluscpuid.pl
+5f43844b5d8665de9ab895f93599150a327d73ec2674bbf7d7c512d30163022d  crypto/c64xpluscpuid.pl
 0e1a41a2d81b5765bca3df448f60bf1fad91e485fe89dd65a7300ffc419e316d  crypto/cmac/cmac.c
 5113d8d12d884f845cad3d35d92f0a1ee20ebafd7a169273642f4e8178711de9  crypto/context.c
 c309d81ea991ddf5be4337afad2fd132169f7443c76f863349d3f3c82f3374e4  crypto/core_algorithm.c
-f0fd9eb38bf7f196bbb4d26ce8fdf86d0a4f9db219157e66b2c0ffefb4f42005  crypto/core_fetch.c
+65ba41169f8fec7cb8466c3458721e3150057fb587db087a70752e5e08201381  crypto/core_fetch.c
 799c84d224639c6760c5c28e0e287500a973ca6d0c3d7c1bdcd61b0da4018b3c  crypto/core_namemap.c
 469e2f53b5f76cd487a60d3d4c44c8fc3a6c4d08405597ba664661ba485508d3  crypto/cpuid.c
 71f0fff881eb4c5505fb17662f0ea4bbff24c6858c045a013ad8f786b07da5c4  crypto/cryptlib.c
@@ -138,15 +138,15 @@ f4d52d3897219786c6046bf76abb2f174655c584caa50272bf5d281720df5022  crypto/dsa/dsa
 196dc024873e413d92672c3a9b6c062ed6269250b0da6d41c0da1c03cfec9ef8  crypto/dsa/dsa_ossl.c
 9f501a59c09fc3cb3caafaff25abd44397a94d1062950a4d62e855d2c8986b5a  crypto/dsa/dsa_sign.c
 53fa10cc87ac63e35df661882852dc46ae68e6fee83b842f1aeefe00b8900ee1  crypto/dsa/dsa_vrf.c
-786779d7014bc04846832f80638743784a3850c7ee36e4a8062fe8eb7ac31c9b  crypto/ec/asm/ecp_nistp521-ppc64.pl
-2e3056ea14fab8b306b0281d6a6f4317a6e86dbf652a79ade726e716cd79bb1e  crypto/ec/asm/ecp_nistz256-armv4.pl
-a02edef19d22c5aba196080942111ab0172fc2ebe6d6c40db2beb6a1a2d885c6  crypto/ec/asm/ecp_nistz256-armv8.pl
-729729f8233c95138158f4647b33a36cf175e707ce29563db0eedc811f324ec0  crypto/ec/asm/ecp_nistz256-ppc64.pl
-78a5b172f7c13ae8ac622439ffb9d99b240dbb4bbda3f5c88d1533ae74a445ad  crypto/ec/asm/ecp_nistz256-sparcv9.pl
+d9722ad8c6b6e209865a921f3cda831d09bf54a55cacd1edd9802edb6559190a  crypto/ec/asm/ecp_nistp521-ppc64.pl
+78ad06b88fcc8689a3a846b82f9ee01546e5734acd1bccf2494e523b71dc74d1  crypto/ec/asm/ecp_nistz256-armv4.pl
+4617351d2de4d0b2abfd358c58050cee00702d0b4c1acca09312ec870e351c7d  crypto/ec/asm/ecp_nistz256-armv8.pl
+3715ddd921425f3018741037f01455ed26a840ace08691a800708170a66cf4d2  crypto/ec/asm/ecp_nistz256-ppc64.pl
+cfe7e75a2fddc87a7251684469a8808b9da82b2f5725eafad5806920f89932bd  crypto/ec/asm/ecp_nistz256-sparcv9.pl
 922725c4761cfa567af6ed9ecab04f2c7729ae2595f2fc0fa46dc67879dc87b0  crypto/ec/asm/ecp_nistz256-x86.pl
-19ba01af58788e2873ebc1d5b503a76604bec0b9b6296fa794946e141fc945a4  crypto/ec/asm/ecp_nistz256-x86_64.pl
-e806141073aa3792e2748f6feeee6d3017124b3bc6059a9eca0d53a2f5785346  crypto/ec/asm/x25519-ppc64.pl
-a397592dc9fdb13016311db6184b4a3a4f2e198aacb03528f770f30ea4966cc4  crypto/ec/asm/x25519-x86_64.pl
+ac327475c7ec828d11aa05628b4e3b81ec3b1400f30fe7bec01daf3cf71f2dc9  crypto/ec/asm/ecp_nistz256-x86_64.pl
+cc727533130f5f1a29229929b3d4e8454585d647be25d6344f3c6a0240998368  crypto/ec/asm/x25519-ppc64.pl
+ee897e230964511baa0d1bf95fb938312407a40a88ebe01476879c2763e5f732  crypto/ec/asm/x25519-x86_64.pl
 340336e01aa04fcde9bfd56536f90c9bc0ad56a002b6cfa321a1e421f1e93ceb  crypto/ec/curve25519.c
 9a95ec8366154bb20aeb24f4767a8cbb9953ca0380708eb2f39caca6078cd59e  crypto/ec/curve448/arch_32/f_impl32.c
 063dac1e4a9573c47532123e9e03e3532a7473cc3e146521ba9ec6f486ddf3b1  crypto/ec/curve448/arch_64/arch_intrinsics.h
@@ -166,16 +166,16 @@ f6447921a0031fa5beddedd298e82096fb3fdb189b712fab328b61f6beae0c23  crypto/ec/curv
 ae1637d89287c9d22a34bdc0d67f6e01262a2f8dcef9b61369dba8c334f5a80d  crypto/ec/ec2_oct.c
 6bbbf570ce31f5b579f7e03ec9f8a774663c7c1eb5e475bd31f8fee94a021ffc  crypto/ec/ec2_smpl.c
 2a71bd8dbe4f427c117d990581709a4ddce07fa8e530794b5a9574fef7c48a0c  crypto/ec/ec_asn1.c
-69b1b3acb4295f5fff961b339e8ace913176ca63fcedf4af0da4c27171f24f94  crypto/ec/ec_backend.c
+e959960fe9a78ea67346048c9c02428203819d5b443d18fe7bb26cd1ca28fcdc  crypto/ec/ec_backend.c
 86e2becf9b3870979e2abefa1bd318e1a31820d275e2b50e03b17fc287abb20a  crypto/ec/ec_check.c
 265f911b9d4aada326a2d52cd8a589b556935c8b641598dcd36c6f85d29ce655  crypto/ec/ec_curve.c
 8cfd0dcfb5acbf6105691a2d5e2826dba1ff3906707bc9dd6ff9bffcc306468f  crypto/ec/ec_cvt.c
 95ce53663ab8a1d05bd6f4999f30113e1edce771fb6d218a772fe02de7bdaf4d  crypto/ec/ec_key.c
 7e40fc646863e0675bbb90f075b809f61bdf0600d8095c8366858d9533ab7700  crypto/ec/ec_kmeth.c
-bbd6f618c3dfe425ce0ba1c6710fe59418130e06351881162a590475e6438c44  crypto/ec/ec_lib.c
+fea5cd863cd94b4e543b72942ed8c23175359cfab99ca65203af4ebecb001a15  crypto/ec/ec_lib.c
 a8a4690e42b4af60aad822aa8b16196df337906af53ea4db926707f7b596ff27  crypto/ec/ec_local.h
 fa901b996eb0e460359cd470843bdb03af7a77a2f1136c5e1d30daef70f3e4d2  crypto/ec/ec_mult.c
-129c6b42417bfcf582f4a959cfd65433e6f85b158274f4fa38f9c62615ac9166  crypto/ec/ec_oct.c
+205b17b41e6678f40ec2a92e7856e87904e57121e7dc3120d14a4c4eeafb15b0  crypto/ec/ec_oct.c
 c7fba2f2c33f67dafa23caef8c3abd12f5336274a9a07d412b83be0366969ee6  crypto/ec/ecdh_kdf.c
 b2cf8f052a5716137da7b0e857ed7a5df5fb513b6d14534199a05e32f2b5a866  crypto/ec/ecdh_ossl.c
 2e00c2e0e6f6d58b81fc23fe500f59e98793dc828ca87d64eba10cc0fddd0dc1  crypto/ec/ecdsa_ossl.c
@@ -228,19 +228,19 @@ f897493b50f4e9dd4cacb2a7accda6683c10ece602641874cdff1dac7128a751  crypto/initthr
 7290d8d7ec31a98b17618f218d4f27b393501c7606c814a43db8af1975ad1d10  crypto/lhash/lhash.c
 5d49ce00fc06df1b64cbc139ef45c71e0faf08a33f966bc608c82d574521a49e  crypto/lhash/lhash_local.h
 f866aafae928db1b439ac950dc90744a2397dfe222672fe68b3798396190c8b0  crypto/mem_clr.c
-78a20112586dbce2b8b6e509a0f46f6a36f2a4acf53c3f3511daf7932a71c391  crypto/modes/asm/aes-gcm-armv8_64.pl
-e482f02932d77d61142548ca4f3c8d5709d88ec14ab84723d82331444c0f57da  crypto/modes/asm/aesni-gcm-x86_64.pl
-8fdcb4313fa3a6e541a697525856b9527a06ddf4c794f9393e843f86d67f543c  crypto/modes/asm/ghash-alpha.pl
-ace8c376b394439301cecaf468d2a9a8adae21eff1d43191cefbf6765023452d  crypto/modes/asm/ghash-armv4.pl
-c22f4945e7de3bd7bfef73447f09983e40a3e4dd0938244d902a1c44c98a8467  crypto/modes/asm/ghash-c64xplus.pl
-315a76491cdba48c88df6549c9efd96b50515400810b185a568b7a871681e03d  crypto/modes/asm/ghash-ia64.pl
-25e9f494fcb6eb636c04af2f322736fae8aa339037e199332c96b8c9c3a50afa  crypto/modes/asm/ghash-parisc.pl
-f22d5fa646b4fc2db008b6b05ec07c8790d3ad5485d2b10218fd11d0e81030ba  crypto/modes/asm/ghash-s390x.pl
-de97107e0c19ff9dd4069f0761eccb00e0b3ced345e1f119ab3b918dd2f9c5f6  crypto/modes/asm/ghash-sparcv9.pl
+e14f48d4112c0efe3826b4aa390cc24045a85298cc551ec7f3f36ac4236d7d81  crypto/modes/asm/aes-gcm-armv8_64.pl
+1d686af304f94743038f916125effcb51790c025f3165d8d37b526bbeee781f0  crypto/modes/asm/aesni-gcm-x86_64.pl
+c2e874a8deb418b5d8c935b2e256370566a5150e040c9fa008cdb5b463c26904  crypto/modes/asm/ghash-alpha.pl
+6bc7d63569c73d7020ede481f2de05221ac92403c7cc11e7263ada7644f6aa9b  crypto/modes/asm/ghash-armv4.pl
+097975df63370de7ebea012d17de14fc1f361fb83acf03b432a99ae7d5bceb24  crypto/modes/asm/ghash-c64xplus.pl
+fdde3bc48b37790c6e0006014da71e7a831bbb4fdbfcda2d01dbe0ceb0ba88fa  crypto/modes/asm/ghash-ia64.pl
+e472d73d06933667a51a0af973479993eed333c71b43af03095450acb36dbeb4  crypto/modes/asm/ghash-parisc.pl
+6fb4332ac88113a20915ad4de1931ef88b0114b5379b16e1d967820e1229fbb0  crypto/modes/asm/ghash-s390x.pl
+6af1a05981e1d41e4dea51e58938360e3abc4a4f58e179908242466d032b1a8a  crypto/modes/asm/ghash-sparcv9.pl
 26f55a57e77f774d17dfba93d757f78edfa3a03f68a71ffa37ccf3bfc468b1e2  crypto/modes/asm/ghash-x86.pl
-2a0d23a644083e46745c7cb1ca79de393af9336a2e8eab7c85ffeb3b7b1a286f  crypto/modes/asm/ghash-x86_64.pl
-b407d9fc6ea65fe1a05edc2d139298d78391f3c165314fa6d56dd375b8e453cd  crypto/modes/asm/ghashp8-ppc.pl
-d8436f6dc43a18d49b1a16999ecb513ccf4483f418f75edc01ce68e777c614a9  crypto/modes/asm/ghashv8-armx.pl
+72744131007d2389c09665a59a862f5f6bb61b64bd3456e9b400985cb56586b8  crypto/modes/asm/ghash-x86_64.pl
+a4e9f2e496bd9362b17a1b5989aa4682647cefcff6117f0607122a9e11a9dfd9  crypto/modes/asm/ghashp8-ppc.pl
+69a13f423ca74c22543900c14aef4a848e3bc75504b65d2f51c6903aebcc17a7  crypto/modes/asm/ghashv8-armx.pl
 65112dfe63cd59487e7bdb1706b44acfcf48ecede12cc3ae51daa5b661f41f06  crypto/modes/cbc128.c
 1611e73dc1e01b5c2201f51756a7405b7673aa0bb872e2957d1ec80c3530486f  crypto/modes/ccm128.c
 d8c2f256532a4b94db6d03aea5cb609cccc938069f644b2fc77c5015648d148d  crypto/modes/cfb128.c
@@ -257,7 +257,7 @@ c698d5166d091d6bb6e9df3c211fe1cc916fd43a26ec844f28f547cd708f9c55  crypto/param_b
 4fda13f6af05d80b0ab89ec4f5813c274a21a9b4565be958a02d006236cef05c  crypto/params_dup.c
 b6cbfc8791b31587f32a3f9e4c117549793528ebddc34a361bad1ad8cf8d4c42  crypto/params_from_text.c
 97cb7414dc2f165d5849ee3b46cdfff0afb067729435d9c01a747e0ca41e230c  crypto/ppccap.c
-826a78afb376cbf1e87f12a2a67eef2ee47059a0fd3f9cba7ce7f035e34f8052  crypto/ppccpuid.pl
+3ca43596a7528dec8ff9d1a3cd0d68b62640f84b1d6a8b5e4842cfd0be1133ad  crypto/ppccpuid.pl
 b4d34272a0bd1fbe6562022bf7ea6259b6a5a021a48222d415be47ef5ef2a905  crypto/property/defn_cache.c
 c3709986fd2ab18f3c6136d8dd7705a4538986aa789ceafe770c3a376db3c569  crypto/property/property.c
 66da4f28d408133fb544b14aeb9ad4913e7c5c67e2826e53f0dc5bf4d8fada26  crypto/property/property_local.h
@@ -288,50 +288,50 @@ f01af62704dbf9457e2669c3e7c1d4d740f0388faa49df93611b987a8aa2bf11  crypto/rsa/rsa
 3aba73dacebb046faf8d09dc279149b52c629004b524ec33e6d81c8ad0bc31a8  crypto/rsa/rsa_sp800_56b_gen.c
 1c1c2aeeb18bf1d69e8f134315b7e50d8f43d30eb1aa5bf42983eec9136a2fdc  crypto/rsa/rsa_x931.c
 0acbebed48f6242d595c21e3c1ad69da0daa960d62062e8970209deda144f337  crypto/s390xcap.c
-370d98549d4d98e04b60677b319b85904259359bd9401dd5385aa728278e6626  crypto/s390xcpuid.pl
+22205848cfb55116ebf999dced8331b575886a609ce29e6886e6267b2310c337  crypto/s390xcpuid.pl
 5fa59240ca885cbc0c1cd026934b226d44fc9c3fdf0c2e7e3a7bd7f4963ca2e5  crypto/self_test_core.c
-58a1a8aeb45421954fa0e4bc87157addb96d086ac4e6aade47da96523cecaa74  crypto/sha/asm/keccak1600-armv4.pl
-d6df6cfdd4e2fee52dc16fd31c91768c45c48c22700c486406d70ecb37e8a8bb  crypto/sha/asm/keccak1600-armv8.pl
-81bfb4484d68a3a3e1d704855f76356090867fe10a75db7707b6f7364e8ee8da  crypto/sha/asm/keccak1600-avx2.pl
-b7bb35d51d439abbf3810454ccb9bfb5a51e2111eaf389fb95796ad6220a61a0  crypto/sha/asm/keccak1600-avx512.pl
-37365dcc576f99006132271968bab990e2bebdab7f4168c726bd449a2fa51c6a  crypto/sha/asm/keccak1600-avx512vl.pl
-2767ae2f379a7a3d0c6dd1471d4d90dd896545b456cb6efd6c230df29e511d70  crypto/sha/asm/keccak1600-c64x.pl
+05c533fde7fdba0c76103e97d881b7224c8427451b453e2f6413552996063e31  crypto/sha/asm/keccak1600-armv4.pl
+ca3b2b654f9a8c4bc2fa2538c1f19d17acd4a6b9e0df6a4b81df04efa697e67e  crypto/sha/asm/keccak1600-armv8.pl
+12b7acce2fba0bc0e1ca07842ec84be6a022f141c86e077abb42c864af1d8d9c  crypto/sha/asm/keccak1600-avx2.pl
+faf0cccb685d5abc807e08db194f847c67b940da2fc3c235c210dc31d73a5334  crypto/sha/asm/keccak1600-avx512.pl
+be1e7dd9998e3f31cfa6e1b17bc198aeec584a8b76820e38f71d51b05f8a9f2a  crypto/sha/asm/keccak1600-avx512vl.pl
+33bdcc6f7668460c3bdf779633e43bfad62b937042a73acb007b462fc5b0a034  crypto/sha/asm/keccak1600-c64x.pl
 09fc831dd39bd90a701e9b16d9e9987cc215252a22e1e0355f5da6c495fca35a  crypto/sha/asm/keccak1600-mmx.pl
-485dcc50a51705b86c6dc47e6f58d092fec05dfbfcdf4f2785e4235c67cfe742  crypto/sha/asm/keccak1600-ppc64.pl
-49535b60a1a981059a2a9636fdeeab22942d2a15e775b1ec9b5af8937a46aa76  crypto/sha/asm/keccak1600-s390x.pl
-093751655b460d33b2fa6aa4d63a86e902f7f20b2d2a02ed948b78e5698c0dd5  crypto/sha/asm/keccak1600-x86_64.pl
-e0a4a1df82716053a3f01ec0b096c735a0e3c4f6c9d9ec6b2006b37aaac64448  crypto/sha/asm/keccak1600p8-ppc.pl
+ce4a58129e5ee3ac4c9dfec5ecc010440570ebf7bf869e3e9977f2121a64b27a  crypto/sha/asm/keccak1600-ppc64.pl
+a859fc8cb073b2d0012a93f3155a75fb6eb677441462b0de4f8cf8df1445e970  crypto/sha/asm/keccak1600-s390x.pl
+618dcd4891b4064d3b8aa6dcd74bea7ef55f4962a64957b05a05448f6e3e0f17  crypto/sha/asm/keccak1600-x86_64.pl
+831b8b02ab25d78ba6300ce960d96c13439bfba5844e13061e19c4e25cbacc3d  crypto/sha/asm/keccak1600p8-ppc.pl
 75d832db9bf0e98e7a5c522169060a6dd276c5118cfb297fc3f1111f55cd4007  crypto/sha/asm/sha1-586.pl
-8d937771993f04407f5fdcca8ca8565f9f8a4d9c9a8f7bfd4e9f9121dd0450bb  crypto/sha/asm/sha1-alpha.pl
-ab7ecd62896324393b1fd9020515b9c0d2b9cc34d559f2efafa35affc9a1485d  crypto/sha/asm/sha1-armv4-large.pl
-0acc4e40f793d4d2b960af2baaecc91176ba6742ddd62dca0c33ddc838c58772  crypto/sha/asm/sha1-armv8.pl
-c36f51761e7f59bdd0f61230297fb802542ac5d2d1c6d2b1096ed937131bd583  crypto/sha/asm/sha1-c64xplus.pl
-4ab7c9153b085274a579b388ddff97a4ac7e11585e01811ca95b93a3ec786605  crypto/sha/asm/sha1-ia64.pl
-7a392c5ef7dc19c39d67c7080e0c5214e7a80572c85c022be7e7d4378a5f740d  crypto/sha/asm/sha1-mb-x86_64.pl
-c0fea5a0d32001263c8bcf7fc0757aa68c6a7377f20fef8d28708e1b81de5dec  crypto/sha/asm/sha1-mips.pl
-f11b75a54c5f42aa3a052de8091bfba47d7cac01920b2fe0ddcb637d4c9d0eb9  crypto/sha/asm/sha1-parisc.pl
-d46ef3fc166271a83144d90985034e2c514bd1020b84ec0fe5427ad593bfeb74  crypto/sha/asm/sha1-ppc.pl
-a48c7d9403fe99fbd4daec60e96eb22058da766ab9e606d084a63613962851a2  crypto/sha/asm/sha1-s390x.pl
-0e2951e0574c64ee055ffddf16ceefdec00823107d60362976605f139ad8ae68  crypto/sha/asm/sha1-sparcv9.pl
-5da48400d4fae85e205e95a2fa368e7bf525e51e274b1dd680dfb48645426c85  crypto/sha/asm/sha1-sparcv9a.pl
-04b73c902d36c28b5a7eab47cb85f743eb9c648ed5936f64f655524a1010a1b5  crypto/sha/asm/sha1-thumb.pl
-f36d7ec7464c932230585a754b91f13cea4cde5a381fc9f798d959256d07910e  crypto/sha/asm/sha1-x86_64.pl
+c96e87d4f5311cd73bbdf499acc03418588be12426d878e157dd67e0099e0219  crypto/sha/asm/sha1-alpha.pl
+4ba6d1c7f12fe76bf39babea966f0a4b7f8769e0c0510cbfc2c46a65dd62d45c  crypto/sha/asm/sha1-armv4-large.pl
+efc69cb0d867b7fac6b3fa8985c343d1f984d552bc8e75bbbbace0adf9ee5f15  crypto/sha/asm/sha1-armv8.pl
+11d332b4e058e9fa418d6633316d2e9f9bf520a08b2d933e877bdf38b2edefcf  crypto/sha/asm/sha1-c64xplus.pl
+32ff0e701a7b8f25bcfe8477b20795de54f536527bd87d3ce694fd9aaae356d4  crypto/sha/asm/sha1-ia64.pl
+471c27efca685b2a82ad7fefe329ca54172df9f49b9785da6d706b913b75e693  crypto/sha/asm/sha1-mb-x86_64.pl
+0f5c63cf09e950d1b488935ab3b5562e3e9d5cd1a563fb88a41e3dae90a35e6d  crypto/sha/asm/sha1-mips.pl
+b5ffd7b6dbb04c05de7efa2945adb67ea845e7e61a3bf163a532f7b6acdf4267  crypto/sha/asm/sha1-parisc.pl
+482cd23ca6ec38d6f62b90c68f9f20643579c50f2c0fbb0dab1c10a0e35efe77  crypto/sha/asm/sha1-ppc.pl
+28cf69efd53d7a5a8c32e0f8db32c193f41b91faf44f5f59944334bc3f5aa337  crypto/sha/asm/sha1-s390x.pl
+7fd355b412ddfa1c510e0ba3284f75b1c0d621b6db2ecb1d2a935d5cdb706628  crypto/sha/asm/sha1-sparcv9.pl
+24554e68b0e7b7db7b635ff149549015f623ca0bcd9ae90439586a2076f6ae80  crypto/sha/asm/sha1-sparcv9a.pl
+74d197cdd72400cabbff7e173f72c8976723081508b095dc995e8cd1abf3daa6  crypto/sha/asm/sha1-thumb.pl
+a59a86293e28f5600609dc8af2b39c5285580ae8636520990b000eeeb67bb889  crypto/sha/asm/sha1-x86_64.pl
 c099059ef107f548ea2c2bab64a4eb8c277070ce6d74c4d32bb9808dc19c5fa3  crypto/sha/asm/sha256-586.pl
-3a8cf38dd398a7ab1d9c6701fa61c428b07c4431a0041ed3a2ddf937897825c1  crypto/sha/asm/sha256-armv4.pl
-c394bb5b0ff05595a9e6848b6602a0f29f73a79fc006593740f3ca645ad9d316  crypto/sha/asm/sha256-c64xplus.pl
-f33af8e2e2f57b7b63b8c8b35722d7d11ca6ef1f73fb6c4ccebdd3e86912f4b1  crypto/sha/asm/sha256-mb-x86_64.pl
+b9cee5c5a283f61f601d2dba68a7a76e7aba10bfafffc1a5c4987f9c0aa6f87d  crypto/sha/asm/sha256-armv4.pl
+93ddc97651ee3e779144a3c6b3e46a1bc4aa81e75cd7b9df068a2aef8743d25f  crypto/sha/asm/sha256-c64xplus.pl
+8be5c5d69733ecb16774aa8410b4bcb3623a9f060d2be103d8aa67bf6e4c5843  crypto/sha/asm/sha256-mb-x86_64.pl
 dd82e1311703abb019975fc7b61fb87d67e1ed916dddd065aced051e851114b9  crypto/sha/asm/sha512-586.pl
-1f9ba79b1d591b7aa37b62382422cb025f5b45784d26cc5790c05cf4eb52b792  crypto/sha/asm/sha512-armv4.pl
-8136196fce18b736f671a4b4945cd4aa4ab25a28c90c6fc9ab31ff771e8e0d9f  crypto/sha/asm/sha512-armv8.pl
-5b6796a9978b69fd78ee2ff1adc5cf35d44cad8194a38d1c2aba2023012cf252  crypto/sha/asm/sha512-c64xplus.pl
-e8df660671ba61aa2e8f51358baf5d8ca913093e2ee1a40c9cb46d9c2c0851f6  crypto/sha/asm/sha512-ia64.pl
-525f253ef8051bfb0e344ac2e40688ce359a42707fe360d23a03f522cc88c81a  crypto/sha/asm/sha512-mips.pl
-3c3e03529d8514467f8d77c01978348636bb339315feb8041fbde7640565001e  crypto/sha/asm/sha512-parisc.pl
-952ef1b10e8bbe3f638cc798b91ab9c5b47b66ed8fe94647b1beec9874f2e71e  crypto/sha/asm/sha512-ppc.pl
-193a0ea240264b29dd68a425f604a6da4b18e28838dcf909dd7e711af880f782  crypto/sha/asm/sha512-s390x.pl
-dcb466a1e5938fb64ecb38b0533602192d61334da864ee8dfdcfa12d3cdfa273  crypto/sha/asm/sha512-sparcv9.pl
-bb6503967a58b767a3e73441cfabc77f15c8ac747f377e276d4aa63d05f2c3c4  crypto/sha/asm/sha512-x86_64.pl
-68d2f3b2dccb978ee42640f4fb4d2eae6b74d071017a3eedd9e7cb77762817dc  crypto/sha/asm/sha512p8-ppc.pl
+8d84164f3cfd53290c0c14bb5655510b7a9238857866328c0604d64b4e76fe21  crypto/sha/asm/sha512-armv4.pl
+dadacb6d66b160913bffb4e1a6c3e5f7be6509b26e2c099701d8d3fdb92c1be0  crypto/sha/asm/sha512-armv8.pl
+6f548a088feae3b6faa179653ba449df9d3f5cda1e0561e5b5f120b32274d1eb  crypto/sha/asm/sha512-c64xplus.pl
+9fa54fbc34fd881f4b344374b9b4f8fb15b641424be7af9a31c71af89ae5d577  crypto/sha/asm/sha512-ia64.pl
+fb06844e7c3b014a58dccc8ec6020c71843cfdc5be08288bc7d204f0a840c474  crypto/sha/asm/sha512-mips.pl
+11548f06d213947104a80898e000218ec0d6ff3f6913f6582de498476482ce9f  crypto/sha/asm/sha512-parisc.pl
+7c0c490ce6bb11a228853aecad5e164ce84e5bdabb8a6658ae7184782076c7d3  crypto/sha/asm/sha512-ppc.pl
+38e0455fd6a2b93a7a5385379ca92bc6526585ca1eb4af365fac4c78f7285c72  crypto/sha/asm/sha512-s390x.pl
+0611845c52091b0208dd41f22ddef9dd1e68d3d92fa4c4360738b840a6314de6  crypto/sha/asm/sha512-sparcv9.pl
+f64d16c1e5c3fa4a7969de494a8372127502171a517c14be7a1e3a43a7308699  crypto/sha/asm/sha512-x86_64.pl
+8725cabb8d695c576619f19283b034074a3fa0f1c0be952a9dbe9793be15b907  crypto/sha/asm/sha512p8-ppc.pl
 57f6cf54b1b5d2cac7a8f622b7b6bd1878f360fff3fa0f02352061c24162ebbb  crypto/sha/keccak1600.c
 306cacd3f86e5cacaca74c58ef862516515e5c0cafaff48636d537fd84f1c2fb  crypto/sha/sha1dgst.c
 4d8cf04f5806611e7586aab47fb28165ec1afb00168e2c9876bb36cb5c29bf8b  crypto/sha/sha256.c
@@ -345,13 +345,13 @@ c50c584c55e56347bb43aca4b796b5344d70daece3061f586b79c871c21f5d1a  crypto/sparse_
 7b4efa594d8d1f3ecbf4605cf54f72fb296a3b1d951bdc69e415aaa08f34e5c8  crypto/threads_lib.c
 a41ae93a755e2ec89b3cb5b4932e2b508fdda92ace2e025a2650a6da0e9e972c  crypto/threads_none.c
 3729e2bd36f945808b578e0d89fac0fcb3114e4fc9381614bcbd8a9869991716  crypto/threads_pthread.c
-88423960f0414f6fd41fba4f4c67f9f7260c2741e4788adcd52493e895ec8027  crypto/threads_win.c
-af0af59fe2cb8668a96751f343232d7faa3e7a937beb2bda09ed74fe60b9cb5f  crypto/x86_64cpuid.pl
+f82715745b668297d71b66d05e6bfc3c817bf80bd967c0f33ca7ffbb6e347645  crypto/threads_win.c
+fd6c27cf7c6b5449b17f2b725f4203c4c10207f1973db09fd41571efe5de08fd  crypto/x86_64cpuid.pl
 bbec287bb9bf35379885f8f8998b7fd9e8fc22efee9e1b299109af0f33a7ee16  crypto/x86cpuid.pl
 acbb841170d4d3eb91d969be1c0e4973b1babfd5fcd76440b0628f509f82fd76  e_os.h
 249a0e58e9692920eddc1ada2ac772a0cfd749cfbf618f2f5da08280df545d8f  include/crypto/aes_platform.h
 8c6f308c1ca774e6127e325c3b80511dbcdc99631f032694d8db53a5c02364ee  include/crypto/asn1_dsa.h
-2e8c284672c4e8e395b3da56a3abf3e65bb4346313fb6f7358e925d077a2e1e2  include/crypto/bn.h
+3bded0eaa7ccdebd0b4217b7fdb82676d5c0762a88aca462dbceaef851fafa99  include/crypto/bn.h
 1c46818354d42bd1b1c4e5fdae9e019814936e775fd8c918ca49959c2a6416df  include/crypto/bn_conf.h.in
 7a43a4898fcc8446065e6c99249bcc14e475716e8c1d40d50408c0ab179520e6  include/crypto/bn_dh.h
 e69b2b20fb415e24b970941c84a62b752b5d0175bc68126e467f7cc970495504  include/crypto/cryptlib.h
@@ -518,7 +518,7 @@ ab298c5f89f3165fa11093fad8063b7bcbff0924b43fb3107148ae66d54adcb5  providers/impl
 8ed4a100e4756c31c56147b4b0fab76a4c6e5292aa2f079045f37b5502fd41b9  providers/implementations/ciphers/cipher_aes_gcm_hw_aesni.inc
 4c6f3a2818754a5aa7b6db36dae53e248504f9e82cc5af2ed68c723903d4f9d5  providers/implementations/ciphers/cipher_aes_hw.c
 89de794c090192459d99d95bc4a422e7782e62192cd0fdb3bdef4128cfedee68  providers/implementations/ciphers/cipher_aes_hw_aesni.inc
-fac3a1878dc9c0c363d0ecdd9f74926157df54ca4f40adf8c479927395082008  providers/implementations/ciphers/cipher_aes_ocb.c
+0d77239f0cc1a9e1ecdeb45b6fae12cac2637771d29842199be08699e59f87fc  providers/implementations/ciphers/cipher_aes_ocb.c
 88138a1aff9705e608c0557653be92eb4de65b152555a2b79ec8b2a8fae73e8f  providers/implementations/ciphers/cipher_aes_ocb.h
 855869ab5a8d7a61a11674cfe5d503dfa67f59e7e393730835d1d8cf0ab85c70  providers/implementations/ciphers/cipher_aes_ocb_hw.c
 6a8782c728575d69c86b735c9f47acda5c0daa04e17f1e0faef2c963f23fab20  providers/implementations/ciphers/cipher_aes_wrp.c
@@ -557,7 +557,7 @@ b9a61ce951c1904d8315b1bb26c0ab0aaadb47e71d4ead5df0a891608c728c4b  providers/impl
 c95ce5498e724b9b3d58e3c2f4723e7e3e4beb07f9bea9422e43182cbadb43af  providers/implementations/include/prov/macsignature.h
 29d1a112b799e1f45fdf8bcee8361c2ed67428c250c1cdf408a9fbb7ebf4cce1  providers/implementations/include/prov/names.h
 2187713b446d8b6d24ee986748b941ac3e24292c71e07ff9fb53a33021decdda  providers/implementations/include/prov/seeding.h
-d376c58489ae36fbece94bb88939845ced04a2a0bdd55d6a3562e45a56577ae1  providers/implementations/kdfs/hkdf.c
+6091dd22e716fbe6c7c94524cdee6ad4432a572f2d3c4d360dcafafa3902d692  providers/implementations/kdfs/hkdf.c
 a62e3af09f5af84dcf36f951ba4ac90ca1694adaf3747126186020b155f94186  providers/implementations/kdfs/kbkdf.c
 e0644e727aacfea4da3cf2c4d2602d7ef0626ebb760b6467432ffd54d5fbb24d  providers/implementations/kdfs/pbkdf2.c
 c0778565abff112c0c5257329a7750ec4605e62f26cc36851fa1fbee6e03c70c  providers/implementations/kdfs/pbkdf2.h
@@ -566,14 +566,14 @@ abe2b0f3711eaa34846e155cffc9242e4051c45de896f747afd5ac9d87f637dc  providers/impl
 8571556d77d10e8edc98212473a38f09632e3f19e9995dde89ee6c95f2e84ccf  providers/implementations/kdfs/sskdf.c
 589f6133799da80760e8bc3ab0191a341ab6d4d2706e92e6eb4a24b0250fefa6  providers/implementations/kdfs/tls1_prf.c
 4d4a6d9a562d2dcfec941d3f113a544663b5ac2fbe4accd89ec70c1cc11751d0  providers/implementations/kdfs/x942kdf.c
-6b6c776b12664164f3cb54c21df61e1c4477c7855d89431a16fb338cdae58d43  providers/implementations/kem/rsa_kem.c
+58acb0ff36bf7e463ba714b347b714eccab9fda77c4ca6bacc3a55e6d2ce5ad9  providers/implementations/kem/rsa_kem.c
 11a0d0fb88ed88e965f10b3a0ef6c880f60341df995128f57ad943053aaf15b2  providers/implementations/keymgmt/dh_kmgmt.c
-a329f57cb041cd03907e9d996fbc2f378ee116c7f8d7fbf1ea08b7a5df7e0304  providers/implementations/keymgmt/dsa_kmgmt.c
+9316fc619e8d8a1d841aa0936fc62c28eb2b4c60cc6c9b2d64b72f8641f28abb  providers/implementations/keymgmt/dsa_kmgmt.c
 9bc88451d3ae110c7a108ee73d3b3b6bda801ec3494d2dfb9c9970b85c2d34fe  providers/implementations/keymgmt/ec_kmgmt.c
 258ae17bb2dd87ed1511a8eb3fe99eed9b77f5c2f757215ff6b3d0e8791fc251  providers/implementations/keymgmt/ec_kmgmt_imexport.inc
-011c36aad6834729043f23eacab417732541ee23916d9afa5bb9164862be00bb  providers/implementations/keymgmt/ecx_kmgmt.c
+d0c67b7fbddd51dcfebd96bf99794ca3bc437d50974ebcd56968fb8dd3627b0f  providers/implementations/keymgmt/ecx_kmgmt.c
 053a2be39a87f50b877ebdbbf799cf5faf8b2de33b04311d819d212ee1ea329b  providers/implementations/keymgmt/kdf_legacy_kmgmt.c
-1646b477fa231dd0f6c22444c99098f9b447cab0d39ff69b811262469d4dbe09  providers/implementations/keymgmt/mac_legacy_kmgmt.c
+37e2f9f904eeabf94b1e4152b67ac236f872aa78dd7e47bf0de1b8f50ac19b6c  providers/implementations/keymgmt/mac_legacy_kmgmt.c
 19f22fc70a6321441e56d5bd4aab3d01d52d17069d4e4b5cefce0f411ecece75  providers/implementations/keymgmt/rsa_kmgmt.c
 5eb96ea2df635cf79c5aeccae270fbe896b5e6384a5b3e4b187ce8c10fe8dfc7  providers/implementations/macs/cmac_prov.c
 e69aa06f8f3c6f5a26702b9f44a844b8589b99dc0ee590953a29e8b9ef10acbe  providers/implementations/macs/gmac_prov.c
@@ -588,7 +588,7 @@ f9457255fc57ef5739aa2584e535195e38cc947e31fd044d28d64c28c8a946ce  providers/impl
 04339b66c10017229ef368cb48077f58a252ebfda9ab12b9f919e4149b1036ed  providers/implementations/rands/test_rng.c
 cafb9e6f54ad15889fcebddac6df61336bff7d78936f7de3bb5aab8aee5728d2  providers/implementations/signature/dsa_sig.c
 a30dc6308de0ca33406e7ce909f3bcf7580fb84d863b0976b275839f866258df  providers/implementations/signature/ecdsa_sig.c
-02e833a767afbe98247d6f09dfb1eb5a5cf7304a93f2c5427a9f6af9c8a3b549  providers/implementations/signature/eddsa_sig.c
+09647b736980ac3c762f1e7c10cbfee78e2c6ab327ac62e5039968cea034ff3b  providers/implementations/signature/eddsa_sig.c
 3bb0f342b4cc1b4594ed0986adc47791c0a7b5c1ae7b1888c1fb5edb268a78d9  providers/implementations/signature/mac_legacy_sig.c
 166d7e3a049b28ae2c6f94415070720d176a82e46af1613511c4b073ea705476  providers/implementations/signature/rsa_sig.c
 a14e901b02fe095713624db4080b3aa3ca685d43f9ebec03041f992240973346  ssl/record/tls_pad.c
diff --git a/deps/openssl/openssl/providers/fips.checksum b/deps/openssl/openssl/providers/fips.checksum
index cbd9c09511796a..0904f6a1029ed9 100644
--- a/deps/openssl/openssl/providers/fips.checksum
+++ b/deps/openssl/openssl/providers/fips.checksum
@@ -1 +1 @@
-101807560af8f62c064ad796dfa1e4c269d45aaf5303b47ad0b25fdd6cc92466  providers/fips-sources.checksums
+01b31117f96429fe4c8efbf7f4f10ef32efa2b11c69851fd227e4194db116b6f  providers/fips-sources.checksums
diff --git a/deps/openssl/openssl/providers/implementations/ciphers/cipher_aes_ocb.c b/deps/openssl/openssl/providers/implementations/ciphers/cipher_aes_ocb.c
index eab315453ef1a3..891e73f6726cac 100644
--- a/deps/openssl/openssl/providers/implementations/ciphers/cipher_aes_ocb.c
+++ b/deps/openssl/openssl/providers/implementations/ciphers/cipher_aes_ocb.c
@@ -369,12 +369,20 @@ static int aes_ocb_set_ctx_params(void *vctx, const OSSL_PARAM params[])
         }
         if (p->data == NULL) {
             /* Tag len must be 0 to 16 */
-            if (p->data_size > OCB_MAX_TAG_LEN)
+            if (p->data_size > OCB_MAX_TAG_LEN) {
+                ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH);
                 return 0;
+            }
             ctx->taglen = p->data_size;
         } else {
-            if (p->data_size != ctx->taglen || ctx->base.enc)
+            if (ctx->base.enc) {
+                ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
+                return 0;
+            }
+            if (p->data_size != ctx->taglen) {
+                ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH);
                 return 0;
+            }
             memcpy(ctx->tag, p->data, p->data_size);
         }
      }
diff --git a/deps/openssl/openssl/providers/implementations/encode_decode/encode_key2text.c b/deps/openssl/openssl/providers/implementations/encode_decode/encode_key2text.c
index 3e75a9afb370c6..637fcf6a1214b3 100644
--- a/deps/openssl/openssl/providers/implementations/encode_decode/encode_key2text.c
+++ b/deps/openssl/openssl/providers/implementations/encode_decode/encode_key2text.c
@@ -112,7 +112,8 @@ static int print_labeled_bignum(BIO *out, const char *label, const BIGNUM *bn)
             use_sep = 0; /* The first byte on the next line doesnt have a : */
         }
         if (BIO_printf(out, "%s%c%c", use_sep ? ":" : "",
-                       tolower(p[0]), tolower(p[1])) <= 0)
+                       tolower((unsigned char)p[0]),
+                       tolower((unsigned char)p[1])) <= 0)
             goto err;
         ++bytes;
         p += 2;
diff --git a/deps/openssl/openssl/providers/implementations/kdfs/hkdf.c b/deps/openssl/openssl/providers/implementations/kdfs/hkdf.c
index 3db8b43891a000..69ef565d04fcca 100644
--- a/deps/openssl/openssl/providers/implementations/kdfs/hkdf.c
+++ b/deps/openssl/openssl/providers/implementations/kdfs/hkdf.c
@@ -669,7 +669,7 @@ static int prov_tls13_hkdf_generate_secret(OSSL_LIB_CTX *libctx,
         EVP_MD_CTX_free(mctx);
 
         /* Generate the pre-extract secret */
-        if (!prov_tls13_hkdf_expand(md, prevsecret, mdlen,
+        if (!prov_tls13_hkdf_expand(md, prevsecret, prevsecretlen,
                                     prefix, prefixlen, label, labellen,
                                     hash, mdlen, preextractsec, mdlen))
             return 0;
diff --git a/deps/openssl/openssl/providers/implementations/kdfs/scrypt.c b/deps/openssl/openssl/providers/implementations/kdfs/scrypt.c
index a7072f785f0877..6fa4192600fd26 100644
--- a/deps/openssl/openssl/providers/implementations/kdfs/scrypt.c
+++ b/deps/openssl/openssl/providers/implementations/kdfs/scrypt.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -88,7 +88,9 @@ static void kdf_scrypt_reset(void *vctx)
     KDF_SCRYPT *ctx = (KDF_SCRYPT *)vctx;
 
     OPENSSL_free(ctx->salt);
+    ctx->salt = NULL;
     OPENSSL_clear_free(ctx->pass, ctx->pass_len);
+    ctx->pass = NULL;
     kdf_scrypt_init(ctx);
 }
 
@@ -128,7 +130,6 @@ static int set_digest(KDF_SCRYPT *ctx)
     EVP_MD_free(ctx->sha256);
     ctx->sha256 = EVP_MD_fetch(ctx->libctx, "sha256", ctx->propq);
     if (ctx->sha256 == NULL) {
-        OPENSSL_free(ctx);
         ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_LOAD_SHA256);
         return 0;
     }
diff --git a/deps/openssl/openssl/providers/implementations/kem/rsa_kem.c b/deps/openssl/openssl/providers/implementations/kem/rsa_kem.c
index 882cf161258ab9..94c5bceea597be 100644
--- a/deps/openssl/openssl/providers/implementations/kem/rsa_kem.c
+++ b/deps/openssl/openssl/providers/implementations/kem/rsa_kem.c
@@ -264,6 +264,17 @@ static int rsasve_generate(PROV_RSA_CTX *prsactx,
             *secretlen = nlen;
         return 1;
     }
+
+    /*
+     * If outlen is specified, then it must report the length
+     * of the out buffer on input so that we can confirm
+     * its size is sufficent for encapsulation
+     */
+    if (outlen != NULL && *outlen < nlen) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_OUTPUT_LENGTH);
+        return 0;
+    }
+
     /*
      * Step (2): Generate a random byte string z of nlen bytes where
      *            1 < z < n - 1
@@ -285,15 +296,33 @@ static int rsasve_generate(PROV_RSA_CTX *prsactx,
     return ret;
 }
 
-/*
- * NIST.SP.800-56Br2
+/**
+ * rsasve_recover - Recovers a secret value from ciphertext using an RSA
+ * private key.  Once, recovered, the secret value is considered to be a
+ * shared secret.  Algorithm is preformed as per
+ * NIST SP 800-56B Rev 2
  * 7.2.1.3 RSASVE Recovery Operation (RSASVE.RECOVER).
+ *
+ * This function performs RSA decryption using the private key from the
+ * provided RSA context (`prsactx`). It takes the input ciphertext, decrypts
+ * it, and writes the decrypted message to the output buffer.
+ *
+ * @prsactx:      The RSA context containing the private key.
+ * @out:          The output buffer to store the decrypted message.
+ * @outlen:       On input, the size of the output buffer. On successful
+ *                completion, the actual length of the decrypted message.
+ * @in:           The input buffer containing the ciphertext to be decrypted.
+ * @inlen:        The length of the input ciphertext in bytes.
+ *
+ * Returns 1 on success, or 0 on error. In case of error, appropriate
+ * error messages are raised using the ERR_raise function.
  */
 static int rsasve_recover(PROV_RSA_CTX *prsactx,
                           unsigned char *out, size_t *outlen,
                           const unsigned char *in, size_t inlen)
 {
     size_t nlen;
+    int ret;
 
     /* Step (1): get the byte length of n */
     nlen = RSA_size(prsactx->rsa);
@@ -307,13 +336,30 @@ static int rsasve_recover(PROV_RSA_CTX *prsactx,
         return 1;
     }
 
-    /* Step (2): check the input ciphertext 'inlen' matches the nlen */
+    /*
+     * Step (2): check the input ciphertext 'inlen' matches the nlen
+     * and that outlen is at least nlen bytes
+     */
     if (inlen != nlen) {
         ERR_raise(ERR_LIB_PROV, PROV_R_BAD_LENGTH);
         return 0;
     }
+
+    /*
+     * If outlen is specified, then it must report the length
+     * of the out buffer, so that we can confirm that it is of
+     * sufficient size to hold the output of decapsulation
+     */
+    if (outlen != NULL && *outlen < nlen) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_OUTPUT_LENGTH);
+        return 0;
+    }
+
     /* Step (3): out = RSADP((n,d), in) */
-    return (RSA_private_decrypt(inlen, in, out, prsactx->rsa, RSA_NO_PADDING) > 0);
+    ret = RSA_private_decrypt(inlen, in, out, prsactx->rsa, RSA_NO_PADDING);
+    if (ret > 0 && outlen != NULL)
+        *outlen = ret;
+    return ret > 0;
 }
 
 static int rsakem_generate(void *vprsactx, unsigned char *out, size_t *outlen,
diff --git a/deps/openssl/openssl/providers/implementations/keymgmt/dsa_kmgmt.c b/deps/openssl/openssl/providers/implementations/keymgmt/dsa_kmgmt.c
index 2f5742cfcc07ce..e3c3fd6916ed37 100644
--- a/deps/openssl/openssl/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/deps/openssl/openssl/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -426,7 +426,7 @@ static void *dsa_gen_init(void *provctx, int selection,
         gctx->hindex = 0;
     }
     if (!dsa_gen_set_params(gctx, params)) {
-        OPENSSL_free(gctx);
+        dsa_gen_cleanup(gctx);
         gctx = NULL;
     }
     return gctx;
diff --git a/deps/openssl/openssl/providers/implementations/keymgmt/ecx_kmgmt.c b/deps/openssl/openssl/providers/implementations/keymgmt/ecx_kmgmt.c
index 987d38456fba41..94e62f755c20de 100644
--- a/deps/openssl/openssl/providers/implementations/keymgmt/ecx_kmgmt.c
+++ b/deps/openssl/openssl/providers/implementations/keymgmt/ecx_kmgmt.c
@@ -487,7 +487,7 @@ static void *ecx_gen_init(void *provctx, int selection,
         gctx->selection = selection;
     }
     if (!ecx_gen_set_params(gctx, params)) {
-        OPENSSL_free(gctx);
+        ecx_gen_cleanup(gctx);
         gctx = NULL;
     }
     return gctx;
diff --git a/deps/openssl/openssl/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/deps/openssl/openssl/providers/implementations/keymgmt/mac_legacy_kmgmt.c
index 1fae4407fca609..b02a0a91c6f661 100644
--- a/deps/openssl/openssl/providers/implementations/keymgmt/mac_legacy_kmgmt.c
+++ b/deps/openssl/openssl/providers/implementations/keymgmt/mac_legacy_kmgmt.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -399,7 +399,7 @@ static void *mac_gen_init(void *provctx, int selection,
     struct mac_gen_ctx *gctx = mac_gen_init_common(provctx, selection);
 
     if (gctx != NULL && !mac_gen_set_params(gctx, params)) {
-        OPENSSL_free(gctx);
+        mac_gen_cleanup(gctx);
         gctx = NULL;
     }
     return gctx;
@@ -411,7 +411,7 @@ static void *cmac_gen_init(void *provctx, int selection,
     struct mac_gen_ctx *gctx = mac_gen_init_common(provctx, selection);
 
     if (gctx != NULL && !cmac_gen_set_params(gctx, params)) {
-        OPENSSL_free(gctx);
+        mac_gen_cleanup(gctx);
         gctx = NULL;
     }
     return gctx;
diff --git a/deps/openssl/openssl/providers/implementations/signature/eddsa_sig.c b/deps/openssl/openssl/providers/implementations/signature/eddsa_sig.c
index c78f1fbb5fa6bf..9ec910af2527e7 100644
--- a/deps/openssl/openssl/providers/implementations/signature/eddsa_sig.c
+++ b/deps/openssl/openssl/providers/implementations/signature/eddsa_sig.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -133,6 +133,7 @@ static int eddsa_digest_signverify_init(void *vpeddsactx, const char *mdname,
         /* Should never happen */
         ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
         ossl_ecx_key_free(edkey);
+        WPACKET_cleanup(&pkt);
         return 0;
     }
     if (ret && WPACKET_finish(&pkt)) {
diff --git a/deps/openssl/openssl/providers/implementations/storemgmt/file_store.c b/deps/openssl/openssl/providers/implementations/storemgmt/file_store.c
index bb8b2ab8625a1e..3049a9c81133cc 100644
--- a/deps/openssl/openssl/providers/implementations/storemgmt/file_store.c
+++ b/deps/openssl/openssl/providers/implementations/storemgmt/file_store.c
@@ -238,7 +238,7 @@ static void *file_open(void *provctx, const char *uri)
 #ifdef _WIN32
         /* Windows file: URIs with a drive letter start with a / */
         if (p[0] == '/' && p[2] == ':' && p[3] == '/') {
-            char c = tolower(p[1]);
+            char c = tolower((unsigned char)p[1]);
 
             if (c >= 'a' && c <= 'z') {
                 p++;
diff --git a/deps/openssl/openssl/ssl/build.info b/deps/openssl/openssl/ssl/build.info
index d99835c9a0dad8..0851357f81eba5 100644
--- a/deps/openssl/openssl/ssl/build.info
+++ b/deps/openssl/openssl/ssl/build.info
@@ -37,11 +37,8 @@ IF[{- !$disabled{'deprecated-3.0'} -}]
   SHARED_SOURCE[../libssl]=s3_cbc.c
   SOURCE[../libssl]=ssl_rsa_legacy.c
 ENDIF
-DEFINE[../libssl]=$AESDEF
 
-IF[{- !$disabled{quic} -}]
-  SOURCE[../libssl]=ssl_quic.c statem/statem_quic.c
-ENDIF
+DEFINE[../libssl]=$AESDEF
 
 SOURCE[../providers/libcommon.a]=record/tls_pad.c
 SOURCE[../providers/libdefault.a ../providers/libfips.a]=s3_cbc.c
diff --git a/deps/openssl/openssl/ssl/s3_msg.c b/deps/openssl/openssl/ssl/s3_msg.c
index dd2fe040e041d5..c0f0dbc17dcc21 100644
--- a/deps/openssl/openssl/ssl/s3_msg.c
+++ b/deps/openssl/openssl/ssl/s3_msg.c
@@ -81,16 +81,6 @@ int ssl3_dispatch_alert(SSL *s)
 
     s->s3.alert_dispatch = 0;
     alertlen = 2;
-#ifndef OPENSSL_NO_QUIC
-    if (SSL_IS_QUIC(s)) {
-        if (!s->quic_method->send_alert(s, s->quic_write_level,
-                                        s->s3.send_alert[1])) {
-            ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
-        i = 1;
-    } else
-#endif
     i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3.send_alert[0], &alertlen, 1, 0,
                       &written);
     if (i <= 0) {
diff --git a/deps/openssl/openssl/ssl/ssl_ciph.c b/deps/openssl/openssl/ssl/ssl_ciph.c
index 76a1a8c967e356..9e32417e75d860 100644
--- a/deps/openssl/openssl/ssl/ssl_ciph.c
+++ b/deps/openssl/openssl/ssl/ssl_ciph.c
@@ -2240,37 +2240,3 @@ const char *OSSL_default_ciphersuites(void)
            "TLS_CHACHA20_POLY1305_SHA256:"
            "TLS_AES_128_GCM_SHA256";
 }
-
-#ifndef OPENSSL_NO_QUIC
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c)
-{
-    switch (c->algorithm2 & (0xFF << TLS1_PRF_DGST_SHIFT)) {
-    default:
-        break;
-    case TLS1_PRF_SHA1_MD5: /* TLS1_PRF */
-        return NID_md5_sha1;
-    case TLS1_PRF_SHA256:
-        return NID_sha256;
-    case TLS1_PRF_SHA384:
-        return NID_sha384;
-    case TLS1_PRF_GOST94:
-        return NID_id_GostR3411_94_prf;
-    case TLS1_PRF_GOST12_256:
-        return NID_id_GostR3411_2012_256;
-    case TLS1_PRF_GOST12_512:
-        return NID_id_GostR3411_2012_512;
-    }
-    /* TLSv1.3 ciphers don't specify separate PRF */
-    switch (c->algorithm2 & SSL_HANDSHAKE_MAC_MASK) {
-    default:
-        break;
-    case SSL_HANDSHAKE_MAC_MD5_SHA1: /* SSL_HANDSHAKE_MAC_DEFAULT */
-        return NID_md5_sha1;
-    case SSL_HANDSHAKE_MAC_SHA256:
-        return NID_sha256;
-    case SSL_HANDSHAKE_MAC_SHA384:
-        return NID_sha384;
-    }
-    return NID_undef;
-}
-#endif
diff --git a/deps/openssl/openssl/ssl/ssl_err.c b/deps/openssl/openssl/ssl/ssl_err.c
index fe0d9c280f7e55..75be692e0007b4 100644
--- a/deps/openssl/openssl/ssl/ssl_err.c
+++ b/deps/openssl/openssl/ssl/ssl_err.c
@@ -241,8 +241,6 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_PARAMETERS), "missing parameters"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_PSK_KEX_MODES_EXTENSION),
     "missing psk kex modes extension"},
-    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION),
-    "missing quic transport parameters extension"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_RSA_CERTIFICATE),
     "missing rsa certificate"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_RSA_ENCRYPTING_CERT),
@@ -550,8 +548,6 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_CIPHER_RETURNED),
     "wrong cipher returned"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_CURVE), "wrong curve"},
-    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED),
-    "wrong encryption level received"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_SIGNATURE_LENGTH),
     "wrong signature length"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_SIGNATURE_SIZE),
diff --git a/deps/openssl/openssl/ssl/ssl_lib.c b/deps/openssl/openssl/ssl/ssl_lib.c
index 2619636df88372..e628140dfae9a7 100644
--- a/deps/openssl/openssl/ssl/ssl_lib.c
+++ b/deps/openssl/openssl/ssl/ssl_lib.c
@@ -581,56 +581,7 @@ static void clear_ciphers(SSL *s)
     ssl_clear_hash_ctx(&s->write_hash);
 }
 
-#ifndef OPENSSL_NO_QUIC
 int SSL_clear(SSL *s)
-{
-    if (!SSL_clear_not_quic(s))
-        return 0;
-    return SSL_clear_quic(s);
-}
-
-int SSL_clear_quic(SSL *s)
-{
-    OPENSSL_free(s->ext.peer_quic_transport_params_draft);
-    s->ext.peer_quic_transport_params_draft = NULL;
-    s->ext.peer_quic_transport_params_draft_len = 0;
-    OPENSSL_free(s->ext.peer_quic_transport_params);
-    s->ext.peer_quic_transport_params = NULL;
-    s->ext.peer_quic_transport_params_len = 0;
-    s->quic_read_level = ssl_encryption_initial;
-    s->quic_write_level = ssl_encryption_initial;
-    s->quic_latest_level_received = ssl_encryption_initial;
-    while (s->quic_input_data_head != NULL) {
-        QUIC_DATA *qd;
-
-        qd = s->quic_input_data_head;
-        s->quic_input_data_head = qd->next;
-        OPENSSL_free(qd);
-    }
-    s->quic_input_data_tail = NULL;
-    BUF_MEM_free(s->quic_buf);
-    s->quic_buf = NULL;
-    s->quic_next_record_start = 0;
-    memset(s->client_hand_traffic_secret, 0, EVP_MAX_MD_SIZE);
-    memset(s->server_hand_traffic_secret, 0, EVP_MAX_MD_SIZE);
-    memset(s->client_early_traffic_secret, 0, EVP_MAX_MD_SIZE);
-    /*
-     * CONFIG - DON'T CLEAR
-     * s->ext.quic_transport_params
-     * s->ext.quic_transport_params_len
-     * s->quic_transport_version
-     * s->quic_method = NULL;
-     */
-    return 1;
-}
-#endif
-
-/* Keep this conditional very local */
-#ifndef OPENSSL_NO_QUIC
-int SSL_clear_not_quic(SSL *s)
-#else
-int SSL_clear(SSL *s)
-#endif
 {
     if (s->method == NULL) {
         ERR_raise(ERR_LIB_SSL, SSL_R_NO_METHOD_SPECIFIED);
@@ -905,10 +856,6 @@ SSL *SSL_new(SSL_CTX *ctx)
 
     s->job = NULL;
 
-#ifndef OPENSSL_NO_QUIC
-    s->quic_method = ctx->quic_method;
-#endif
-
 #ifndef OPENSSL_NO_CT
     if (!SSL_set_ct_validation_callback(s, ctx->ct_validation_callback,
                                         ctx->ct_validation_callback_arg))
@@ -1306,20 +1253,6 @@ void SSL_free(SSL *s)
     OPENSSL_free(s->pha_context);
     EVP_MD_CTX_free(s->pha_dgst);
 
-#ifndef OPENSSL_NO_QUIC
-    OPENSSL_free(s->ext.quic_transport_params);
-    OPENSSL_free(s->ext.peer_quic_transport_params_draft);
-    OPENSSL_free(s->ext.peer_quic_transport_params);
-    BUF_MEM_free(s->quic_buf);
-    while (s->quic_input_data_head != NULL) {
-        QUIC_DATA *qd;
-
-        qd = s->quic_input_data_head;
-        s->quic_input_data_head = qd->next;
-        OPENSSL_free(qd);
-    }
-#endif
-
     sk_X509_NAME_pop_free(s->ca_names, X509_NAME_free);
     sk_X509_NAME_pop_free(s->client_ca_names, X509_NAME_free);
 
@@ -1919,12 +1852,6 @@ static int ssl_io_intern(void *vargs)
 
 int ssl_read_internal(SSL *s, void *buf, size_t num, size_t *readbytes)
 {
-#ifndef OPENSSL_NO_QUIC
-    if (SSL_IS_QUIC(s)) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
-    }
-#endif
     if (s->handshake_func == NULL) {
         ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED);
         return -1;
@@ -2056,12 +1983,6 @@ int SSL_get_early_data_status(const SSL *s)
 
 static int ssl_peek_internal(SSL *s, void *buf, size_t num, size_t *readbytes)
 {
-#ifndef OPENSSL_NO_QUIC
-    if (SSL_IS_QUIC(s)) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
-    }
-#endif
     if (s->handshake_func == NULL) {
         ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED);
         return -1;
@@ -2122,12 +2043,6 @@ int SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *readbytes)
 
 int ssl_write_internal(SSL *s, const void *buf, size_t num, size_t *written)
 {
-#ifndef OPENSSL_NO_QUIC
-    if (SSL_IS_QUIC(s)) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
-    }
-#endif
     if (s->handshake_func == NULL) {
         ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED);
         return -1;
@@ -3960,11 +3875,6 @@ int SSL_get_error(const SSL *s, int i)
     }
 
     if (SSL_want_read(s)) {
-#ifndef OPENSSL_NO_QUIC
-        if (SSL_IS_QUIC(s)) {
-            return SSL_ERROR_WANT_READ;
-        }
-#endif
         bio = SSL_get_rbio(s);
         if (BIO_should_read(bio))
             return SSL_ERROR_WANT_READ;
@@ -4064,21 +3974,6 @@ int SSL_do_handshake(SSL *s)
             ret = s->handshake_func(s);
         }
     }
-#ifndef OPENSSL_NO_QUIC
-    if (SSL_IS_QUIC(s) && ret == 1) {
-        if (s->server) {
-            if (s->early_data_state == SSL_EARLY_DATA_ACCEPTING) {
-                s->early_data_state = SSL_EARLY_DATA_FINISHED_READING;
-                s->rwstate = SSL_READING;
-                ret = 0;
-            }
-        } else if (s->early_data_state == SSL_EARLY_DATA_CONNECTING) {
-            s->early_data_state = SSL_EARLY_DATA_WRITE_RETRY;
-            s->rwstate = SSL_READING;
-            ret = 0;
-        }
-    }
-#endif
     return ret;
 }
 
diff --git a/deps/openssl/openssl/ssl/ssl_local.h b/deps/openssl/openssl/ssl/ssl_local.h
index 51c4a77a9ed7c5..5fb1feb801635a 100644
--- a/deps/openssl/openssl/ssl/ssl_local.h
+++ b/deps/openssl/openssl/ssl/ssl_local.h
@@ -337,13 +337,6 @@
 /* Flag used on OpenSSL ciphersuite ids to indicate they are for SSLv3+ */
 # define SSL3_CK_CIPHERSUITE_FLAG                0x03000000
 
-/* Check if an SSL structure is using QUIC (which uses TLSv1.3) */
-# ifndef OPENSSL_NO_QUIC
-#  define SSL_IS_QUIC(s)  (s->quic_method != NULL)
-# else
-#  define SSL_IS_QUIC(s) 0
-# endif
-
 /* Check if an SSL structure is using DTLS */
 # define SSL_IS_DTLS(s)  (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
 
@@ -773,8 +766,6 @@ typedef enum tlsext_index_en {
     TLSEXT_IDX_cryptopro_bug,
     TLSEXT_IDX_early_data,
     TLSEXT_IDX_certificate_authorities,
-    TLSEXT_IDX_quic_transport_parameters_draft,
-    TLSEXT_IDX_quic_transport_parameters,
     TLSEXT_IDX_padding,
     TLSEXT_IDX_psk,
     /* Dummy index - must always be the last entry */
@@ -1214,25 +1205,10 @@ struct ssl_ctx_st {
     uint32_t disabled_mac_mask;
     uint32_t disabled_mkey_mask;
     uint32_t disabled_auth_mask;
-
-#ifndef OPENSSL_NO_QUIC
-    const SSL_QUIC_METHOD *quic_method;
-#endif
 };
 
 typedef struct cert_pkey_st CERT_PKEY;
 
-#ifndef OPENSSL_NO_QUIC
-struct quic_data_st {
-    struct quic_data_st *next;
-    OSSL_ENCRYPTION_LEVEL level;
-    size_t start;       /* offset into quic_buf->data */
-    size_t length;
-};
-typedef struct quic_data_st QUIC_DATA;
-int quic_set_encryption_secrets(SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-#endif
-
 struct ssl_st {
     /*
      * protocol version (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION,
@@ -1492,11 +1468,6 @@ struct ssl_st {
     unsigned char handshake_traffic_hash[EVP_MAX_MD_SIZE];
     unsigned char client_app_traffic_secret[EVP_MAX_MD_SIZE];
     unsigned char server_app_traffic_secret[EVP_MAX_MD_SIZE];
-# ifndef OPENSSL_NO_QUIC
-    unsigned char client_hand_traffic_secret[EVP_MAX_MD_SIZE];
-    unsigned char server_hand_traffic_secret[EVP_MAX_MD_SIZE];
-    unsigned char client_early_traffic_secret[EVP_MAX_MD_SIZE];
-# endif
     unsigned char exporter_master_secret[EVP_MAX_MD_SIZE];
     unsigned char early_exporter_master_secret[EVP_MAX_MD_SIZE];
     EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
@@ -1709,35 +1680,8 @@ struct ssl_st {
          * selected.
          */
         int tick_identity;
-
-#ifndef OPENSSL_NO_QUIC
-        uint8_t *quic_transport_params;
-        size_t quic_transport_params_len;
-        uint8_t *peer_quic_transport_params_draft;
-        size_t peer_quic_transport_params_draft_len;
-        uint8_t *peer_quic_transport_params;
-        size_t peer_quic_transport_params_len;
-#endif
     } ext;
 
-#ifndef OPENSSL_NO_QUIC
-    OSSL_ENCRYPTION_LEVEL quic_read_level;
-    OSSL_ENCRYPTION_LEVEL quic_write_level;
-    OSSL_ENCRYPTION_LEVEL quic_latest_level_received;
-    BUF_MEM *quic_buf;          /* buffer incoming handshake messages */
-    /*
-     * defaults to 0, but can be set to:
-     * - TLSEXT_TYPE_quic_transport_parameters_draft
-     * - TLSEXT_TYPE_quic_transport_parameters
-     * Client: if 0, send both
-     * Server: if 0, use same version as client sent
-     */
-    int quic_transport_version;
-    QUIC_DATA *quic_input_data_head;
-    QUIC_DATA *quic_input_data_tail;
-    size_t quic_next_record_start;
-    const SSL_QUIC_METHOD *quic_method;
-#endif
     /*
      * Parsed form of the ClientHello, kept around across client_hello_cb
      * calls.
@@ -2867,11 +2811,6 @@ void custom_exts_free(custom_ext_methods *exts);
 
 void ssl_comp_free_compression_methods_int(void);
 
-#ifndef OPENSSL_NO_QUIC
-__owur int SSL_clear_not_quic(SSL *s);
-__owur int SSL_clear_quic(SSL *s);
-#endif
-
 /* ssl_mcnf.c */
 void ssl_ctx_system_config(SSL_CTX *ctx);
 
diff --git a/deps/openssl/openssl/ssl/ssl_quic.c b/deps/openssl/openssl/ssl/ssl_quic.c
deleted file mode 100644
index 987c1e740ca714..00000000000000
--- a/deps/openssl/openssl/ssl/ssl_quic.c
+++ /dev/null
@@ -1,378 +0,0 @@
-/*
- * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include "ssl_local.h"
-#include "internal/cryptlib.h"
-#include "internal/refcount.h"
-
-int SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params,
-                                  size_t params_len)
-{
-    uint8_t *tmp;
-
-    if (params == NULL || params_len == 0) {
-        tmp = NULL;
-        params_len = 0;
-    } else {
-        tmp = OPENSSL_memdup(params, params_len);
-        if (tmp == NULL)
-            return 0;
-    }
-
-    OPENSSL_free(ssl->ext.quic_transport_params);
-    ssl->ext.quic_transport_params = tmp;
-    ssl->ext.quic_transport_params_len = params_len;
-    return 1;
-}
-
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len)
-{
-    if (ssl->ext.peer_quic_transport_params_len) {
-        *out_params = ssl->ext.peer_quic_transport_params;
-        *out_params_len = ssl->ext.peer_quic_transport_params_len;
-    } else {
-        *out_params = ssl->ext.peer_quic_transport_params_draft;
-        *out_params_len = ssl->ext.peer_quic_transport_params_draft_len;
-    }
-}
-
-/* Returns the negotiated version, or -1 on error */
-int SSL_get_peer_quic_transport_version(const SSL *ssl)
-{
-    if (ssl->ext.peer_quic_transport_params_len != 0
-            && ssl->ext.peer_quic_transport_params_draft_len != 0)
-        return -1;
-    if (ssl->ext.peer_quic_transport_params_len != 0)
-        return TLSEXT_TYPE_quic_transport_parameters;
-    if (ssl->ext.peer_quic_transport_params_draft_len != 0)
-        return TLSEXT_TYPE_quic_transport_parameters_draft;
-
-    return -1;
-}
-
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy)
-{
-    if (use_legacy)
-        ssl->quic_transport_version = TLSEXT_TYPE_quic_transport_parameters_draft;
-    else
-        ssl->quic_transport_version = TLSEXT_TYPE_quic_transport_parameters;
-}
-
-void SSL_set_quic_transport_version(SSL *ssl, int version)
-{
-    ssl->quic_transport_version = version;
-}
-
-int SSL_get_quic_transport_version(const SSL *ssl)
-{
-    return ssl->quic_transport_version;
-}
-
-size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level)
-{
-    /*
-     * Limits flights to 16K by default when there are no large
-     * (certificate-carrying) messages.
-     */
-    static const size_t DEFAULT_FLIGHT_LIMIT = 16384;
-
-    switch (level) {
-    case ssl_encryption_initial:
-        return DEFAULT_FLIGHT_LIMIT;
-    case ssl_encryption_early_data:
-        /* QUIC does not send EndOfEarlyData. */
-        return 0;
-    case ssl_encryption_handshake:
-        if (ssl->server) {
-            /*
-             * Servers may receive Certificate message if configured to request
-             * client certificates.
-             */
-            if ((ssl->verify_mode & SSL_VERIFY_PEER)
-                    && ssl->max_cert_list > DEFAULT_FLIGHT_LIMIT)
-                return ssl->max_cert_list;
-        } else {
-            /*
-             * Clients may receive both Certificate message and a CertificateRequest
-             * message.
-             */
-            if (2*ssl->max_cert_list > DEFAULT_FLIGHT_LIMIT)
-                return 2 * ssl->max_cert_list;
-        }
-        return DEFAULT_FLIGHT_LIMIT;
-    case ssl_encryption_application:
-        return DEFAULT_FLIGHT_LIMIT;
-    }
-
-    return 0;
-}
-
-OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl)
-{
-    return ssl->quic_read_level;
-}
-
-OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl)
-{
-    return ssl->quic_write_level;
-}
-
-int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                          const uint8_t *data, size_t len)
-{
-    size_t l, offset;
-
-    if (!SSL_IS_QUIC(ssl)) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-
-    /* Level can be different than the current read, but not less */
-    if (level < ssl->quic_read_level
-            || (ssl->quic_input_data_tail != NULL && level < ssl->quic_input_data_tail->level)
-            || level < ssl->quic_latest_level_received) {
-        ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED);
-        return 0;
-    }
-
-    if (len == 0)
-        return 1;
-
-    if (ssl->quic_buf == NULL) {
-        BUF_MEM *buf;
-        if ((buf = BUF_MEM_new()) == NULL) {
-            ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
-        if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
-            ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
-            BUF_MEM_free(buf);
-            return 0;
-        }
-        ssl->quic_buf = buf;
-        /* We preallocated storage, but there's still no *data*. */
-        ssl->quic_buf->length = 0;
-        buf = NULL;
-    }
-
-    /* A TLS message must not cross an encryption level boundary */
-    if (ssl->quic_buf->length != ssl->quic_next_record_start
-            && level != ssl->quic_latest_level_received) {
-        ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED);
-        return 0;
-    }
-    ssl->quic_latest_level_received = level;
-
-    offset = ssl->quic_buf->length;
-    if (!BUF_MEM_grow(ssl->quic_buf, offset + len)) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-    memcpy(ssl->quic_buf->data + offset, data, len);
-
-    /* Split on handshake message boundaries */
-    while (ssl->quic_buf->length > ssl->quic_next_record_start
-                                   + SSL3_HM_HEADER_LENGTH) {
-        QUIC_DATA *qd;
-        const uint8_t *p;
-
-        /* TLS Handshake message header has 1-byte type and 3-byte length */
-        p = (const uint8_t *)ssl->quic_buf->data
-            + ssl->quic_next_record_start + 1;
-        n2l3(p, l);
-        l += SSL3_HM_HEADER_LENGTH;
-        /* Don't allocate a QUIC_DATA if we don't have a full record */
-        if (l > ssl->quic_buf->length - ssl->quic_next_record_start)
-            break;
-
-        qd = OPENSSL_zalloc(sizeof(*qd));
-        if (qd == NULL) {
-            ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
-
-        qd->next = NULL;
-        qd->length = l;
-        qd->start = ssl->quic_next_record_start;
-        qd->level = level;
-
-        if (ssl->quic_input_data_tail != NULL)
-            ssl->quic_input_data_tail->next = qd;
-        else
-            ssl->quic_input_data_head = qd;
-        ssl->quic_input_data_tail = qd;
-        ssl->quic_next_record_start += l;
-    }
-
-    return 1;
-}
-
-int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method)
-{
-    if (ctx->method->version != TLS_ANY_VERSION)
-        return 0;
-    ctx->quic_method = quic_method;
-    ctx->options &= ~SSL_OP_ENABLE_MIDDLEBOX_COMPAT;
-    return 1;
-}
-
-int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method)
-{
-    if (ssl->method->version != TLS_ANY_VERSION)
-        return 0;
-    ssl->quic_method = quic_method;
-    ssl->options &= ~SSL_OP_ENABLE_MIDDLEBOX_COMPAT;
-    return 1;
-}
-
-int quic_set_encryption_secrets(SSL *ssl, OSSL_ENCRYPTION_LEVEL level)
-{
-    uint8_t *c2s_secret = NULL;
-    uint8_t *s2c_secret = NULL;
-    size_t len;
-    const EVP_MD *md;
-
-    if (!SSL_IS_QUIC(ssl))
-        return 1;
-
-    /* secrets from the POV of the client */
-    switch (level) {
-    case ssl_encryption_early_data:
-        c2s_secret = ssl->client_early_traffic_secret;
-        break;
-    case ssl_encryption_handshake:
-        c2s_secret = ssl->client_hand_traffic_secret;
-        s2c_secret = ssl->server_hand_traffic_secret;
-        break;
-    case ssl_encryption_application:
-        c2s_secret = ssl->client_app_traffic_secret;
-        s2c_secret = ssl->server_app_traffic_secret;
-        break;
-    default:
-        return 1;
-    }
-
-    if (level == ssl_encryption_early_data) {
-        const SSL_CIPHER *c = SSL_SESSION_get0_cipher(ssl->session);
-        if (ssl->early_data_state == SSL_EARLY_DATA_CONNECTING
-                && ssl->max_early_data > 0
-                && ssl->session->ext.max_early_data == 0) {
-            if (!ossl_assert(ssl->psksession != NULL
-                    && ssl->max_early_data ==
-                       ssl->psksession->ext.max_early_data)) {
-                SSLfatal(ssl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-                return 0;
-            }
-            c = SSL_SESSION_get0_cipher(ssl->psksession);
-        }
-
-        if (c == NULL) {
-            SSLfatal(ssl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
-
-        md = ssl_md(ssl->ctx, c->algorithm2);
-    } else {
-        md = ssl_handshake_md(ssl);
-        if (md == NULL) {
-            /* May not have selected cipher, yet */
-            const SSL_CIPHER *c = NULL;
-
-            /*
-             * It probably doesn't make sense to use an (external) PSK session,
-             * but in theory some kinds of external session caches could be
-             * implemented using it, so allow psksession to be used as well as
-             * the regular session.
-             */
-            if (ssl->session != NULL)
-                c = SSL_SESSION_get0_cipher(ssl->session);
-            else if (ssl->psksession != NULL)
-                c = SSL_SESSION_get0_cipher(ssl->psksession);
-
-            if (c != NULL)
-                md = SSL_CIPHER_get_handshake_digest(c);
-        }
-    }
-
-    if ((len = EVP_MD_size(md)) <= 0) {
-        SSLfatal(ssl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-
-    if (ssl->server) {
-        if (!ssl->quic_method->set_encryption_secrets(ssl, level, c2s_secret,
-                                                      s2c_secret, len)) {
-            SSLfatal(ssl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
-    } else {
-        if (!ssl->quic_method->set_encryption_secrets(ssl, level, s2c_secret,
-                                                      c2s_secret, len)) {
-            SSLfatal(ssl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
-    }
-
-    return 1;
-}
-
-int SSL_process_quic_post_handshake(SSL *ssl)
-{
-    int ret;
-
-    if (SSL_in_init(ssl) || !SSL_IS_QUIC(ssl)) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-
-    /* if there is no data, return success as BoringSSL */
-    while (ssl->quic_input_data_head != NULL) {
-        /*
-         * This is always safe (we are sure to be at a record boundary) because
-         * SSL_read()/SSL_write() are never used for QUIC connections -- the
-         * application data is handled at the QUIC layer instead.
-         */
-        ossl_statem_set_in_init(ssl, 1);
-        ret = ssl->handshake_func(ssl);
-        ossl_statem_set_in_init(ssl, 0);
-
-        if (ret <= 0)
-            return 0;
-    }
-    return 1;
-}
-
-int SSL_is_quic(SSL* ssl)
-{
-    return SSL_IS_QUIC(ssl);
-}
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled)
-{
-    if (!SSL_is_quic(ssl) || !SSL_in_before(ssl))
-        return;
-
-    if (!enabled) {
-      ssl->early_data_state = SSL_EARLY_DATA_NONE;
-      return;
-    }
-
-    if (ssl->server) {
-        ssl->early_data_state = SSL_EARLY_DATA_ACCEPTING;
-        return;
-    }
-
-    if ((ssl->session == NULL || ssl->session->ext.max_early_data == 0)
-            && ssl->psk_use_session_cb == NULL)
-        return;
-
-    ssl->early_data_state = SSL_EARLY_DATA_CONNECTING;
-}
diff --git a/deps/openssl/openssl/ssl/statem/extensions.c b/deps/openssl/openssl/ssl/statem/extensions.c
index ed78744119e209..f8157389b7f18b 100644
--- a/deps/openssl/openssl/ssl/statem/extensions.c
+++ b/deps/openssl/openssl/ssl/statem/extensions.c
@@ -59,11 +59,6 @@ static int final_early_data(SSL *s, unsigned int context, int sent);
 static int final_maxfragmentlen(SSL *s, unsigned int context, int sent);
 static int init_post_handshake_auth(SSL *s, unsigned int context);
 static int final_psk(SSL *s, unsigned int context, int sent);
-#ifndef OPENSSL_NO_QUIC
-static int init_quic_transport_params(SSL *s, unsigned int context);
-static int final_quic_transport_params_draft(SSL *s, unsigned int context, int sent);
-static int final_quic_transport_params(SSL *s, unsigned int context, int sent);
-#endif
 
 /* Structure to define a built-in extension */
 typedef struct extensions_definition_st {
@@ -375,29 +370,6 @@ static const EXTENSION_DEFINITION ext_defs[] = {
         tls_construct_certificate_authorities,
         tls_construct_certificate_authorities, NULL,
     },
-#ifndef OPENSSL_NO_QUIC
-    {
-        TLSEXT_TYPE_quic_transport_parameters_draft,
-        SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS
-        | SSL_EXT_TLS_IMPLEMENTATION_ONLY | SSL_EXT_TLS1_3_ONLY,
-        init_quic_transport_params,
-        tls_parse_ctos_quic_transport_params_draft, tls_parse_stoc_quic_transport_params_draft,
-        tls_construct_stoc_quic_transport_params_draft, tls_construct_ctos_quic_transport_params_draft,
-        final_quic_transport_params_draft,
-    },
-    {
-        TLSEXT_TYPE_quic_transport_parameters,
-        SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS
-        | SSL_EXT_TLS_IMPLEMENTATION_ONLY | SSL_EXT_TLS1_3_ONLY,
-        init_quic_transport_params,
-        tls_parse_ctos_quic_transport_params, tls_parse_stoc_quic_transport_params,
-        tls_construct_stoc_quic_transport_params, tls_construct_ctos_quic_transport_params,
-        final_quic_transport_params,
-    },
-#else
-    INVALID_EXTENSION,
-    INVALID_EXTENSION,
-#endif
     {
         /* Must be immediately before pre_shared_key */
         TLSEXT_TYPE_padding,
@@ -1750,44 +1722,3 @@ static int final_psk(SSL *s, unsigned int context, int sent)
 
     return 1;
 }
-
-#ifndef OPENSSL_NO_QUIC
-static int init_quic_transport_params(SSL *s, unsigned int context)
-{
-    return 1;
-}
-
-static int final_quic_transport_params_draft(SSL *s, unsigned int context,
-                                             int sent)
-{
-    return 1;
-}
-
-static int final_quic_transport_params(SSL *s, unsigned int context, int sent)
-{
-    /* called after final_quic_transport_params_draft */
-    if (SSL_IS_QUIC(s)) {
-        if (s->ext.peer_quic_transport_params_len == 0
-                && s->ext.peer_quic_transport_params_draft_len == 0) {
-            SSLfatal(s, SSL_AD_MISSING_EXTENSION,
-                     SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION);
-            return 0;
-        }
-        /* if we got both, discard the one we can't use */
-        if (s->ext.peer_quic_transport_params_len != 0
-                && s->ext.peer_quic_transport_params_draft_len != 0) {
-            if (s->quic_transport_version == TLSEXT_TYPE_quic_transport_parameters_draft) {
-                OPENSSL_free(s->ext.peer_quic_transport_params);
-                s->ext.peer_quic_transport_params = NULL;
-                s->ext.peer_quic_transport_params_len = 0;
-            } else {
-                OPENSSL_free(s->ext.peer_quic_transport_params_draft);
-                s->ext.peer_quic_transport_params_draft = NULL;
-                s->ext.peer_quic_transport_params_draft_len = 0;
-            }
-        }
-    }
-
-    return 1;
-}
-#endif
diff --git a/deps/openssl/openssl/ssl/statem/extensions_clnt.c b/deps/openssl/openssl/ssl/statem/extensions_clnt.c
index 3b0781fc71c70e..ced88f77ba3c30 100644
--- a/deps/openssl/openssl/ssl/statem/extensions_clnt.c
+++ b/deps/openssl/openssl/ssl/statem/extensions_clnt.c
@@ -1196,47 +1196,7 @@ EXT_RETURN tls_construct_ctos_post_handshake_auth(SSL *s, WPACKET *pkt,
 #endif
 }
 
-#ifndef OPENSSL_NO_QUIC
-EXT_RETURN tls_construct_ctos_quic_transport_params_draft(SSL *s, WPACKET *pkt,
-                                                          unsigned int context, X509 *x,
-                                                          size_t chainidx)
-{
-    if (s->quic_transport_version == TLSEXT_TYPE_quic_transport_parameters
-            || s->ext.quic_transport_params == NULL
-            || s->ext.quic_transport_params_len == 0) {
-        return EXT_RETURN_NOT_SENT;
-    }
-
-    if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_quic_transport_parameters_draft)
-        || !WPACKET_sub_memcpy_u16(pkt, s->ext.quic_transport_params,
-                                   s->ext.quic_transport_params_len)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-        return EXT_RETURN_FAIL;
-    }
-
-    return EXT_RETURN_SENT;
-}
 
-EXT_RETURN tls_construct_ctos_quic_transport_params(SSL *s, WPACKET *pkt,
-                                                    unsigned int context, X509 *x,
-                                                    size_t chainidx)
-{
-    if (s->quic_transport_version == TLSEXT_TYPE_quic_transport_parameters_draft
-            || s->ext.quic_transport_params == NULL
-            || s->ext.quic_transport_params_len == 0) {
-        return EXT_RETURN_NOT_SENT;
-    }
-
-    if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_quic_transport_parameters)
-        || !WPACKET_sub_memcpy_u16(pkt, s->ext.quic_transport_params,
-                                   s->ext.quic_transport_params_len)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-        return EXT_RETURN_FAIL;
-    }
-
-    return EXT_RETURN_SENT;
-}
-#endif
 /*
  * Parse the server's renegotiation binding and abort if it's not right
  */
@@ -1964,17 +1924,6 @@ int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context,
             return 0;
         }
 
-#ifndef OPENSSL_NO_QUIC
-        /*
-         * QUIC server must send 0xFFFFFFFF or it's a PROTOCOL_VIOLATION
-         * per RFC9001 S4.6.1
-         */
-        if (SSL_IS_QUIC(s) && max_early_data != 0xFFFFFFFF) {
-            SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_INVALID_MAX_EARLY_DATA);
-            return 0;
-        }
-#endif
-
         s->session->ext.max_early_data = max_early_data;
 
         return 1;
@@ -2057,37 +2006,3 @@ int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
 
     return 1;
 }
-#ifndef OPENSSL_NO_QUIC
-int tls_parse_stoc_quic_transport_params_draft(SSL *s, PACKET *pkt,
-                                               unsigned int context, X509 *x,
-                                               size_t chainidx)
-{
-    OPENSSL_free(s->ext.peer_quic_transport_params_draft);
-    s->ext.peer_quic_transport_params_draft = NULL;
-    s->ext.peer_quic_transport_params_draft_len = 0;
-
-    if (!PACKET_memdup(pkt,
-                       &s->ext.peer_quic_transport_params_draft,
-                       &s->ext.peer_quic_transport_params_draft_len)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-    return 1;
-}
-
-int tls_parse_stoc_quic_transport_params(SSL *s, PACKET *pkt, unsigned int context,
-                                         X509 *x, size_t chainidx)
-{
-    OPENSSL_free(s->ext.peer_quic_transport_params);
-    s->ext.peer_quic_transport_params = NULL;
-    s->ext.peer_quic_transport_params_len = 0;
-
-    if (!PACKET_memdup(pkt,
-                       &s->ext.peer_quic_transport_params,
-                       &s->ext.peer_quic_transport_params_len)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-    return 1;
-}
-#endif
diff --git a/deps/openssl/openssl/ssl/statem/extensions_srvr.c b/deps/openssl/openssl/ssl/statem/extensions_srvr.c
index 546d11dd1f73af..72c00574be6863 100644
--- a/deps/openssl/openssl/ssl/statem/extensions_srvr.c
+++ b/deps/openssl/openssl/ssl/statem/extensions_srvr.c
@@ -1083,7 +1083,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
 
             if (sesstmp == NULL) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-                return 0;
+                goto err;
             }
             SSL_SESSION_free(sess);
             sess = sesstmp;
@@ -1237,40 +1237,6 @@ int tls_parse_ctos_post_handshake_auth(SSL *s, PACKET *pkt,
     return 1;
 }
 
-#ifndef OPENSSL_NO_QUIC
-int tls_parse_ctos_quic_transport_params_draft(SSL *s, PACKET *pkt, unsigned int context,
-                                               X509 *x, size_t chainidx)
-{
-    OPENSSL_free(s->ext.peer_quic_transport_params_draft);
-    s->ext.peer_quic_transport_params_draft = NULL;
-    s->ext.peer_quic_transport_params_draft_len = 0;
-
-    if (!PACKET_memdup(pkt,
-                       &s->ext.peer_quic_transport_params_draft,
-                       &s->ext.peer_quic_transport_params_draft_len)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-    return 1;
-}
-
-int tls_parse_ctos_quic_transport_params(SSL *s, PACKET *pkt, unsigned int context,
-                                         X509 *x, size_t chainidx)
-{
-    OPENSSL_free(s->ext.peer_quic_transport_params);
-    s->ext.peer_quic_transport_params = NULL;
-    s->ext.peer_quic_transport_params_len = 0;
-
-    if (!PACKET_memdup(pkt,
-                       &s->ext.peer_quic_transport_params,
-                       &s->ext.peer_quic_transport_params_len)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-    return 1;
-}
-#endif
-
 /*
  * Add the server's renegotiation binding
  */
@@ -1911,20 +1877,12 @@ EXT_RETURN tls_construct_stoc_early_data(SSL *s, WPACKET *pkt,
                                          size_t chainidx)
 {
     if (context == SSL_EXT_TLS1_3_NEW_SESSION_TICKET) {
-        uint32_t max_early_data = s->max_early_data;
-
-        if (max_early_data == 0)
+        if (s->max_early_data == 0)
             return EXT_RETURN_NOT_SENT;
 
-#ifndef OPENSSL_NO_QUIC
-        /* QUIC server must always send 0xFFFFFFFF, per RFC9001 S4.6.1 */
-        if (SSL_IS_QUIC(s))
-            max_early_data = 0xFFFFFFFF;
-#endif
-
         if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_early_data)
                 || !WPACKET_start_sub_packet_u16(pkt)
-                || !WPACKET_put_bytes_u32(pkt, max_early_data)
+                || !WPACKET_put_bytes_u32(pkt, s->max_early_data)
                 || !WPACKET_close(pkt)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
             return EXT_RETURN_FAIL;
@@ -1962,48 +1920,3 @@ EXT_RETURN tls_construct_stoc_psk(SSL *s, WPACKET *pkt, unsigned int context,
 
     return EXT_RETURN_SENT;
 }
-
-#ifndef OPENSSL_NO_QUIC
-EXT_RETURN tls_construct_stoc_quic_transport_params_draft(SSL *s, WPACKET *pkt,
-                                                          unsigned int context,
-                                                          X509 *x,
-                                                          size_t chainidx)
-{
-    if (s->quic_transport_version == TLSEXT_TYPE_quic_transport_parameters
-            || s->ext.peer_quic_transport_params_draft_len == 0
-            || s->ext.quic_transport_params == NULL
-            || s->ext.quic_transport_params_len == 0) {
-        return EXT_RETURN_NOT_SENT;
-    }
-
-    if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_quic_transport_parameters_draft)
-        || !WPACKET_sub_memcpy_u16(pkt, s->ext.quic_transport_params,
-                                   s->ext.quic_transport_params_len)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-        return EXT_RETURN_FAIL;
-    }
-
-    return EXT_RETURN_SENT;
-}
-
-EXT_RETURN tls_construct_stoc_quic_transport_params(SSL *s, WPACKET *pkt,
-                                                    unsigned int context, X509 *x,
-                                                    size_t chainidx)
-{
-    if (s->quic_transport_version == TLSEXT_TYPE_quic_transport_parameters_draft
-            || s->ext.peer_quic_transport_params_len == 0
-            || s->ext.quic_transport_params == NULL
-            || s->ext.quic_transport_params_len == 0) {
-        return EXT_RETURN_NOT_SENT;
-    }
-
-    if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_quic_transport_parameters)
-        || !WPACKET_sub_memcpy_u16(pkt, s->ext.quic_transport_params,
-                                   s->ext.quic_transport_params_len)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-        return EXT_RETURN_FAIL;
-    }
-
-    return EXT_RETURN_SENT;
-}
-#endif
diff --git a/deps/openssl/openssl/ssl/statem/statem.c b/deps/openssl/openssl/ssl/statem/statem.c
index d80d4da2038d1b..553546d93a411f 100644
--- a/deps/openssl/openssl/ssl/statem/statem.c
+++ b/deps/openssl/openssl/ssl/statem/statem.c
@@ -334,13 +334,8 @@ static int state_machine(SSL *s, int server)
          * If we are stateless then we already called SSL_clear() - don't do
          * it again and clear the STATELESS flag itself.
          */
-#ifndef OPENSSL_NO_QUIC
-        if ((s->s3.flags & TLS1_FLAGS_STATELESS) == 0 && !SSL_clear_not_quic(s))
-            return -1;
-#else
         if ((s->s3.flags & TLS1_FLAGS_STATELESS) == 0 && !SSL_clear(s))
             return -1;
-#endif
     }
 #ifndef OPENSSL_NO_SCTP
     if (SSL_IS_DTLS(s) && BIO_dgram_is_sctp(SSL_get_wbio(s))) {
@@ -588,11 +583,6 @@ static SUB_STATE_RETURN read_state_machine(SSL *s)
                  * In DTLS we get the whole message in one go - header and body
                  */
                 ret = dtls_get_message(s, &mt);
-#ifndef OPENSSL_NO_QUIC
-            } else if (SSL_IS_QUIC(s)) {
-                /* QUIC behaves like DTLS -- all in one go. */
-                ret = quic_get_message(s, &mt);
-#endif
             } else {
                 ret = tls_get_message_header(s, &mt);
             }
@@ -622,8 +612,8 @@ static SUB_STATE_RETURN read_state_machine(SSL *s)
                 return SUB_STATE_ERROR;
             }
 
-            /* dtls_get_message/quic_get_message already did this */
-            if (!SSL_IS_DTLS(s) && !SSL_IS_QUIC(s)
+            /* dtls_get_message already did this */
+            if (!SSL_IS_DTLS(s)
                     && s->s3.tmp.message_size > 0
                     && !grow_init_buf(s, s->s3.tmp.message_size
                                          + SSL3_HM_HEADER_LENGTH)) {
@@ -641,10 +631,6 @@ static SUB_STATE_RETURN read_state_machine(SSL *s)
                  * opportunity to do any further processing.
                  */
                 ret = dtls_get_message_body(s, &len);
-#ifndef OPENSSL_NO_QUIC
-            } else if (SSL_IS_QUIC(s)) {
-                ret = quic_get_message_body(s, &len);
-#endif
             } else {
                 ret = tls_get_message_body(s, &len);
             }
@@ -935,14 +921,6 @@ static SUB_STATE_RETURN write_state_machine(SSL *s)
 int statem_flush(SSL *s)
 {
     s->rwstate = SSL_WRITING;
-#ifndef OPENSSL_NO_QUIC
-    if (SSL_IS_QUIC(s)) {
-        if (!s->quic_method->flush_flight(s)) {
-            ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
-    } else
-#endif
     if (BIO_flush(s->wbio) <= 0) {
         return 0;
     }
diff --git a/deps/openssl/openssl/ssl/statem/statem_clnt.c b/deps/openssl/openssl/ssl/statem/statem_clnt.c
index 9d925091b6c618..3cd1ee2d3dfe1f 100644
--- a/deps/openssl/openssl/ssl/statem/statem_clnt.c
+++ b/deps/openssl/openssl/ssl/statem/statem_clnt.c
@@ -904,14 +904,6 @@ int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt,
         break;
 
     case TLS_ST_CW_END_OF_EARLY_DATA:
-#ifndef OPENSSL_NO_QUIC
-        /* QUIC does not send EndOfEarlyData, RFC9001 S8.3 */
-        if (SSL_IS_QUIC(s)) {
-            *confunc = NULL;
-            *mt = SSL3_MT_DUMMY;
-            break;
-        }
-#endif
         *confunc = tls_construct_end_of_early_data;
         *mt = SSL3_MT_END_OF_EARLY_DATA;
         break;
diff --git a/deps/openssl/openssl/ssl/statem/statem_lib.c b/deps/openssl/openssl/ssl/statem/statem_lib.c
index 121929b06f4062..6f0eaa5d6c0d21 100644
--- a/deps/openssl/openssl/ssl/statem/statem_lib.c
+++ b/deps/openssl/openssl/ssl/statem/statem_lib.c
@@ -45,29 +45,8 @@ int ssl3_do_write(SSL *s, int type)
     int ret;
     size_t written = 0;
 
-#ifndef OPENSSL_NO_QUIC
-    if (SSL_IS_QUIC(s)) {
-        if (type == SSL3_RT_HANDSHAKE) {
-            ret = s->quic_method->add_handshake_data(s, s->quic_write_level,
-                                                     (const uint8_t*)&s->init_buf->data[s->init_off],
-                                                     s->init_num);
-            if (!ret) {
-                ret = -1;
-                /* QUIC can't sent anything out sice the above failed */
-                ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
-            } else {
-                written = s->init_num;
-            }
-        } else {
-            /* QUIC doesn't use ChangeCipherSpec */
-            ret = -1;
-            ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        }
-    } else
-#endif
-        ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off],
-                               s->init_num, &written);
-
+    ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off],
+                           s->init_num, &written);
     if (ret <= 0)
         return -1;
     if (type == SSL3_RT_HANDSHAKE)
@@ -666,13 +645,6 @@ int tls_construct_finished(SSL *s, WPACKET *pkt)
 
 int tls_construct_key_update(SSL *s, WPACKET *pkt)
 {
-#ifndef OPENSSL_NO_QUIC
-    if (SSL_is_quic(s)) {
-        /* TLS KeyUpdate is not used for QUIC, so this is an error. */
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-#endif
     if (!WPACKET_put_bytes_u8(pkt, s->key_update)) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
         return 0;
@@ -695,13 +667,6 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt)
         return MSG_PROCESS_ERROR;
     }
 
-#ifndef OPENSSL_NO_QUIC
-    if (SSL_is_quic(s)) {
-        SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
-        return MSG_PROCESS_ERROR;
-    }
-#endif
-
     if (!PACKET_get_1(pkt, &updatetype)
             || PACKET_remaining(pkt) != 0) {
         SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_KEY_UPDATE);
diff --git a/deps/openssl/openssl/ssl/statem/statem_local.h b/deps/openssl/openssl/ssl/statem/statem_local.h
index 4203c084e8749b..ad4d93b1e27989 100644
--- a/deps/openssl/openssl/ssl/statem/statem_local.h
+++ b/deps/openssl/openssl/ssl/statem/statem_local.h
@@ -104,10 +104,6 @@ __owur int tls_get_message_header(SSL *s, int *mt);
 __owur int tls_get_message_body(SSL *s, size_t *len);
 __owur int dtls_get_message(SSL *s, int *mt);
 __owur int dtls_get_message_body(SSL *s, size_t *len);
-#ifndef OPENSSL_NO_QUIC
-__owur int quic_get_message(SSL *s, int *mt);
-__owur int quic_get_message_body(SSL *s, size_t *len);
-#endif
 
 /* Message construction and processing functions */
 __owur int tls_process_initial_server_flight(SSL *s);
@@ -255,14 +251,6 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
                        size_t chainidx);
 int tls_parse_ctos_post_handshake_auth(SSL *, PACKET *pkt, unsigned int context,
                                        X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_QUIC
-int tls_parse_ctos_quic_transport_params_draft(SSL *s, PACKET *pkt,
-                                               unsigned int context, X509 *x,
-                                               size_t chainidx);
-
-int tls_parse_ctos_quic_transport_params(SSL *s, PACKET *pkt, unsigned int context,
-                                         X509 *x, size_t chainidx);
-#endif
 
 EXT_RETURN tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt,
                                           unsigned int context, X509 *x,
@@ -323,16 +311,6 @@ EXT_RETURN tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt,
                                             size_t chainidx);
 EXT_RETURN tls_construct_stoc_psk(SSL *s, WPACKET *pkt, unsigned int context,
                                   X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_QUIC
-EXT_RETURN tls_construct_stoc_quic_transport_params_draft(SSL *s, WPACKET *pkt,
-                                                          unsigned int context,
-                                                          X509 *x,
-                                                          size_t chainidx);
-
-EXT_RETURN tls_construct_stoc_quic_transport_params(SSL *s, WPACKET *pkt,
-                                                    unsigned int context, X509 *x,
-                                                    size_t chainidx);
-#endif
 
 /* Client Extension processing */
 EXT_RETURN tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, unsigned int context,
@@ -402,15 +380,6 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
                                   X509 *x, size_t chainidx);
 EXT_RETURN tls_construct_ctos_post_handshake_auth(SSL *s, WPACKET *pkt, unsigned int context,
                                                   X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_QUIC
-EXT_RETURN tls_construct_ctos_quic_transport_params_draft(SSL *s, WPACKET *pkt,
-                                                          unsigned int context, X509 *x,
-                                                          size_t chainidx);
-
-EXT_RETURN tls_construct_ctos_quic_transport_params(SSL *s, WPACKET *pkt,
-                                                    unsigned int context, X509 *x,
-                                                    size_t chainidx);
-#endif
 
 int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, unsigned int context,
                                X509 *x, size_t chainidx);
@@ -454,14 +423,6 @@ int tls_parse_stoc_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
                        size_t chainidx);
 int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
                        size_t chainidx);
-#ifndef OPENSSL_NO_QUIC
-int tls_parse_stoc_quic_transport_params_draft(SSL *s, PACKET *pkt,
-                                               unsigned int context, X509 *x,
-                                               size_t chainidx);
-
-int tls_parse_stoc_quic_transport_params(SSL *s, PACKET *pkt, unsigned int context,
-                                         X509 *x, size_t chainidx);
-#endif
 
 int tls_handle_alpn(SSL *s);
 
diff --git a/deps/openssl/openssl/ssl/statem/statem_quic.c b/deps/openssl/openssl/ssl/statem/statem_quic.c
deleted file mode 100644
index 7bd329c2421546..00000000000000
--- a/deps/openssl/openssl/ssl/statem/statem_quic.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include "../ssl_local.h"
-#include "statem_local.h"
-#include "internal/cryptlib.h"
-
-int quic_get_message(SSL *s, int *mt)
-{
-    size_t l;
-    QUIC_DATA *qd = s->quic_input_data_head;
-    uint8_t *p;
-
-    if (qd == NULL) {
-        s->rwstate = SSL_READING;
-        *mt = 0;
-        return 0;
-    }
-
-    if (!ossl_assert(qd->length >= SSL3_HM_HEADER_LENGTH)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_BAD_LENGTH);
-        *mt = 0;
-        return 0;
-    }
-
-    /* This is where we check for the proper level, not when data is given */
-    if (qd->level != s->quic_read_level) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_WRONG_ENCRYPTION_LEVEL_RECEIVED);
-        *mt = 0;
-        return 0;
-    }
-
-    if (!BUF_MEM_grow_clean(s->init_buf, (int)qd->length)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_BUF_LIB);
-        *mt = 0;
-        return 0;
-    }
-
-    /* Copy buffered data */
-    memcpy(s->init_buf->data, s->quic_buf->data + qd->start, qd->length);
-    s->init_buf->length = qd->length;
-    s->quic_input_data_head = qd->next;
-    if (s->quic_input_data_head == NULL)
-        s->quic_input_data_tail = NULL;
-    OPENSSL_free(qd);
-
-    s->s3.tmp.message_type = *mt = *(s->init_buf->data);
-    p = (uint8_t*)s->init_buf->data + 1;
-    n2l3(p, l);
-    s->init_num = s->s3.tmp.message_size = l;
-    s->init_msg = s->init_buf->data + SSL3_HM_HEADER_LENGTH;
-
-    return 1;
-}
-
-int quic_get_message_body(SSL *s, size_t *len)
-{
-    /* No CCS in QUIC/TLSv1.3? */
-    if (s->s3.tmp.message_type == SSL3_MT_CHANGE_CIPHER_SPEC) {
-        SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_CCS_RECEIVED_EARLY);
-        *len = 0;
-        return 0;
-    }
-    /* No KeyUpdate in QUIC */
-    if (s->s3.tmp.message_type == SSL3_MT_KEY_UPDATE) {
-        SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
-        *len = 0;
-        return 0;
-    }
-
-    /*
-     * If receiving Finished, record MAC of prior handshake messages for
-     * Finished verification.
-     */
-    if (s->s3.tmp.message_type == SSL3_MT_FINISHED && !ssl3_take_mac(s)) {
-        /* SSLfatal() already called */
-        *len = 0;
-        return 0;
-    }
-
-    /*
-     * We defer feeding in the HRR until later. We'll do it as part of
-     * processing the message
-     * The TLsv1.3 handshake transcript stops at the ClientFinished
-     * message.
-     */
-#define SERVER_HELLO_RANDOM_OFFSET  (SSL3_HM_HEADER_LENGTH + 2)
-    /* KeyUpdate and NewSessionTicket do not need to be added */
-    if (s->s3.tmp.message_type != SSL3_MT_NEWSESSION_TICKET
-            && s->s3.tmp.message_type != SSL3_MT_KEY_UPDATE) {
-        if (s->s3.tmp.message_type != SSL3_MT_SERVER_HELLO
-            || s->init_num < SERVER_HELLO_RANDOM_OFFSET + SSL3_RANDOM_SIZE
-            || memcmp(hrrrandom,
-                      s->init_buf->data + SERVER_HELLO_RANDOM_OFFSET,
-                      SSL3_RANDOM_SIZE) != 0) {
-            if (!ssl3_finish_mac(s, (unsigned char *)s->init_buf->data,
-                                 s->init_num + SSL3_HM_HEADER_LENGTH)) {
-                /* SSLfatal() already called */
-                *len = 0;
-                return 0;
-            }
-        }
-    }
-    if (s->msg_callback)
-        s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data,
-                        (size_t)s->init_num + SSL3_HM_HEADER_LENGTH, s,
-                        s->msg_callback_arg);
-
-    *len = s->init_num;
-    return 1;
-}
diff --git a/deps/openssl/openssl/ssl/statem/statem_srvr.c b/deps/openssl/openssl/ssl/statem/statem_srvr.c
index 92e4f793ab24e9..7d7c198bd63f9e 100644
--- a/deps/openssl/openssl/ssl/statem/statem_srvr.c
+++ b/deps/openssl/openssl/ssl/statem/statem_srvr.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -74,8 +74,7 @@ static int ossl_statem_server13_read_transition(SSL *s, int mt)
                 return 1;
             }
             break;
-        } else if (s->ext.early_data == SSL_EARLY_DATA_ACCEPTED
-                   && !SSL_IS_QUIC(s)) {
+        } else if (s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) {
             if (mt == SSL3_MT_END_OF_EARLY_DATA) {
                 st->hand_state = TLS_ST_SR_END_OF_EARLY_DATA;
                 return 1;
@@ -964,16 +963,6 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst)
                         SSL3_CC_APPLICATION | SSL3_CHANGE_CIPHER_SERVER_WRITE))
             /* SSLfatal() already called */
             return WORK_ERROR;
-
-#ifndef OPENSSL_NO_QUIC
-            if (SSL_IS_QUIC(s) && s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) {
-                s->early_data_state = SSL_EARLY_DATA_FINISHED_READING;
-                if (!s->method->ssl3_enc->change_cipher_state(
-                        s, SSL3_CC_HANDSHAKE | SSL3_CHANGE_CIPHER_SERVER_READ))
-                    /* SSLfatal() already called */
-                    return WORK_ERROR;
-            }
-#endif
         }
         break;
 
@@ -1566,15 +1555,6 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
                 goto err;
             }
         }
-#ifndef OPENSSL_NO_QUIC
-        if (SSL_IS_QUIC(s)) {
-            /* Any other QUIC checks on ClientHello here */
-            if (clienthello->session_id_len > 0) {
-                SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_LENGTH_MISMATCH);
-                goto err;
-            }
-        }
-#endif
     }
 
     if (!PACKET_copy_all(&compression, clienthello->compressions,
@@ -3005,7 +2985,7 @@ static int tls_process_cke_dhe(SSL *s, PACKET *pkt)
     }
 
     if (!EVP_PKEY_set1_encoded_public_key(ckey, data, i)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+        SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE);
         goto err;
     }
 
@@ -3059,7 +3039,7 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt)
         }
 
         if (EVP_PKEY_set1_encoded_public_key(ckey, data, i) <= 0) {
-            SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EC_LIB);
+            SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE);
             goto err;
         }
     }
diff --git a/deps/openssl/openssl/ssl/tls13_enc.c b/deps/openssl/openssl/ssl/tls13_enc.c
index 33cf79199fe79d..ddcff5eb89119c 100644
--- a/deps/openssl/openssl/ssl/tls13_enc.c
+++ b/deps/openssl/openssl/ssl/tls13_enc.c
@@ -400,231 +400,27 @@ static int derive_secret_key_and_iv(SSL *s, int sending, const EVP_MD *md,
     return 1;
 }
 
+int tls13_change_cipher_state(SSL *s, int which)
+{
 #ifdef CHARSET_EBCDIC
-static const unsigned char client_early_traffic[]       = {0x63, 0x20, 0x65, 0x20,       /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
-static const unsigned char client_handshake_traffic[]   = {0x63, 0x20, 0x68, 0x73, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
-static const unsigned char client_application_traffic[] = {0x63, 0x20, 0x61, 0x70, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
-static const unsigned char server_handshake_traffic[]   = {0x73, 0x20, 0x68, 0x73, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
-static const unsigned char server_application_traffic[] = {0x73, 0x20, 0x61, 0x70, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
-static const unsigned char exporter_master_secret[] = {0x65, 0x78, 0x70, 0x20,                    /* master*/  0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
-static const unsigned char resumption_master_secret[] = {0x72, 0x65, 0x73, 0x20,                  /* master*/  0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
-static const unsigned char early_exporter_master_secret[] = {0x65, 0x20, 0x65, 0x78, 0x70, 0x20,  /* master*/  0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
+  static const unsigned char client_early_traffic[]       = {0x63, 0x20, 0x65, 0x20,       /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+  static const unsigned char client_handshake_traffic[]   = {0x63, 0x20, 0x68, 0x73, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+  static const unsigned char client_application_traffic[] = {0x63, 0x20, 0x61, 0x70, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+  static const unsigned char server_handshake_traffic[]   = {0x73, 0x20, 0x68, 0x73, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+  static const unsigned char server_application_traffic[] = {0x73, 0x20, 0x61, 0x70, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+  static const unsigned char exporter_master_secret[] = {0x65, 0x78, 0x70, 0x20,                    /* master*/  0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
+  static const unsigned char resumption_master_secret[] = {0x72, 0x65, 0x73, 0x20,                  /* master*/  0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
+  static const unsigned char early_exporter_master_secret[] = {0x65, 0x20, 0x65, 0x78, 0x70, 0x20,  /* master*/  0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
 #else
-static const unsigned char client_early_traffic[] = "c e traffic";
-static const unsigned char client_handshake_traffic[] = "c hs traffic";
-static const unsigned char client_application_traffic[] = "c ap traffic";
-static const unsigned char server_handshake_traffic[] = "s hs traffic";
-static const unsigned char server_application_traffic[] = "s ap traffic";
-static const unsigned char exporter_master_secret[] = "exp master";
-static const unsigned char resumption_master_secret[] = "res master";
-static const unsigned char early_exporter_master_secret[] = "e exp master";
+    static const unsigned char client_early_traffic[] = "c e traffic";
+    static const unsigned char client_handshake_traffic[] = "c hs traffic";
+    static const unsigned char client_application_traffic[] = "c ap traffic";
+    static const unsigned char server_handshake_traffic[] = "s hs traffic";
+    static const unsigned char server_application_traffic[] = "s ap traffic";
+    static const unsigned char exporter_master_secret[] = "exp master";
+    static const unsigned char resumption_master_secret[] = "res master";
+    static const unsigned char early_exporter_master_secret[] = "e exp master";
 #endif
-
-#ifndef OPENSSL_NO_QUIC
-static int quic_change_cipher_state(SSL *s, int which)
-{
-    unsigned char hash[EVP_MAX_MD_SIZE];
-    size_t hashlen = 0;
-    int hashleni;
-    int ret = 0;
-    const EVP_MD *md = NULL;
-    OSSL_ENCRYPTION_LEVEL level;
-    int is_handshake = ((which & SSL3_CC_HANDSHAKE) == SSL3_CC_HANDSHAKE);
-    int is_client_read = ((which & SSL3_CHANGE_CIPHER_CLIENT_READ) == SSL3_CHANGE_CIPHER_CLIENT_READ);
-    int is_server_write = ((which & SSL3_CHANGE_CIPHER_SERVER_WRITE) == SSL3_CHANGE_CIPHER_SERVER_WRITE);
-    int is_early = (which & SSL3_CC_EARLY);
-
-    if (is_early) {
-        EVP_MD_CTX *mdctx = NULL;
-        long handlen;
-        void *hdata;
-        unsigned int hashlenui;
-        const SSL_CIPHER *sslcipher = SSL_SESSION_get0_cipher(s->session);
-
-        handlen = BIO_get_mem_data(s->s3.handshake_buffer, &hdata);
-        if (handlen <= 0) {
-            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_BAD_HANDSHAKE_LENGTH);
-            goto err;
-        }
-
-        if (s->early_data_state == SSL_EARLY_DATA_CONNECTING
-                && s->max_early_data > 0
-                && s->session->ext.max_early_data == 0) {
-            /*
-             * If we are attempting to send early data, and we've decided to
-             * actually do it but max_early_data in s->session is 0 then we
-             * must be using an external PSK.
-             */
-            if (!ossl_assert(s->psksession != NULL
-                    && s->max_early_data ==
-                       s->psksession->ext.max_early_data)) {
-                SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            sslcipher = SSL_SESSION_get0_cipher(s->psksession);
-        }
-        if (sslcipher == NULL) {
-            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_BAD_PSK);
-            goto err;
-        }
-
-        /*
-         * We need to calculate the handshake digest using the digest from
-         * the session. We haven't yet selected our ciphersuite so we can't
-         * use ssl_handshake_md().
-         */
-        mdctx = EVP_MD_CTX_new();
-        if (mdctx == NULL) {
-            SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        md = ssl_md(s->ctx, sslcipher->algorithm2);
-        if (md == NULL || !EVP_DigestInit_ex(mdctx, md, NULL)
-                || !EVP_DigestUpdate(mdctx, hdata, handlen)
-                || !EVP_DigestFinal_ex(mdctx, hash, &hashlenui)) {
-            SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-            EVP_MD_CTX_free(mdctx);
-            goto err;
-        }
-        hashlen = hashlenui;
-        EVP_MD_CTX_free(mdctx);
-    } else {
-        md = ssl_handshake_md(s);
-        if (!ssl3_digest_cached_records(s, 1)
-                || !ssl_handshake_hash(s, hash, sizeof(hash), &hashlen)) {
-            /* SSLfatal() already called */;
-            goto err;
-        }
-
-        /* Ensure cast to size_t is safe */
-        hashleni = EVP_MD_size(md);
-        if (!ossl_assert(hashleni >= 0)) {
-            SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
-            goto err;
-        }
-        hashlen = (size_t)hashleni;
-    }
-
-    if (is_client_read || is_server_write) {
-        if (is_handshake) {
-            /*
-             * This looks a bit weird, since the condition is basically "the
-             * server is writing" but we set both the server *and* client
-             * handshake traffic keys here.  That's because there's only a fixed
-             * number of change-cipher-state events in the TLS 1.3 handshake,
-             * and in particular there's not an event in between when the server
-             * writes encrypted handshake messages and when the client writes
-             * encrypted handshake messages, so we generate both here.
-             */
-            level = ssl_encryption_handshake;
-
-            if (!tls13_hkdf_expand(s, md, s->handshake_secret,
-                                   client_handshake_traffic,
-                                   sizeof(client_handshake_traffic)-1, hash,
-                                   hashlen, s->client_hand_traffic_secret,
-                                   hashlen, 1)
-                || !ssl_log_secret(s, CLIENT_HANDSHAKE_LABEL,
-                                   s->client_hand_traffic_secret, hashlen)
-                || !tls13_derive_finishedkey(s, md,
-                                             s->client_hand_traffic_secret,
-                                             s->client_finished_secret, hashlen)
-                || !tls13_hkdf_expand(s, md, s->handshake_secret,
-                                      server_handshake_traffic,
-                                      sizeof(server_handshake_traffic)-1, hash,
-                                      hashlen, s->server_hand_traffic_secret,
-                                      hashlen, 1)
-                || !ssl_log_secret(s, SERVER_HANDSHAKE_LABEL,
-                                   s->server_hand_traffic_secret, hashlen)
-                || !tls13_derive_finishedkey(s, md,
-                                             s->server_hand_traffic_secret,
-                                             s->server_finished_secret,
-                                             hashlen)) {
-                /* SSLfatal() already called */
-                goto err;
-            }
-        } else {
-            /*
-             * As above, we generate both sets of application traffic keys at
-             * the same time.
-             */
-            level = ssl_encryption_application;
-
-            if (!tls13_hkdf_expand(s, md, s->master_secret,
-                                   client_application_traffic,
-                                   sizeof(client_application_traffic)-1, hash,
-                                   hashlen, s->client_app_traffic_secret,
-                                   hashlen, 1)
-                || !ssl_log_secret(s, CLIENT_APPLICATION_LABEL,
-                                   s->client_app_traffic_secret, hashlen)
-                || !tls13_hkdf_expand(s, md, s->master_secret,
-                                      server_application_traffic,
-                                      sizeof(server_application_traffic)-1,
-                                      hash, hashlen,
-                                      s->server_app_traffic_secret, hashlen, 1)
-                || !ssl_log_secret(s, SERVER_APPLICATION_LABEL,
-                                   s->server_app_traffic_secret, hashlen)) {
-                /* SSLfatal() already called */
-                goto err;
-            }
-        }
-        if (!quic_set_encryption_secrets(s, level)) {
-            /* SSLfatal() already called */
-            goto err;
-        }
-        if (s->server)
-            s->quic_write_level = level;
-        else
-            s->quic_read_level = level;
-    } else {
-        /* is_client_write || is_server_read */
-
-        if (is_early) {
-            level = ssl_encryption_early_data;
-
-            if (!tls13_hkdf_expand(s, md, s->early_secret, client_early_traffic,
-                                   sizeof(client_early_traffic)-1, hash,
-                                   hashlen, s->client_early_traffic_secret,
-                                   hashlen, 1)
-                || !ssl_log_secret(s, CLIENT_EARLY_LABEL,
-                                   s->client_early_traffic_secret, hashlen)
-                || !quic_set_encryption_secrets(s, level)) {
-                /* SSLfatal() already called */
-                goto err;
-            }
-        } else if (is_handshake) {
-            level = ssl_encryption_handshake;
-        } else {
-            level = ssl_encryption_application;
-            /*
-             * We also create the resumption master secret, but this time use the
-             * hash for the whole handshake including the Client Finished
-             */
-            if (!tls13_hkdf_expand(s, md, s->master_secret,
-                                   resumption_master_secret,
-                                   sizeof(resumption_master_secret)-1, hash,
-                                   hashlen, s->resumption_master_secret,
-                                   hashlen, 1)) {
-                /* SSLfatal() already called */
-                goto err;
-            }
-        }
-
-        if (level != ssl_encryption_early_data) {
-            if (s->server)
-                s->quic_read_level = level;
-            else
-                s->quic_write_level = level;
-        }
-    }
-
-    ret = 1;
- err:
-    return ret;
-}
-#endif /* OPENSSL_NO_QUIC */
-
-int tls13_change_cipher_state(SSL *s, int which)
-{
     unsigned char *iv;
     unsigned char key[EVP_MAX_KEY_LENGTH];
     unsigned char secret[EVP_MAX_MD_SIZE];
@@ -645,11 +441,6 @@ int tls13_change_cipher_state(SSL *s, int which)
     BIO *bio;
 #endif
 
-#ifndef OPENSSL_NO_QUIC
-    if (SSL_IS_QUIC(s))
-        return quic_change_cipher_state(s, which);
-#endif
-
     if (which & SSL3_CC_READ) {
         if (s->enc_read_ctx != NULL) {
             EVP_CIPHER_CTX_reset(s->enc_read_ctx);
@@ -941,7 +732,6 @@ int tls13_change_cipher_state(SSL *s, int which)
 skip_ktls:
 # endif
 #endif
-
     ret = 1;
  err:
     if ((which & SSL3_CC_EARLY) != 0) {
diff --git a/deps/openssl/openssl/test/acvp_test.c b/deps/openssl/openssl/test/acvp_test.c
index fee880d441b0d5..eccf9d90a021a9 100644
--- a/deps/openssl/openssl/test/acvp_test.c
+++ b/deps/openssl/openssl/test/acvp_test.c
@@ -1251,7 +1251,7 @@ static int rsa_decryption_primitive_test(int id)
     BN_CTX *bn_ctx = NULL;
     const struct rsa_decrypt_prim_st *tst  = &rsa_decrypt_prim_data[id];
 
-    if (!TEST_ptr(pkey = EVP_PKEY_Q_keygen(libctx, NULL, "RSA", 2048))
+    if (!TEST_ptr(pkey = EVP_PKEY_Q_keygen(libctx, NULL, "RSA", (size_t)2048))
         || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, &n, &n_len))
         || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_E, &e, &e_len))
         || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, ""))
diff --git a/deps/openssl/openssl/test/bio_pw_callback_test.c b/deps/openssl/openssl/test/bio_pw_callback_test.c
new file mode 100644
index 00000000000000..e11368454a8c9f
--- /dev/null
+++ b/deps/openssl/openssl/test/bio_pw_callback_test.c
@@ -0,0 +1,402 @@
+/*
+ * Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "testutil.h"
+
+#include <openssl/bio.h>
+#include <openssl/pem.h>
+
+/* dummy data that needs to be passed to the callback */
+typedef struct CallbackData {
+    char magic;
+    int result;
+} CALLBACK_DATA;
+
+/* constants */
+static const char weak_password[] = "weak_password";
+static const char a0a_password[] = "aaaaaaaa\0aaaaaaaa";
+static const char a0b_password[] = "aaaaaaaa\0bbbbbbbb";
+static const char cb_magic = 'p';
+
+/* shared working data for all tests */
+static char *key_file = NULL;
+static EVP_PKEY *original_pkey = NULL;
+
+/* the test performed by the callback */
+typedef enum CallbackTest {
+    CB_TEST_NEGATIVE = 0,
+    CB_TEST_ZERO_LENGTH,
+    CB_TEST_WEAK,
+    CB_TEST_16ZERO,
+    CB_TEST_A0A,
+    CB_TEST_A0B,
+    CB_TEST_MATCH_SIZE,
+    CB_TEST_EXCEED_SIZE
+} CALLBACK_TEST;
+static CALLBACK_TEST callback_test = CB_TEST_NEGATIVE;
+
+typedef enum KeyEncoding {
+    KE_PEM = 0,
+    KE_PKCS8
+} KEY_ENCODING;
+
+typedef enum ExpectedResult {
+    ER_FAILURE = 0,
+    ER_SUCCESS
+} EXPECTED_RESULT;
+
+typedef enum OPTION_choice {
+    OPT_ERR = -1,
+    OPT_EOF = 0,
+    OPT_KEY_FILE,
+    OPT_TEST_ENUM
+} OPTION_CHOICE;
+
+const OPTIONS *test_get_options(void)
+{
+    static const OPTIONS test_options[] = {
+        OPT_TEST_OPTIONS_DEFAULT_USAGE,
+        { "keyfile", OPT_KEY_FILE, '<',
+          "The PEM file with the encrypted key to load" },
+        { NULL }
+    };
+    return test_options;
+}
+
+static int callback_copy_password(char *buf, int size)
+{
+    int ret = -1;
+
+    switch (callback_test) {
+    case CB_TEST_NEGATIVE:
+        break;
+    case CB_TEST_ZERO_LENGTH:
+        ret = 0;
+        break;
+    case CB_TEST_WEAK:
+        ret = sizeof(weak_password) - 1;
+        memcpy(buf, weak_password, ret);
+        break;
+    case CB_TEST_16ZERO:
+        memset(buf, 0, 16);
+        ret = 16;
+        break;
+    case CB_TEST_A0A:
+        ret = sizeof(a0a_password) - 1;
+        memcpy(buf, a0a_password, ret);
+        break;
+    case CB_TEST_A0B:
+        ret = sizeof(a0b_password) - 1;
+        memcpy(buf, a0b_password, ret);
+        break;
+    case CB_TEST_MATCH_SIZE:
+        memset(buf, 'e', size);
+        ret = size;
+        break;
+    case CB_TEST_EXCEED_SIZE:
+        memset(buf, 'e', size);
+        ret = 1000000;
+        break;
+    }
+    return ret;
+}
+
+static int read_callback(char *buf, int size, int rwflag, void *u)
+{
+    CALLBACK_DATA *cb_data = (CALLBACK_DATA *)u;
+    int ret = -1;
+
+    /* basic verification of the received data */
+    if (!TEST_ptr(cb_data))
+        goto err;
+    if (!TEST_char_eq(cb_data->magic, cb_magic))
+        goto err;
+    if (!TEST_ptr(buf))
+        goto err;
+    if (!TEST_int_gt(size, 0))
+        goto err;
+    if (!TEST_int_eq(rwflag, 0))
+        goto err;
+    ret = callback_copy_password(buf, size);
+    cb_data->result = 1;
+err:
+    return ret;
+}
+
+static int write_callback(char *buf, int size, int rwflag, void *u)
+{
+    CALLBACK_DATA *cb_data = (CALLBACK_DATA *)u;
+    int ret = -1;
+
+    /* basic verification of the received data */
+    if (!TEST_ptr(cb_data))
+        goto err;
+    if (!TEST_char_eq(cb_data->magic, cb_magic))
+        goto err;
+    if (!TEST_ptr(buf))
+        goto err;
+    if (!TEST_int_gt(size, 0))
+        goto err;
+    if (!TEST_int_eq(rwflag, 1))
+        goto err;
+    ret = callback_copy_password(buf, size);
+    cb_data->result = 1;
+err:
+    return ret;
+}
+
+static int re_encrypt_key(char **enc_data, int *enc_data_size,
+                          KEY_ENCODING key_encoding)
+{
+    CALLBACK_DATA cb_data;
+    int w_ret = 0;
+    BUF_MEM *bptr = NULL;
+    BIO *bio = NULL;
+    int ret = 0;
+
+    if (!TEST_ptr(enc_data))
+        goto err;
+    if (!TEST_ptr(enc_data_size))
+        goto err;
+    if (!TEST_ptr(bio = BIO_new(BIO_s_mem())))
+        goto err;
+    cb_data.magic = cb_magic;
+    cb_data.result = 0;
+    switch (key_encoding) {
+    case KE_PEM:
+        w_ret = PEM_write_bio_PrivateKey(bio, original_pkey, EVP_aes_256_cbc(),
+                                         NULL, 0, write_callback, &cb_data);
+        break;
+    case KE_PKCS8:
+        w_ret = i2d_PKCS8PrivateKey_bio(bio, original_pkey, EVP_aes_256_cbc(),
+                                        NULL, 0, write_callback, &cb_data);
+        break;
+    }
+    if (!TEST_int_ne(w_ret, 0))
+        goto err;
+    if (!TEST_char_eq(cb_data.magic, cb_magic))
+        goto err;
+    if (!TEST_int_eq(cb_data.result, 1))
+        goto err;
+    *enc_data_size = BIO_get_mem_data(bio, enc_data);
+    BIO_get_mem_ptr(bio, &bptr);
+    if (!BIO_set_close(bio, BIO_NOCLOSE))
+        goto err;
+    bptr->data = NULL;
+    ret = 1;
+err:
+    BUF_MEM_free(bptr);
+    BIO_free(bio);
+    return ret;
+}
+
+static int decrypt_key(char *enc_data, int enc_data_size,
+                       KEY_ENCODING key_encoding,
+                       EXPECTED_RESULT expected_result)
+{
+    CALLBACK_DATA cb_data;
+    EVP_PKEY *r_ret = NULL;
+    BIO *bio = NULL;
+    EVP_PKEY *pkey = NULL;
+    int ret = 0;
+
+    if (!TEST_ptr(bio = BIO_new_mem_buf(enc_data, enc_data_size)))
+        goto err;
+    cb_data.magic = cb_magic;
+    cb_data.result = 0;
+    switch (key_encoding) {
+    case KE_PEM:
+        r_ret = PEM_read_bio_PrivateKey(bio, &pkey, read_callback, &cb_data);
+        break;
+    case KE_PKCS8:
+        r_ret = d2i_PKCS8PrivateKey_bio(bio, &pkey, read_callback, &cb_data);
+        break;
+    }
+    if (expected_result == ER_SUCCESS) {
+        if (!TEST_ptr(r_ret))
+            goto err;
+    } else {
+        if (!TEST_ptr_null(r_ret))
+            goto err;
+    }
+    if (!TEST_char_eq(cb_data.magic, cb_magic))
+        goto err;
+    if (!TEST_int_eq(cb_data.result, 1))
+        goto err;
+    ret = 1;
+err:
+    EVP_PKEY_free(pkey);
+    BIO_free(bio);
+    return ret;
+}
+
+static int full_cycle_test(KEY_ENCODING key_encoding, CALLBACK_TEST write_test,
+                           CALLBACK_TEST read_test,
+                           EXPECTED_RESULT expected_read_result)
+{
+    char *enc_data = NULL;
+    int enc_data_size = 0;
+    int ret = 0;
+
+    callback_test = write_test;
+    if (!re_encrypt_key(&enc_data, &enc_data_size, key_encoding))
+        goto err;
+    callback_test = read_test;
+    if (!decrypt_key(enc_data, enc_data_size, key_encoding,
+                     expected_read_result))
+        goto err;
+    ret = 1;
+err:
+    OPENSSL_free(enc_data);
+    return ret;
+}
+
+static int test_pem_negative(void)
+{
+    return full_cycle_test(KE_PEM, CB_TEST_WEAK, CB_TEST_NEGATIVE, ER_FAILURE);
+}
+
+static int test_pem_zero_length(void)
+{
+    return full_cycle_test(KE_PEM, CB_TEST_ZERO_LENGTH, CB_TEST_ZERO_LENGTH,
+                           ER_SUCCESS);
+}
+
+static int test_pem_weak(void)
+{
+    return full_cycle_test(KE_PEM, CB_TEST_WEAK, CB_TEST_WEAK, ER_SUCCESS);
+}
+
+static int test_pem_16zero(void)
+{
+    return full_cycle_test(KE_PEM, CB_TEST_16ZERO, CB_TEST_16ZERO, ER_SUCCESS);
+}
+
+static int test_pem_a0a(void)
+{
+    return full_cycle_test(KE_PEM, CB_TEST_A0A, CB_TEST_A0A, ER_SUCCESS);
+}
+
+static int test_pem_a0a_a0b(void)
+{
+    return full_cycle_test(KE_PEM, CB_TEST_A0A, CB_TEST_A0B, ER_FAILURE);
+}
+
+static int test_pem_match_size(void)
+{
+    return full_cycle_test(KE_PEM, CB_TEST_MATCH_SIZE, CB_TEST_MATCH_SIZE,
+                           ER_SUCCESS);
+}
+
+static int test_pem_exceed_size(void)
+{
+    return full_cycle_test(KE_PEM, CB_TEST_MATCH_SIZE, CB_TEST_EXCEED_SIZE,
+                           ER_FAILURE);
+}
+
+static int test_pkcs8_negative(void)
+{
+    return full_cycle_test(KE_PKCS8, CB_TEST_WEAK, CB_TEST_NEGATIVE, ER_FAILURE);
+}
+
+static int test_pkcs8_zero_length(void)
+{
+    return full_cycle_test(KE_PKCS8, CB_TEST_ZERO_LENGTH, CB_TEST_ZERO_LENGTH,
+                           ER_SUCCESS);
+}
+
+static int test_pkcs8_weak(void)
+{
+    return full_cycle_test(KE_PKCS8, CB_TEST_WEAK, CB_TEST_WEAK, ER_SUCCESS);
+}
+
+static int test_pkcs8_16zero(void)
+{
+    return full_cycle_test(KE_PKCS8, CB_TEST_16ZERO, CB_TEST_16ZERO,
+                           ER_SUCCESS);
+}
+
+static int test_pkcs8_a0a(void)
+{
+    return full_cycle_test(KE_PKCS8, CB_TEST_A0A, CB_TEST_A0A, ER_SUCCESS);
+}
+
+static int test_pkcs8_a0a_a0b(void)
+{
+    return full_cycle_test(KE_PKCS8, CB_TEST_A0A, CB_TEST_A0B, ER_FAILURE);
+}
+
+static int test_pkcs8_match_size(void)
+{
+    return full_cycle_test(KE_PKCS8, CB_TEST_MATCH_SIZE, CB_TEST_MATCH_SIZE,
+                           ER_SUCCESS);
+}
+
+static int test_pkcs8_exceed_size(void)
+{
+    return full_cycle_test(KE_PKCS8, CB_TEST_MATCH_SIZE, CB_TEST_EXCEED_SIZE,
+                           ER_FAILURE);
+}
+
+static int callback_original_pw(char *buf, int size, int rwflag, void *u)
+{
+    memcpy(buf, weak_password, sizeof(weak_password) - 1);
+    return sizeof(weak_password) - 1;
+}
+
+int setup_tests(void)
+{
+    OPTION_CHOICE o;
+    BIO *bio = NULL;
+
+    while ((o = opt_next()) != OPT_EOF) {
+        switch (o) {
+        case OPT_KEY_FILE:
+            key_file = opt_arg();
+            break;
+        case OPT_TEST_CASES:
+            break;
+        default:
+        case OPT_ERR:
+            return 0;
+        }
+    }
+
+    /* read the original key */
+    if (!TEST_ptr(bio = BIO_new_file(key_file, "r")))
+        return 0;
+    if (!TEST_ptr(PEM_read_bio_PrivateKey(bio, &original_pkey,
+                                          callback_original_pw, NULL)))
+        return 0;
+    BIO_free(bio);
+
+    /* add all tests */
+    ADD_TEST(test_pem_negative);
+    ADD_TEST(test_pem_zero_length);
+    ADD_TEST(test_pem_weak);
+    ADD_TEST(test_pem_16zero);
+    ADD_TEST(test_pem_a0a);
+    ADD_TEST(test_pem_a0a_a0b);
+    ADD_TEST(test_pem_match_size);
+    ADD_TEST(test_pem_exceed_size);
+    ADD_TEST(test_pkcs8_negative);
+    ADD_TEST(test_pkcs8_zero_length);
+    ADD_TEST(test_pkcs8_weak);
+    ADD_TEST(test_pkcs8_16zero);
+    ADD_TEST(test_pkcs8_a0a);
+    ADD_TEST(test_pkcs8_a0a_a0b);
+    ADD_TEST(test_pkcs8_match_size);
+    ADD_TEST(test_pkcs8_exceed_size);
+    return 1;
+}
+
+void cleanup_tests(void)
+{
+    EVP_PKEY_free(original_pkey);
+}
diff --git a/deps/openssl/openssl/test/build.info b/deps/openssl/openssl/test/build.info
index 76ff945ab8b390..6089b8c97cf87b 100644
--- a/deps/openssl/openssl/test/build.info
+++ b/deps/openssl/openssl/test/build.info
@@ -61,7 +61,7 @@ IF[{- !$disabled{tests} -}]
           keymgmt_internal_test hexstr_test provider_status_test defltfips_test \
           bio_readbuffer_test user_property_test pkcs7_test upcallstest \
           provfetchtest prov_config_test rand_test fips_version_test \
-          nodefltctxtest
+          nodefltctxtest bio_pw_callback_test
 
   IF[{- !$disabled{'deprecated-3.0'} -}]
     PROGRAMS{noinst}=enginetest
@@ -943,6 +943,10 @@ ENDIF
   INCLUDE[ssl_ctx_test]=../include ../apps/include
   DEPEND[ssl_ctx_test]=../libcrypto ../libssl libtestutil.a
 
+  SOURCE[bio_pw_callback_test]=bio_pw_callback_test.c
+  INCLUDE[bio_pw_callback_test]=../include ../apps/include
+  DEPEND[bio_pw_callback_test]=../libcrypto libtestutil.a
+
 {-
    use File::Spec::Functions;
    use File::Basename;
diff --git a/deps/openssl/openssl/test/cmactest.c b/deps/openssl/openssl/test/cmactest.c
index cb2b273b0f4ffd..72f7a0d9366ba9 100644
--- a/deps/openssl/openssl/test/cmactest.c
+++ b/deps/openssl/openssl/test/cmactest.c
@@ -196,13 +196,15 @@ static int test_cmac_copy(void)
     return ret;
 }
 
+#define OSSL_HEX_CHARS_PER_BYTE 2
 static char *pt(unsigned char *md, unsigned int len)
 {
     unsigned int i;
-    static char buf[80];
+    static char buf[81];
 
-    for (i = 0; i < len; i++)
-        sprintf(&(buf[i * 2]), "%02x", md[i]);
+    for (i = 0; i < len && (i + 1) * OSSL_HEX_CHARS_PER_BYTE < sizeof(buf); i++)
+        BIO_snprintf(buf + i * OSSL_HEX_CHARS_PER_BYTE,
+                     OSSL_HEX_CHARS_PER_BYTE + 1, "%02x", md[i]);
     return buf;
 }
 
diff --git a/deps/openssl/openssl/test/conf_include_test.c b/deps/openssl/openssl/test/conf_include_test.c
index 2481a2380b7643..f6835d59e79e7d 100644
--- a/deps/openssl/openssl/test/conf_include_test.c
+++ b/deps/openssl/openssl/test/conf_include_test.c
@@ -158,7 +158,7 @@ static int test_check_overflow(void)
     char max[(sizeof(long) * 8) / 3 + 3];
     char *p;
 
-    p = max + sprintf(max, "0%ld", LONG_MAX) - 1;
+    p = max + BIO_snprintf(max, sizeof(max), "0%ld", LONG_MAX) - 1;
     setenv("FNORD", max, 1);
     if (!TEST_true(NCONF_get_number(NULL, "missing", "FNORD", &val))
             || !TEST_long_eq(val, LONG_MAX))
diff --git a/deps/openssl/openssl/test/drbgtest.c b/deps/openssl/openssl/test/drbgtest.c
index b5122b60bdd478..afbc5511252910 100644
--- a/deps/openssl/openssl/test/drbgtest.c
+++ b/deps/openssl/openssl/test/drbgtest.c
@@ -423,7 +423,7 @@ static int test_rand_reseed_on_fork(EVP_RAND_CTX *primary,
 
         presult[0].pindex = presult[1].pindex = i;
 
-        sprintf(presult[0].name, "child %d", i);
+        BIO_snprintf(presult[0].name, sizeof(presult[0].name), "child %d", i);
         strcpy(presult[1].name, presult[0].name);
 
         /* collect the random output of the children */
diff --git a/deps/openssl/openssl/test/ec_internal_test.c b/deps/openssl/openssl/test/ec_internal_test.c
index 8c2cd05631696c..02cfd4e9d88581 100644
--- a/deps/openssl/openssl/test/ec_internal_test.c
+++ b/deps/openssl/openssl/test/ec_internal_test.c
@@ -155,6 +155,56 @@ static int field_tests_ecp_mont(void)
 }
 
 #ifndef OPENSSL_NO_EC2M
+/* Test that decoding of invalid GF2m field parameters fails. */
+static int ec2m_field_sanity(void)
+{
+    int ret = 0;
+    BN_CTX *ctx = BN_CTX_new();
+    BIGNUM *p, *a, *b;
+    EC_GROUP *group1 = NULL, *group2 = NULL, *group3 = NULL;
+
+    TEST_info("Testing GF2m hardening\n");
+
+    BN_CTX_start(ctx);
+    p = BN_CTX_get(ctx);
+    a = BN_CTX_get(ctx);
+    if (!TEST_ptr(b = BN_CTX_get(ctx))
+        || !TEST_true(BN_one(a))
+        || !TEST_true(BN_one(b)))
+        goto out;
+
+    /* Even pentanomial value should be rejected */
+    if (!TEST_true(BN_set_word(p, 0xf2)))
+        goto out;
+    if (!TEST_ptr_null(group1 = EC_GROUP_new_curve_GF2m(p, a, b, ctx)))
+        TEST_error("Zero constant term accepted in GF2m polynomial");
+
+    /* Odd hexanomial should also be rejected */
+    if (!TEST_true(BN_set_word(p, 0xf3)))
+        goto out;
+    if (!TEST_ptr_null(group2 = EC_GROUP_new_curve_GF2m(p, a, b, ctx)))
+        TEST_error("Hexanomial accepted as GF2m polynomial");
+
+    /* Excessive polynomial degree should also be rejected */
+    if (!TEST_true(BN_set_word(p, 0x71))
+        || !TEST_true(BN_set_bit(p, OPENSSL_ECC_MAX_FIELD_BITS + 1)))
+        goto out;
+    if (!TEST_ptr_null(group3 = EC_GROUP_new_curve_GF2m(p, a, b, ctx)))
+        TEST_error("GF2m polynomial degree > %d accepted",
+                   OPENSSL_ECC_MAX_FIELD_BITS);
+
+    ret = group1 == NULL && group2 == NULL && group3 == NULL;
+
+ out:
+    EC_GROUP_free(group1);
+    EC_GROUP_free(group2);
+    EC_GROUP_free(group3);
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+
+    return ret;
+}
+
 /* test EC_GF2m_simple_method directly */
 static int field_tests_ec2_simple(void)
 {
@@ -443,6 +493,7 @@ int setup_tests(void)
     ADD_TEST(field_tests_ecp_simple);
     ADD_TEST(field_tests_ecp_mont);
 #ifndef OPENSSL_NO_EC2M
+    ADD_TEST(ec2m_field_sanity);
     ADD_TEST(field_tests_ec2_simple);
 #endif
     ADD_ALL_TESTS(field_tests_default, crv_len);
diff --git a/deps/openssl/openssl/test/enginetest.c b/deps/openssl/openssl/test/enginetest.c
index 8ba999b0176bc9..79ffb230548587 100644
--- a/deps/openssl/openssl/test/enginetest.c
+++ b/deps/openssl/openssl/test/enginetest.c
@@ -147,9 +147,9 @@ static int test_engines(void)
 
     TEST_info("About to beef up the engine-type list");
     for (loop = 0; loop < NUMTOADD; loop++) {
-        sprintf(buf, "id%d", loop);
+        BIO_snprintf(buf, sizeof(buf), "id%d", loop);
         eid[loop] = OPENSSL_strdup(buf);
-        sprintf(buf, "Fake engine type %d", loop);
+        BIO_snprintf(buf, sizeof(buf), "Fake engine type %d", loop);
         ename[loop] = OPENSSL_strdup(buf);
         if (!TEST_ptr(block[loop] = ENGINE_new())
                 || !TEST_true(ENGINE_set_id(block[loop], eid[loop]))
diff --git a/deps/openssl/openssl/test/evp_kdf_test.c b/deps/openssl/openssl/test/evp_kdf_test.c
index 8f35900bdd8b18..0ee1aaea6f3768 100644
--- a/deps/openssl/openssl/test/evp_kdf_test.c
+++ b/deps/openssl/openssl/test/evp_kdf_test.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2018-2020, Oracle and/or its affiliates.  All rights reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
@@ -857,7 +857,7 @@ static int test_kdf_pbkdf2_invalid_digest(void)
 #ifndef OPENSSL_NO_SCRYPT
 static int test_kdf_scrypt(void)
 {
-    int ret;
+    int i, ret;
     EVP_KDF_CTX *kctx;
     OSSL_PARAM params[7], *p = params;
     unsigned char out[64];
@@ -883,15 +883,21 @@ static int test_kdf_scrypt(void)
     *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_MAXMEM, &maxmem);
     *p = OSSL_PARAM_construct_end();
 
-    ret =
-        TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SCRYPT))
-        && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
-        /* failure test *//*
-        && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0)*/
-        && TEST_true(OSSL_PARAM_set_uint(p - 1, 10 * 1024 * 1024))
-        && TEST_true(EVP_KDF_CTX_set_params(kctx, p - 1))
-        && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0)
-        && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
+    ret = TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SCRYPT));
+    for (i = 0; ret && i < 2; ++i) {
+        ret = ret
+            && TEST_true(EVP_KDF_CTX_set_params(kctx, params));
+        if (i == 0)
+            ret = ret
+                && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0)
+                && TEST_true(OSSL_PARAM_set_uint(p - 1, 10 * 1024 * 1024))
+                && TEST_true(EVP_KDF_CTX_set_params(kctx, p - 1));
+        ret = ret
+            && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0)
+            && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
+        if (i == 0)
+            EVP_KDF_CTX_reset(kctx);
+    }
 
     EVP_KDF_CTX_free(kctx);
     return ret;
diff --git a/deps/openssl/openssl/test/evp_libctx_test.c b/deps/openssl/openssl/test/evp_libctx_test.c
index 2448c35a149f60..fd114a118cb2a2 100644
--- a/deps/openssl/openssl/test/evp_libctx_test.c
+++ b/deps/openssl/openssl/test/evp_libctx_test.c
@@ -501,7 +501,7 @@ static int rsa_keygen(int bits, EVP_PKEY **pub, EVP_PKEY **priv)
     size_t len = 0;
     OSSL_ENCODER_CTX *ectx = NULL;
 
-    if (!TEST_ptr(*priv = EVP_PKEY_Q_keygen(libctx, NULL, "RSA", bits))
+    if (!TEST_ptr(*priv = EVP_PKEY_Q_keygen(libctx, NULL, "RSA", (size_t)bits))
         || !TEST_ptr(ectx =
                      OSSL_ENCODER_CTX_new_for_pkey(*priv,
                                                    EVP_PKEY_PUBLIC_KEY,
@@ -536,6 +536,8 @@ static int kem_rsa_gen_recover(void)
           && TEST_int_eq(EVP_PKEY_encapsulate_init(sctx, NULL), 1)
           && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(sctx, "RSASVE"), 1)
           && TEST_ptr(dctx = EVP_PKEY_CTX_dup(sctx))
+          /* Test that providing a NULL wrappedlen fails */
+          && TEST_int_eq(EVP_PKEY_encapsulate(dctx, NULL, NULL, NULL, NULL), 0)
           && TEST_int_eq(EVP_PKEY_encapsulate(dctx, NULL, &ctlen, NULL,
                                               &secretlen), 1)
           && TEST_int_eq(ctlen, secretlen)
@@ -545,11 +547,26 @@ static int kem_rsa_gen_recover(void)
           && TEST_ptr(rctx = EVP_PKEY_CTX_new_from_pkey(libctx, priv, NULL))
           && TEST_int_eq(EVP_PKEY_decapsulate_init(rctx, NULL), 1)
           && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(rctx, "RSASVE"), 1)
+          /* Test that providing a NULL unwrappedlen fails */
+          && TEST_int_eq(EVP_PKEY_decapsulate(rctx, NULL, NULL, ct, ctlen), 0)
           && TEST_int_eq(EVP_PKEY_decapsulate(rctx, NULL, &unwraplen,
                                               ct, ctlen), 1)
           && TEST_int_eq(EVP_PKEY_decapsulate(rctx, unwrap, &unwraplen,
                                               ct, ctlen), 1)
           && TEST_mem_eq(unwrap, unwraplen, secret, secretlen);
+
+    /* Test that providing a too short unwrapped/ctlen fails */
+    if (fips_provider_version_match(libctx, ">=3.4.0")) {
+        ctlen = 1;
+        if (!TEST_int_eq(EVP_PKEY_encapsulate(dctx, ct, &ctlen, secret,
+                                              &secretlen), 0))
+            ret = 0;
+        unwraplen = 1;
+        if (!TEST_int_eq(EVP_PKEY_decapsulate(rctx, unwrap, &unwraplen, ct,
+                                              ctlen), 0))
+            ret = 0;
+    }
+
     EVP_PKEY_free(pub);
     EVP_PKEY_free(priv);
     EVP_PKEY_CTX_free(rctx);
@@ -596,59 +613,60 @@ static int kem_rsa_params(void)
     size_t ctlen = 0, secretlen = 0;
 
     ret = TEST_true(rsa_keygen(2048, &pub, &priv))
-          && TEST_ptr(pubctx = EVP_PKEY_CTX_new_from_pkey(libctx, pub, NULL))
-          && TEST_ptr(privctx = EVP_PKEY_CTX_new_from_pkey(libctx, priv, NULL))
-          /* Test setting kem op before the init fails */
-          && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(pubctx, "RSASVE"), -2)
-          /* Test NULL ctx passed */
-          && TEST_int_eq(EVP_PKEY_encapsulate_init(NULL, NULL), 0)
-          && TEST_int_eq(EVP_PKEY_encapsulate(NULL, NULL, NULL, NULL, NULL), 0)
-          && TEST_int_eq(EVP_PKEY_decapsulate_init(NULL, NULL), 0)
-          && TEST_int_eq(EVP_PKEY_decapsulate(NULL, NULL, NULL, NULL, 0), 0)
-          /* Test Invalid operation */
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, NULL, NULL, NULL), -1)
-          && TEST_int_eq(EVP_PKEY_decapsulate(privctx, NULL, NULL, NULL, 0), 0)
-          /* Wrong key component - no secret should be returned on failure */
-          && TEST_int_eq(EVP_PKEY_decapsulate_init(pubctx, NULL), 1)
-          && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(pubctx, "RSASVE"), 1)
-          && TEST_int_eq(EVP_PKEY_decapsulate(pubctx, secret, &secretlen, ct,
-                                              sizeof(ct)), 0)
-          && TEST_uchar_eq(secret[0], 0)
-          /* Test encapsulate fails if the mode is not set */
-          && TEST_int_eq(EVP_PKEY_encapsulate_init(pubctx, NULL), 1)
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, &ctlen, secret, &secretlen), -2)
-          /* Test setting a bad kem ops fail */
-          && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(pubctx, "RSA"), 0)
-          && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(pubctx,  NULL), 0)
-          && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(NULL,  "RSASVE"), 0)
-          && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(NULL,  NULL), 0)
-          /* Test secretlen is optional */
-          && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(pubctx, "RSASVE"), 1)
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, &ctlen, secret, NULL), 1)
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, &ctlen, NULL, NULL), 1)
-          /* Test outlen is optional */
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, NULL, NULL, &secretlen), 1)
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, NULL, secret, &secretlen), 1)
-          /* test that either len must be set if out is NULL */
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, NULL, NULL, NULL), 0)
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, &ctlen, NULL, NULL), 1)
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, NULL, NULL, &secretlen), 1)
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, &ctlen, NULL, &secretlen), 1)
-          /* Secret buffer should be set if there is an output buffer */
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, &ctlen, NULL, NULL), 0)
-          /* Test that lengths are optional if ct is not NULL */
-          && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, NULL, secret, NULL), 1)
-          /* Pass if secret or secret length are not NULL */
-          && TEST_int_eq(EVP_PKEY_decapsulate_init(privctx, NULL), 1)
-          && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(privctx, "RSASVE"), 1)
-          && TEST_int_eq(EVP_PKEY_decapsulate(privctx, secret, NULL, ct, sizeof(ct)), 1)
-          && TEST_int_eq(EVP_PKEY_decapsulate(privctx, NULL, &secretlen, ct, sizeof(ct)), 1)
-          && TEST_int_eq(secretlen, 256)
-          /* Fail if passed NULL arguments */
-          && TEST_int_eq(EVP_PKEY_decapsulate(privctx, NULL, NULL, ct, sizeof(ct)), 0)
-          && TEST_int_eq(EVP_PKEY_decapsulate(privctx, secret, &secretlen, NULL, 0), 0)
-          && TEST_int_eq(EVP_PKEY_decapsulate(privctx, secret, &secretlen, NULL, sizeof(ct)), 0)
-          && TEST_int_eq(EVP_PKEY_decapsulate(privctx, secret, &secretlen, ct, 0), 0);
+        && TEST_ptr(pubctx = EVP_PKEY_CTX_new_from_pkey(libctx, pub, NULL))
+        && TEST_ptr(privctx = EVP_PKEY_CTX_new_from_pkey(libctx, priv, NULL))
+        /* Test setting kem op before the init fails */
+        && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(pubctx, "RSASVE"), -2)
+        /* Test NULL ctx passed */
+        && TEST_int_eq(EVP_PKEY_encapsulate_init(NULL, NULL), 0)
+        && TEST_int_eq(EVP_PKEY_encapsulate(NULL, NULL, NULL, NULL, NULL), 0)
+        && TEST_int_eq(EVP_PKEY_decapsulate_init(NULL, NULL), 0)
+        && TEST_int_eq(EVP_PKEY_decapsulate(NULL, NULL, NULL, NULL, 0), 0)
+        /* Test Invalid operation */
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, NULL, NULL, NULL), -1)
+        && TEST_int_eq(EVP_PKEY_decapsulate(privctx, NULL, NULL, NULL, 0), 0)
+        /* Wrong key component - no secret should be returned on failure */
+        && TEST_int_eq(EVP_PKEY_decapsulate_init(pubctx, NULL), 1)
+        && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(pubctx, "RSASVE"), 1)
+        && TEST_int_eq(EVP_PKEY_decapsulate(pubctx, secret, &secretlen, ct,
+                                            sizeof(ct)), 0)
+        && TEST_uchar_eq(secret[0], 0)
+        /* Test encapsulate fails if the mode is not set */
+        && TEST_int_eq(EVP_PKEY_encapsulate_init(pubctx, NULL), 1)
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, &ctlen, secret, &secretlen), -2)
+        /* Test setting a bad kem ops fail */
+        && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(pubctx, "RSA"), 0)
+        && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(pubctx, NULL), 0)
+        && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(NULL,  "RSASVE"), 0)
+        && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(NULL,  NULL), 0)
+        /* Test secretlen is optional */
+        && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(pubctx, "RSASVE"), 1)
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, &ctlen, NULL, NULL), 1)
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, &ctlen, secret, NULL), 1)
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, &ctlen, NULL, NULL), 1)
+        /* Test outlen is optional */
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, NULL, NULL, &secretlen), 1)
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, NULL, secret, &secretlen), 1)
+        /* test that either len must be set if out is NULL */
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, NULL, NULL, NULL), 0)
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, &ctlen, NULL, NULL), 1)
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, NULL, NULL, &secretlen), 1)
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, NULL, &ctlen, NULL, &secretlen), 1)
+        /* Secret buffer should be set if there is an output buffer */
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, &ctlen, NULL, NULL), 0)
+        /* Test that lengths are optional if ct is not NULL */
+        && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, NULL, secret, NULL), 1)
+        /* Pass if secret or secret length are not NULL */
+        && TEST_int_eq(EVP_PKEY_decapsulate_init(privctx, NULL), 1)
+        && TEST_int_eq(EVP_PKEY_CTX_set_kem_op(privctx, "RSASVE"), 1)
+        && TEST_int_eq(EVP_PKEY_decapsulate(privctx, secret, NULL, ct, sizeof(ct)), 1)
+        && TEST_int_eq(EVP_PKEY_decapsulate(privctx, NULL, &secretlen, ct, sizeof(ct)), 1)
+        && TEST_int_eq(secretlen, 256)
+        /* Fail if passed NULL arguments */
+        && TEST_int_eq(EVP_PKEY_decapsulate(privctx, NULL, NULL, ct, sizeof(ct)), 0)
+        && TEST_int_eq(EVP_PKEY_decapsulate(privctx, secret, &secretlen, NULL, 0), 0)
+        && TEST_int_eq(EVP_PKEY_decapsulate(privctx, secret, &secretlen, NULL, sizeof(ct)), 0)
+        && TEST_int_eq(EVP_PKEY_decapsulate(privctx, secret, &secretlen, ct, 0), 0);
 
     EVP_PKEY_free(pub);
     EVP_PKEY_free(priv);
diff --git a/deps/openssl/openssl/test/ext_internal_test.c b/deps/openssl/openssl/test/ext_internal_test.c
index 769b25391d577d..dec6ee61efb35b 100644
--- a/deps/openssl/openssl/test/ext_internal_test.c
+++ b/deps/openssl/openssl/test/ext_internal_test.c
@@ -69,13 +69,6 @@ static EXT_LIST ext_list[] = {
     EXT_ENTRY(cryptopro_bug),
     EXT_ENTRY(early_data),
     EXT_ENTRY(certificate_authorities),
-#ifndef OPENSSL_NO_QUIC
-    EXT_ENTRY(quic_transport_parameters_draft),
-    EXT_ENTRY(quic_transport_parameters),
-#else
-    EXT_EXCEPTION(quic_transport_parameters_draft),
-    EXT_EXCEPTION(quic_transport_parameters),
-#endif
     EXT_ENTRY(padding),
     EXT_ENTRY(psk),
     EXT_END(num_builtins)
diff --git a/deps/openssl/openssl/test/hmactest.c b/deps/openssl/openssl/test/hmactest.c
index 8f5bf32f870899..0a29c58731f60c 100644
--- a/deps/openssl/openssl/test/hmactest.c
+++ b/deps/openssl/openssl/test/hmactest.c
@@ -275,19 +275,21 @@ static int test_hmac_copy_uninited(void)
     return res;
 }
 
-# ifndef OPENSSL_NO_MD5
+#ifndef OPENSSL_NO_MD5
+# define OSSL_HEX_CHARS_PER_BYTE 2
 static char *pt(unsigned char *md, unsigned int len)
 {
     unsigned int i;
-    static char buf[80];
+    static char buf[201];
 
     if (md == NULL)
         return NULL;
-    for (i = 0; i < len; i++)
-        sprintf(&(buf[i * 2]), "%02x", md[i]);
+    for (i = 0; i < len && (i + 1) * OSSL_HEX_CHARS_PER_BYTE < sizeof(buf); i++)
+        BIO_snprintf(buf + i * OSSL_HEX_CHARS_PER_BYTE,
+                     OSSL_HEX_CHARS_PER_BYTE + 1, "%02x", md[i]);
     return buf;
 }
-# endif
+#endif
 
 int setup_tests(void)
 {
diff --git a/deps/openssl/openssl/test/memleaktest.c b/deps/openssl/openssl/test/memleaktest.c
index 97827b8e9cd3c2..8761686773986c 100644
--- a/deps/openssl/openssl/test/memleaktest.c
+++ b/deps/openssl/openssl/test/memleaktest.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -44,7 +44,7 @@ int main(int argc, char *argv[])
      */
     int exitcode = EXIT_FAILURE;
 #endif
-    char *lost;
+    char *volatile lost;
 
     lost = OPENSSL_malloc(3);
     if (!TEST_ptr(lost))
diff --git a/deps/openssl/openssl/test/nocache-and-default.cnf b/deps/openssl/openssl/test/nocache-and-default.cnf
new file mode 100644
index 00000000000000..cf5ca8d1141518
--- /dev/null
+++ b/deps/openssl/openssl/test/nocache-and-default.cnf
@@ -0,0 +1,18 @@
+openssl_conf = openssl_init
+
+# Comment out the next line to ignore configuration errors
+config_diagnostics = 1
+
+[openssl_init]
+providers = provider_sect
+
+[provider_sect]
+test    = test_sect
+default = default_sect
+
+[test_sect]
+module = ../test/p_test.so
+activate = true
+
+[default_sect]
+activate = true
diff --git a/deps/openssl/openssl/test/p_test.c b/deps/openssl/openssl/test/p_test.c
index 80f0784dd9d5ab..46f990113fb692 100644
--- a/deps/openssl/openssl/test/p_test.c
+++ b/deps/openssl/openssl/test/p_test.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -16,6 +16,8 @@
 #include <string.h>
 #include <stdio.h>
 
+#include <stdarg.h>
+
 /*
  * When built as an object file to link the application with, we get the
  * init function name through the macro PROVIDER_INIT_FUNCTION_NAME.  If
@@ -46,6 +48,7 @@ static OSSL_FUNC_core_get_params_fn *c_get_params = NULL;
 static OSSL_FUNC_core_new_error_fn *c_new_error;
 static OSSL_FUNC_core_set_error_debug_fn *c_set_error_debug;
 static OSSL_FUNC_core_vset_error_fn *c_vset_error;
+static OSSL_FUNC_BIO_vsnprintf_fn *c_BIO_vsnprintf;
 
 /* Tell the core what params we provide and what type they are */
 static const OSSL_PARAM p_param_types[] = {
@@ -60,6 +63,17 @@ static OSSL_FUNC_provider_get_params_fn p_get_params;
 static OSSL_FUNC_provider_get_reason_strings_fn p_get_reason_strings;
 static OSSL_FUNC_provider_teardown_fn p_teardown;
 
+static int local_snprintf(char *buf, size_t n, const char *format, ...)
+{
+    va_list args;
+    int ret;
+
+    va_start(args, format);
+    ret = (*c_BIO_vsnprintf)(buf, n, format, args);
+    va_end(args);
+    return ret;
+}
+
 static void p_set_error(int lib, int reason, const char *file, int line,
                         const char *func, const char *fmt, ...)
 {
@@ -114,11 +128,11 @@ static int p_get_params(void *provctx, OSSL_PARAM params[])
                     const char *versionp = *(void **)counter_request[0].data;
                     const char *namep = *(void **)counter_request[1].data;
 
-                    sprintf(buf, "Hello OpenSSL %.20s, greetings from %s!",
-                            versionp, namep);
+                    local_snprintf(buf, sizeof(buf), "Hello OpenSSL %.20s, greetings from %s!",
+                                   versionp, namep);
                 }
             } else {
-                sprintf(buf, "Howdy stranger...");
+                local_snprintf(buf, sizeof(buf), "Howdy stranger...");
             }
 
             p->return_size = buf_l = strlen(buf) + 1;
@@ -216,12 +230,21 @@ static const OSSL_ITEM *p_get_reason_strings(void *_)
     return reason_strings;
 }
 
+static const OSSL_ALGORITHM *p_query(OSSL_PROVIDER *prov,
+                                     int operation_id,
+                                     int *no_cache)
+{
+    *no_cache = 1;
+    return NULL;
+}
+
 static const OSSL_DISPATCH p_test_table[] = {
     { OSSL_FUNC_PROVIDER_GETTABLE_PARAMS, (void (*)(void))p_gettable_params },
     { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))p_get_params },
     { OSSL_FUNC_PROVIDER_GET_REASON_STRINGS,
         (void (*)(void))p_get_reason_strings},
     { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))p_teardown },
+    { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))p_query },
     { 0, NULL }
 };
 
@@ -250,6 +273,9 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
         case OSSL_FUNC_CORE_VSET_ERROR:
             c_vset_error = OSSL_FUNC_core_vset_error(in);
             break;
+        case OSSL_FUNC_BIO_VSNPRINTF:
+            c_BIO_vsnprintf = OSSL_FUNC_BIO_vsnprintf(in);
+            break;
         default:
             /* Just ignore anything we don't understand */
             break;
diff --git a/deps/openssl/openssl/test/pkcs12_format_test.c b/deps/openssl/openssl/test/pkcs12_format_test.c
index c142093f72bbbc..f7ecd7c1e635be 100644
--- a/deps/openssl/openssl/test/pkcs12_format_test.c
+++ b/deps/openssl/openssl/test/pkcs12_format_test.c
@@ -358,7 +358,8 @@ static int test_single_key(PKCS12_ENC *enc)
     char fname[80];
     PKCS12_BUILDER *pb;
 
-    sprintf(fname, "1key_ciph-%s_iter-%d.p12", OBJ_nid2sn(enc->nid), enc->iter);
+    BIO_snprintf(fname, sizeof(fname), "1key_ciph-%s_iter-%d.p12",
+                 OBJ_nid2sn(enc->nid), enc->iter);
 
     pb = new_pkcs12_builder(fname);
 
@@ -457,7 +458,8 @@ static int test_single_cert_mac(PKCS12_ENC *mac)
     char fname[80];
     PKCS12_BUILDER *pb;
 
-    sprintf(fname, "1cert_mac-%s_iter-%d.p12", OBJ_nid2sn(mac->nid), mac->iter);
+    BIO_snprintf(fname, sizeof(fname), "1cert_mac-%s_iter-%d.p12",
+                 OBJ_nid2sn(mac->nid), mac->iter);
 
     pb = new_pkcs12_builder(fname);
 
@@ -617,7 +619,8 @@ static int test_single_secret(PKCS12_ENC *enc)
     char fname[80];
     PKCS12_BUILDER *pb;
 
-    sprintf(fname, "1secret_ciph-%s_iter-%d.p12", OBJ_nid2sn(enc->nid), enc->iter);
+    BIO_snprintf(fname, sizeof(fname), "1secret_ciph-%s_iter-%d.p12",
+                 OBJ_nid2sn(enc->nid), enc->iter);
     pb = new_pkcs12_builder(fname);
     custom_nid = get_custom_oid();
 
diff --git a/deps/openssl/openssl/test/property_test.c b/deps/openssl/openssl/test/property_test.c
index 88c5342c538eca..1f1171ad90a65b 100644
--- a/deps/openssl/openssl/test/property_test.c
+++ b/deps/openssl/openssl/test/property_test.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2019, Oracle and/or its affiliates.  All rights reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
@@ -50,30 +50,37 @@ static void down_ref(void *p)
 
 static int test_property_string(void)
 {
-    OSSL_METHOD_STORE *store;
+    OSSL_LIB_CTX *ctx;
+    OSSL_METHOD_STORE *store = NULL;
     int res = 0;
     OSSL_PROPERTY_IDX i, j;
 
-    if (TEST_ptr(store = ossl_method_store_new(NULL))
-        && TEST_int_eq(ossl_property_name(NULL, "fnord", 0), 0)
-        && TEST_int_ne(ossl_property_name(NULL, "fnord", 1), 0)
-        && TEST_int_ne(ossl_property_name(NULL, "name", 1), 0)
+    /*-
+     * Use our own library context because we depend on ordering from a
+     * pristine state.
+     */
+    if (TEST_ptr(ctx = OSSL_LIB_CTX_new())
+        && TEST_ptr(store = ossl_method_store_new(ctx))
+        && TEST_int_eq(ossl_property_name(ctx, "fnord", 0), 0)
+        && TEST_int_ne(ossl_property_name(ctx, "fnord", 1), 0)
+        && TEST_int_ne(ossl_property_name(ctx, "name", 1), 0)
         /* Property value checks */
-        && TEST_int_eq(ossl_property_value(NULL, "fnord", 0), 0)
-        && TEST_int_ne(i = ossl_property_value(NULL, "no", 0), 0)
-        && TEST_int_ne(j = ossl_property_value(NULL, "yes", 0), 0)
+        && TEST_int_eq(ossl_property_value(ctx, "fnord", 0), 0)
+        && TEST_int_ne(i = ossl_property_value(ctx, "no", 0), 0)
+        && TEST_int_ne(j = ossl_property_value(ctx, "yes", 0), 0)
         && TEST_int_ne(i, j)
-        && TEST_int_eq(ossl_property_value(NULL, "yes", 1), j)
-        && TEST_int_eq(ossl_property_value(NULL, "no", 1), i)
-        && TEST_int_ne(i = ossl_property_value(NULL, "illuminati", 1), 0)
-        && TEST_int_eq(j = ossl_property_value(NULL, "fnord", 1), i + 1)
-        && TEST_int_eq(ossl_property_value(NULL, "fnord", 1), j)
+        && TEST_int_eq(ossl_property_value(ctx, "yes", 1), j)
+        && TEST_int_eq(ossl_property_value(ctx, "no", 1), i)
+        && TEST_int_ne(i = ossl_property_value(ctx, "illuminati", 1), 0)
+        && TEST_int_eq(j = ossl_property_value(ctx, "fnord", 1), i + 1)
+        && TEST_int_eq(ossl_property_value(ctx, "fnord", 1), j)
         /* Check name and values are distinct */
-        && TEST_int_eq(ossl_property_value(NULL, "cold", 0), 0)
-        && TEST_int_ne(ossl_property_name(NULL, "fnord", 0),
-                       ossl_property_value(NULL, "fnord", 0)))
+        && TEST_int_eq(ossl_property_value(ctx, "cold", 0), 0)
+        && TEST_int_ne(ossl_property_name(ctx, "fnord", 0),
+                       ossl_property_value(ctx, "fnord", 0)))
         res = 1;
     ossl_method_store_free(store);
+    OSSL_LIB_CTX_free(ctx);
     return res;
 }
 
diff --git a/deps/openssl/openssl/test/recipes/03-test_fipsinstall.t b/deps/openssl/openssl/test/recipes/03-test_fipsinstall.t
index 5f514e231b5978..c243b5646d3705 100644
--- a/deps/openssl/openssl/test/recipes/03-test_fipsinstall.t
+++ b/deps/openssl/openssl/test/recipes/03-test_fipsinstall.t
@@ -253,6 +253,10 @@ SKIP: {
 SKIP: {
     skip "Skipping Asymmetric RSA corruption test because of no rsa in this build", 1
         if disabled("rsa");
+    run(test(["fips_version_test", "-config", $provconf, "<3.5.0"]),
+             capture => 1, statusvar => \my $exit);
+    skip "FIPS provider version is too new for Asymmetric RSA corruption test", 1
+        if !$exit;
     ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.cnf', '-module', $infile,
                 '-corrupt_desc', 'RSA_Encrypt',
                 '-corrupt_type', 'KAT_AsymmetricCipher'])),
diff --git a/deps/openssl/openssl/test/recipes/04-test_encoder_decoder.t b/deps/openssl/openssl/test/recipes/04-test_encoder_decoder.t
index 19541610a9a9b9..d5d79f3a57541c 100644
--- a/deps/openssl/openssl/test/recipes/04-test_encoder_decoder.t
+++ b/deps/openssl/openssl/test/recipes/04-test_encoder_decoder.t
@@ -25,9 +25,26 @@ my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
 my $rsa_key = srctop_file("test", "certs", "ee-key.pem");
 my $pss_key = srctop_file("test", "certs", "ca-pss-key.pem");
 
-plan tests => ($no_fips ? 0 : 1) + 2;     # FIPS install test + test
+plan tests => ($no_fips ? 0 : 3) + 2;     # FIPS install test + test
 
 my $conf = srctop_file("test", "default.cnf");
+
+# Check if the specified pattern occurs in the given file
+# Returns 1 if the pattern is found and 0 if not
+sub find_line_file {
+    my ($key, $file) = @_;
+
+    open(my $in, $file) or return -1;
+    while (my $line = <$in>) {
+        if ($line =~ /$key/) {
+            close($in);
+            return 1;
+        }
+    }
+    close($in);
+    return 0;
+}
+
 ok(run(test(["endecode_test", "-rsa", $rsa_key,
                               "-pss", $pss_key,
                               "-config", $conf,
@@ -47,5 +64,13 @@ unless ($no_fips) {
                                   "-pss", $pss_key,
                                   "-config", $conf,
                                   "-provider", "fips"])));
+SKIP: {
+    skip "EC disabled", 2 if disabled("ec");
+    ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'EC',
+                 '-pkeyopt', 'group:P-256', '-text',
+                 '-config', $conf, '-provider', 'fips', '-out', 'ec.txt' ])),
+       'Print a FIPS provider EC private key');
+    ok(find_line_file('NIST CURVE: P-256', 'ec.txt') == 1,
+       'Printing an FIPS provider EC private key');
+}
 }
-
diff --git a/deps/openssl/openssl/test/recipes/20-test_nocache.t b/deps/openssl/openssl/test/recipes/20-test_nocache.t
new file mode 100644
index 00000000000000..f7a956ee05ef2f
--- /dev/null
+++ b/deps/openssl/openssl/test/recipes/20-test_nocache.t
@@ -0,0 +1,34 @@
+#! /usr/bin/env perl
+# Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use warnings;
+
+use OpenSSL::Test qw/:DEFAULT bldtop_file srctop_file bldtop_dir with/;
+use OpenSSL::Test::Utils;
+
+setup("test_nocache");
+
+plan tests => 4;
+
+ok(run(app(["openssl", "list", "-mac-algorithms"],
+        stdout => "listout.txt")),
+"List mac algorithms - default configuration");
+open DATA, "listout.txt";
+my @match = grep /MAC/, <DATA>;
+close DATA;
+ok(scalar @match > 1 ? 1 : 0, "Several algorithms are listed - default configuration");
+
+$ENV{OPENSSL_CONF} = bldtop_file("test", "nocache-and-default.cnf");
+ok(run(app(["openssl", "list", "-mac-algorithms"],
+        stdout => "listout.txt")),
+"List mac algorithms");
+open DATA, "listout.txt";
+my @match = grep /MAC/, <DATA>;
+close DATA;
+ok(scalar @match > 1 ? 1 : 0, "Several algorithms are listed - nocache-and-default");
diff --git a/deps/openssl/openssl/test/recipes/25-test_verify.t b/deps/openssl/openssl/test/recipes/25-test_verify.t
index 818c9ac50dd3f8..7fa14d9daa8b3a 100644
--- a/deps/openssl/openssl/test/recipes/25-test_verify.t
+++ b/deps/openssl/openssl/test/recipes/25-test_verify.t
@@ -61,7 +61,7 @@ ok(verify("ee-cert-ocsp-nocheck", "", ["root-cert"], ["ca-cert"]),
 ok(verify("ee-cert", "sslserver", [qw(sroot-cert)], [qw(ca-cert)]),
    "accept server purpose");
 ok(!verify("ee-cert", "sslserver", [qw(croot-cert)], [qw(ca-cert)]),
-   "fail client purpose");
+   "fail client purpose"); # beware, questionable non-standard EKU check on trust anchor
 ok(verify("ee-cert", "sslserver", [qw(root+serverAuth)], [qw(ca-cert)]),
    "accept server trust");
 ok(verify("ee-cert", "sslserver", [qw(sroot+serverAuth)], [qw(ca-cert)]),
@@ -81,7 +81,7 @@ ok(verify("ee-cert", "sslserver", [qw(root-clientAuth)], [qw(ca-cert)]),
 ok(verify("ee-cert", "sslserver", [qw(sroot-clientAuth)], [qw(ca-cert)]),
    "accept client mistrust with server purpose");
 ok(!verify("ee-cert", "sslserver", [qw(croot-clientAuth)], [qw(ca-cert)]),
-   "fail client mistrust with client purpose");
+   "fail client mistrust with client purpose"); # beware, questionable non-standard EKU check on trust anchor
 # Inapplicable trust
 ok(!verify("ee-cert", "sslserver", [qw(root+clientAuth)], [qw(ca-cert)]),
    "fail client trust");
@@ -150,7 +150,7 @@ ok(!verify("ee-cert", "sslserver", [qw(root-expired)], [qw(ca-cert)]),
 ok(verify("ee-cert", "sslserver", [qw(sca-cert)], [], "-partial_chain"),
    "accept partial chain with server purpose");
 ok(!verify("ee-cert", "sslserver", [qw(cca-cert)], [], "-partial_chain"),
-   "fail partial chain with client purpose");
+   "fail partial chain with client purpose"); # beware, questionable non-standard EKU check on trust anchor
 ok(verify("ee-cert", "sslserver", [qw(ca+serverAuth)], [], "-partial_chain"),
    "accept server trust partial chain");
 ok(verify("ee-cert", "sslserver", [qw(cca+serverAuth)], [], "-partial_chain"),
@@ -188,7 +188,7 @@ ok(verify("ee-cert", "sslserver", [qw(root-cert cca+serverAuth)], [qw(ca-cert)])
 ok(verify("ee-cert", "sslserver", [qw(root-cert cca+anyEKU)], [qw(ca-cert)]),
    "accept wildcard trust and client purpose");
 ok(!verify("ee-cert", "sslserver", [qw(root-cert cca-cert)], [qw(ca-cert)]),
-   "fail client purpose");
+   "fail client purpose intermediate trusted"); # beware, questionable non-standard EKU check on trust anchor
 ok(!verify("ee-cert", "sslserver", [qw(root-cert ca-anyEKU)], [qw(ca-cert)]),
    "fail wildcard mistrust");
 ok(!verify("ee-cert", "sslserver", [qw(root-cert ca-serverAuth)], [qw(ca-cert)]),
diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt
index 9ad8b9fbd2dfad..c7e7b4b5bf9073 100644
--- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt
+++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt
@@ -4935,3 +4935,13 @@ Ctrl.mode = mode:EXTRACT_AND_EXPAND
 Ctrl.digest = digest:SHA256
 Result = KDF_CTRL_ERROR
 
+# Test that salt of arbitrary length works
+FIPSversion = >=3.4.0
+KDF = TLS13-KDF
+Ctrl.mode = mode:EXTRACT_ONLY
+Ctrl.digest = digest:SHA2-256
+Ctrl.key = hexkey:f8af6aea2d397baf2948a25b2834200692cff17eee9165e4e27babee9edefd05
+Ctrl.salt = hexsalt:00010203040506070809000102030405060708090001020304050607080900010203040506070809
+Ctrl.prefix = hexprefix:746c73313320
+Ctrl.label = hexlabel:64657269766564
+Output = ef0aa4925ab6f4588759e15dfadcf7602ca7aa39ebb092bd7ab48f6a68c54449
diff --git a/deps/openssl/openssl/test/recipes/61-test_bio_pw_callback.t b/deps/openssl/openssl/test/recipes/61-test_bio_pw_callback.t
new file mode 100644
index 00000000000000..4cb1db1f589f98
--- /dev/null
+++ b/deps/openssl/openssl/test/recipes/61-test_bio_pw_callback.t
@@ -0,0 +1,20 @@
+#! /usr/bin/env perl
+# Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use warnings;
+
+use OpenSSL::Test qw(:DEFAULT data_file);
+
+setup('test_bio_pw_callback');
+
+plan tests => 1;
+
+my $private_key_path = data_file("private_key.pem");
+ok(run(test(["bio_pw_callback_test", "-keyfile", $private_key_path])),
+   "Running bio_pw_callback_test");
diff --git a/deps/openssl/openssl/test/recipes/61-test_bio_pw_callback_data/private_key.pem b/deps/openssl/openssl/test/recipes/61-test_bio_pw_callback_data/private_key.pem
new file mode 100644
index 00000000000000..f9c9ae5dbc4a58
--- /dev/null
+++ b/deps/openssl/openssl/test/recipes/61-test_bio_pw_callback_data/private_key.pem
@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFNTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQmftpln/ZNiEznncq
++u0FuwICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEBO5TGcD0mGTfRS8
+HgafEXYEggTQOasEXPm4ChGPzfXACYhaAtMFnfL9qpI1S30bHMUHsWuXLZDFPNty
+7KNKWr35woaq3XFEeul7onszcBBRrRwPkTqOifuv/J01s7oS0uC6jwbvSkAFNjHe
+jkgvMMQA3y7nwZ2wSwVjO2K91qasTjNivus3ZaCvGqGpgNckEXILPZJEdWteWP+1
+SN9zLxxeHwgt5SrMfylrTghLB8b119/uq4GnOYHZdhMbp4YmneuGqvlZ7nle7qLY
+33tuM5deajk9hINLfbYWGwURaOZ+r++Rvrz4OxISfe70uXT+2fcSZPVkNT5a6B5T
+9rCwdF69W/+3au50gfc2VEF/xZBajxLI0PBpMSpxNE3a5/3YLKXAs+z0YJdQKNhN
+U+SpOUv8D2GraJVfP7MddO2JvETh8w7tGN/a8qSw07Z91SE3Vfuq0l5PheC/vXJq
+/xxU3YSbZC7LCSZn1aXBlj9KbTh2o1ARzdJsVYo1xY2OIFtFpncOjQDuaAmsNcZE
+CuB9FUcBwwO/bjooIkv4lJU+DWDxrCR7Si8PZ4hHgXCXXKiXA20SBccUYm0Z4HR3
+i2tm9UTwAuCy1BF7hRmPLIyvlgtlKh2V9Cre5j86GoKTmPh/q5DHdSmNAM8Aakct
+GdQgscOXRmHq7/1nec28wEhlbqVyYJ45MZbWhBTrycMru/ch9+ZnsIgPXLfbBA+P
+6GHK1DF+onKZtMkH0SNMU3X1arlJKRreVQsvkbgL7aw3mI0veYa4/tJUf7hbkPpA
+LArQU5wQ+A9mzC+tYMfz3mrIE05FrpYkHRxiB/odeNvCTMR7DhGoghhnYUN/gSSN
+qH5EBG2hQ/pJ5ZSawE+P9+vCLlvcc4n00zgi0s3rMN2AntPZoI3sWKZcbbgJoOIH
+cbAmBAKCIiwmlPmI0hjEAIXRBixJzHVGNowuSc3jy5pIiSjmDESnARl+n5imqI3D
+po9OuCHpo4nRLcAX0GrJqqKxUG+R1A8g/AooIGEPQgkXk/4v9gwd4aBvwT4YxR44
+onAXdyBMM0T8C+8dUmT6OPvU5w6JHFidJfhBgJhDIdj9JM+wWdr1CW94todjEyKY
+Xe3NRG1bGbcN6HBVwbe4UZ39A9p4kKGyiXexlsD+DvFxwaGvSy2rp0lLabz19Kkr
+fnLU1Ugb38AnEYTGYJMB9nO19lHW62Mk6+9ky42x8X9vBn81Nif/c0kmvEKsZEfw
+UM7m0fIWTZOWSH01DGIXqCoCk7vJ1CSm0wUsAvyKFLm1qnM5eJJNMlBbayDDBsnU
+Jj9hx7GWjujVKFwFngUOoFpmFWB72bqeBWenaQJhIVydQa1rolny0TECJIkFOsUK
+Wa0y52V4h68Ig5G5p2WHG0RlEVtmcgzSoL1mLE5UdOYaH5oB7nTVM+Z0b8HJFrYc
+7Xhym8uNq6UHc4Ae6TT8EA3lA3fDttedKzWxlBFXqX9behl2uBnPzCl3cS2G2Uek
+xtexjecZINP8L5i6eIL7bPoVMF5CUsUhIWFA0gzIovRBRvVS91HnTrIDLvqF8YgQ
+ToctUU/vS8r3x2/TIR60UBvW0vkoFa+lfzHtsxBnT1nMBZNeeHOCM8QtboyI9Ir9
+UkJbTO+QpJQ5A3ELharpcqr7iywDOnLSV9LZSUZr934zOrRl2oAXx/0=
+-----END ENCRYPTED PRIVATE KEY-----
diff --git a/deps/openssl/openssl/test/recipes/80-test_cmp_http.t b/deps/openssl/openssl/test/recipes/80-test_cmp_http.t
index 0ca547354fc7e3..c704cc758e913d 100644
--- a/deps/openssl/openssl/test/recipes/80-test_cmp_http.t
+++ b/deps/openssl/openssl/test/recipes/80-test_cmp_http.t
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved.
 # Copyright Nokia 2007-2019
 # Copyright Siemens AG 2015-2019
 #
@@ -270,7 +270,7 @@ sub start_mock_server {
     print "Current directory is ".getcwd()."\n";
     print "Launching mock server: $cmd\n";
     die "Invalid port: $server_port" unless $server_port =~ m/^\d+$/;
-    my $pid = open($server_fh, "$cmd|") or die "Trying to $cmd";
+    my $pid = open($server_fh, "$cmd 2>".result_dir()."/error.txt |") or die "Trying to $cmd";
     print "Pid is: $pid\n";
     if ($server_port == 0) {
         # Find out the actual server port
diff --git a/deps/openssl/openssl/test/recipes/80-test_cmp_http_data/test_connection.csv b/deps/openssl/openssl/test/recipes/80-test_cmp_http_data/test_connection.csv
index 33a572a29da1ad..cc012411ea5f9a 100644
--- a/deps/openssl/openssl/test/recipes/80-test_cmp_http_data/test_connection.csv
+++ b/deps/openssl/openssl/test/recipes/80-test_cmp_http_data/test_connection.csv
@@ -2,8 +2,8 @@ expected,description, -section,val, -server,val, -proxy,val, -no_proxy,val, -tls
 ,Message transfer options:,,,,,,,,,,,,,,,,,,
 ,,,,,,,,,,,,,,,,,,,
 1,default config, -section,,,,,,,,BLANK,,,,BLANK,,BLANK,,BLANK,
-TBD,Domain name, -section,, -server,_SERVER_CN:_SERVER_PORT,,,,,,,,,,,,,,
-TBD,IP address, -section,, -server,_SERVER_IP:_SERVER_PORT,,,,,,,,,,,,,,
+1,disabled as not supported by some host IP configurations: server domain name, -section,, -server,localhost:_SERVER_PORT,,,,,,,,,,,,,,
+1,disabled as not supported by some host IP configurations: server IPv6 address, -section,, -server,[::1]:_SERVER_PORT,,,,,,,,,,,,,,
 ,,,,,,,,,,,,,,,,,,,
 0,wrong server, -section,, -server,xn--rksmrgs-5wao1o.example.com:_SERVER_PORT,,,,,BLANK,,,, -msg_timeout,1,BLANK,,BLANK,
 0,wrong server port, -section,, -server,_SERVER_HOST:99,,,,,BLANK,,,, -msg_timeout,1,BLANK,,BLANK,
diff --git a/deps/openssl/openssl/test/recipes/80-test_cms.t b/deps/openssl/openssl/test/recipes/80-test_cms.t
index 31f9fbd1280ac1..0e8b0259f1c2ea 100644
--- a/deps/openssl/openssl/test/recipes/80-test_cms.t
+++ b/deps/openssl/openssl/test/recipes/80-test_cms.t
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -25,6 +25,7 @@ use lib srctop_dir('Configurations');
 use lib bldtop_dir('.');
 
 my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
+my $old_fips = 0;
 
 plan skip_all => "CMS is not supported by this OpenSSL build"
     if disabled("cms");
@@ -50,13 +51,17 @@ my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
 
 $no_rc2 = 1 if disabled("legacy");
 
-plan tests => 19;
+plan tests => 20;
 
 ok(run(test(["pkcs7_test"])), "test pkcs7");
 
 unless ($no_fips) {
-    @config = ( "-config", srctop_file("test", "fips-and-base.cnf") );
+    my $provconf = srctop_file("test", "fips-and-base.cnf");
+    @config = ( "-config", $provconf );
     $provname = 'fips';
+
+    run(test(["fips_version_test", "-config", $provconf, "<3.4.0"]),
+    capture => 1, statusvar => $old_fips);
 }
 
 $ENV{OPENSSL_TEST_LIBCTX} = "1";
@@ -394,6 +399,13 @@ my @smime_cms_tests = (
         "-out", "{output}.txt" ],
       \&final_compare
     ],
+
+    [ "encrypted content test streaming PEM format -noout, 128 bit AES key",
+      [ "{cmd1}", @prov, "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
+	"-aes128", "-secretkey", "000102030405060708090A0B0C0D0E0F",
+	"-stream", "-noout" ],
+      [ "{cmd2}", @prov, "-help" ]
+    ],
 );
 
 my @smime_cms_cades_tests = (
@@ -604,6 +616,7 @@ my @smime_cms_param_tests = (
         "-stream", "-out", "{output}.cms",
         "-recip", catfile($smdir, "smec1.pem"), "-aes128",
         "-keyopt", "ecdh_kdf_md:sha256" ],
+      sub { my %opts = @_; smimeType_matches("$opts{output}.cms", "enveloped-data"); },
       [ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
@@ -613,6 +626,7 @@ my @smime_cms_param_tests = (
       [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         "-recip", catfile($smdir, "smec1.pem"), "-aes-128-gcm", "-keyopt", "ecdh_kdf_md:sha256" ],
+      sub { my %opts = @_; smimeType_matches("$opts{output}.cms", "authEnveloped-data"); },
       [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
@@ -626,18 +640,23 @@ my @smime_cms_param_tests = (
       [ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smec2.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
-    ],
-
-    [ "enveloped content test streaming S/MIME format, X9.42 DH",
-      [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
-        "-stream", "-out", "{output}.cms",
-        "-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
-      [ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
-        "-in", "{output}.cms", "-out", "{output}.txt" ],
-      \&final_compare
     ]
 );
 
+if ($no_fips || $old_fips) {
+    # Only SHA1 supported in dh_cms_encrypt()
+    push(@smime_cms_param_tests,
+         [ "enveloped content test streaming S/MIME format, X9.42 DH",
+           [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
+             "-stream", "-out", "{output}.cms",
+             "-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
+           [ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
+             "-in", "{output}.cms", "-out", "{output}.txt" ],
+           \&final_compare
+         ]
+    );
+}
+
 my @contenttype_cms_test = (
     [ "signed content test - check that content type is added to additional signerinfo, RSA keys",
       [ "{cmd1}", @prov, "-sign", "-binary", "-nodetach", "-stream", "-in", $smcont,
@@ -765,6 +784,28 @@ sub contentType_matches {
   return scalar(@c);
 }
 
+# Returns 1 if the smime-type matches the passed parameter, otherwise 0.
+sub smimeType_matches {
+  my ($in, $expected_smime_type) = @_;
+
+  # Read the text file
+  open(my $fh, '<', $in) or die("open failed for $in : $!");
+  local $/;
+  my $content = <$fh>;
+  close($fh);
+
+  # Extract the Content-Type line with the smime-type attribute
+  if ($content =~ /Content-Type:\s*application\/pkcs7-mime.*smime-type=([^\s;]+)/) {
+    my $smime_type = $1;
+
+    # Compare the extracted smime-type with the expected value
+    return ($smime_type eq $expected_smime_type) ? 1 : 0;
+  }
+
+  # If no smime-type is found, return 0
+  return 0;
+}
+
 sub rsapssSaltlen {
   my ($in) = @_;
   my $exit = 0;
@@ -986,6 +1027,22 @@ ok(!run(app(['openssl', 'cms', '-verify',
             ])),
    "issue#19643");
 
+# Check that kari encryption with originator does not segfault
+with({ exit_checker => sub { return shift == 3; } },
+  sub {
+    SKIP: {
+      skip "EC is not supported in this build", 1 if $no_ec;
+
+      ok(run(app(['openssl', 'cms', '-encrypt',
+                  '-in', srctop_file("test", "smcont.txt"), '-aes128',
+                  '-recip', catfile($smdir, "smec1.pem"),
+                  '-originator', catfile($smdir, "smec3.pem"),
+                  '-inkey', catfile($smdir, "smec3.pem")
+                ])),
+          "Check failure for currently not supported kari encryption with static originator");
+    }
+  });
+
 # Check that we get the expected failure return code
 with({ exit_checker => sub { return shift == 6; } },
     sub {
diff --git a/deps/openssl/openssl/test/sslapitest.c b/deps/openssl/openssl/test/sslapitest.c
index b0544d4942f7ea..368b15f22b7295 100644
--- a/deps/openssl/openssl/test/sslapitest.c
+++ b/deps/openssl/openssl/test/sslapitest.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -190,7 +190,7 @@ static int compare_hex_encoded_buffer(const char *hex_encoded,
         return 1;
 
     for (i = j = 0; i < raw_length && j + 1 < hex_length; i++, j += 2) {
-        sprintf(hexed, "%02x", raw[i]);
+        BIO_snprintf(hexed, sizeof(hexed), "%02x", raw[i]);
         if (!TEST_int_eq(hexed[0], hex_encoded[j])
                 || !TEST_int_eq(hexed[1], hex_encoded[j + 1]))
             return 1;
@@ -10764,364 +10764,6 @@ static int test_multi_resume(int idx)
     SSL_SESSION_free(sess);
     return testresult;
 }
-#ifndef OPENSSL_NO_QUIC
-static int test_quic_set_encryption_secrets(SSL *ssl,
-                                            OSSL_ENCRYPTION_LEVEL level,
-                                            const uint8_t *read_secret,
-                                            const uint8_t *write_secret,
-                                            size_t secret_len)
-{
-    test_printf_stderr("quic_set_encryption_secrets() %s, lvl=%d, len=%zd\n",
-                       ssl->server ? "server" : "client", level, secret_len);
-    return 1;
-}
-
-static int test_quic_add_handshake_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                        const uint8_t *data, size_t len)
-{
-    SSL *peer = (SSL*)SSL_get_app_data(ssl);
-
-    TEST_info("quic_add_handshake_data() %s, lvl=%d, *data=0x%02X, len=%zd\n",
-              ssl->server ? "server" : "client", level, (int)*data, len);
-    if (!TEST_ptr(peer))
-        return 0;
-
-    /* We're called with what is locally written; this gives it to the peer */
-    if (!TEST_true(SSL_provide_quic_data(peer, level, data, len))) {
-        ERR_print_errors_fp(stderr);
-        return 0;
-    }
-
-    return 1;
-}
-
-static int test_quic_flush_flight(SSL *ssl)
-{
-    test_printf_stderr("quic_flush_flight() %s\n", ssl->server ? "server" : "client");
-    return 1;
-}
-
-static int test_quic_send_alert(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert)
-{
-    test_printf_stderr("quic_send_alert() %s, lvl=%d, alert=%d\n",
-                       ssl->server ? "server" : "client", level, alert);
-    return 1;
-}
-
-static SSL_QUIC_METHOD quic_method = {
-    test_quic_set_encryption_secrets,
-    test_quic_add_handshake_data,
-    test_quic_flush_flight,
-    test_quic_send_alert,
-};
-
-static int test_quic_api_set_versions(SSL *ssl, int ver)
-{
-    SSL_set_quic_transport_version(ssl, ver);
-    return 1;
-}
-
-static int test_quic_api_version(int clnt, int srvr)
-{
-    SSL_CTX *cctx = NULL, *sctx = NULL;
-    SSL *clientssl = NULL, *serverssl = NULL;
-    int testresult = 0;
-
-    static const char *server_str = "SERVER";
-    static const char *client_str = "CLIENT";
-    const uint8_t *peer_str;
-    size_t peer_str_len;
-
-    TEST_info("original clnt=0x%X, srvr=0x%X\n", clnt, srvr);
-
-    if (!TEST_true(create_ssl_ctx_pair(libctx,
-                                       TLS_server_method(),
-                                       TLS_client_method(),
-                                       TLS1_3_VERSION, 0,
-                                       &sctx, &cctx, cert, privkey))
-            || !TEST_true(SSL_CTX_set_quic_method(sctx, &quic_method))
-            || !TEST_true(SSL_CTX_set_quic_method(cctx, &quic_method))
-            || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl,
-                                             &clientssl, NULL, NULL))
-            || !TEST_true(SSL_set_quic_transport_params(serverssl,
-                                                        (unsigned char*)server_str,
-                                                        strlen(server_str)+1))
-            || !TEST_true(SSL_set_quic_transport_params(clientssl,
-                                                        (unsigned char*)client_str,
-                                                        strlen(client_str)+1))
-            || !TEST_true(SSL_set_app_data(serverssl, clientssl))
-            || !TEST_true(SSL_set_app_data(clientssl, serverssl))
-            || !TEST_true(test_quic_api_set_versions(clientssl, clnt))
-            || !TEST_true(test_quic_api_set_versions(serverssl, srvr))
-            || !TEST_true(create_bare_ssl_connection(serverssl, clientssl,
-                                                     SSL_ERROR_NONE, 0))
-            || !TEST_true(SSL_version(serverssl) == TLS1_3_VERSION)
-            || !TEST_true(SSL_version(clientssl) == TLS1_3_VERSION)
-            || !(TEST_int_eq(SSL_quic_read_level(clientssl), ssl_encryption_application))
-            || !(TEST_int_eq(SSL_quic_read_level(serverssl), ssl_encryption_application))
-            || !(TEST_int_eq(SSL_quic_write_level(clientssl), ssl_encryption_application))
-            || !(TEST_int_eq(SSL_quic_write_level(serverssl), ssl_encryption_application)))
-        goto end;
-
-    SSL_get_peer_quic_transport_params(serverssl, &peer_str, &peer_str_len);
-    if (!TEST_mem_eq(peer_str, peer_str_len, client_str, strlen(client_str)+1))
-        goto end;
-    SSL_get_peer_quic_transport_params(clientssl, &peer_str, &peer_str_len);
-    if (!TEST_mem_eq(peer_str, peer_str_len, server_str, strlen(server_str)+1))
-        goto end;
-
-    /* Deal with two NewSessionTickets */
-    if (!TEST_true(SSL_process_quic_post_handshake(clientssl)))
-        goto end;
-
-    /* Dummy handshake call should succeed */
-    if (!TEST_true(SSL_do_handshake(clientssl)))
-        goto end;
-    /* Test that we (correctly) fail to send KeyUpdate */
-    if (!TEST_true(SSL_key_update(clientssl, SSL_KEY_UPDATE_NOT_REQUESTED))
-            || !TEST_int_le(SSL_do_handshake(clientssl), 0))
-        goto end;
-    if (!TEST_true(SSL_key_update(serverssl, SSL_KEY_UPDATE_NOT_REQUESTED))
-            || !TEST_int_le(SSL_do_handshake(serverssl), 0))
-        goto end;
-
-    TEST_info("original clnt=0x%X, srvr=0x%X\n", clnt, srvr);
-    if (srvr == 0 && clnt == 0)
-        srvr = clnt = TLSEXT_TYPE_quic_transport_parameters;
-    else if (srvr == 0)
-        srvr = clnt;
-    else if (clnt == 0)
-        clnt = srvr;
-    TEST_info("expected clnt=0x%X, srvr=0x%X\n", clnt, srvr);
-    if (!TEST_int_eq(SSL_get_peer_quic_transport_version(serverssl), clnt))
-        goto end;
-    if (!TEST_int_eq(SSL_get_peer_quic_transport_version(clientssl), srvr))
-        goto end;
-
-    testresult = 1;
-
- end:
-    SSL_free(serverssl);
-    SSL_free(clientssl);
-    SSL_CTX_free(sctx);
-    SSL_CTX_free(cctx);
-
-    return testresult;
-}
-
-static int test_quic_api(int tst)
-{
-    SSL_CTX *sctx = NULL;
-    SSL *serverssl = NULL;
-    int testresult = 0;
-    static int clnt_params[] = { 0,
-                                 TLSEXT_TYPE_quic_transport_parameters_draft,
-                                 TLSEXT_TYPE_quic_transport_parameters,
-                                 0,
-                                 TLSEXT_TYPE_quic_transport_parameters_draft,
-                                 TLSEXT_TYPE_quic_transport_parameters,
-                                 0,
-                                 TLSEXT_TYPE_quic_transport_parameters_draft,
-                                 TLSEXT_TYPE_quic_transport_parameters };
-    static int srvr_params[] = { 0,
-                                 0,
-                                 0,
-                                 TLSEXT_TYPE_quic_transport_parameters_draft,
-                                 TLSEXT_TYPE_quic_transport_parameters_draft,
-                                 TLSEXT_TYPE_quic_transport_parameters_draft,
-                                 TLSEXT_TYPE_quic_transport_parameters,
-                                 TLSEXT_TYPE_quic_transport_parameters,
-                                 TLSEXT_TYPE_quic_transport_parameters };
-    static int results[] = { 1, 1, 1, 1, 1, 0, 1, 0, 1 };
-
-    /* Failure cases:
-     * test 6/[5] clnt = parameters, srvr = draft
-     * test 8/[7] clnt = draft, srvr = parameters
-     */
-
-    /* Clean up logging space */
-    memset(client_log_buffer, 0, sizeof(client_log_buffer));
-    memset(server_log_buffer, 0, sizeof(server_log_buffer));
-    client_log_buffer_index = 0;
-    server_log_buffer_index = 0;
-    error_writing_log = 0;
-
-    if (!TEST_ptr(sctx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method()))
-            || !TEST_true(SSL_CTX_set_quic_method(sctx, &quic_method))
-            || !TEST_ptr(sctx->quic_method)
-            || !TEST_ptr(serverssl = SSL_new(sctx))
-            || !TEST_true(SSL_IS_QUIC(serverssl))
-            || !TEST_true(SSL_set_quic_method(serverssl, NULL))
-            || !TEST_false(SSL_IS_QUIC(serverssl))
-            || !TEST_true(SSL_set_quic_method(serverssl, &quic_method))
-            || !TEST_true(SSL_IS_QUIC(serverssl)))
-        goto end;
-
-    if (!TEST_int_eq(test_quic_api_version(clnt_params[tst], srvr_params[tst]), results[tst]))
-        goto end;
-
-    testresult = 1;
-
-end:
-    SSL_CTX_free(sctx);
-    sctx = NULL;
-    SSL_free(serverssl);
-    serverssl = NULL;
-    return testresult;
-}
-
-# ifndef OSSL_NO_USABLE_TLS1_3
-/*
- * Helper method to setup objects for QUIC early data test. Caller
- * frees objects on error.
- */
-static int quic_setupearly_data_test(SSL_CTX **cctx, SSL_CTX **sctx,
-                                     SSL **clientssl, SSL **serverssl,
-                                     SSL_SESSION **sess, int idx)
-{
-    static const char *server_str = "SERVER";
-    static const char *client_str = "CLIENT";
-
-    if (*sctx == NULL
-            && (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
-                                               TLS_client_method(),
-                                               TLS1_3_VERSION, 0,
-                                               sctx, cctx, cert, privkey))
-                || !TEST_true(SSL_CTX_set_quic_method(*sctx, &quic_method))
-                || !TEST_true(SSL_CTX_set_quic_method(*cctx, &quic_method))
-                || !TEST_true(SSL_CTX_set_max_early_data(*sctx, 0xffffffffu))))
-        return 0;
-
-    if (idx == 1) {
-        /* When idx == 1 we repeat the tests with read_ahead set */
-        SSL_CTX_set_read_ahead(*cctx, 1);
-        SSL_CTX_set_read_ahead(*sctx, 1);
-    } else if (idx == 2) {
-        /* When idx == 2 we are doing early_data with a PSK. Set up callbacks */
-        SSL_CTX_set_psk_use_session_callback(*cctx, use_session_cb);
-        SSL_CTX_set_psk_find_session_callback(*sctx, find_session_cb);
-        use_session_cb_cnt = 0;
-        find_session_cb_cnt = 0;
-        srvid = pskid;
-    }
-
-    if (!TEST_true(create_ssl_objects(*sctx, *cctx, serverssl, clientssl,
-                                      NULL, NULL))
-            || !TEST_true(SSL_set_quic_transport_params(*serverssl,
-                                                        (unsigned char*)server_str,
-                                                        strlen(server_str)+1))
-            || !TEST_true(SSL_set_quic_transport_params(*clientssl,
-                                                        (unsigned char*)client_str,
-                                                        strlen(client_str)+1))
-            || !TEST_true(SSL_set_app_data(*serverssl, *clientssl))
-            || !TEST_true(SSL_set_app_data(*clientssl, *serverssl)))
-        return 0;
-
-    /*
-     * For one of the run throughs (doesn't matter which one), we'll try sending
-     * some SNI data in the initial ClientHello. This will be ignored (because
-     * there is no SNI cb set up by the server), so it should not impact
-     * early_data.
-     */
-    if (idx == 1
-            && !TEST_true(SSL_set_tlsext_host_name(*clientssl, "localhost")))
-        return 0;
-
-    if (idx == 2) {
-        clientpsk = create_a_psk(*clientssl, SHA256_DIGEST_LENGTH);
-        if (!TEST_ptr(clientpsk)
-                || !TEST_true(SSL_SESSION_set_max_early_data(clientpsk,
-                                                             0xffffffffu))
-                || !TEST_true(SSL_SESSION_up_ref(clientpsk))) {
-            SSL_SESSION_free(clientpsk);
-            clientpsk = NULL;
-            return 0;
-        }
-        serverpsk = clientpsk;
-
-        if (sess != NULL) {
-            if (!TEST_true(SSL_SESSION_up_ref(clientpsk))) {
-                SSL_SESSION_free(clientpsk);
-                SSL_SESSION_free(serverpsk);
-                clientpsk = serverpsk = NULL;
-                return 0;
-            }
-            *sess = clientpsk;
-        }
-
-        SSL_set_quic_early_data_enabled(*serverssl, 1);
-        SSL_set_quic_early_data_enabled(*clientssl, 1);
-
-        return 1;
-    }
-
-    if (sess == NULL)
-        return 1;
-
-    if (!TEST_true(create_bare_ssl_connection(*serverssl, *clientssl,
-                                              SSL_ERROR_NONE, 0)))
-        return 0;
-
-    /* Deal with two NewSessionTickets */
-    if (!TEST_true(SSL_process_quic_post_handshake(*clientssl)))
-        return 0;
-
-    *sess = SSL_get1_session(*clientssl);
-    SSL_shutdown(*clientssl);
-    SSL_shutdown(*serverssl);
-    SSL_free(*serverssl);
-    SSL_free(*clientssl);
-    *serverssl = *clientssl = NULL;
-
-    if (!TEST_true(create_ssl_objects(*sctx, *cctx, serverssl,
-                                      clientssl, NULL, NULL))
-            || !TEST_true(SSL_set_session(*clientssl, *sess))
-            || !TEST_true(SSL_set_quic_transport_params(*serverssl,
-                                                        (unsigned char*)server_str,
-                                                        strlen(server_str)+1))
-            || !TEST_true(SSL_set_quic_transport_params(*clientssl,
-                                                        (unsigned char*)client_str,
-                                                        strlen(client_str)+1))
-            || !TEST_true(SSL_set_app_data(*serverssl, *clientssl))
-            || !TEST_true(SSL_set_app_data(*clientssl, *serverssl)))
-        return 0;
-
-    SSL_set_quic_early_data_enabled(*serverssl, 1);
-    SSL_set_quic_early_data_enabled(*clientssl, 1);
-
-    return 1;
-}
-
-static int test_quic_early_data(int tst)
-{
-    SSL_CTX *cctx = NULL, *sctx = NULL;
-    SSL *clientssl = NULL, *serverssl = NULL;
-    int testresult = 0;
-    SSL_SESSION *sess = NULL;
-
-    if (!TEST_true(quic_setupearly_data_test(&cctx, &sctx, &clientssl,
-                                             &serverssl, &sess, tst)))
-        goto end;
-
-    if (!TEST_true(create_bare_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE, 0))
-            || !TEST_true(SSL_get_early_data_status(serverssl)))
-        goto end;
-
-    testresult = 1;
-
- end:
-    SSL_SESSION_free(sess);
-    SSL_SESSION_free(clientpsk);
-    SSL_SESSION_free(serverpsk);
-    clientpsk = serverpsk = NULL;
-    SSL_free(serverssl);
-    SSL_free(clientssl);
-    SSL_CTX_free(sctx);
-    SSL_CTX_free(cctx);
-    return testresult;
-}
-# endif /* OSSL_NO_USABLE_TLS1_3 */
-#endif /* OPENSSL_NO_QUIC */
 
 static struct next_proto_st {
     int serverlen;
@@ -11276,6 +10918,7 @@ static int npn_advert_cb(SSL *ssl, const unsigned char **out,
         return SSL_TLSEXT_ERR_OK;
 
     case 1:
+        *out = NULL;
         *outlen = 0;
         return SSL_TLSEXT_ERR_OK;
 
@@ -11765,12 +11408,6 @@ int setup_tests(void)
     ADD_ALL_TESTS(test_npn, 5);
 #endif
     ADD_ALL_TESTS(test_alpn, 4);
-#ifndef OPENSSL_NO_QUIC
-    ADD_ALL_TESTS(test_quic_api, 9);
-# ifndef OSSL_NO_USABLE_TLS1_3
-    ADD_ALL_TESTS(test_quic_early_data, 3);
-# endif
-#endif
     return 1;
 
  err:
diff --git a/deps/openssl/openssl/test/testutil/tests.c b/deps/openssl/openssl/test/testutil/tests.c
index ef7e224cd119c3..05526870acd39b 100644
--- a/deps/openssl/openssl/test/testutil/tests.c
+++ b/deps/openssl/openssl/test/testutil/tests.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -146,6 +146,7 @@ void test_perror(const char *s)
 
 void test_note(const char *fmt, ...)
 {
+    test_flush_stdout();
     if (fmt != NULL) {
         va_list ap;
 
diff --git a/deps/openssl/openssl/test/threadstest.c b/deps/openssl/openssl/test/threadstest.c
index 289565c14b5d8e..046a9eb80239a6 100644
--- a/deps/openssl/openssl/test/threadstest.c
+++ b/deps/openssl/openssl/test/threadstest.c
@@ -358,7 +358,7 @@ static void thread_general_worker(void)
      * Therefore we use an insecure bit length where we can (512).
      * In the FIPS module though we must use a longer length.
      */
-    pkey = EVP_PKEY_Q_keygen(multi_libctx, NULL, "RSA", isfips ? 2048 : 512);
+    pkey = EVP_PKEY_Q_keygen(multi_libctx, NULL, "RSA", (size_t)(isfips ? 2048 : 512));
     if (!TEST_ptr(pkey))
         goto err;
 
diff --git a/deps/openssl/openssl/test/tls13secretstest.c b/deps/openssl/openssl/test/tls13secretstest.c
index 8323b23778754a..bf214d3d5ba755 100644
--- a/deps/openssl/openssl/test/tls13secretstest.c
+++ b/deps/openssl/openssl/test/tls13secretstest.c
@@ -224,13 +224,6 @@ void ssl_evp_md_free(const EVP_MD *md)
 {
 }
 
-#ifndef OPENSSL_NO_QUIC
-int quic_set_encryption_secrets(SSL *ssl, OSSL_ENCRYPTION_LEVEL level)
-{
-    return 1;
-}
-#endif
-
 /* End of mocked out code */
 
 static int test_secret(SSL *s, unsigned char *prk,
diff --git a/deps/openssl/openssl/util/check-format-commit.sh b/deps/openssl/openssl/util/check-format-commit.sh
index 7e712dc48cf655..206827dd8669a3 100755
--- a/deps/openssl/openssl/util/check-format-commit.sh
+++ b/deps/openssl/openssl/util/check-format-commit.sh
@@ -6,24 +6,21 @@
 # You can obtain a copy in the file LICENSE in the source distribution
 # or at https://www.openssl.org/source/license.html
 #
-# This script is a wrapper around check-format.pl.  It accepts a commit sha
-# value as input, and uses it to identify the files and ranges that were
-# changed in that commit, filtering check-format.pl output only to lines that
-# fall into the commits change ranges.
-#
-
-
-# List of Regexes to use when running check-format.pl.
-# Style checks don't apply to any of these
-EXCLUDED_FILE_REGEX=("\.pod" \
-                     "\.pl"  \
-                     "\.pm"  \
-                     "\.t"   \
-                     "\.yml" \
-                     "\.sh")
-
-# Exit code for the script
-EXIT_CODE=0
+# This script is a wrapper around check-format.pl.
+# It accepts the same commit revision range as 'git diff' as arguments,
+# or just a single commit id, and uses it to identify the files and line ranges
+# that were changed in that commit range, filtering check-format.pl output
+# only to lines that fall into the change ranges of the changed files.
+# examples:
+# check-format-commit.sh       # check unstaged changes
+# check-format-commit.sh HEAD
+# check-format-commit.sh @~3..
+# check-format-commit.sh f5981c9629667a5a5d6
+# check-format-commit.sh f5981c9629667a5a5d6..ee0bf38e8709bf71888
+
+# Allowlist of files to scan
+# Currently this is any .c or .h file (with an optional .in suffix)
+FILE_NAME_END_ALLOWLIST=("\.[ch]\(.in\)\?")
 
 # Global vars
 
@@ -45,94 +42,107 @@ cleanup() {
 
 trap cleanup EXIT
 
-# Get the canonical sha256 sum for the commit we are checking
+# Get the list of ids of the commits we are checking,
+# or empty for unstaged changes.
 # This lets us pass in symbolic ref names like master/etc and 
-# resolve them to sha256 sums easily
-COMMIT=$(git rev-parse $1)
+# resolve them to commit ids easily
+COMMIT_RANGE="$@"
+[ -n $COMMIT_RANGE ] && COMMIT_LAST=$(git rev-parse $COMMIT_RANGE)
 
-# Fail gracefully if git rev-parse doesn't produce a valid
-# commit
+# Fail gracefully if git rev-parse doesn't produce a valid commit
 if [ $? -ne 0 ]
 then
-    echo "$1 is not a valid revision"
+    echo "$1 is not a valid commit range or commit id"
     exit 1
 fi
 
-# Create a iteratable list of files to check for a
-# given commit. It produces output of the format
-# <commit id> <file name> <change start line>, <change line count>
-touch $TEMPDIR/ranges.txt
-git show $COMMIT | awk -v mycmt=$COMMIT '
+# If the commit range is exactly one revision,
+# git rev-parse will output just the commit id of that one alone.
+# In that case, we must manipulate a little to get a desirable result,
+# as 'git diff' has a slightly different interpretation of a single commit id:
+# it takes that to mean all commits up to HEAD, plus any unstaged changes.
+if [ $(echo -n "$COMMIT_LAST" | wc -w) -ne 1 ]; then
+    COMMIT_LAST=$(echo "$COMMIT_LAST" | head -1)
+else
+    # $COMMIT_RANGE is just one commit, make it an actual range
+    COMMIT_RANGE=$COMMIT_RANGE^..$COMMIT_RANGE
+fi
+
+# Create an iterable list of files to check formatting on,
+# including the line ranges that are changed by the commits
+# It produces output of this format:
+# <file name> <change start line>, <change line count>
+git diff -U0 $COMMIT_RANGE | awk '
     BEGIN {myfile=""} 
-    /+{3}/ {
-        gsub(/b\//,"",$2);
-        myfile=$2
-    }
-    /@@/ {
-        gsub(/+/,"",$3);
-        printf mycmt " " myfile " " $3 "\n"
-    }' >> $TEMPDIR/ranges.txt || true
-
-# filter out anything that matches on a filter regex
-for i in ${EXCLUDED_FILE_REGEX[@]}
-do
-    touch $TEMPDIR/ranges.filter
-    grep -v "$i" $TEMPDIR/ranges.txt >> $TEMPDIR/ranges.filter || true
-    REMAINING_FILES=$(wc -l $TEMPDIR/ranges.filter | awk '{print $1}')
-    if [ $REMAINING_FILES -eq 0 ]
-    then
-        echo "This commit has no files that require checking"
-        exit 0
-    fi
-    mv $TEMPDIR/ranges.filter $TEMPDIR/ranges.txt
-done
+    /^\+\+\+/ { sub(/^b./,"",$2); file=$2 }
+    /^@@/     { sub(/^\+/,"",$3); range=$3; printf file " " range "\n" }
+    ' > $TEMPDIR/ranges.txt
 
-# check out the files from the commit level.
-# For each file name in ranges, we show that file at the commit
-# level we are checking, and redirect it to the same path, relative
-# to $TEMPDIR/check-format.  This give us the full file to run
-# check-format.pl on with line numbers matching the ranges in the
-# $TEMPDIR/ranges.txt file
-for j in $(grep $COMMIT $TEMPDIR/ranges.txt | awk '{print $2}')
+# filter in anything that matches on a filter regex
+for i in ${FILE_NAME_END_ALLOWLIST[@]}
 do
-    FDIR=$(dirname $j)
-    mkdir -p $TEMPDIR/check-format/$FDIR
-    git show $COMMIT:$j > $TEMPDIR/check-format/$j
+    # Note the space after the $i below.  This is done because we want
+    # to match on file name suffixes, but the input file is of the form
+    # <commit> <file path> <range start>, <range length>
+    # So we can't just match on end of line.  The additional space
+    # here lets us match on suffixes followed by the expected space
+    # in the input file
+    grep "$i " $TEMPDIR/ranges.txt >> $TEMPDIR/ranges.filter || true
 done
 
-# Now for each file in $TEMPDIR/check-format run check-format.pl
-# Note that we use the %P formatter in the find utilty.  This strips
-# off the $TEMPDIR/check-format path prefix, leaving $j with the
-# path to the file relative to the root of the source dir, so that 
-# output from check-format.pl looks correct, relative to the root
-# of the git tree.
-for j in $(find $TEMPDIR/check-format -type f -printf "%P\n")
+REMAINING_FILES=$(wc -l <$TEMPDIR/ranges.filter)
+if [ $REMAINING_FILES -eq 0 ]
+then
+    echo "The given commit range has no C source file changes that require checking"
+    exit 0
+fi
+
+# unless checking the format of unstaged changes,
+# check out the files from the commit range.
+if [ -n "$COMMIT_RANGE" ]
+then
+    # For each file name in ranges, we show that file at the commit range
+    # we are checking, and redirect it to the same path,
+    # relative to $TEMPDIR/check-format.
+    # This give us the full file path to run check-format.pl on
+    # with line numbers matching the ranges in the $TEMPDIR/ranges.filter file
+    for j in $(awk '{print $1}' $TEMPDIR/ranges.filter | sort -u)
+    do
+        FDIR=$(dirname $j)
+        mkdir -p $TEMPDIR/check-format/$FDIR
+        git show $COMMIT_LAST:$j > $TEMPDIR/check-format/$j
+    done
+fi
+
+# Now for each file in $TEMPDIR/ranges.filter, run check-format.pl
+for j in $(awk '{print $1}' $TEMPDIR/ranges.filter | sort -u)
 do
     range_start=()
     range_end=()
 
     # Get the ranges for this file. Create 2 arrays.  range_start contains
     # the start lines for valid ranges from the commit.  the range_end array
-    # contains the corresponding end line (note, since diff output gives us
+    # contains the corresponding end line.  Note, since diff output gives us
     # a line count for a change, the range_end[k] entry is actually
     # range_start[k]+line count
-    for k in $(grep $COMMIT $TEMPDIR/ranges.txt | grep $j | awk '{print $3}')
+    for k in $(grep ^$j $TEMPDIR/ranges.filter | awk '{print $2}')
     do
-        RANGE=$k
-        RSTART=$(echo $RANGE | awk -F',' '{print $1}')
-        RLEN=$(echo $RANGE | awk -F',' '{print $2}')
+        RSTART=$(echo $k | awk -F',' '{print $1}')
+        RLEN=$(echo $k | awk -F',' '{print $2}')
+        # when the hunk is just one line, its length is implied
+        if [ -z "$RLEN" ]; then RLEN=1; fi
         let REND=$RSTART+$RLEN
         range_start+=($RSTART)
         range_end+=($REND)
     done
 
-    # Go to our checked out tree
-    cd $TEMPDIR/check-format
+    # Go to our checked out tree, unless checking unstaged changes
+    [ -n "$COMMIT_RANGE" ] && cd $TEMPDIR/check-format
 
     # Actually run check-format.pl on the file, capturing the output
-    # in a temporary file.  Note the format of check-patch.pl output is
-    # <file name>:<line number>:<error text>:<offending line contents>
-    $TOPDIR/util/check-format.pl $j > $TEMPDIR/format-results.txt
+    # in a temporary file.  Note the format of check-format.pl output is
+    # <file path>:<line number>:<error text>:<offending line contents>
+    $TOPDIR/util/check-format.pl $j > $TEMPDIR/results.txt
 
     # Now we filter the check-format.pl output based on the changed lines
     # captured in the range_start/end arrays
@@ -146,26 +156,15 @@ do
         # Check here if any line in that output falls between any of the 
         # start/end ranges defined in the range_start/range_end array.
         # If it does fall in that range, print the entire line to stdout
-        # If anything is printed, have awk exit with a non-zero exit code
         awk -v rstart=$RSTART -v rend=$REND -F':' '
-                BEGIN {rc=0}
-                /:/ {
-                    if (($2 >= rstart) && ($2 <= rend)) {
-                        print $0;
-                        rc=1
-                    }
-                }
-                END {exit rc;}
-            ' $TEMPDIR/format-results.txt
-
-        # If awk exited with a non-zero code, this script will also exit
-        # with a non-zero code
-        if [ $? -ne 0 ]
-        then
-            EXIT_CODE=1
-        fi
+                /:/ { if (rstart <= $2 && $2 <= rend) print $0 }
+            ' $TEMPDIR/results.txt >>$TEMPDIR/results-filtered.txt
     done
 done
+cat $TEMPDIR/results-filtered.txt
 
-# Exit with the recorded exit code above
-exit $EXIT_CODE
+# If any findings were in range, exit with a different error code
+if [ -s $TEMPDIR/results-filtered.txt ]
+then
+    exit 2
+fi
diff --git a/deps/openssl/openssl/util/check-format.pl b/deps/openssl/openssl/util/check-format.pl
index ef2c1920e7220a..559b9023d08c2d 100755
--- a/deps/openssl/openssl/util/check-format.pl
+++ b/deps/openssl/openssl/util/check-format.pl
@@ -791,7 +791,7 @@ sub check_nested_nonblock_indents {
         # treat remaining blinded comments and string literal contents as (single) space during matching below
         $intra_line =~ s/@+/ /g;                     # note that extra SPC has already been handled above
         $intra_line =~ s/\s+$//;                     # strip any (resulting) space at EOL
-        # replace ';;' or '; ;' by ';' in "for(;;)" and in "for (...)" unless "..." contains just SPC and ';' characters:
+        # replace ';;' or '; ;' by ';' in "for (;;)" and in "for (...)" unless "..." contains just SPC and ';' characters:
         $intra_line =~ s/((^|\W)for\s*\()([^;]*?)(\s*)(;\s?);(\s*)([^;]*)(\))/
           "$1$3$4".("$3$4$5$6$7" eq ";" || $3 ne "" || $7 ne "" ? "" : $5).";$6$7$8"/eg;
         # strip trailing ';' or '; ' in "for (...)" except in "for (;;)" or "for (;; )":
@@ -904,7 +904,7 @@ sub check_nested_nonblock_indents {
         # handle opening brace '{' after if/else/while/for/switch/do on line before
         if ($hanging_offset > 0 && m/^[\s@]*{/ && # leading opening '{'
             $line_before > 0 &&
-            $contents_before_ =~ m/(^|^.*\W)(if|else|while|for|switch|do)(\W.*$|$)/) {
+            $contents_before_ =~ m/(^|^.*\W)(if|else|while|for|(OSSL_)?LIST_FOREACH(_\w+)?|switch|do)(\W.*$|$)/) {
             $keyword_opening_brace = $1;
             $hanging_offset -= INDENT_LEVEL; # cancel newly hanging_offset
         }
@@ -966,7 +966,7 @@ sub check_nested_nonblock_indents {
 
     my $outermost_level = $block_indent - $preproc_offset == 0;
 
-    report("more than one stmt") if !m/(^|\W)for(\W.*|$)/ && # no 'for' - TODO improve matching
+    report("more than one stmt") if !m/(^|\W)(for|(OSSL_)?LIST_FOREACH(_\w+)?)(\W.*|$)/ && # no 'for' - TODO improve matching
         m/;.*;/; # two or more terminators ';', so more than one statement
 
     # check for code block containing a single line/statement
@@ -1004,7 +1004,7 @@ sub check_nested_nonblock_indents {
     my $assignment_start = 0;
     my $tmp = $_;
     $tmp =~ s/[\!<>=]=/@@/g; # blind (in-)equality symbols like '<=' as '@@' to prevent matching them as '=' below
-    if      (m/^((^|.*\W)(if|while|for|switch))(\W.*|$)$/) { # (last) if/for/while/switch
+    if      (m/^((^|.*\W)(if|while|for|(OSSL_)?LIST_FOREACH(_\w+)?|switch))(\W.*|$)$/) { # (last) if/for/while/switch
         $paren_expr_start = 1;
     } elsif (m/^((^|.*\W)(return|enum))(\W.*|$)/             # (last) return/enum
         && !$in_expr && @nested_indents == 0 && parens_balance($1) == 0) { # not nested enum
@@ -1135,7 +1135,7 @@ sub check_nested_nonblock_indents {
                     $line_body_start = $contents =~ m/LONG BODY/ ? 0 : $line if $line_function_start != 0;
                 }
             } else {
-                $line_opening_brace = $line if $keyword_opening_brace =~ m/if|do|while|for/;
+                $line_opening_brace = $line if $keyword_opening_brace =~ m/if|do|while|for|(OSSL_)?LIST_FOREACH(_\w+)?/;
                 # using, not assigning, $keyword_opening_brace here because it could be on an earlier line
                 $line_opening_brace = $line if $keyword_opening_brace eq "else" && $extended_1_stmt &&
                 # TODO prevent false positives for if/else where braces around single-statement branches
@@ -1148,11 +1148,11 @@ sub check_nested_nonblock_indents {
         }
     }
 
-    # check for opening brace after if/while/for/switch/do not on same line
+    # check for opening brace after if/while/for/switch/do missing on same line
     # note that "missing '{' on same line after '} else'" is handled further below
     if (/^[\s@]*{/ && # leading '{'
         $line_before > 0 && !($contents_before_ =~ m/^\s*#/) && # not preprocessor directive '#if
-        (my ($head, $mid, $tail) = ($contents_before_ =~ m/(^|^.*\W)(if|while|for|switch|do)(\W.*$|$)/))) {
+        (my ($head, $mid, $tail) = ($contents_before_ =~ m/(^|^.*\W)(if|while|for|(OSSL_)?LIST_FOREACH(_\w+)?|switch|do)(\W.*$|$)/))) {
         my $brace_after  = $tail =~ /^[\s@]*{/; # any whitespace or comments then '{'
         report("'{' not on same line as preceding '$mid'") if !$brace_after;
     }
diff --git a/deps/openssl/openssl/util/libssl.num b/deps/openssl/openssl/util/libssl.num
index 4a9d5b20074af5..f055c967bf1c85 100644
--- a/deps/openssl/openssl/util/libssl.num
+++ b/deps/openssl/openssl/util/libssl.num
@@ -520,19 +520,3 @@ SSL_load_client_CA_file_ex              520	3_0_0	EXIST::FUNCTION:
 SSL_set0_tmp_dh_pkey                    521	3_0_0	EXIST::FUNCTION:
 SSL_CTX_set0_tmp_dh_pkey                522	3_0_0	EXIST::FUNCTION:
 SSL_group_to_name                       523	3_0_0	EXIST::FUNCTION:
-SSL_quic_read_level                     20000	3_0_0	EXIST::FUNCTION:QUIC
-SSL_set_quic_transport_params           20001	3_0_0	EXIST::FUNCTION:QUIC
-SSL_CIPHER_get_prf_nid                  20002	3_0_0	EXIST::FUNCTION:QUIC
-SSL_is_quic                             20003	3_0_0	EXIST::FUNCTION:QUIC
-SSL_get_peer_quic_transport_params      20004	3_0_0	EXIST::FUNCTION:QUIC
-SSL_quic_write_level                    20005	3_0_0	EXIST::FUNCTION:QUIC
-SSL_CTX_set_quic_method                 20006	3_0_0	EXIST::FUNCTION:QUIC
-SSL_set_quic_method                     20007	3_0_0	EXIST::FUNCTION:QUIC
-SSL_quic_max_handshake_flight_len       20008	3_0_0	EXIST::FUNCTION:QUIC
-SSL_process_quic_post_handshake         20009	3_0_0	EXIST::FUNCTION:QUIC
-SSL_provide_quic_data                   20010	3_0_0	EXIST::FUNCTION:QUIC
-SSL_set_quic_use_legacy_codepoint       20011	3_0_0	EXIST::FUNCTION:QUIC
-SSL_set_quic_transport_version          20012	3_0_0	EXIST::FUNCTION:QUIC
-SSL_get_peer_quic_transport_version     20013	3_0_0	EXIST::FUNCTION:QUIC
-SSL_get_quic_transport_version          20014	3_0_0	EXIST::FUNCTION:QUIC
-SSL_set_quic_early_data_enabled         20015	3_0_0	EXIST::FUNCTION:QUIC
diff --git a/deps/openssl/openssl/util/mkbuildinf.pl b/deps/openssl/openssl/util/mkbuildinf.pl
index 1c273872be11c0..799ed3cdcd0972 100755
--- a/deps/openssl/openssl/util/mkbuildinf.pl
+++ b/deps/openssl/openssl/util/mkbuildinf.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -9,17 +9,21 @@
 use strict;
 use warnings;
 
-my ($cflags, $platform) = @ARGV;
+my $platform = pop @ARGV;
+my $cflags = join(' ', @ARGV);
+$cflags =~ s(\\)(\\\\)g;
 $cflags = "compiler: $cflags";
 
-my $date = gmtime($ENV{'SOURCE_DATE_EPOCH'} || time()) . " UTC";
+# Use the value of the envvar SOURCE_DATE_EPOCH, even if it's
+# zero or the empty string.
+my $date = gmtime($ENV{'SOURCE_DATE_EPOCH'} // time()) . " UTC";
 
 print <<"END_OUTPUT";
 /*
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/util/other.syms b/deps/openssl/openssl/util/other.syms
index 839d0d2c08c763..ea0a8caac4359c 100644
--- a/deps/openssl/openssl/util/other.syms
+++ b/deps/openssl/openssl/util/other.syms
@@ -143,8 +143,6 @@ custom_ext_free_cb                      datatype
 custom_ext_parse_cb                     datatype
 pem_password_cb                         datatype
 ssl_ct_validation_cb                    datatype
-OSSL_ENCRYPTION_LEVEL                   datatype
-SSL_QUIC_METHOD                         datatype
 #
 ASN1_BIT_STRING_digest                  define
 BIO_append_filename                     define
diff --git a/deps/openssl/openssl/util/perl/OpenSSL/Template.pm b/deps/openssl/openssl/util/perl/OpenSSL/Template.pm
index 7411dd8ae8d7a7..ad93278ca7613f 100644
--- a/deps/openssl/openssl/util/perl/OpenSSL/Template.pm
+++ b/deps/openssl/openssl/util/perl/OpenSSL/Template.pm
@@ -42,6 +42,14 @@ use Text::Template 1.46;
 
 our @ISA = qw(Text::Template);  # parent
 
+sub tmpl_error {
+    my (%err_dict) = @_;
+
+    $ERROR = $err_dict{"error"};
+
+    return undef;
+}
+
 sub new {
     my $class = shift;
 
@@ -66,6 +74,7 @@ sub fill_in {
                                     output_on => sub { $self->output_on() },
                                     output_off => sub { $self->output_off() },
                                     %hash },
+                          BROKEN => \&tmpl_error,
                           %opts);
 }
 

From a194dd9bd44f0509135b3944057a6d5d61678c84 Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Wed, 5 Mar 2025 21:10:09 +0000
Subject: [PATCH 016/138] deps: update archs files for openssl-3.0.16

PR-URL: https://github.com/nodejs/node/pull/57335
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .../config/archs/BSD-x86/asm/apps/progs.c     |  2 +-
 .../config/archs/BSD-x86/asm/configdata.pm    | 82 ++++++------------
 .../archs/BSD-x86/asm/crypto/buildinf.h       |  4 +-
 .../BSD-x86/asm/include/openssl/opensslv.h    | 14 ++--
 .../archs/BSD-x86/asm/include/openssl/ssl.h   | 69 ---------------
 .../config/archs/BSD-x86/asm/include/progs.h  |  2 +-
 .../config/archs/BSD-x86/asm/openssl.gypi     |  2 -
 .../archs/BSD-x86/asm_avx2/apps/progs.c       |  2 +-
 .../archs/BSD-x86/asm_avx2/configdata.pm      | 82 ++++++------------
 .../archs/BSD-x86/asm_avx2/crypto/buildinf.h  |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../BSD-x86/asm_avx2/include/openssl/ssl.h    | 69 ---------------
 .../archs/BSD-x86/asm_avx2/include/progs.h    |  2 +-
 .../archs/BSD-x86/asm_avx2/openssl.gypi       |  2 -
 .../config/archs/BSD-x86/no-asm/apps/progs.c  |  2 +-
 .../config/archs/BSD-x86/no-asm/configdata.pm | 82 ++++++------------
 .../archs/BSD-x86/no-asm/crypto/buildinf.h    |  4 +-
 .../BSD-x86/no-asm/include/openssl/opensslv.h | 14 ++--
 .../BSD-x86/no-asm/include/openssl/ssl.h      | 69 ---------------
 .../archs/BSD-x86/no-asm/include/progs.h      |  2 +-
 .../config/archs/BSD-x86/no-asm/openssl.gypi  |  2 -
 .../config/archs/BSD-x86_64/asm/apps/progs.c  |  2 +-
 .../config/archs/BSD-x86_64/asm/configdata.pm | 82 ++++++------------
 .../archs/BSD-x86_64/asm/crypto/buildinf.h    |  4 +-
 .../BSD-x86_64/asm/include/openssl/opensslv.h | 14 ++--
 .../BSD-x86_64/asm/include/openssl/ssl.h      | 69 ---------------
 .../archs/BSD-x86_64/asm/include/progs.h      |  2 +-
 .../config/archs/BSD-x86_64/asm/openssl.gypi  |  2 -
 .../archs/BSD-x86_64/asm_avx2/apps/progs.c    |  2 +-
 .../archs/BSD-x86_64/asm_avx2/configdata.pm   | 82 ++++++------------
 .../BSD-x86_64/asm_avx2/crypto/buildinf.h     |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../BSD-x86_64/asm_avx2/include/openssl/ssl.h | 69 ---------------
 .../archs/BSD-x86_64/asm_avx2/include/progs.h |  2 +-
 .../archs/BSD-x86_64/asm_avx2/openssl.gypi    |  2 -
 .../archs/BSD-x86_64/no-asm/apps/progs.c      |  2 +-
 .../archs/BSD-x86_64/no-asm/configdata.pm     | 82 ++++++------------
 .../archs/BSD-x86_64/no-asm/crypto/buildinf.h |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../BSD-x86_64/no-asm/include/openssl/ssl.h   | 69 ---------------
 .../archs/BSD-x86_64/no-asm/include/progs.h   |  2 +-
 .../archs/BSD-x86_64/no-asm/openssl.gypi      |  2 -
 .../config/archs/VC-WIN32/asm/apps/progs.c    |  2 +-
 .../config/archs/VC-WIN32/asm/configdata.pm   | 84 +++++++------------
 .../archs/VC-WIN32/asm/crypto/buildinf.h      |  4 +-
 .../VC-WIN32/asm/include/openssl/opensslv.h   | 14 ++--
 .../archs/VC-WIN32/asm/include/openssl/ssl.h  | 69 ---------------
 .../config/archs/VC-WIN32/asm/include/progs.h |  2 +-
 .../config/archs/VC-WIN32/asm/openssl.gypi    |  2 -
 .../archs/VC-WIN32/asm_avx2/apps/progs.c      |  2 +-
 .../archs/VC-WIN32/asm_avx2/configdata.pm     | 84 +++++++------------
 .../archs/VC-WIN32/asm_avx2/crypto/buildinf.h |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../VC-WIN32/asm_avx2/include/openssl/ssl.h   | 69 ---------------
 .../archs/VC-WIN32/asm_avx2/include/progs.h   |  2 +-
 .../archs/VC-WIN32/asm_avx2/openssl.gypi      |  2 -
 .../config/archs/VC-WIN32/no-asm/apps/progs.c |  2 +-
 .../archs/VC-WIN32/no-asm/configdata.pm       | 84 +++++++------------
 .../archs/VC-WIN32/no-asm/crypto/buildinf.h   |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../VC-WIN32/no-asm/include/openssl/ssl.h     | 69 ---------------
 .../archs/VC-WIN32/no-asm/include/progs.h     |  2 +-
 .../config/archs/VC-WIN32/no-asm/openssl.gypi |  2 -
 .../archs/VC-WIN64-ARM/no-asm/apps/progs.c    |  2 +-
 .../archs/VC-WIN64-ARM/no-asm/configdata.pm   | 84 +++++++------------
 .../VC-WIN64-ARM/no-asm/crypto/buildinf.h     |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../VC-WIN64-ARM/no-asm/include/openssl/ssl.h | 69 ---------------
 .../archs/VC-WIN64-ARM/no-asm/include/progs.h |  2 +-
 .../archs/VC-WIN64-ARM/no-asm/openssl.gypi    |  2 -
 .../config/archs/VC-WIN64A/asm/apps/progs.c   |  2 +-
 .../config/archs/VC-WIN64A/asm/configdata.pm  | 84 +++++++------------
 .../archs/VC-WIN64A/asm/crypto/buildinf.h     |  4 +-
 .../VC-WIN64A/asm/include/openssl/opensslv.h  | 14 ++--
 .../archs/VC-WIN64A/asm/include/openssl/ssl.h | 69 ---------------
 .../archs/VC-WIN64A/asm/include/progs.h       |  2 +-
 .../config/archs/VC-WIN64A/asm/openssl.gypi   |  2 -
 .../archs/VC-WIN64A/asm_avx2/apps/progs.c     |  2 +-
 .../archs/VC-WIN64A/asm_avx2/configdata.pm    | 84 +++++++------------
 .../VC-WIN64A/asm_avx2/crypto/buildinf.h      |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../VC-WIN64A/asm_avx2/include/openssl/ssl.h  | 69 ---------------
 .../archs/VC-WIN64A/asm_avx2/include/progs.h  |  2 +-
 .../archs/VC-WIN64A/asm_avx2/openssl.gypi     |  2 -
 .../archs/VC-WIN64A/no-asm/apps/progs.c       |  2 +-
 .../archs/VC-WIN64A/no-asm/configdata.pm      | 84 +++++++------------
 .../archs/VC-WIN64A/no-asm/crypto/buildinf.h  |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../VC-WIN64A/no-asm/include/openssl/ssl.h    | 69 ---------------
 .../archs/VC-WIN64A/no-asm/include/progs.h    |  2 +-
 .../archs/VC-WIN64A/no-asm/openssl.gypi       |  2 -
 .../archs/aix64-gcc-as/asm/apps/progs.c       |  2 +-
 .../archs/aix64-gcc-as/asm/configdata.pm      | 82 ++++++------------
 .../archs/aix64-gcc-as/asm/crypto/buildinf.h  |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../aix64-gcc-as/asm/include/openssl/ssl.h    | 69 ---------------
 .../archs/aix64-gcc-as/asm/include/progs.h    |  2 +-
 .../archs/aix64-gcc-as/asm/openssl.gypi       |  2 -
 .../archs/aix64-gcc-as/asm_avx2/apps/progs.c  |  2 +-
 .../archs/aix64-gcc-as/asm_avx2/configdata.pm | 82 ++++++------------
 .../aix64-gcc-as/asm_avx2/crypto/buildinf.h   |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../aix64-gcc-as/asm_avx2/include/progs.h     |  2 +-
 .../archs/aix64-gcc-as/asm_avx2/openssl.gypi  |  2 -
 .../archs/aix64-gcc-as/no-asm/apps/progs.c    |  2 +-
 .../archs/aix64-gcc-as/no-asm/configdata.pm   | 82 ++++++------------
 .../aix64-gcc-as/no-asm/crypto/buildinf.h     |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../aix64-gcc-as/no-asm/include/openssl/ssl.h | 69 ---------------
 .../archs/aix64-gcc-as/no-asm/include/progs.h |  2 +-
 .../archs/aix64-gcc-as/no-asm/openssl.gypi    |  2 -
 .../archs/darwin-i386-cc/asm/apps/progs.c     |  2 +-
 .../archs/darwin-i386-cc/asm/configdata.pm    | 82 ++++++------------
 .../darwin-i386-cc/asm/crypto/buildinf.h      |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../darwin-i386-cc/asm/include/openssl/ssl.h  | 69 ---------------
 .../archs/darwin-i386-cc/asm/include/progs.h  |  2 +-
 .../archs/darwin-i386-cc/asm/openssl.gypi     |  2 -
 .../darwin-i386-cc/asm_avx2/apps/progs.c      |  2 +-
 .../darwin-i386-cc/asm_avx2/configdata.pm     | 82 ++++++------------
 .../darwin-i386-cc/asm_avx2/crypto/buildinf.h |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../darwin-i386-cc/asm_avx2/include/progs.h   |  2 +-
 .../darwin-i386-cc/asm_avx2/openssl.gypi      |  2 -
 .../archs/darwin-i386-cc/no-asm/apps/progs.c  |  2 +-
 .../archs/darwin-i386-cc/no-asm/configdata.pm | 82 ++++++------------
 .../darwin-i386-cc/no-asm/crypto/buildinf.h   |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../darwin-i386-cc/no-asm/include/progs.h     |  2 +-
 .../archs/darwin-i386-cc/no-asm/openssl.gypi  |  2 -
 .../archs/darwin64-arm64-cc/asm/apps/progs.c  |  2 +-
 .../archs/darwin64-arm64-cc/asm/configdata.pm | 82 ++++++------------
 .../asm/crypto/bn/armv8-mont.S                |  2 +
 .../darwin64-arm64-cc/asm/crypto/buildinf.h   |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../asm/include/openssl/ssl.h                 | 69 ---------------
 .../darwin64-arm64-cc/asm/include/progs.h     |  2 +-
 .../archs/darwin64-arm64-cc/asm/openssl.gypi  |  2 -
 .../darwin64-arm64-cc/asm_avx2/apps/progs.c   |  2 +-
 .../darwin64-arm64-cc/asm_avx2/configdata.pm  | 82 ++++++------------
 .../asm_avx2/crypto/bn/armv8-mont.S           |  2 +
 .../asm_avx2/crypto/buildinf.h                |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../asm_avx2/include/progs.h                  |  2 +-
 .../darwin64-arm64-cc/asm_avx2/openssl.gypi   |  2 -
 .../darwin64-arm64-cc/no-asm/apps/progs.c     |  2 +-
 .../darwin64-arm64-cc/no-asm/configdata.pm    | 82 ++++++------------
 .../no-asm/crypto/buildinf.h                  |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../darwin64-arm64-cc/no-asm/include/progs.h  |  2 +-
 .../darwin64-arm64-cc/no-asm/openssl.gypi     |  2 -
 .../archs/darwin64-x86_64-cc/asm/apps/progs.c |  2 +-
 .../darwin64-x86_64-cc/asm/configdata.pm      | 82 ++++++------------
 .../darwin64-x86_64-cc/asm/crypto/buildinf.h  |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../asm/include/openssl/ssl.h                 | 69 ---------------
 .../darwin64-x86_64-cc/asm/include/progs.h    |  2 +-
 .../archs/darwin64-x86_64-cc/asm/openssl.gypi |  2 -
 .../darwin64-x86_64-cc/asm_avx2/apps/progs.c  |  2 +-
 .../darwin64-x86_64-cc/asm_avx2/configdata.pm | 82 ++++++------------
 .../asm_avx2/crypto/buildinf.h                |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../asm_avx2/include/progs.h                  |  2 +-
 .../darwin64-x86_64-cc/asm_avx2/openssl.gypi  |  2 -
 .../darwin64-x86_64-cc/no-asm/apps/progs.c    |  2 +-
 .../darwin64-x86_64-cc/no-asm/configdata.pm   | 82 ++++++------------
 .../no-asm/crypto/buildinf.h                  |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../darwin64-x86_64-cc/no-asm/include/progs.h |  2 +-
 .../darwin64-x86_64-cc/no-asm/openssl.gypi    |  2 -
 .../archs/linux-aarch64/asm/apps/progs.c      |  2 +-
 .../archs/linux-aarch64/asm/configdata.pm     | 82 ++++++------------
 .../linux-aarch64/asm/crypto/bn/armv8-mont.S  |  2 +
 .../archs/linux-aarch64/asm/crypto/buildinf.h |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../linux-aarch64/asm/include/openssl/ssl.h   | 69 ---------------
 .../archs/linux-aarch64/asm/include/progs.h   |  2 +-
 .../archs/linux-aarch64/asm/openssl.gypi      |  2 -
 .../archs/linux-aarch64/asm_avx2/apps/progs.c |  2 +-
 .../linux-aarch64/asm_avx2/configdata.pm      | 82 ++++++------------
 .../asm_avx2/crypto/bn/armv8-mont.S           |  2 +
 .../linux-aarch64/asm_avx2/crypto/buildinf.h  |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../linux-aarch64/asm_avx2/include/progs.h    |  2 +-
 .../archs/linux-aarch64/asm_avx2/openssl.gypi |  2 -
 .../archs/linux-aarch64/no-asm/apps/progs.c   |  2 +-
 .../archs/linux-aarch64/no-asm/configdata.pm  | 82 ++++++------------
 .../linux-aarch64/no-asm/crypto/buildinf.h    |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../linux-aarch64/no-asm/include/progs.h      |  2 +-
 .../archs/linux-aarch64/no-asm/openssl.gypi   |  2 -
 .../config/archs/linux-armv4/asm/apps/progs.c |  2 +-
 .../archs/linux-armv4/asm/configdata.pm       | 82 ++++++------------
 .../archs/linux-armv4/asm/crypto/buildinf.h   |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../linux-armv4/asm/include/openssl/ssl.h     | 69 ---------------
 .../archs/linux-armv4/asm/include/progs.h     |  2 +-
 .../config/archs/linux-armv4/asm/openssl.gypi |  2 -
 .../archs/linux-armv4/asm_avx2/apps/progs.c   |  2 +-
 .../archs/linux-armv4/asm_avx2/configdata.pm  | 82 ++++++------------
 .../linux-armv4/asm_avx2/crypto/buildinf.h    |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../linux-armv4/asm_avx2/include/progs.h      |  2 +-
 .../archs/linux-armv4/asm_avx2/openssl.gypi   |  2 -
 .../archs/linux-armv4/no-asm/apps/progs.c     |  2 +-
 .../archs/linux-armv4/no-asm/configdata.pm    | 82 ++++++------------
 .../linux-armv4/no-asm/crypto/buildinf.h      |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../linux-armv4/no-asm/include/openssl/ssl.h  | 69 ---------------
 .../archs/linux-armv4/no-asm/include/progs.h  |  2 +-
 .../archs/linux-armv4/no-asm/openssl.gypi     |  2 -
 .../config/archs/linux-elf/asm/apps/progs.c   |  2 +-
 .../config/archs/linux-elf/asm/configdata.pm  | 82 ++++++------------
 .../archs/linux-elf/asm/crypto/buildinf.h     |  4 +-
 .../linux-elf/asm/include/openssl/opensslv.h  | 14 ++--
 .../archs/linux-elf/asm/include/openssl/ssl.h | 69 ---------------
 .../archs/linux-elf/asm/include/progs.h       |  2 +-
 .../config/archs/linux-elf/asm/openssl.gypi   |  2 -
 .../archs/linux-elf/asm_avx2/apps/progs.c     |  2 +-
 .../archs/linux-elf/asm_avx2/configdata.pm    | 82 ++++++------------
 .../linux-elf/asm_avx2/crypto/buildinf.h      |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../linux-elf/asm_avx2/include/openssl/ssl.h  | 69 ---------------
 .../archs/linux-elf/asm_avx2/include/progs.h  |  2 +-
 .../archs/linux-elf/asm_avx2/openssl.gypi     |  2 -
 .../archs/linux-elf/no-asm/apps/progs.c       |  2 +-
 .../archs/linux-elf/no-asm/configdata.pm      | 82 ++++++------------
 .../archs/linux-elf/no-asm/crypto/buildinf.h  |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../linux-elf/no-asm/include/openssl/ssl.h    | 69 ---------------
 .../archs/linux-elf/no-asm/include/progs.h    |  2 +-
 .../archs/linux-elf/no-asm/openssl.gypi       |  2 -
 .../archs/linux-ppc64le/asm/apps/progs.c      |  2 +-
 .../archs/linux-ppc64le/asm/configdata.pm     | 82 ++++++------------
 .../archs/linux-ppc64le/asm/crypto/buildinf.h |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../linux-ppc64le/asm/include/openssl/ssl.h   | 69 ---------------
 .../archs/linux-ppc64le/asm/include/progs.h   |  2 +-
 .../archs/linux-ppc64le/asm/openssl.gypi      |  2 -
 .../archs/linux-ppc64le/asm_avx2/apps/progs.c |  2 +-
 .../linux-ppc64le/asm_avx2/configdata.pm      | 82 ++++++------------
 .../linux-ppc64le/asm_avx2/crypto/buildinf.h  |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../linux-ppc64le/asm_avx2/include/progs.h    |  2 +-
 .../archs/linux-ppc64le/asm_avx2/openssl.gypi |  2 -
 .../archs/linux-ppc64le/no-asm/apps/progs.c   |  2 +-
 .../archs/linux-ppc64le/no-asm/configdata.pm  | 82 ++++++------------
 .../linux-ppc64le/no-asm/crypto/buildinf.h    |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../linux-ppc64le/no-asm/include/progs.h      |  2 +-
 .../archs/linux-ppc64le/no-asm/openssl.gypi   |  2 -
 .../archs/linux-x86_64/asm/apps/progs.c       |  2 +-
 .../archs/linux-x86_64/asm/configdata.pm      | 82 ++++++------------
 .../archs/linux-x86_64/asm/crypto/buildinf.h  |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../linux-x86_64/asm/include/openssl/ssl.h    | 69 ---------------
 .../archs/linux-x86_64/asm/include/progs.h    |  2 +-
 .../archs/linux-x86_64/asm/openssl.gypi       |  2 -
 .../archs/linux-x86_64/asm_avx2/apps/progs.c  |  2 +-
 .../archs/linux-x86_64/asm_avx2/configdata.pm | 82 ++++++------------
 .../linux-x86_64/asm_avx2/crypto/buildinf.h   |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../linux-x86_64/asm_avx2/include/progs.h     |  2 +-
 .../archs/linux-x86_64/asm_avx2/openssl.gypi  |  2 -
 .../archs/linux-x86_64/no-asm/apps/progs.c    |  2 +-
 .../archs/linux-x86_64/no-asm/configdata.pm   | 82 ++++++------------
 .../linux-x86_64/no-asm/crypto/buildinf.h     |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../linux-x86_64/no-asm/include/openssl/ssl.h | 69 ---------------
 .../archs/linux-x86_64/no-asm/include/progs.h |  2 +-
 .../archs/linux-x86_64/no-asm/openssl.gypi    |  2 -
 .../archs/linux32-s390x/asm/apps/progs.c      |  2 +-
 .../archs/linux32-s390x/asm/configdata.pm     | 82 ++++++------------
 .../archs/linux32-s390x/asm/crypto/buildinf.h |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../linux32-s390x/asm/include/openssl/ssl.h   | 69 ---------------
 .../archs/linux32-s390x/asm/include/progs.h   |  2 +-
 .../archs/linux32-s390x/asm/openssl.gypi      |  2 -
 .../archs/linux32-s390x/asm_avx2/apps/progs.c |  2 +-
 .../linux32-s390x/asm_avx2/configdata.pm      | 82 ++++++------------
 .../linux32-s390x/asm_avx2/crypto/buildinf.h  |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../linux32-s390x/asm_avx2/include/progs.h    |  2 +-
 .../archs/linux32-s390x/asm_avx2/openssl.gypi |  2 -
 .../archs/linux32-s390x/no-asm/apps/progs.c   |  2 +-
 .../archs/linux32-s390x/no-asm/configdata.pm  | 82 ++++++------------
 .../linux32-s390x/no-asm/crypto/buildinf.h    |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../linux32-s390x/no-asm/include/progs.h      |  2 +-
 .../archs/linux32-s390x/no-asm/openssl.gypi   |  2 -
 .../linux64-loongarch64/no-asm/apps/progs.c   |  2 +-
 .../linux64-loongarch64/no-asm/configdata.pm  | 82 ++++++------------
 .../no-asm/crypto/buildinf.h                  |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../no-asm/include/progs.h                    |  2 +-
 .../linux64-loongarch64/no-asm/openssl.gypi   |  2 -
 .../archs/linux64-mips64/asm/apps/progs.c     |  2 +-
 .../archs/linux64-mips64/asm/configdata.pm    | 82 ++++++------------
 .../linux64-mips64/asm/crypto/buildinf.h      |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../linux64-mips64/asm/include/openssl/ssl.h  | 69 ---------------
 .../archs/linux64-mips64/asm/include/progs.h  |  2 +-
 .../archs/linux64-mips64/asm/openssl.gypi     |  2 -
 .../linux64-mips64/asm_avx2/apps/progs.c      |  2 +-
 .../linux64-mips64/asm_avx2/configdata.pm     | 82 ++++++------------
 .../linux64-mips64/asm_avx2/crypto/buildinf.h |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../linux64-mips64/asm_avx2/include/progs.h   |  2 +-
 .../linux64-mips64/asm_avx2/openssl.gypi      |  2 -
 .../archs/linux64-mips64/no-asm/apps/progs.c  |  2 +-
 .../archs/linux64-mips64/no-asm/configdata.pm | 82 ++++++------------
 .../linux64-mips64/no-asm/crypto/buildinf.h   |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../linux64-mips64/no-asm/include/progs.h     |  2 +-
 .../archs/linux64-mips64/no-asm/openssl.gypi  |  2 -
 .../archs/linux64-riscv64/no-asm/apps/progs.c |  2 +-
 .../linux64-riscv64/no-asm/configdata.pm      | 82 ++++++------------
 .../linux64-riscv64/no-asm/crypto/buildinf.h  |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../linux64-riscv64/no-asm/include/progs.h    |  2 +-
 .../archs/linux64-riscv64/no-asm/openssl.gypi |  2 -
 .../archs/linux64-s390x/asm/apps/progs.c      |  2 +-
 .../archs/linux64-s390x/asm/configdata.pm     | 82 ++++++------------
 .../archs/linux64-s390x/asm/crypto/buildinf.h |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../linux64-s390x/asm/include/openssl/ssl.h   | 69 ---------------
 .../archs/linux64-s390x/asm/include/progs.h   |  2 +-
 .../archs/linux64-s390x/asm/openssl.gypi      |  2 -
 .../archs/linux64-s390x/asm_avx2/apps/progs.c |  2 +-
 .../linux64-s390x/asm_avx2/configdata.pm      | 82 ++++++------------
 .../linux64-s390x/asm_avx2/crypto/buildinf.h  |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../linux64-s390x/asm_avx2/include/progs.h    |  2 +-
 .../archs/linux64-s390x/asm_avx2/openssl.gypi |  2 -
 .../archs/linux64-s390x/no-asm/apps/progs.c   |  2 +-
 .../archs/linux64-s390x/no-asm/configdata.pm  | 82 ++++++------------
 .../linux64-s390x/no-asm/crypto/buildinf.h    |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../linux64-s390x/no-asm/include/progs.h      |  2 +-
 .../archs/linux64-s390x/no-asm/openssl.gypi   |  2 -
 .../archs/solaris-x86-gcc/asm/apps/progs.c    |  2 +-
 .../archs/solaris-x86-gcc/asm/configdata.pm   | 82 ++++++------------
 .../solaris-x86-gcc/asm/crypto/buildinf.h     |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../solaris-x86-gcc/asm/include/openssl/ssl.h | 69 ---------------
 .../archs/solaris-x86-gcc/asm/include/progs.h |  2 +-
 .../archs/solaris-x86-gcc/asm/openssl.gypi    |  2 -
 .../solaris-x86-gcc/asm_avx2/apps/progs.c     |  2 +-
 .../solaris-x86-gcc/asm_avx2/configdata.pm    | 82 ++++++------------
 .../asm_avx2/crypto/buildinf.h                |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../solaris-x86-gcc/asm_avx2/include/progs.h  |  2 +-
 .../solaris-x86-gcc/asm_avx2/openssl.gypi     |  2 -
 .../archs/solaris-x86-gcc/no-asm/apps/progs.c |  2 +-
 .../solaris-x86-gcc/no-asm/configdata.pm      | 82 ++++++------------
 .../solaris-x86-gcc/no-asm/crypto/buildinf.h  |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../solaris-x86-gcc/no-asm/include/progs.h    |  2 +-
 .../archs/solaris-x86-gcc/no-asm/openssl.gypi |  2 -
 .../solaris64-x86_64-gcc/asm/apps/progs.c     |  2 +-
 .../solaris64-x86_64-gcc/asm/configdata.pm    | 82 ++++++------------
 .../asm/crypto/buildinf.h                     |  4 +-
 .../asm/include/openssl/opensslv.h            | 14 ++--
 .../asm/include/openssl/ssl.h                 | 69 ---------------
 .../solaris64-x86_64-gcc/asm/include/progs.h  |  2 +-
 .../solaris64-x86_64-gcc/asm/openssl.gypi     |  2 -
 .../asm_avx2/apps/progs.c                     |  2 +-
 .../asm_avx2/configdata.pm                    | 82 ++++++------------
 .../asm_avx2/crypto/buildinf.h                |  4 +-
 .../asm_avx2/include/openssl/opensslv.h       | 14 ++--
 .../asm_avx2/include/openssl/ssl.h            | 69 ---------------
 .../asm_avx2/include/progs.h                  |  2 +-
 .../asm_avx2/openssl.gypi                     |  2 -
 .../solaris64-x86_64-gcc/no-asm/apps/progs.c  |  2 +-
 .../solaris64-x86_64-gcc/no-asm/configdata.pm | 82 ++++++------------
 .../no-asm/crypto/buildinf.h                  |  4 +-
 .../no-asm/include/openssl/opensslv.h         | 14 ++--
 .../no-asm/include/openssl/ssl.h              | 69 ---------------
 .../no-asm/include/progs.h                    |  2 +-
 .../solaris64-x86_64-gcc/no-asm/openssl.gypi  |  2 -
 deps/openssl/openssl/crypto/perlasm/x86asm.pl |  4 +-
 deps/openssl/openssl/include/crypto/bn_conf.h |  1 +
 .../openssl/openssl/include/crypto/dso_conf.h |  1 +
 deps/openssl/openssl/include/openssl/asn1.h   |  1 +
 deps/openssl/openssl/include/openssl/asn1t.h  |  1 +
 deps/openssl/openssl/include/openssl/bio.h    |  1 +
 deps/openssl/openssl/include/openssl/cmp.h    |  1 +
 deps/openssl/openssl/include/openssl/cms.h    |  1 +
 deps/openssl/openssl/include/openssl/conf.h   |  1 +
 .../openssl/include/openssl/configuration.h   |  1 +
 deps/openssl/openssl/include/openssl/crmf.h   |  1 +
 deps/openssl/openssl/include/openssl/crypto.h |  1 +
 deps/openssl/openssl/include/openssl/ct.h     |  1 +
 deps/openssl/openssl/include/openssl/err.h    |  1 +
 deps/openssl/openssl/include/openssl/ess.h    |  1 +
 .../openssl/openssl/include/openssl/fipskey.h |  1 +
 deps/openssl/openssl/include/openssl/lhash.h  |  1 +
 deps/openssl/openssl/include/openssl/ocsp.h   |  1 +
 .../openssl/include/openssl/opensslv.h        |  1 +
 deps/openssl/openssl/include/openssl/pkcs12.h |  1 +
 deps/openssl/openssl/include/openssl/pkcs7.h  |  1 +
 .../openssl/include/openssl/safestack.h       |  1 +
 deps/openssl/openssl/include/openssl/srp.h    |  1 +
 deps/openssl/openssl/include/openssl/ssl.h    |  1 +
 deps/openssl/openssl/include/openssl/ui.h     |  1 +
 deps/openssl/openssl/include/openssl/x509.h   |  1 +
 .../openssl/include/openssl/x509_vfy.h        |  1 +
 deps/openssl/openssl/include/openssl/x509v3.h |  1 +
 431 files changed, 2210 insertions(+), 7818 deletions(-)
 create mode 100644 deps/openssl/openssl/include/crypto/bn_conf.h
 create mode 100644 deps/openssl/openssl/include/crypto/dso_conf.h
 create mode 100644 deps/openssl/openssl/include/openssl/asn1.h
 create mode 100644 deps/openssl/openssl/include/openssl/asn1t.h
 create mode 100644 deps/openssl/openssl/include/openssl/bio.h
 create mode 100644 deps/openssl/openssl/include/openssl/cmp.h
 create mode 100644 deps/openssl/openssl/include/openssl/cms.h
 create mode 100644 deps/openssl/openssl/include/openssl/conf.h
 create mode 100644 deps/openssl/openssl/include/openssl/configuration.h
 create mode 100644 deps/openssl/openssl/include/openssl/crmf.h
 create mode 100644 deps/openssl/openssl/include/openssl/crypto.h
 create mode 100644 deps/openssl/openssl/include/openssl/ct.h
 create mode 100644 deps/openssl/openssl/include/openssl/err.h
 create mode 100644 deps/openssl/openssl/include/openssl/ess.h
 create mode 100644 deps/openssl/openssl/include/openssl/fipskey.h
 create mode 100644 deps/openssl/openssl/include/openssl/lhash.h
 create mode 100644 deps/openssl/openssl/include/openssl/ocsp.h
 create mode 100644 deps/openssl/openssl/include/openssl/opensslv.h
 create mode 100644 deps/openssl/openssl/include/openssl/pkcs12.h
 create mode 100644 deps/openssl/openssl/include/openssl/pkcs7.h
 create mode 100644 deps/openssl/openssl/include/openssl/safestack.h
 create mode 100644 deps/openssl/openssl/include/openssl/srp.h
 create mode 100644 deps/openssl/openssl/include/openssl/ssl.h
 create mode 100644 deps/openssl/openssl/include/openssl/ui.h
 create mode 100644 deps/openssl/openssl/include/openssl/x509.h
 create mode 100644 deps/openssl/openssl/include/openssl/x509_vfy.h
 create mode 100644 deps/openssl/openssl/include/openssl/x509v3.h

diff --git a/deps/openssl/config/archs/BSD-x86/asm/apps/progs.c b/deps/openssl/config/archs/BSD-x86/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/apps/progs.c
+++ b/deps/openssl/config/archs/BSD-x86/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86/asm/configdata.pm b/deps/openssl/config/archs/BSD-x86/asm/configdata.pm
index b4ff88112bd18d..39e95e30234882 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86/asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -203,10 +203,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -255,11 +255,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "BSD-x86",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -387,7 +387,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -889,6 +888,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1045,9 +1047,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3484,9 +3483,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5878,9 +5874,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7263,6 +7256,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7471,10 +7468,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10279,7 +10272,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10330,7 +10322,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12533,9 +12524,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14927,9 +14915,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16294,10 +16279,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16899,7 +16880,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18358,6 +18338,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18520,9 +18504,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19895,7 +19876,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20229,6 +20209,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20281,7 +20262,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24489,7 +24469,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24516,7 +24495,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25767,9 +25745,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25851,9 +25826,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25984,6 +25956,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26296,12 +26274,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27751,7 +27723,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27773,7 +27745,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/BSD-x86/asm/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86/asm/crypto/buildinf.h
index af438f4f0fa031..b746f98ac210c5 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86"
-#define DATE "built on: Mon Sep 30 17:05:30 2024 UTC"
+#define DATE "built on: Wed Mar  5 20:59:02 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/BSD-x86/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/BSD-x86/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/BSD-x86/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/BSD-x86/asm/include/openssl/ssl.h b/deps/openssl/config/archs/BSD-x86/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/BSD-x86/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/BSD-x86/asm/include/progs.h b/deps/openssl/config/archs/BSD-x86/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/include/progs.h
+++ b/deps/openssl/config/archs/BSD-x86/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86/asm/openssl.gypi b/deps/openssl/config/archs/BSD-x86/asm/openssl.gypi
index c984f3e0f752ca..dbe9034311729f 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/openssl.gypi
+++ b/deps/openssl/config/archs/BSD-x86/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/apps/progs.c b/deps/openssl/config/archs/BSD-x86/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/configdata.pm b/deps/openssl/config/archs/BSD-x86/asm_avx2/configdata.pm
index 058d8def744cbf..83d433e4553ac2 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -203,10 +203,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -255,11 +255,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "BSD-x86",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -387,7 +387,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -889,6 +888,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1045,9 +1047,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3484,9 +3483,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5878,9 +5874,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7263,6 +7256,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7471,10 +7468,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10279,7 +10272,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10330,7 +10322,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12533,9 +12524,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14927,9 +14915,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16294,10 +16279,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16899,7 +16880,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18358,6 +18338,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18520,9 +18504,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19895,7 +19876,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20229,6 +20209,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20281,7 +20262,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24489,7 +24469,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24516,7 +24495,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25767,9 +25745,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25851,9 +25826,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25984,6 +25956,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26296,12 +26274,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27751,7 +27723,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27773,7 +27745,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86/asm_avx2/crypto/buildinf.h
index fce54a74f651f5..27f03cc9d7763b 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86"
-#define DATE "built on: Mon Sep 30 17:05:44 2024 UTC"
+#define DATE "built on: Wed Mar  5 20:59:15 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/BSD-x86/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/BSD-x86/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/include/progs.h b/deps/openssl/config/archs/BSD-x86/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl.gypi b/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl.gypi
index 60512e2b588cfc..7d73b1d0fed35a 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/BSD-x86/no-asm/apps/progs.c b/deps/openssl/config/archs/BSD-x86/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/BSD-x86/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/BSD-x86/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86/no-asm/configdata.pm b/deps/openssl/config/archs/BSD-x86/no-asm/configdata.pm
index 6b5d662fd77178..770a3a3326a3fa 100644
--- a/deps/openssl/config/archs/BSD-x86/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86/no-asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -154,7 +154,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -202,10 +202,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -255,11 +255,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "BSD-x86",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -387,7 +387,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -890,6 +889,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1046,9 +1048,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3426,9 +3425,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5820,9 +5816,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7205,6 +7198,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7413,10 +7410,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10199,7 +10192,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10250,7 +10242,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12453,9 +12444,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14847,9 +14835,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16214,10 +16199,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16819,7 +16800,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18278,6 +18258,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18440,9 +18424,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19815,7 +19796,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20149,6 +20129,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20201,7 +20182,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24331,7 +24311,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24358,7 +24337,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25599,9 +25577,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25683,9 +25658,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25816,6 +25788,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26128,12 +26106,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27586,7 +27558,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27608,7 +27580,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/BSD-x86/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86/no-asm/crypto/buildinf.h
index 14d772edccc76f..4c40b7b89133fb 100644
--- a/deps/openssl/config/archs/BSD-x86/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86"
-#define DATE "built on: Mon Sep 30 17:05:57 2024 UTC"
+#define DATE "built on: Wed Mar  5 20:59:28 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/BSD-x86/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/BSD-x86/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/BSD-x86/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/BSD-x86/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/BSD-x86/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/BSD-x86/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/BSD-x86/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/BSD-x86/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/BSD-x86/no-asm/include/progs.h b/deps/openssl/config/archs/BSD-x86/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/BSD-x86/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/BSD-x86/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86/no-asm/openssl.gypi b/deps/openssl/config/archs/BSD-x86/no-asm/openssl.gypi
index 12fdb1843c693c..2031f41d6307b9 100644
--- a/deps/openssl/config/archs/BSD-x86/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/BSD-x86/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/apps/progs.c b/deps/openssl/config/archs/BSD-x86_64/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/apps/progs.c
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/configdata.pm b/deps/openssl/config/archs/BSD-x86_64/asm/configdata.pm
index f7cc1b97611e63..c57089f221c51a 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -203,10 +203,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -255,11 +255,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "BSD-x86_64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -890,6 +889,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1046,9 +1048,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3490,9 +3489,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5884,9 +5880,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7269,6 +7262,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7477,10 +7474,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10321,7 +10314,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10372,7 +10364,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12575,9 +12566,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14969,9 +14957,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16336,10 +16321,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16941,7 +16922,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18400,6 +18380,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18562,9 +18546,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19937,7 +19918,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20271,6 +20251,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20323,7 +20304,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24622,7 +24602,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24649,7 +24628,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25913,9 +25891,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25997,9 +25972,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26130,6 +26102,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26442,12 +26420,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27897,7 +27869,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27919,7 +27891,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86_64/asm/crypto/buildinf.h
index 9d75e25aa5f6cd..ec4aaf9a16fe37 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86_64"
-#define DATE "built on: Mon Sep 30 17:06:08 2024 UTC"
+#define DATE "built on: Wed Mar  5 20:59:39 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/BSD-x86_64/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/include/openssl/ssl.h b/deps/openssl/config/archs/BSD-x86_64/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/include/progs.h b/deps/openssl/config/archs/BSD-x86_64/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/include/progs.h
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/openssl.gypi b/deps/openssl/config/archs/BSD-x86_64/asm/openssl.gypi
index 7a468bd82eca92..f64b1e5b3bf451 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/openssl.gypi
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/apps/progs.c b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/configdata.pm b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/configdata.pm
index a9ff7c2027b32a..e918957e5c4e57 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -203,10 +203,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -255,11 +255,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "BSD-x86_64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -890,6 +889,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1046,9 +1048,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3490,9 +3489,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5884,9 +5880,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7269,6 +7262,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7477,10 +7474,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10321,7 +10314,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10372,7 +10364,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12575,9 +12566,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14969,9 +14957,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16336,10 +16321,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16941,7 +16922,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18400,6 +18380,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18562,9 +18546,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19937,7 +19918,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20271,6 +20251,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20323,7 +20304,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24622,7 +24602,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24649,7 +24628,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25913,9 +25891,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25997,9 +25972,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26130,6 +26102,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26442,12 +26420,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27897,7 +27869,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27919,7 +27891,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/crypto/buildinf.h
index f1b735d8043953..04524de22c1978 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86_64"
-#define DATE "built on: Mon Sep 30 17:06:24 2024 UTC"
+#define DATE "built on: Wed Mar  5 20:59:54 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/progs.h b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl.gypi b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl.gypi
index 6de0252f4666f3..9dc83c8bbb123d 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/BSD-x86_64/no-asm/apps/progs.c b/deps/openssl/config/archs/BSD-x86_64/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/BSD-x86_64/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/BSD-x86_64/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86_64/no-asm/configdata.pm b/deps/openssl/config/archs/BSD-x86_64/no-asm/configdata.pm
index 1ab302ff9a2dd9..559f9276be9920 100644
--- a/deps/openssl/config/archs/BSD-x86_64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86_64/no-asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -154,7 +154,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -202,10 +202,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -255,11 +255,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "BSD-x86_64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -891,6 +890,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1047,9 +1049,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3427,9 +3426,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5821,9 +5817,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7206,6 +7199,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7414,10 +7411,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10200,7 +10193,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10251,7 +10243,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12454,9 +12445,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14848,9 +14836,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16215,10 +16200,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16820,7 +16801,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18279,6 +18259,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18441,9 +18425,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19816,7 +19797,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20150,6 +20130,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20202,7 +20183,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24332,7 +24312,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24359,7 +24338,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25600,9 +25578,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25684,9 +25659,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25817,6 +25789,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26129,12 +26107,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27587,7 +27559,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27609,7 +27581,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/BSD-x86_64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86_64/no-asm/crypto/buildinf.h
index c2bae3d778be1d..be71bd3c561a72 100644
--- a/deps/openssl/config/archs/BSD-x86_64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86_64/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86_64"
-#define DATE "built on: Mon Sep 30 17:06:40 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:00:10 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/BSD-x86_64/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/BSD-x86_64/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/BSD-x86_64/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/BSD-x86_64/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/BSD-x86_64/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/BSD-x86_64/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/BSD-x86_64/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/BSD-x86_64/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/BSD-x86_64/no-asm/include/progs.h b/deps/openssl/config/archs/BSD-x86_64/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/BSD-x86_64/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/BSD-x86_64/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/BSD-x86_64/no-asm/openssl.gypi b/deps/openssl/config/archs/BSD-x86_64/no-asm/openssl.gypi
index d1d45e83d022b8..bb080a96ff626e 100644
--- a/deps/openssl/config/archs/BSD-x86_64/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/BSD-x86_64/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/apps/progs.c b/deps/openssl/config/archs/VC-WIN32/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/apps/progs.c
+++ b/deps/openssl/config/archs/VC-WIN32/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/configdata.pm b/deps/openssl/config/archs/VC-WIN32/asm/configdata.pm
index 3c9cf488d332fc..ed4f789fd2db28 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN32/asm/configdata.pm
@@ -148,7 +148,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -165,7 +165,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -216,10 +216,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -268,11 +268,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "VC-WIN32",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "lib",
@@ -287,7 +287,7 @@ our %target = (
     "LDFLAGS" => "/nologo /debug",
     "MT" => "mt",
     "MTFLAGS" => "-nologo",
-    "RANLIB" => "CODE(0x55c413c34420)",
+    "RANLIB" => "CODE(0x5565b669dcb0)",
     "RC" => "rc",
     "_conf_fname_int" => [
         "Configurations/00-base-templates.conf",
@@ -437,7 +437,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -940,6 +939,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1096,9 +1098,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3532,9 +3531,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5926,9 +5922,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7317,6 +7310,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7525,10 +7522,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10334,7 +10327,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10385,7 +10377,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12591,9 +12582,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14985,9 +14973,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16368,10 +16353,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16973,7 +16954,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18438,6 +18418,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18600,9 +18584,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19975,7 +19956,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20309,6 +20289,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20361,7 +20342,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24575,7 +24555,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24602,7 +24581,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25861,9 +25839,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25945,9 +25920,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26078,6 +26050,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26390,12 +26368,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27846,7 +27818,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27868,7 +27840,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN32/asm/crypto/buildinf.h
index ddbc0c9135bcdf..48ff5ac1c5a899 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN32/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Mon Sep 30 17:15:56 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:09:10 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/VC-WIN32/asm/include/openssl/opensslv.h
index 50c2dce1470fde..c0590cffa999a6 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/VC-WIN32/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/include/openssl/ssl.h b/deps/openssl/config/archs/VC-WIN32/asm/include/openssl/ssl.h
index 9712ae165a5759..7e9ca09bbf39f0 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/VC-WIN32/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/include/progs.h b/deps/openssl/config/archs/VC-WIN32/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/include/progs.h
+++ b/deps/openssl/config/archs/VC-WIN32/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/openssl.gypi b/deps/openssl/config/archs/VC-WIN32/asm/openssl.gypi
index 7a415cb3da09cb..0fb4d6ad1a813d 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN32/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/apps/progs.c b/deps/openssl/config/archs/VC-WIN32/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/configdata.pm b/deps/openssl/config/archs/VC-WIN32/asm_avx2/configdata.pm
index a9d9e2fe5751aa..815f2a5d15e483 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/configdata.pm
@@ -148,7 +148,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -165,7 +165,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -216,10 +216,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -268,11 +268,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "VC-WIN32",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "lib",
@@ -287,7 +287,7 @@ our %target = (
     "LDFLAGS" => "/nologo /debug",
     "MT" => "mt",
     "MTFLAGS" => "-nologo",
-    "RANLIB" => "CODE(0x55fa4e900730)",
+    "RANLIB" => "CODE(0x55faeca92fa0)",
     "RC" => "rc",
     "_conf_fname_int" => [
         "Configurations/00-base-templates.conf",
@@ -437,7 +437,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -940,6 +939,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1096,9 +1098,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3532,9 +3531,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5926,9 +5922,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7317,6 +7310,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7525,10 +7522,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10334,7 +10327,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10385,7 +10377,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12591,9 +12582,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14985,9 +14973,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16368,10 +16353,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16973,7 +16954,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18438,6 +18418,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18600,9 +18584,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19975,7 +19956,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20309,6 +20289,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20361,7 +20342,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24575,7 +24555,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24602,7 +24581,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25861,9 +25839,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25945,9 +25920,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26078,6 +26050,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26390,12 +26368,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27846,7 +27818,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27868,7 +27840,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN32/asm_avx2/crypto/buildinf.h
index 25257dbe4cdc20..4072d827907f5c 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Mon Sep 30 17:16:08 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:09:22 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/openssl/opensslv.h
index 50c2dce1470fde..c0590cffa999a6 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/openssl/ssl.h
index 9712ae165a5759..7e9ca09bbf39f0 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/progs.h b/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl.gypi b/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl.gypi
index 0eb291c5b04f91..6771de85fc0e73 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/VC-WIN32/no-asm/apps/progs.c b/deps/openssl/config/archs/VC-WIN32/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/VC-WIN32/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/VC-WIN32/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN32/no-asm/configdata.pm b/deps/openssl/config/archs/VC-WIN32/no-asm/configdata.pm
index 242b585006bf5d..2b33a586730255 100644
--- a/deps/openssl/config/archs/VC-WIN32/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN32/no-asm/configdata.pm
@@ -148,7 +148,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -163,7 +163,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -215,10 +215,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -268,11 +268,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "VC-WIN32",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "lib",
@@ -287,7 +287,7 @@ our %target = (
     "LDFLAGS" => "/nologo /debug",
     "MT" => "mt",
     "MTFLAGS" => "-nologo",
-    "RANLIB" => "CODE(0x556017cde7e0)",
+    "RANLIB" => "CODE(0x555d90669138)",
     "RC" => "rc",
     "_conf_fname_int" => [
         "Configurations/00-base-templates.conf",
@@ -437,7 +437,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -941,6 +940,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1097,9 +1099,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3474,9 +3473,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5868,9 +5864,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7259,6 +7252,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7467,10 +7464,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10254,7 +10247,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10305,7 +10297,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12511,9 +12502,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14905,9 +14893,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16288,10 +16273,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16893,7 +16874,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18358,6 +18338,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18520,9 +18504,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19895,7 +19876,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20229,6 +20209,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20281,7 +20262,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24417,7 +24397,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24444,7 +24423,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25693,9 +25671,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25777,9 +25752,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25910,6 +25882,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26222,12 +26200,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27681,7 +27653,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27703,7 +27675,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/VC-WIN32/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN32/no-asm/crypto/buildinf.h
index f3494c62b7ffb6..602c9cefde797b 100644
--- a/deps/openssl/config/archs/VC-WIN32/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN32/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Mon Sep 30 17:16:20 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:09:33 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN32/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/VC-WIN32/no-asm/include/openssl/opensslv.h
index 50c2dce1470fde..c0590cffa999a6 100644
--- a/deps/openssl/config/archs/VC-WIN32/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/VC-WIN32/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/VC-WIN32/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/VC-WIN32/no-asm/include/openssl/ssl.h
index 9712ae165a5759..7e9ca09bbf39f0 100644
--- a/deps/openssl/config/archs/VC-WIN32/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/VC-WIN32/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/VC-WIN32/no-asm/include/progs.h b/deps/openssl/config/archs/VC-WIN32/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/VC-WIN32/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/VC-WIN32/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN32/no-asm/openssl.gypi b/deps/openssl/config/archs/VC-WIN32/no-asm/openssl.gypi
index c4e4b169a0489d..72b9b35f5e11f5 100644
--- a/deps/openssl/config/archs/VC-WIN32/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN32/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/apps/progs.c b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/configdata.pm b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/configdata.pm
index 51e48deaccd109..8a29ae7726d4fe 100644
--- a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/configdata.pm
@@ -147,7 +147,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -163,7 +163,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -213,10 +213,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -266,11 +266,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "VC-WIN64-ARM",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "lib",
@@ -283,7 +283,7 @@ our %target = (
     "LDFLAGS" => "/nologo /debug",
     "MT" => "mt",
     "MTFLAGS" => "-nologo",
-    "RANLIB" => "CODE(0x563ab4010d40)",
+    "RANLIB" => "CODE(0x560478385a28)",
     "RC" => "rc",
     "_conf_fname_int" => [
         "Configurations/00-base-templates.conf",
@@ -429,7 +429,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -933,6 +932,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1089,9 +1091,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3466,9 +3465,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5860,9 +5856,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7251,6 +7244,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7459,10 +7456,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10246,7 +10239,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10297,7 +10289,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12503,9 +12494,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14897,9 +14885,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16280,10 +16265,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16885,7 +16866,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18350,6 +18330,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18512,9 +18496,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19887,7 +19868,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20221,6 +20201,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20273,7 +20254,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24409,7 +24389,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24436,7 +24415,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25685,9 +25663,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25769,9 +25744,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25902,6 +25874,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26214,12 +26192,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27673,7 +27645,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27695,7 +27667,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/crypto/buildinf.h
index 9e7f66c628b399..dfdc92098dec5e 100644
--- a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: VC-WIN64-ARM"
-#define DATE "built on: Mon Sep 30 17:16:31 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:09:44 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/openssl/opensslv.h
index 50c2dce1470fde..c0590cffa999a6 100644
--- a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/openssl/ssl.h
index 9712ae165a5759..7e9ca09bbf39f0 100644
--- a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/progs.h b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/openssl.gypi b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/openssl.gypi
index 81eb195afa9c48..f144e4b579302b 100644
--- a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/apps/progs.c b/deps/openssl/config/archs/VC-WIN64A/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/apps/progs.c
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/configdata.pm b/deps/openssl/config/archs/VC-WIN64A/asm/configdata.pm
index a58ae5c555f86e..61c50ea51d063d 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/configdata.pm
@@ -151,7 +151,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -168,7 +168,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -219,10 +219,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -271,11 +271,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "VC-WIN64A",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "lib",
@@ -290,7 +290,7 @@ our %target = (
     "LDFLAGS" => "/nologo /debug",
     "MT" => "mt",
     "MTFLAGS" => "-nologo",
-    "RANLIB" => "CODE(0x5567a098ee80)",
+    "RANLIB" => "CODE(0x55fdfa62e9a0)",
     "RC" => "rc",
     "_conf_fname_int" => [
         "Configurations/00-base-templates.conf",
@@ -441,7 +441,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -944,6 +943,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1100,9 +1102,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3541,9 +3540,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5935,9 +5931,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7326,6 +7319,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7534,10 +7531,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10369,7 +10362,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10420,7 +10412,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12626,9 +12617,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -15020,9 +15008,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16403,10 +16388,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -17008,7 +16989,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18473,6 +18453,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18635,9 +18619,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -20010,7 +19991,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20344,6 +20324,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20396,7 +20377,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24701,7 +24681,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24728,7 +24707,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -26000,9 +25978,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -26084,9 +26059,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26217,6 +26189,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26529,12 +26507,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27985,7 +27957,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -28007,7 +27979,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN64A/asm/crypto/buildinf.h
index af6d41b18a92c0..5e4f9fa85b782b 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Mon Sep 30 17:15:14 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:08:30 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/VC-WIN64A/asm/include/openssl/opensslv.h
index 50c2dce1470fde..c0590cffa999a6 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/include/openssl/ssl.h b/deps/openssl/config/archs/VC-WIN64A/asm/include/openssl/ssl.h
index 9712ae165a5759..7e9ca09bbf39f0 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/include/progs.h b/deps/openssl/config/archs/VC-WIN64A/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/include/progs.h
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/openssl.gypi b/deps/openssl/config/archs/VC-WIN64A/asm/openssl.gypi
index 5afa3d7541147c..56214992653bd3 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/apps/progs.c b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/configdata.pm b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/configdata.pm
index b6476912c55ecc..cdd5aa9852dbb6 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/configdata.pm
@@ -151,7 +151,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -168,7 +168,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -219,10 +219,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -271,11 +271,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "VC-WIN64A",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "lib",
@@ -290,7 +290,7 @@ our %target = (
     "LDFLAGS" => "/nologo /debug",
     "MT" => "mt",
     "MTFLAGS" => "-nologo",
-    "RANLIB" => "CODE(0x563a6722d330)",
+    "RANLIB" => "CODE(0x55884154b690)",
     "RC" => "rc",
     "_conf_fname_int" => [
         "Configurations/00-base-templates.conf",
@@ -441,7 +441,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -944,6 +943,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1100,9 +1102,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3541,9 +3540,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5935,9 +5931,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7326,6 +7319,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7534,10 +7531,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10369,7 +10362,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10420,7 +10412,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12626,9 +12617,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -15020,9 +15008,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16403,10 +16388,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -17008,7 +16989,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18473,6 +18453,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18635,9 +18619,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -20010,7 +19991,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20344,6 +20324,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20396,7 +20377,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24701,7 +24681,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24728,7 +24707,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -26000,9 +25978,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -26084,9 +26059,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26217,6 +26189,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26529,12 +26507,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27985,7 +27957,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -28007,7 +27979,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/crypto/buildinf.h
index 8e51d88ba4b79b..9757142ff5fe68 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Mon Sep 30 17:15:29 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:08:44 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/openssl/opensslv.h
index 50c2dce1470fde..c0590cffa999a6 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/openssl/ssl.h
index 9712ae165a5759..7e9ca09bbf39f0 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/progs.h b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl.gypi b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl.gypi
index 582f8c93a5b10f..89b4bcd47f1180 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/VC-WIN64A/no-asm/apps/progs.c b/deps/openssl/config/archs/VC-WIN64A/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/VC-WIN64A/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/VC-WIN64A/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN64A/no-asm/configdata.pm b/deps/openssl/config/archs/VC-WIN64A/no-asm/configdata.pm
index 08e8c7dc590b24..193001b8aae923 100644
--- a/deps/openssl/config/archs/VC-WIN64A/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN64A/no-asm/configdata.pm
@@ -151,7 +151,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -166,7 +166,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -218,10 +218,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -271,11 +271,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "VC-WIN64A",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "lib",
@@ -290,7 +290,7 @@ our %target = (
     "LDFLAGS" => "/nologo /debug",
     "MT" => "mt",
     "MTFLAGS" => "-nologo",
-    "RANLIB" => "CODE(0x55f18ff2a220)",
+    "RANLIB" => "CODE(0x55b60e60bac8)",
     "RC" => "rc",
     "_conf_fname_int" => [
         "Configurations/00-base-templates.conf",
@@ -441,7 +441,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -945,6 +944,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1101,9 +1103,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3478,9 +3477,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5872,9 +5868,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7263,6 +7256,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7471,10 +7468,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10258,7 +10251,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10309,7 +10301,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12515,9 +12506,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14909,9 +14897,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16292,10 +16277,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16897,7 +16878,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18362,6 +18342,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18524,9 +18508,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19899,7 +19880,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20233,6 +20213,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20285,7 +20266,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24421,7 +24401,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24448,7 +24427,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25697,9 +25675,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25781,9 +25756,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25914,6 +25886,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26226,12 +26204,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27685,7 +27657,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27707,7 +27679,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/VC-WIN64A/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN64A/no-asm/crypto/buildinf.h
index 50896740e947c3..f0be853b9669cc 100644
--- a/deps/openssl/config/archs/VC-WIN64A/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN64A/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Mon Sep 30 17:15:44 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:08:59 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN64A/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/VC-WIN64A/no-asm/include/openssl/opensslv.h
index 50c2dce1470fde..c0590cffa999a6 100644
--- a/deps/openssl/config/archs/VC-WIN64A/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/VC-WIN64A/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/VC-WIN64A/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/VC-WIN64A/no-asm/include/openssl/ssl.h
index 9712ae165a5759..7e9ca09bbf39f0 100644
--- a/deps/openssl/config/archs/VC-WIN64A/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/VC-WIN64A/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/VC-WIN64A/no-asm/include/progs.h b/deps/openssl/config/archs/VC-WIN64A/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/VC-WIN64A/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/VC-WIN64A/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/VC-WIN64A/no-asm/openssl.gypi b/deps/openssl/config/archs/VC-WIN64A/no-asm/openssl.gypi
index af84bdff856623..3cdefe6bdde202 100644
--- a/deps/openssl/config/archs/VC-WIN64A/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN64A/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm/apps/progs.c b/deps/openssl/config/archs/aix64-gcc-as/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm/apps/progs.c
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm/configdata.pm b/deps/openssl/config/archs/aix64-gcc-as/asm/configdata.pm
index 77e00d35a9d76f..3e480f50048240 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm/configdata.pm
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "aix64-gcc-as",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar -X64",
@@ -390,7 +390,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -893,6 +892,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1049,9 +1051,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3467,9 +3466,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5861,9 +5857,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7246,6 +7239,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7454,10 +7451,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10277,7 +10270,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10328,7 +10320,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12531,9 +12522,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14925,9 +14913,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16292,10 +16277,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16897,7 +16878,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18356,6 +18336,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18518,9 +18502,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19893,7 +19874,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20227,6 +20207,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20279,7 +20260,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24540,7 +24520,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24567,7 +24546,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25825,9 +25803,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25909,9 +25884,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26042,6 +26014,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26354,12 +26332,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27812,7 +27784,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27834,7 +27806,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm/crypto/buildinf.h b/deps/openssl/config/archs/aix64-gcc-as/asm/crypto/buildinf.h
index 99d30076120310..7428cb5cab8f76 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: aix64-gcc-as"
-#define DATE "built on: Mon Sep 30 17:04:53 2024 UTC"
+#define DATE "built on: Wed Mar  5 20:58:26 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/aix64-gcc-as/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm/include/openssl/ssl.h b/deps/openssl/config/archs/aix64-gcc-as/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm/include/progs.h b/deps/openssl/config/archs/aix64-gcc-as/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm/include/progs.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm/openssl.gypi b/deps/openssl/config/archs/aix64-gcc-as/asm/openssl.gypi
index 8a048cba01e211..93acbf01f5373a 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm/openssl.gypi
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/apps/progs.c b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/configdata.pm b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/configdata.pm
index 34862e4d370a0e..b98107d8f67bf9 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "aix64-gcc-as",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar -X64",
@@ -390,7 +390,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -893,6 +892,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1049,9 +1051,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3467,9 +3466,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5861,9 +5857,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7246,6 +7239,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7454,10 +7451,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10277,7 +10270,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10328,7 +10320,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12531,9 +12522,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14925,9 +14913,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16292,10 +16277,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16897,7 +16878,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18356,6 +18336,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18518,9 +18502,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19893,7 +19874,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20227,6 +20207,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20279,7 +20260,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24540,7 +24520,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24567,7 +24546,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25825,9 +25803,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25909,9 +25884,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26042,6 +26014,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26354,12 +26332,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27812,7 +27784,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27834,7 +27806,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/crypto/buildinf.h
index 69dd90a6c66fe7..6b0cc03405c2ad 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: aix64-gcc-as"
-#define DATE "built on: Mon Sep 30 17:05:06 2024 UTC"
+#define DATE "built on: Wed Mar  5 20:58:38 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/progs.h b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/openssl.gypi b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/openssl.gypi
index ab4157db96a8ad..912a5ae1d06017 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/aix64-gcc-as/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/aix64-gcc-as/no-asm/apps/progs.c b/deps/openssl/config/archs/aix64-gcc-as/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/aix64-gcc-as/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/aix64-gcc-as/no-asm/configdata.pm b/deps/openssl/config/archs/aix64-gcc-as/no-asm/configdata.pm
index 3012083af82f69..2e8a240a9868c1 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/aix64-gcc-as/no-asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -154,7 +154,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -205,10 +205,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "aix64-gcc-as",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar -X64",
@@ -390,7 +390,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -894,6 +893,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1050,9 +1052,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3430,9 +3429,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5824,9 +5820,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7209,6 +7202,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7417,10 +7414,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10202,7 +10195,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10253,7 +10245,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12456,9 +12447,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14850,9 +14838,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16217,10 +16202,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16822,7 +16803,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18281,6 +18261,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18443,9 +18427,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19818,7 +19799,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20152,6 +20132,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20204,7 +20185,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24330,7 +24310,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24357,7 +24336,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25598,9 +25576,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25682,9 +25657,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25815,6 +25787,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26127,12 +26105,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27588,7 +27560,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27610,7 +27582,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/aix64-gcc-as/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/aix64-gcc-as/no-asm/crypto/buildinf.h
index c1c41584528e9c..d00971063b8b48 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: aix64-gcc-as"
-#define DATE "built on: Mon Sep 30 17:05:19 2024 UTC"
+#define DATE "built on: Wed Mar  5 20:58:51 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/progs.h b/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/aix64-gcc-as/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/aix64-gcc-as/no-asm/openssl.gypi b/deps/openssl/config/archs/aix64-gcc-as/no-asm/openssl.gypi
index 150635d1cfc050..9cc4582197f86d 100644
--- a/deps/openssl/config/archs/aix64-gcc-as/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/aix64-gcc-as/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/apps/progs.c b/deps/openssl/config/archs/darwin-i386-cc/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/apps/progs.c
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/configdata.pm b/deps/openssl/config/archs/darwin-i386-cc/asm/configdata.pm
index c48853b80e4e46..fa10bed6fd6378 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/configdata.pm
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "darwin-i386-cc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -891,6 +890,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1047,9 +1049,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3486,9 +3485,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5880,9 +5876,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7257,6 +7250,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7465,10 +7462,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10271,7 +10264,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10322,7 +10314,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12525,9 +12516,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14919,9 +14907,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16272,10 +16257,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16871,7 +16852,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18322,6 +18302,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18484,9 +18468,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19859,7 +19840,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20193,6 +20173,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20245,7 +20226,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24449,7 +24429,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24476,7 +24455,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25725,9 +25703,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25809,9 +25784,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25942,6 +25914,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26254,12 +26232,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27710,7 +27682,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27732,7 +27704,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/crypto/buildinf.h b/deps/openssl/config/archs/darwin-i386-cc/asm/crypto/buildinf.h
index 9e690dbea0a857..810053f7be5645 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin-i386-cc"
-#define DATE "built on: Mon Sep 30 17:07:34 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:01:02 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/darwin-i386-cc/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/include/openssl/ssl.h b/deps/openssl/config/archs/darwin-i386-cc/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/include/progs.h b/deps/openssl/config/archs/darwin-i386-cc/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/include/progs.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/openssl.gypi b/deps/openssl/config/archs/darwin-i386-cc/asm/openssl.gypi
index 1fac08080709a0..49b8dd0ee2b6ab 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/openssl.gypi
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/apps/progs.c b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/configdata.pm b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/configdata.pm
index 0b7a603aa08014..9bf997165c3e08 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "darwin-i386-cc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -891,6 +890,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1047,9 +1049,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3486,9 +3485,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5880,9 +5876,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7257,6 +7250,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7465,10 +7462,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10271,7 +10264,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10322,7 +10314,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12525,9 +12516,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14919,9 +14907,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16272,10 +16257,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16871,7 +16852,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18322,6 +18302,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18484,9 +18468,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19859,7 +19840,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20193,6 +20173,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20245,7 +20226,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24449,7 +24429,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24476,7 +24455,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25725,9 +25703,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25809,9 +25784,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25942,6 +25914,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26254,12 +26232,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27710,7 +27682,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27732,7 +27704,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/crypto/buildinf.h
index f0fc131a0ac265..dfe6f4feb0011e 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin-i386-cc"
-#define DATE "built on: Mon Sep 30 17:07:47 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:01:15 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/progs.h b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl.gypi b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl.gypi
index 0f428fdfbb5bd7..1611dce927f3cc 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/darwin-i386-cc/no-asm/apps/progs.c b/deps/openssl/config/archs/darwin-i386-cc/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/darwin-i386-cc/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin-i386-cc/no-asm/configdata.pm b/deps/openssl/config/archs/darwin-i386-cc/no-asm/configdata.pm
index 4eafb602153f5e..639b55a717b993 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/darwin-i386-cc/no-asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -154,7 +154,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -205,10 +205,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "darwin-i386-cc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -892,6 +891,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1048,9 +1050,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3428,9 +3427,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5822,9 +5818,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7199,6 +7192,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7407,10 +7404,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10191,7 +10184,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10242,7 +10234,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12445,9 +12436,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14839,9 +14827,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16192,10 +16177,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16791,7 +16772,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18242,6 +18222,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18404,9 +18388,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19779,7 +19760,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20113,6 +20093,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20165,7 +20146,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24291,7 +24271,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24318,7 +24297,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25557,9 +25535,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25641,9 +25616,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25774,6 +25746,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26086,12 +26064,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27545,7 +27517,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27567,7 +27539,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/darwin-i386-cc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/darwin-i386-cc/no-asm/crypto/buildinf.h
index 7c35bb03c23c0d..b7162945595dfd 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin-i386-cc"
-#define DATE "built on: Mon Sep 30 17:08:00 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:01:27 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/progs.h b/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin-i386-cc/no-asm/openssl.gypi b/deps/openssl/config/archs/darwin-i386-cc/no-asm/openssl.gypi
index 7469c552c64729..fb2e7f750ac6fc 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/darwin-i386-cc/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm/apps/progs.c b/deps/openssl/config/archs/darwin64-arm64-cc/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm/apps/progs.c
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm/configdata.pm b/deps/openssl/config/archs/darwin64-arm64-cc/asm/configdata.pm
index 877a6b8a253eed..ae8c62971c1a23 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm/configdata.pm
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "darwin64-arm64-cc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -891,6 +890,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1047,9 +1049,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3459,9 +3458,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5853,9 +5849,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7230,6 +7223,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7438,10 +7435,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10245,7 +10238,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10296,7 +10288,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12499,9 +12490,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14893,9 +14881,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16246,10 +16231,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16845,7 +16826,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18356,6 +18336,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18518,9 +18502,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19893,7 +19874,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20227,6 +20207,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20279,7 +20260,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24486,7 +24466,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24513,7 +24492,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25763,9 +25741,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25847,9 +25822,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25980,6 +25952,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26292,12 +26270,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27748,7 +27720,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27770,7 +27742,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm/crypto/bn/armv8-mont.S b/deps/openssl/config/archs/darwin64-arm64-cc/asm/crypto/bn/armv8-mont.S
index 6fca712c4754a8..adb12afdb1ae24 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm/crypto/bn/armv8-mont.S
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm/crypto/bn/armv8-mont.S
@@ -15,10 +15,12 @@ Lbn_mul_mont:
 	cmp	x5,#32
 	b.le	Lscalar_impl
 #ifndef	__KERNEL__
+#ifndef	__AARCH64EB__
 	adrp	x17,_OPENSSL_armv8_rsa_neonized@PAGE
 	ldr	w17,[x17,_OPENSSL_armv8_rsa_neonized@PAGEOFF]
 	cbnz	w17, bn_mul8x_mont_neon
 #endif
+#endif
 
 Lscalar_impl:
 	tst	x5,#7
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm/crypto/buildinf.h b/deps/openssl/config/archs/darwin64-arm64-cc/asm/crypto/buildinf.h
index 53600343288552..95c41f05765710 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin64-arm64-cc"
-#define DATE "built on: Mon Sep 30 17:08:11 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:01:39 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/openssl/ssl.h b/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/progs.h b/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/progs.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm/openssl.gypi b/deps/openssl/config/archs/darwin64-arm64-cc/asm/openssl.gypi
index 91173eeb093184..5028c50d6ab6e8 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm/openssl.gypi
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/apps/progs.c b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/configdata.pm b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/configdata.pm
index 3deb53b0966350..125bb77e2f8c72 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "darwin64-arm64-cc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -891,6 +890,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1047,9 +1049,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3459,9 +3458,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5853,9 +5849,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7230,6 +7223,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7438,10 +7435,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10245,7 +10238,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10296,7 +10288,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12499,9 +12490,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14893,9 +14881,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16246,10 +16231,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16845,7 +16826,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18356,6 +18336,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18518,9 +18502,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19893,7 +19874,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20227,6 +20207,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20279,7 +20260,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24486,7 +24466,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24513,7 +24492,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25763,9 +25741,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25847,9 +25822,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25980,6 +25952,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26292,12 +26270,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27748,7 +27720,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27770,7 +27742,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/crypto/bn/armv8-mont.S b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/crypto/bn/armv8-mont.S
index 6fca712c4754a8..adb12afdb1ae24 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/crypto/bn/armv8-mont.S
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/crypto/bn/armv8-mont.S
@@ -15,10 +15,12 @@ Lbn_mul_mont:
 	cmp	x5,#32
 	b.le	Lscalar_impl
 #ifndef	__KERNEL__
+#ifndef	__AARCH64EB__
 	adrp	x17,_OPENSSL_armv8_rsa_neonized@PAGE
 	ldr	w17,[x17,_OPENSSL_armv8_rsa_neonized@PAGEOFF]
 	cbnz	w17, bn_mul8x_mont_neon
 #endif
+#endif
 
 Lscalar_impl:
 	tst	x5,#7
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/crypto/buildinf.h
index 74f8be4cef56d1..8aa804c510ffe5 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin64-arm64-cc"
-#define DATE "built on: Mon Sep 30 17:08:24 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:01:51 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/progs.h b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/openssl.gypi b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/openssl.gypi
index 61a8836a9dde3f..edd82ba510c2dd 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/apps/progs.c b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/configdata.pm b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/configdata.pm
index 7698c6b4a8d09e..aeb47e095d8bf6 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -154,7 +154,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -205,10 +205,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "darwin64-arm64-cc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -892,6 +891,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1048,9 +1050,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3428,9 +3427,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5822,9 +5818,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7199,6 +7192,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7407,10 +7404,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10191,7 +10184,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10242,7 +10234,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12445,9 +12436,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14839,9 +14827,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16192,10 +16177,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16791,7 +16772,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18242,6 +18222,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18404,9 +18388,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19779,7 +19760,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20113,6 +20093,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20165,7 +20146,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24291,7 +24271,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24318,7 +24297,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25557,9 +25535,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25641,9 +25616,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25774,6 +25746,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26086,12 +26064,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27545,7 +27517,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27567,7 +27539,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/crypto/buildinf.h
index 16436bc0b1796c..d8139bf78a0a80 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin64-arm64-cc"
-#define DATE "built on: Mon Sep 30 17:08:36 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:02:03 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/progs.h b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/openssl.gypi b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/openssl.gypi
index 835387a25b28e2..67fd4d4b74bcce 100644
--- a/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/darwin64-arm64-cc/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/apps/progs.c b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/apps/progs.c
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/configdata.pm b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/configdata.pm
index 4d3767f42329f5..d30d5f5326758b 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/configdata.pm
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "darwin64-x86_64-cc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -891,6 +890,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1047,9 +1049,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3491,9 +3490,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5885,9 +5881,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7262,6 +7255,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7470,10 +7467,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10312,7 +10305,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10363,7 +10355,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12566,9 +12557,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14960,9 +14948,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16313,10 +16298,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16912,7 +16893,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18363,6 +18343,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18525,9 +18509,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19900,7 +19881,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20234,6 +20214,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20286,7 +20267,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24581,7 +24561,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24608,7 +24587,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25870,9 +25848,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25954,9 +25929,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26087,6 +26059,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26399,12 +26377,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27855,7 +27827,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27877,7 +27849,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/crypto/buildinf.h b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/crypto/buildinf.h
index 8c788f6d59a666..99175da0e9b9fb 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin64-x86_64-cc"
-#define DATE "built on: Mon Sep 30 17:06:51 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:00:21 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/openssl/ssl.h b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/progs.h b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/progs.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl.gypi b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl.gypi
index 454a35a31ecd9a..10a92888817f0e 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl.gypi
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/apps/progs.c b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/configdata.pm b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/configdata.pm
index 1f75fe7575c2cf..f504cbca94b1c6 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "darwin64-x86_64-cc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -891,6 +890,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1047,9 +1049,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3491,9 +3490,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5885,9 +5881,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7262,6 +7255,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7470,10 +7467,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10312,7 +10305,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10363,7 +10355,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12566,9 +12557,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14960,9 +14948,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16313,10 +16298,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16912,7 +16893,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18363,6 +18343,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18525,9 +18509,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19900,7 +19881,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20234,6 +20214,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20286,7 +20267,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24581,7 +24561,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24608,7 +24587,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25870,9 +25848,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25954,9 +25929,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26087,6 +26059,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26399,12 +26377,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27855,7 +27827,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27877,7 +27849,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/crypto/buildinf.h
index 7fc043860e91f6..f21ee48fcccf30 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin64-x86_64-cc"
-#define DATE "built on: Mon Sep 30 17:07:07 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:00:36 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/progs.h b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl.gypi b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl.gypi
index b6218392f74489..d1c3557a62e246 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/apps/progs.c b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/configdata.pm b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/configdata.pm
index 10e32f3d13be08..853874fcaa33e7 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -154,7 +154,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -205,10 +205,10 @@ our %config = (
     ],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -258,11 +258,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "darwin64-x86_64-cc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -892,6 +891,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1048,9 +1050,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3428,9 +3427,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5822,9 +5818,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7199,6 +7192,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7407,10 +7404,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10191,7 +10184,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10242,7 +10234,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12445,9 +12436,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14839,9 +14827,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16192,10 +16177,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16791,7 +16772,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18242,6 +18222,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18404,9 +18388,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19779,7 +19760,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20113,6 +20093,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20165,7 +20146,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24291,7 +24271,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24318,7 +24297,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25557,9 +25535,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25641,9 +25616,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25774,6 +25746,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26086,12 +26064,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27545,7 +27517,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27567,7 +27539,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/crypto/buildinf.h
index ecf1d141ca8f37..061a0193d55e39 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin64-x86_64-cc"
-#define DATE "built on: Mon Sep 30 17:07:22 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:00:51 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/progs.h b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/openssl.gypi b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/openssl.gypi
index d2f0708edf95c2..cd8cb60dca73cb 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/apps/progs.c b/deps/openssl/config/archs/linux-aarch64/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux-aarch64/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/configdata.pm b/deps/openssl/config/archs/linux-aarch64/asm/configdata.pm
index b9637a41bbedcc..e7dd562dcf9949 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-aarch64/asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-aarch64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3466,9 +3465,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5860,9 +5856,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7245,6 +7238,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7453,10 +7450,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10261,7 +10254,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10312,7 +10304,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12515,9 +12506,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14909,9 +14897,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16276,10 +16261,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16881,7 +16862,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18400,6 +18380,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18562,9 +18546,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19937,7 +19918,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20271,6 +20251,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20323,7 +20304,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24530,7 +24510,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24557,7 +24536,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25809,9 +25787,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25893,9 +25868,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26026,6 +25998,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26338,12 +26316,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27796,7 +27768,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27818,7 +27790,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/crypto/bn/armv8-mont.S b/deps/openssl/config/archs/linux-aarch64/asm/crypto/bn/armv8-mont.S
index 98d06f934a9ea5..397c83e863839f 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/crypto/bn/armv8-mont.S
+++ b/deps/openssl/config/archs/linux-aarch64/asm/crypto/bn/armv8-mont.S
@@ -15,10 +15,12 @@ bn_mul_mont:
 	cmp	x5,#32
 	b.le	.Lscalar_impl
 #ifndef	__KERNEL__
+#ifndef	__AARCH64EB__
 	adrp	x17,OPENSSL_armv8_rsa_neonized
 	ldr	w17,[x17,#:lo12:OPENSSL_armv8_rsa_neonized]
 	cbnz	w17, bn_mul8x_mont_neon
 #endif
+#endif
 
 .Lscalar_impl:
 	tst	x5,#7
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-aarch64/asm/crypto/buildinf.h
index eba7c744efbda4..9b5fa460089703 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-aarch64/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-aarch64"
-#define DATE "built on: Mon Sep 30 17:08:48 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:02:14 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-aarch64/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-aarch64/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux-aarch64/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-aarch64/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/include/progs.h b/deps/openssl/config/archs/linux-aarch64/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/include/progs.h
+++ b/deps/openssl/config/archs/linux-aarch64/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/openssl.gypi b/deps/openssl/config/archs/linux-aarch64/asm/openssl.gypi
index 5990887c029387..4e0923be89cafb 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-aarch64/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/apps/progs.c b/deps/openssl/config/archs/linux-aarch64/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-aarch64/asm_avx2/configdata.pm
index 988b82a67947ef..0e7998767e7b63 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-aarch64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3466,9 +3465,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5860,9 +5856,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7245,6 +7238,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7453,10 +7450,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10261,7 +10254,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10312,7 +10304,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12515,9 +12506,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14909,9 +14897,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16276,10 +16261,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16881,7 +16862,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18400,6 +18380,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18562,9 +18546,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19937,7 +19918,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20271,6 +20251,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20323,7 +20304,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24530,7 +24510,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24557,7 +24536,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25809,9 +25787,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25893,9 +25868,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26026,6 +25998,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26338,12 +26316,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27796,7 +27768,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27818,7 +27790,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/bn/armv8-mont.S b/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/bn/armv8-mont.S
index 98d06f934a9ea5..397c83e863839f 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/bn/armv8-mont.S
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/bn/armv8-mont.S
@@ -15,10 +15,12 @@ bn_mul_mont:
 	cmp	x5,#32
 	b.le	.Lscalar_impl
 #ifndef	__KERNEL__
+#ifndef	__AARCH64EB__
 	adrp	x17,OPENSSL_armv8_rsa_neonized
 	ldr	w17,[x17,#:lo12:OPENSSL_armv8_rsa_neonized]
 	cbnz	w17, bn_mul8x_mont_neon
 #endif
+#endif
 
 .Lscalar_impl:
 	tst	x5,#7
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/buildinf.h
index 33cbe794886024..e4f6099c6f70a8 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-aarch64"
-#define DATE "built on: Mon Sep 30 17:09:00 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:02:26 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/progs.h b/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux-aarch64/asm_avx2/openssl.gypi
index c7cb2091b5a793..b9d76aee0d0dd6 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-aarch64/no-asm/apps/progs.c b/deps/openssl/config/archs/linux-aarch64/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-aarch64/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux-aarch64/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-aarch64/no-asm/configdata.pm b/deps/openssl/config/archs/linux-aarch64/no-asm/configdata.pm
index 9ff6e315a7f549..dee85d62d789e0 100644
--- a/deps/openssl/config/archs/linux-aarch64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-aarch64/no-asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -157,7 +157,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-aarch64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -899,6 +898,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1055,9 +1057,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3435,9 +3434,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5829,9 +5825,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7214,6 +7207,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7422,10 +7419,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10207,7 +10200,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10258,7 +10250,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12461,9 +12452,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14855,9 +14843,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16222,10 +16207,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16827,7 +16808,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18286,6 +18266,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18448,9 +18432,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19823,7 +19804,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20157,6 +20137,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20209,7 +20190,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24335,7 +24315,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24362,7 +24341,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25603,9 +25581,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25687,9 +25662,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25820,6 +25792,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26132,12 +26110,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27593,7 +27565,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27615,7 +27587,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-aarch64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-aarch64/no-asm/crypto/buildinf.h
index 82407322b9655a..f011f915e4e457 100644
--- a/deps/openssl/config/archs/linux-aarch64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-aarch64/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-aarch64"
-#define DATE "built on: Mon Sep 30 17:09:13 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:02:39 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-aarch64/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-aarch64/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-aarch64/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-aarch64/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-aarch64/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux-aarch64/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-aarch64/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-aarch64/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-aarch64/no-asm/include/progs.h b/deps/openssl/config/archs/linux-aarch64/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-aarch64/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/linux-aarch64/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-aarch64/no-asm/openssl.gypi b/deps/openssl/config/archs/linux-aarch64/no-asm/openssl.gypi
index f20a2ba245d462..387362a4757ebb 100644
--- a/deps/openssl/config/archs/linux-aarch64/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-aarch64/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-armv4/asm/apps/progs.c b/deps/openssl/config/archs/linux-armv4/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-armv4/asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux-armv4/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-armv4/asm/configdata.pm b/deps/openssl/config/archs/linux-armv4/asm/configdata.pm
index 4ac06388d755d8..301b8298786081 100644
--- a/deps/openssl/config/archs/linux-armv4/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-armv4/asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-armv4",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3474,9 +3473,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5868,9 +5864,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7253,6 +7246,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7461,10 +7458,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10271,7 +10264,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10322,7 +10314,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12525,9 +12516,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14919,9 +14907,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16286,10 +16271,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16891,7 +16872,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18434,6 +18414,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18596,9 +18580,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19971,7 +19952,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20305,6 +20285,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20357,7 +20338,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24571,7 +24551,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24598,7 +24577,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25851,9 +25829,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25935,9 +25910,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26068,6 +26040,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26380,12 +26358,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27838,7 +27810,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27860,7 +27832,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-armv4/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-armv4/asm/crypto/buildinf.h
index c2f243c0696fb7..9fbe102da05dc3 100644
--- a/deps/openssl/config/archs/linux-armv4/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-armv4/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-armv4"
-#define DATE "built on: Mon Sep 30 17:09:25 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:02:50 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-armv4/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-armv4/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-armv4/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-armv4/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-armv4/asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux-armv4/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-armv4/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-armv4/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-armv4/asm/include/progs.h b/deps/openssl/config/archs/linux-armv4/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-armv4/asm/include/progs.h
+++ b/deps/openssl/config/archs/linux-armv4/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-armv4/asm/openssl.gypi b/deps/openssl/config/archs/linux-armv4/asm/openssl.gypi
index 8fd7c43c4db633..849f58d4bdb02b 100644
--- a/deps/openssl/config/archs/linux-armv4/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-armv4/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-armv4/asm_avx2/apps/progs.c b/deps/openssl/config/archs/linux-armv4/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-armv4/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/linux-armv4/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-armv4/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-armv4/asm_avx2/configdata.pm
index f5715110100590..c6045ab640a969 100644
--- a/deps/openssl/config/archs/linux-armv4/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-armv4/asm_avx2/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-armv4",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3474,9 +3473,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5868,9 +5864,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7253,6 +7246,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7461,10 +7458,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10271,7 +10264,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10322,7 +10314,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12525,9 +12516,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14919,9 +14907,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16286,10 +16271,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16891,7 +16872,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18434,6 +18414,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18596,9 +18580,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19971,7 +19952,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20305,6 +20285,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20357,7 +20338,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24571,7 +24551,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24598,7 +24577,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25851,9 +25829,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25935,9 +25910,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26068,6 +26040,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26380,12 +26358,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27838,7 +27810,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27860,7 +27832,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/buildinf.h
index e5f76f6ad716ba..65593d5b1395c8 100644
--- a/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-armv4"
-#define DATE "built on: Mon Sep 30 17:09:38 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:03:03 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-armv4/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-armv4/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-armv4/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-armv4/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-armv4/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/linux-armv4/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-armv4/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-armv4/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-armv4/asm_avx2/include/progs.h b/deps/openssl/config/archs/linux-armv4/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-armv4/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/linux-armv4/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-armv4/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux-armv4/asm_avx2/openssl.gypi
index 9b594145412313..76181e218d83dd 100644
--- a/deps/openssl/config/archs/linux-armv4/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux-armv4/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-armv4/no-asm/apps/progs.c b/deps/openssl/config/archs/linux-armv4/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-armv4/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux-armv4/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-armv4/no-asm/configdata.pm b/deps/openssl/config/archs/linux-armv4/no-asm/configdata.pm
index 2254a71143d8fd..3783c4b8d52ecb 100644
--- a/deps/openssl/config/archs/linux-armv4/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-armv4/no-asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -157,7 +157,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-armv4",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -899,6 +898,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1055,9 +1057,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3435,9 +3434,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5829,9 +5825,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7214,6 +7207,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7422,10 +7419,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10207,7 +10200,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10258,7 +10250,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12461,9 +12452,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14855,9 +14843,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16222,10 +16207,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16827,7 +16808,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18286,6 +18266,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18448,9 +18432,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19823,7 +19804,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20157,6 +20137,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20209,7 +20190,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24335,7 +24315,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24362,7 +24341,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25603,9 +25581,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25687,9 +25662,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25820,6 +25792,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26132,12 +26110,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27593,7 +27565,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27615,7 +27587,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-armv4/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-armv4/no-asm/crypto/buildinf.h
index 9b3d97b629171d..f317b588f51938 100644
--- a/deps/openssl/config/archs/linux-armv4/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-armv4/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-armv4"
-#define DATE "built on: Mon Sep 30 17:09:50 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:03:15 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-armv4/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-armv4/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-armv4/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-armv4/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-armv4/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux-armv4/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-armv4/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-armv4/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-armv4/no-asm/include/progs.h b/deps/openssl/config/archs/linux-armv4/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-armv4/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/linux-armv4/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-armv4/no-asm/openssl.gypi b/deps/openssl/config/archs/linux-armv4/no-asm/openssl.gypi
index cc4efdf7d59fad..6ad73f4142da8c 100644
--- a/deps/openssl/config/archs/linux-armv4/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-armv4/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-elf/asm/apps/progs.c b/deps/openssl/config/archs/linux-elf/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-elf/asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux-elf/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-elf/asm/configdata.pm b/deps/openssl/config/archs/linux-elf/asm/configdata.pm
index f134e72ba600e3..4230adf831e541 100644
--- a/deps/openssl/config/archs/linux-elf/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-elf/asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-elf",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -394,7 +394,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -897,6 +896,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1053,9 +1055,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3492,9 +3491,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5886,9 +5882,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7271,6 +7264,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7479,10 +7476,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10286,7 +10279,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10337,7 +10329,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12540,9 +12531,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14934,9 +14922,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16301,10 +16286,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16906,7 +16887,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18365,6 +18345,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18527,9 +18511,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19902,7 +19883,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20236,6 +20216,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20288,7 +20269,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24492,7 +24472,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24519,7 +24498,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25770,9 +25748,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25854,9 +25829,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25987,6 +25959,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26299,12 +26277,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27757,7 +27729,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27779,7 +27751,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-elf/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-elf/asm/crypto/buildinf.h
index 939d8f553cc2f0..b0d1da6fd25e1d 100644
--- a/deps/openssl/config/archs/linux-elf/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-elf/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-elf"
-#define DATE "built on: Mon Sep 30 17:10:02 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:03:26 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-elf/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-elf/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-elf/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-elf/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-elf/asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux-elf/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-elf/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-elf/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-elf/asm/include/progs.h b/deps/openssl/config/archs/linux-elf/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-elf/asm/include/progs.h
+++ b/deps/openssl/config/archs/linux-elf/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-elf/asm/openssl.gypi b/deps/openssl/config/archs/linux-elf/asm/openssl.gypi
index 0cf7d926c47e93..c782453da24f90 100644
--- a/deps/openssl/config/archs/linux-elf/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-elf/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/apps/progs.c b/deps/openssl/config/archs/linux-elf/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-elf/asm_avx2/configdata.pm
index 90aff138cbc5cd..f2e251ddbc0ca5 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-elf",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -394,7 +394,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -897,6 +896,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1053,9 +1055,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3492,9 +3491,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5886,9 +5882,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7271,6 +7264,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7479,10 +7476,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10286,7 +10279,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10337,7 +10329,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12540,9 +12531,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14934,9 +14922,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16301,10 +16286,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16906,7 +16887,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18365,6 +18345,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18527,9 +18511,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19902,7 +19883,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20236,6 +20216,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20288,7 +20269,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24492,7 +24472,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24519,7 +24498,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25770,9 +25748,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25854,9 +25829,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25987,6 +25959,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26299,12 +26277,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27757,7 +27729,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27779,7 +27751,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-elf/asm_avx2/crypto/buildinf.h
index 3a655350497561..1113f7c9c54c73 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-elf"
-#define DATE "built on: Mon Sep 30 17:10:15 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:03:39 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-elf/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/linux-elf/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/include/progs.h b/deps/openssl/config/archs/linux-elf/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux-elf/asm_avx2/openssl.gypi
index 4ca065ef163fd8..a0ce9ab8dcae98 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/linux-elf/no-asm/apps/progs.c b/deps/openssl/config/archs/linux-elf/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-elf/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux-elf/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-elf/no-asm/configdata.pm b/deps/openssl/config/archs/linux-elf/no-asm/configdata.pm
index 479b266eb3e98d..33c8a7298c2885 100644
--- a/deps/openssl/config/archs/linux-elf/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-elf/no-asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -157,7 +157,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-elf",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -394,7 +394,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3434,9 +3433,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5828,9 +5824,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7213,6 +7206,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7421,10 +7418,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10206,7 +10199,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10257,7 +10249,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12460,9 +12451,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14854,9 +14842,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16221,10 +16206,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16826,7 +16807,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18285,6 +18265,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18447,9 +18431,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19822,7 +19803,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20156,6 +20136,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20208,7 +20189,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24334,7 +24314,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24361,7 +24340,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25602,9 +25580,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25686,9 +25661,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25819,6 +25791,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26131,12 +26109,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27592,7 +27564,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27614,7 +27586,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-elf/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-elf/no-asm/crypto/buildinf.h
index cea8ea6ace931b..732212bb3ef9ff 100644
--- a/deps/openssl/config/archs/linux-elf/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-elf/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-elf"
-#define DATE "built on: Mon Sep 30 17:10:28 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:03:52 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-elf/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-elf/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-elf/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-elf/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-elf/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux-elf/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-elf/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-elf/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-elf/no-asm/include/progs.h b/deps/openssl/config/archs/linux-elf/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-elf/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/linux-elf/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-elf/no-asm/openssl.gypi b/deps/openssl/config/archs/linux-elf/no-asm/openssl.gypi
index 3b06ffbeef4280..8bc730460cf9f9 100644
--- a/deps/openssl/config/archs/linux-elf/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-elf/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm/apps/progs.c b/deps/openssl/config/archs/linux-ppc64le/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux-ppc64le/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm/configdata.pm b/deps/openssl/config/archs/linux-ppc64le/asm/configdata.pm
index be8ddf1031a71c..f2225dbc54eda9 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc64le/asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-ppc64le",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3472,9 +3471,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5866,9 +5862,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7251,6 +7244,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7459,10 +7456,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10282,7 +10275,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10333,7 +10325,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12536,9 +12527,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14930,9 +14918,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16297,10 +16282,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16902,7 +16883,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18361,6 +18341,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18523,9 +18507,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19898,7 +19879,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20232,6 +20212,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20284,7 +20265,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24545,7 +24525,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24572,7 +24551,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25830,9 +25808,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25914,9 +25889,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26047,6 +26019,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26359,12 +26337,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27817,7 +27789,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27839,7 +27811,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc64le/asm/crypto/buildinf.h
index a1d53486daf67c..42c879116598fb 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc64le/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc64le"
-#define DATE "built on: Mon Sep 30 17:11:23 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:04:45 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-ppc64le/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-ppc64le/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux-ppc64le/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-ppc64le/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm/include/progs.h b/deps/openssl/config/archs/linux-ppc64le/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm/include/progs.h
+++ b/deps/openssl/config/archs/linux-ppc64le/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm/openssl.gypi b/deps/openssl/config/archs/linux-ppc64le/asm/openssl.gypi
index a7479e90fbe74c..391c727e3caa73 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-ppc64le/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/apps/progs.c b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/configdata.pm
index 4693b1e2ca61fc..d56fa2d54c7bda 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-ppc64le",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3472,9 +3471,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5866,9 +5862,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7251,6 +7244,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7459,10 +7456,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10282,7 +10275,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10333,7 +10325,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12536,9 +12527,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14930,9 +14918,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16297,10 +16282,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16902,7 +16883,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18361,6 +18341,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18523,9 +18507,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19898,7 +19879,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20232,6 +20212,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20284,7 +20265,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24545,7 +24525,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24572,7 +24551,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25830,9 +25808,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25914,9 +25889,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26047,6 +26019,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26359,12 +26337,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27817,7 +27789,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27839,7 +27811,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/crypto/buildinf.h
index 62ae301563cef0..d689af3d0377dd 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc64le"
-#define DATE "built on: Mon Sep 30 17:11:36 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:04:58 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/progs.h b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/openssl.gypi
index f07a1c9c6a49d1..df4018f9641216 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-ppc64le/no-asm/apps/progs.c b/deps/openssl/config/archs/linux-ppc64le/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-ppc64le/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux-ppc64le/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-ppc64le/no-asm/configdata.pm b/deps/openssl/config/archs/linux-ppc64le/no-asm/configdata.pm
index 4ea931962056d2..254be4364f3ebf 100644
--- a/deps/openssl/config/archs/linux-ppc64le/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc64le/no-asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -157,7 +157,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-ppc64le",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -899,6 +898,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1055,9 +1057,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3435,9 +3434,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5829,9 +5825,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7214,6 +7207,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7422,10 +7419,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10207,7 +10200,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10258,7 +10250,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12461,9 +12452,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14855,9 +14843,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16222,10 +16207,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16827,7 +16808,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18286,6 +18266,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18448,9 +18432,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19823,7 +19804,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20157,6 +20137,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20209,7 +20190,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24335,7 +24315,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24362,7 +24341,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25603,9 +25581,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25687,9 +25662,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25820,6 +25792,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26132,12 +26110,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27593,7 +27565,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27615,7 +27587,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-ppc64le/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc64le/no-asm/crypto/buildinf.h
index 813a758dbb8463..e4ba8ad06045d0 100644
--- a/deps/openssl/config/archs/linux-ppc64le/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc64le/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc64le"
-#define DATE "built on: Mon Sep 30 17:11:49 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:05:10 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc64le/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-ppc64le/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-ppc64le/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-ppc64le/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-ppc64le/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux-ppc64le/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-ppc64le/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-ppc64le/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-ppc64le/no-asm/include/progs.h b/deps/openssl/config/archs/linux-ppc64le/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-ppc64le/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/linux-ppc64le/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-ppc64le/no-asm/openssl.gypi b/deps/openssl/config/archs/linux-ppc64le/no-asm/openssl.gypi
index 046ec44ce8eb20..59a593c03ce93c 100644
--- a/deps/openssl/config/archs/linux-ppc64le/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-ppc64le/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/apps/progs.c b/deps/openssl/config/archs/linux-x86_64/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux-x86_64/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/configdata.pm b/deps/openssl/config/archs/linux-x86_64/asm/configdata.pm
index 0a7527c74f608d..a84203c4b5be8d 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-x86_64/asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-x86_64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -396,7 +396,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -899,6 +898,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1055,9 +1057,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3499,9 +3498,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5893,9 +5889,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7278,6 +7271,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7486,10 +7483,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10329,7 +10322,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10380,7 +10372,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12583,9 +12574,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14977,9 +14965,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16344,10 +16329,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16949,7 +16930,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18408,6 +18388,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18570,9 +18554,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19945,7 +19926,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20279,6 +20259,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20331,7 +20312,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24626,7 +24606,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24653,7 +24632,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25917,9 +25895,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -26001,9 +25976,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26134,6 +26106,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26446,12 +26424,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27904,7 +27876,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27926,7 +27898,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-x86_64/asm/crypto/buildinf.h
index 56ff0a9f0ced76..98989e9a320464 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-x86_64/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-x86_64"
-#define DATE "built on: Mon Sep 30 17:10:40 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:04:03 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-x86_64/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-x86_64/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux-x86_64/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-x86_64/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/include/progs.h b/deps/openssl/config/archs/linux-x86_64/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/include/progs.h
+++ b/deps/openssl/config/archs/linux-x86_64/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/openssl.gypi b/deps/openssl/config/archs/linux-x86_64/asm/openssl.gypi
index 14bcd8e7f8fbed..a2861e7edd1b49 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-x86_64/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/apps/progs.c b/deps/openssl/config/archs/linux-x86_64/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-x86_64/asm_avx2/configdata.pm
index 8de9a59e88a749..9cb66bbfb1dca2 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-x86_64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -396,7 +396,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -899,6 +898,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1055,9 +1057,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3499,9 +3498,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5893,9 +5889,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7278,6 +7271,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7486,10 +7483,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10329,7 +10322,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10380,7 +10372,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12583,9 +12574,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14977,9 +14965,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16344,10 +16329,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16949,7 +16930,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18408,6 +18388,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18570,9 +18554,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19945,7 +19926,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20279,6 +20259,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20331,7 +20312,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24626,7 +24606,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24653,7 +24632,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25917,9 +25895,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -26001,9 +25976,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26134,6 +26106,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26446,12 +26424,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27904,7 +27876,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27926,7 +27898,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-x86_64/asm_avx2/crypto/buildinf.h
index 75117a04bb1d92..109d6e9a86b37a 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-x86_64"
-#define DATE "built on: Mon Sep 30 17:10:56 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:04:19 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/progs.h b/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl.gypi
index 20c248d53cc144..5be120b7db1199 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/linux-x86_64/no-asm/apps/progs.c b/deps/openssl/config/archs/linux-x86_64/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux-x86_64/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux-x86_64/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-x86_64/no-asm/configdata.pm b/deps/openssl/config/archs/linux-x86_64/no-asm/configdata.pm
index d520c3b33b87ae..b4bbde59a6509f 100644
--- a/deps/openssl/config/archs/linux-x86_64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-x86_64/no-asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -157,7 +157,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux-x86_64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -396,7 +396,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -900,6 +899,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1056,9 +1058,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3436,9 +3435,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5830,9 +5826,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7215,6 +7208,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7423,10 +7420,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10208,7 +10201,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10259,7 +10251,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12462,9 +12453,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14856,9 +14844,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16223,10 +16208,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16828,7 +16809,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18287,6 +18267,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18449,9 +18433,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19824,7 +19805,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20158,6 +20138,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20210,7 +20191,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24336,7 +24316,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24363,7 +24342,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25604,9 +25582,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25688,9 +25663,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25821,6 +25793,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26133,12 +26111,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27594,7 +27566,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27616,7 +27588,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux-x86_64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-x86_64/no-asm/crypto/buildinf.h
index 8062b751473863..0c2e38659674ef 100644
--- a/deps/openssl/config/archs/linux-x86_64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-x86_64/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-x86_64"
-#define DATE "built on: Mon Sep 30 17:11:12 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:04:34 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-x86_64/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux-x86_64/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux-x86_64/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux-x86_64/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux-x86_64/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux-x86_64/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux-x86_64/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux-x86_64/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux-x86_64/no-asm/include/progs.h b/deps/openssl/config/archs/linux-x86_64/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux-x86_64/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/linux-x86_64/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux-x86_64/no-asm/openssl.gypi b/deps/openssl/config/archs/linux-x86_64/no-asm/openssl.gypi
index f9ab8cd8ad2d05..0eae103bf3914d 100644
--- a/deps/openssl/config/archs/linux-x86_64/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-x86_64/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux32-s390x/asm/apps/progs.c b/deps/openssl/config/archs/linux32-s390x/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux32-s390x/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux32-s390x/asm/configdata.pm b/deps/openssl/config/archs/linux32-s390x/asm/configdata.pm
index 25d7152a50338e..2aed4d40439706 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux32-s390x/asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux32-s390x",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3481,9 +3480,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5875,9 +5871,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7260,6 +7253,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7468,10 +7465,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10269,7 +10262,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10320,7 +10312,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12523,9 +12514,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14917,9 +14905,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16284,10 +16269,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16889,7 +16870,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18402,6 +18382,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18564,9 +18548,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19939,7 +19920,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20273,6 +20253,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20325,7 +20306,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24507,7 +24487,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24534,7 +24513,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25783,9 +25761,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25867,9 +25842,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26000,6 +25972,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26312,12 +26290,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27770,7 +27742,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27792,7 +27764,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux32-s390x/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux32-s390x/asm/crypto/buildinf.h
index a1815adcb47351..746e7a850bd8c1 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux32-s390x/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux32-s390x"
-#define DATE "built on: Mon Sep 30 17:12:01 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:05:22 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux32-s390x/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux32-s390x/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux32-s390x/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux32-s390x/asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux32-s390x/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux32-s390x/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux32-s390x/asm/include/progs.h b/deps/openssl/config/archs/linux32-s390x/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm/include/progs.h
+++ b/deps/openssl/config/archs/linux32-s390x/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux32-s390x/asm/openssl.gypi b/deps/openssl/config/archs/linux32-s390x/asm/openssl.gypi
index 5815f28914db57..d2ec66abc20775 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux32-s390x/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/linux32-s390x/asm_avx2/apps/progs.c b/deps/openssl/config/archs/linux32-s390x/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/linux32-s390x/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux32-s390x/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux32-s390x/asm_avx2/configdata.pm
index bfdea24dd5e5ae..4ba3fdb2ce61ea 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux32-s390x/asm_avx2/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux32-s390x",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3481,9 +3480,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5875,9 +5871,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7260,6 +7253,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7468,10 +7465,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10269,7 +10262,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10320,7 +10312,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12523,9 +12514,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14917,9 +14905,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16284,10 +16269,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16889,7 +16870,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18402,6 +18382,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18564,9 +18548,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19939,7 +19920,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20273,6 +20253,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20325,7 +20306,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24507,7 +24487,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24534,7 +24513,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25783,9 +25761,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25867,9 +25842,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26000,6 +25972,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26312,12 +26290,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27770,7 +27742,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27792,7 +27764,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux32-s390x/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux32-s390x/asm_avx2/crypto/buildinf.h
index e6b3e00f5c752f..8520b0b6871835 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux32-s390x/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux32-s390x"
-#define DATE "built on: Mon Sep 30 17:12:14 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:05:34 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/progs.h b/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/linux32-s390x/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux32-s390x/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux32-s390x/asm_avx2/openssl.gypi
index 9cebf7a2e7764c..9a9cb1df312f6a 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux32-s390x/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/linux32-s390x/no-asm/apps/progs.c b/deps/openssl/config/archs/linux32-s390x/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux32-s390x/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux32-s390x/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux32-s390x/no-asm/configdata.pm b/deps/openssl/config/archs/linux32-s390x/no-asm/configdata.pm
index 36af8f54cc6c9f..3203fac4e66983 100644
--- a/deps/openssl/config/archs/linux32-s390x/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux32-s390x/no-asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -157,7 +157,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux32-s390x",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -395,7 +395,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -899,6 +898,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1055,9 +1057,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3435,9 +3434,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5829,9 +5825,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7214,6 +7207,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7422,10 +7419,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10207,7 +10200,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10258,7 +10250,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12461,9 +12452,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14855,9 +14843,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16222,10 +16207,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16827,7 +16808,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18286,6 +18266,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18448,9 +18432,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19823,7 +19804,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20157,6 +20137,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20209,7 +20190,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24335,7 +24315,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24362,7 +24341,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25603,9 +25581,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25687,9 +25662,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25820,6 +25792,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26132,12 +26110,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27593,7 +27565,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27615,7 +27587,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux32-s390x/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux32-s390x/no-asm/crypto/buildinf.h
index 2e191c2e4841b1..cfbf11db75cd71 100644
--- a/deps/openssl/config/archs/linux32-s390x/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux32-s390x/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux32-s390x"
-#define DATE "built on: Mon Sep 30 17:12:26 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:05:47 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux32-s390x/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux32-s390x/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux32-s390x/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux32-s390x/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux32-s390x/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux32-s390x/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux32-s390x/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux32-s390x/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux32-s390x/no-asm/include/progs.h b/deps/openssl/config/archs/linux32-s390x/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux32-s390x/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/linux32-s390x/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux32-s390x/no-asm/openssl.gypi b/deps/openssl/config/archs/linux32-s390x/no-asm/openssl.gypi
index 1b3c2428a59557..7dc0d96b51cfce 100644
--- a/deps/openssl/config/archs/linux32-s390x/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux32-s390x/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux64-loongarch64/no-asm/apps/progs.c b/deps/openssl/config/archs/linux64-loongarch64/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux64-loongarch64/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux64-loongarch64/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-loongarch64/no-asm/configdata.pm b/deps/openssl/config/archs/linux64-loongarch64/no-asm/configdata.pm
index 4ba193f4bf39c7..9356c6d20f9c0d 100644
--- a/deps/openssl/config/archs/linux64-loongarch64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux64-loongarch64/no-asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -157,7 +157,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux64-loongarch64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -394,7 +394,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3434,9 +3433,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5828,9 +5824,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7213,6 +7206,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7421,10 +7418,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10206,7 +10199,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10257,7 +10249,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12460,9 +12451,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14854,9 +14842,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16221,10 +16206,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16826,7 +16807,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18285,6 +18265,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18447,9 +18431,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19822,7 +19803,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20156,6 +20136,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20208,7 +20189,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24334,7 +24314,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24361,7 +24340,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25602,9 +25580,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25686,9 +25661,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25819,6 +25791,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26131,12 +26109,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27592,7 +27564,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27614,7 +27586,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux64-loongarch64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux64-loongarch64/no-asm/crypto/buildinf.h
index 8b0b4c9de878bc..35f4088f697a76 100644
--- a/deps/openssl/config/archs/linux64-loongarch64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-loongarch64/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-loongarch64"
-#define DATE "built on: Mon Sep 30 17:16:54 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:10:06 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/progs.h b/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/linux64-loongarch64/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-loongarch64/no-asm/openssl.gypi b/deps/openssl/config/archs/linux64-loongarch64/no-asm/openssl.gypi
index 7646500a7b4e33..530fb2b9972229 100644
--- a/deps/openssl/config/archs/linux64-loongarch64/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux64-loongarch64/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/apps/progs.c b/deps/openssl/config/archs/linux64-mips64/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux64-mips64/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/configdata.pm b/deps/openssl/config/archs/linux64-mips64/asm/configdata.pm
index 751dc619e087fa..3791b477028d96 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux64-mips64/asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -162,7 +162,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -210,10 +210,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -262,11 +262,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux64-mips64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -399,7 +399,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -902,6 +901,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1058,9 +1060,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3460,9 +3459,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5854,9 +5850,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7239,6 +7232,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7447,10 +7444,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10241,7 +10234,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10292,7 +10284,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12495,9 +12486,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14889,9 +14877,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16256,10 +16241,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16861,7 +16842,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18359,6 +18339,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18521,9 +18505,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19896,7 +19877,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20230,6 +20210,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20282,7 +20263,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24440,7 +24420,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24467,7 +24446,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25712,9 +25690,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25796,9 +25771,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25929,6 +25901,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26241,12 +26219,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27699,7 +27671,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27721,7 +27693,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux64-mips64/asm/crypto/buildinf.h
index 5bcb19f0038b15..7bbf51db1e9d5d 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-mips64/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-mips64"
-#define DATE "built on: Mon Sep 30 17:13:16 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:06:35 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux64-mips64/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux64-mips64/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux64-mips64/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux64-mips64/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/include/progs.h b/deps/openssl/config/archs/linux64-mips64/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/include/progs.h
+++ b/deps/openssl/config/archs/linux64-mips64/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/openssl.gypi b/deps/openssl/config/archs/linux64-mips64/asm/openssl.gypi
index 530cea8a707d21..2766034c0f47f9 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux64-mips64/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/apps/progs.c b/deps/openssl/config/archs/linux64-mips64/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux64-mips64/asm_avx2/configdata.pm
index c861a6aa75de33..64118999c0d5ce 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -162,7 +162,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -210,10 +210,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -262,11 +262,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux64-mips64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -399,7 +399,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -902,6 +901,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1058,9 +1060,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3460,9 +3459,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5854,9 +5850,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7239,6 +7232,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7447,10 +7444,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10241,7 +10234,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10292,7 +10284,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12495,9 +12486,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14889,9 +14877,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16256,10 +16241,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16861,7 +16842,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18359,6 +18339,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18521,9 +18505,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19896,7 +19877,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20230,6 +20210,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20282,7 +20263,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24440,7 +24420,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24467,7 +24446,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25712,9 +25690,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25796,9 +25771,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25929,6 +25901,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26241,12 +26219,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27699,7 +27671,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27721,7 +27693,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/buildinf.h
index 9969f7fbe4894a..e9c4ce02098106 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-mips64"
-#define DATE "built on: Mon Sep 30 17:13:28 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:06:47 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/progs.h b/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl.gypi
index 04841c7652189d..94f3c87ec84cd0 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux64-mips64/no-asm/apps/progs.c b/deps/openssl/config/archs/linux64-mips64/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux64-mips64/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux64-mips64/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-mips64/no-asm/configdata.pm b/deps/openssl/config/archs/linux64-mips64/no-asm/configdata.pm
index 0aa374d19d56cb..620cce510e55ce 100644
--- a/deps/openssl/config/archs/linux64-mips64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux64-mips64/no-asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -157,7 +157,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux64-mips64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -396,7 +396,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -900,6 +899,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1056,9 +1058,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3436,9 +3435,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5830,9 +5826,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7215,6 +7208,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7423,10 +7420,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10208,7 +10201,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10259,7 +10251,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12462,9 +12453,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14856,9 +14844,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16223,10 +16208,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16828,7 +16809,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18287,6 +18267,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18449,9 +18433,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19824,7 +19805,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20158,6 +20138,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20210,7 +20191,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24336,7 +24316,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24363,7 +24342,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25604,9 +25582,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25688,9 +25663,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25821,6 +25793,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26133,12 +26111,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27594,7 +27566,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27616,7 +27588,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/buildinf.h
index 135ced7215d174..37ff606b896e2f 100644
--- a/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-mips64"
-#define DATE "built on: Mon Sep 30 17:13:40 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:06:59 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-mips64/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux64-mips64/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux64-mips64/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux64-mips64/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux64-mips64/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux64-mips64/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux64-mips64/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux64-mips64/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux64-mips64/no-asm/include/progs.h b/deps/openssl/config/archs/linux64-mips64/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux64-mips64/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/linux64-mips64/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-mips64/no-asm/openssl.gypi b/deps/openssl/config/archs/linux64-mips64/no-asm/openssl.gypi
index 0051a07280ecd4..d668c5608169c9 100644
--- a/deps/openssl/config/archs/linux64-mips64/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux64-mips64/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux64-riscv64/no-asm/apps/progs.c b/deps/openssl/config/archs/linux64-riscv64/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux64-riscv64/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux64-riscv64/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-riscv64/no-asm/configdata.pm b/deps/openssl/config/archs/linux64-riscv64/no-asm/configdata.pm
index ce13ea66723d9f..965841bcbfc8b9 100644
--- a/deps/openssl/config/archs/linux64-riscv64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux64-riscv64/no-asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -157,7 +157,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux64-riscv64",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -394,7 +394,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -898,6 +897,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1054,9 +1056,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3434,9 +3433,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5828,9 +5824,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7213,6 +7206,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7421,10 +7418,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10206,7 +10199,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10257,7 +10249,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12460,9 +12451,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14854,9 +14842,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16221,10 +16206,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16826,7 +16807,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18285,6 +18265,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18447,9 +18431,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19822,7 +19803,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20156,6 +20136,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20208,7 +20189,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24334,7 +24314,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24361,7 +24340,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25602,9 +25580,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25686,9 +25661,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25819,6 +25791,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26131,12 +26109,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27592,7 +27564,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27614,7 +27586,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux64-riscv64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux64-riscv64/no-asm/crypto/buildinf.h
index f5d77a05993d1a..e2572b49a0da50 100644
--- a/deps/openssl/config/archs/linux64-riscv64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-riscv64/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-riscv64"
-#define DATE "built on: Mon Sep 30 17:16:42 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:09:54 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-riscv64/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux64-riscv64/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux64-riscv64/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux64-riscv64/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux64-riscv64/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux64-riscv64/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux64-riscv64/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux64-riscv64/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux64-riscv64/no-asm/include/progs.h b/deps/openssl/config/archs/linux64-riscv64/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux64-riscv64/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/linux64-riscv64/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-riscv64/no-asm/openssl.gypi b/deps/openssl/config/archs/linux64-riscv64/no-asm/openssl.gypi
index b4549cc91f5c0d..28788f4b84b746 100644
--- a/deps/openssl/config/archs/linux64-riscv64/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux64-riscv64/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/linux64-s390x/asm/apps/progs.c b/deps/openssl/config/archs/linux64-s390x/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux64-s390x/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-s390x/asm/configdata.pm b/deps/openssl/config/archs/linux64-s390x/asm/configdata.pm
index df0ce5c951f633..abc3528c063460 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux64-s390x/asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux64-s390x",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -396,7 +396,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -899,6 +898,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1055,9 +1057,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3482,9 +3481,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5876,9 +5872,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7261,6 +7254,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7469,10 +7466,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10280,7 +10273,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10331,7 +10323,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12534,9 +12525,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14928,9 +14916,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16295,10 +16280,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16900,7 +16881,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18413,6 +18393,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18575,9 +18559,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19950,7 +19931,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20284,6 +20264,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20336,7 +20317,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24518,7 +24498,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24545,7 +24524,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25794,9 +25772,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25878,9 +25853,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26011,6 +25983,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26323,12 +26301,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27781,7 +27753,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27803,7 +27775,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux64-s390x/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux64-s390x/asm/crypto/buildinf.h
index d7922fa6537630..d2d018bb826d83 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-s390x/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-s390x"
-#define DATE "built on: Mon Sep 30 17:12:38 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:05:58 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-s390x/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux64-s390x/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux64-s390x/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux64-s390x/asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux64-s390x/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux64-s390x/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux64-s390x/asm/include/progs.h b/deps/openssl/config/archs/linux64-s390x/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm/include/progs.h
+++ b/deps/openssl/config/archs/linux64-s390x/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-s390x/asm/openssl.gypi b/deps/openssl/config/archs/linux64-s390x/asm/openssl.gypi
index 0e033968bf85be..3f54c7665d7c5d 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux64-s390x/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/linux64-s390x/asm_avx2/apps/progs.c b/deps/openssl/config/archs/linux64-s390x/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/linux64-s390x/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-s390x/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux64-s390x/asm_avx2/configdata.pm
index b106196b63ae5c..ce5beb94026504 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux64-s390x/asm_avx2/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -159,7 +159,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -207,10 +207,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux64-s390x",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -396,7 +396,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -899,6 +898,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1055,9 +1057,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3482,9 +3481,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5876,9 +5872,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7261,6 +7254,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7469,10 +7466,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10280,7 +10273,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10331,7 +10323,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12534,9 +12525,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14928,9 +14916,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16295,10 +16280,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16900,7 +16881,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18413,6 +18393,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18575,9 +18559,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19950,7 +19931,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20284,6 +20264,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20336,7 +20317,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24518,7 +24498,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24545,7 +24524,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25794,9 +25772,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25878,9 +25853,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26011,6 +25983,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26323,12 +26301,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27781,7 +27753,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27803,7 +27775,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux64-s390x/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux64-s390x/asm_avx2/crypto/buildinf.h
index 2c9106ca3ca56c..a4caeb83b31bb8 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-s390x/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-s390x"
-#define DATE "built on: Mon Sep 30 17:12:51 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:06:11 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/progs.h b/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/linux64-s390x/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-s390x/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux64-s390x/asm_avx2/openssl.gypi
index d3994ecfaeb3e9..2624be71174e70 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux64-s390x/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/linux64-s390x/no-asm/apps/progs.c b/deps/openssl/config/archs/linux64-s390x/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/linux64-s390x/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/linux64-s390x/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-s390x/no-asm/configdata.pm b/deps/openssl/config/archs/linux64-s390x/no-asm/configdata.pm
index 1462cc41faebed..600b00670d49b9 100644
--- a/deps/openssl/config/archs/linux64-s390x/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux64-s390x/no-asm/configdata.pm
@@ -142,7 +142,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -157,7 +157,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -206,10 +206,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -259,11 +259,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned char",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "linux64-s390x",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -396,7 +396,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -900,6 +899,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1056,9 +1058,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3436,9 +3435,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5830,9 +5826,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7215,6 +7208,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7423,10 +7420,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10208,7 +10201,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10259,7 +10251,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12462,9 +12453,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14856,9 +14844,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16223,10 +16208,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16828,7 +16809,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18287,6 +18267,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18449,9 +18433,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19824,7 +19805,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20158,6 +20138,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20210,7 +20191,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24336,7 +24316,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24363,7 +24342,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25604,9 +25582,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25688,9 +25663,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25821,6 +25793,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26133,12 +26111,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27594,7 +27566,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27616,7 +27588,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/linux64-s390x/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux64-s390x/no-asm/crypto/buildinf.h
index 65fd9d291b3df3..1a15fe8b54d607 100644
--- a/deps/openssl/config/archs/linux64-s390x/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-s390x/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-s390x"
-#define DATE "built on: Mon Sep 30 17:13:04 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:06:24 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-s390x/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/linux64-s390x/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/linux64-s390x/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/linux64-s390x/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/linux64-s390x/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/linux64-s390x/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/linux64-s390x/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/linux64-s390x/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/linux64-s390x/no-asm/include/progs.h b/deps/openssl/config/archs/linux64-s390x/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/linux64-s390x/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/linux64-s390x/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/linux64-s390x/no-asm/openssl.gypi b/deps/openssl/config/archs/linux64-s390x/no-asm/openssl.gypi
index c1c132a136e21f..1fdc4dfb040e29 100644
--- a/deps/openssl/config/archs/linux64-s390x/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux64-s390x/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/apps/progs.c b/deps/openssl/config/archs/solaris-x86-gcc/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/apps/progs.c
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/configdata.pm b/deps/openssl/config/archs/solaris-x86-gcc/asm/configdata.pm
index 15732afc0605eb..29bb1851e3fcf9 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/configdata.pm
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -204,10 +204,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -256,11 +256,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "solaris-x86-gcc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -387,7 +387,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -890,6 +889,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1046,9 +1048,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3485,9 +3484,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5879,9 +5875,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7264,6 +7257,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7472,10 +7469,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10279,7 +10272,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10330,7 +10322,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12533,9 +12524,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14927,9 +14915,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16294,10 +16279,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16899,7 +16880,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18358,6 +18338,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18520,9 +18504,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19895,7 +19876,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20229,6 +20209,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20281,7 +20262,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24485,7 +24465,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24512,7 +24491,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25763,9 +25741,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25847,9 +25822,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25980,6 +25952,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26292,12 +26270,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27750,7 +27722,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27772,7 +27744,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/crypto/buildinf.h b/deps/openssl/config/archs/solaris-x86-gcc/asm/crypto/buildinf.h
index fcd321c88356d4..a447f23eeb173b 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris-x86-gcc"
-#define DATE "built on: Mon Sep 30 17:13:52 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:07:10 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/solaris-x86-gcc/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/include/openssl/ssl.h b/deps/openssl/config/archs/solaris-x86-gcc/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/include/progs.h b/deps/openssl/config/archs/solaris-x86-gcc/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/include/progs.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl.gypi b/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl.gypi
index 2037cbe79e9b30..1c98866c3f421f 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl.gypi
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/apps/progs.c b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/configdata.pm b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/configdata.pm
index 67a1475d1ddbe5..b596850adb7464 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -204,10 +204,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -256,11 +256,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "solaris-x86-gcc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -387,7 +387,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -890,6 +889,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1046,9 +1048,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3485,9 +3484,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5879,9 +5875,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7264,6 +7257,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7472,10 +7469,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10279,7 +10272,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10330,7 +10322,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12533,9 +12524,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14927,9 +14915,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16294,10 +16279,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16899,7 +16880,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18358,6 +18338,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18520,9 +18504,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19895,7 +19876,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20229,6 +20209,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20281,7 +20262,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24485,7 +24465,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24512,7 +24491,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25763,9 +25741,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25847,9 +25822,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25980,6 +25952,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26292,12 +26270,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27750,7 +27722,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27772,7 +27744,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/crypto/buildinf.h
index 6e6e28436ecdbc..23cce74e29506b 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris-x86-gcc"
-#define DATE "built on: Mon Sep 30 17:14:05 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:07:23 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/progs.h b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl.gypi b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl.gypi
index 2f0dea41efd200..675580f4af2c98 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/apps/progs.c b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/configdata.pm b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/configdata.pm
index 6210b1d2a3a71f..3861ddf22ae7b6 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -154,7 +154,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -203,10 +203,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -256,11 +256,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "solaris-x86-gcc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -387,7 +387,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -891,6 +890,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1047,9 +1049,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3427,9 +3426,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5821,9 +5817,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7206,6 +7199,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7414,10 +7411,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10199,7 +10192,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10250,7 +10242,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12453,9 +12444,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14847,9 +14835,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16214,10 +16199,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16819,7 +16800,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18278,6 +18258,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18440,9 +18424,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19815,7 +19796,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20149,6 +20129,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20201,7 +20182,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24327,7 +24307,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24354,7 +24333,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25595,9 +25573,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25679,9 +25654,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25812,6 +25784,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26124,12 +26102,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27585,7 +27557,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27607,7 +27579,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/crypto/buildinf.h
index 4c9d7e40a9a713..53c0d8b1a0867c 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris-x86-gcc"
-#define DATE "built on: Mon Sep 30 17:14:18 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:07:35 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/progs.h b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/openssl.gypi b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/openssl.gypi
index 5af311edc163dc..65b9565d3dfa88 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/apps/progs.c b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/apps/progs.c
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/configdata.pm b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/configdata.pm
index b0a159b0cc7022..9c48df85f8f0c9 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/configdata.pm
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -204,10 +204,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -256,11 +256,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "solaris64-x86_64-gcc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -891,6 +890,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1047,9 +1049,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3491,9 +3490,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5885,9 +5881,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7270,6 +7263,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7478,10 +7475,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10321,7 +10314,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10372,7 +10364,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12575,9 +12566,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14969,9 +14957,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16336,10 +16321,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16941,7 +16922,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18400,6 +18380,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18562,9 +18546,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19937,7 +19918,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20271,6 +20251,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20323,7 +20304,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24618,7 +24598,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24645,7 +24624,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25909,9 +25887,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25993,9 +25968,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26126,6 +26098,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26438,12 +26416,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27896,7 +27868,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27918,7 +27890,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/crypto/buildinf.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/crypto/buildinf.h
index d4ff152f987c38..419598dbfc385b 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris64-x86_64-gcc"
-#define DATE "built on: Mon Sep 30 17:14:30 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:07:47 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/openssl/opensslv.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/openssl/ssl.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/progs.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/progs.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl.gypi b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl.gypi
index 24d9ad0e5c0bee..d9001667578d0c 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl.gypi
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/apps/progs.c b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/apps/progs.c
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/configdata.pm b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/configdata.pm
index fe2ce273e36091..78ff7abbcfcd77 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [
@@ -156,7 +156,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -204,10 +204,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -256,11 +256,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "solaris64-x86_64-gcc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -891,6 +890,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1047,9 +1049,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3491,9 +3490,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5885,9 +5881,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7270,6 +7263,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7478,10 +7475,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10321,7 +10314,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10372,7 +10364,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12575,9 +12566,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14969,9 +14957,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16336,10 +16321,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16941,7 +16922,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18400,6 +18380,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18562,9 +18546,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19937,7 +19918,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20271,6 +20251,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20323,7 +20304,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24618,7 +24598,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24645,7 +24624,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25909,9 +25887,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25993,9 +25968,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -26126,6 +26098,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26438,12 +26416,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27896,7 +27868,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27918,7 +27890,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/buildinf.h
index 8d026664c28a3b..d10909b5f3a37a 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris64-x86_64-gcc"
-#define DATE "built on: Mon Sep 30 17:14:46 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:08:02 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/openssl/opensslv.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/openssl/ssl.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/progs.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/progs.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl.gypi b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl.gypi
index 5bab94f70bb82a..d48b3cba951648 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cfb.c',
       'openssl/crypto/aes/aes_ecb.c',
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/apps/progs.c b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/apps/progs.c
index 6f240203d77ae3..43cef00799b86e 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/apps/progs.c
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/apps/progs.c
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/configdata.pm b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/configdata.pm
index 350e5fdcdfdef2..21482b0425020d 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/configdata.pm
@@ -139,7 +139,7 @@ our %config = (
         "providers/implementations/kem/build.info",
         "providers/implementations/rands/seeding/build.info"
     ],
-    "build_metadata" => "+quic",
+    "build_metadata" => "",
     "build_type" => "release",
     "builddir" => ".",
     "cflags" => [],
@@ -154,7 +154,7 @@ our %config = (
     ],
     "dynamic_engines" => "0",
     "ex_libs" => [],
-    "full_version" => "3.0.15+quic",
+    "full_version" => "3.0.16",
     "includes" => [],
     "lflags" => [],
     "lib_defines" => [
@@ -203,10 +203,10 @@ our %config = (
     "openssl_sys_defines" => [],
     "openssldir" => "",
     "options" => "enable-ssl-trace enable-fips no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-ktls no-loadereng no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-trace no-ubsan no-unit-test no-uplink no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-    "patch" => "15",
+    "patch" => "16",
     "perl_archname" => "x86_64-linux-gnu-thread-multi",
     "perl_cmd" => "/usr/bin/perl",
-    "perl_version" => "5.34.0",
+    "perl_version" => "5.38.2",
     "perlargv" => [
         "no-comp",
         "no-shared",
@@ -256,11 +256,11 @@ our %config = (
     "prerelease" => "",
     "processor" => "",
     "rc4_int" => "unsigned int",
-    "release_date" => "3 Sep 2024",
-    "shlib_version" => "81.3",
+    "release_date" => "11 Feb 2025",
+    "shlib_version" => "3",
     "sourcedir" => ".",
     "target" => "solaris64-x86_64-gcc",
-    "version" => "3.0.15"
+    "version" => "3.0.16"
 );
 our %target = (
     "AR" => "ar",
@@ -388,7 +388,6 @@ our @disablables = (
     "poly1305",
     "posix-io",
     "psk",
-    "quic",
     "rc2",
     "rc4",
     "rc5",
@@ -892,6 +891,9 @@ our %unified_info = (
             "test/bio_prefix_text" => {
                 "noinst" => "1"
             },
+            "test/bio_pw_callback_test" => {
+                "noinst" => "1"
+            },
             "test/bio_readbuffer_test" => {
                 "noinst" => "1"
             },
@@ -1048,9 +1050,6 @@ our %unified_info = (
             "test/buildtest_c_provider" => {
                 "noinst" => "1"
             },
-            "test/buildtest_c_quic" => {
-                "noinst" => "1"
-            },
             "test/buildtest_c_rand" => {
                 "noinst" => "1"
             },
@@ -3428,9 +3427,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -5822,9 +5818,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -7207,6 +7200,10 @@ our %unified_info = (
             "libcrypto",
             "test/libtestutil.a"
         ],
+        "test/bio_pw_callback_test" => [
+            "libcrypto",
+            "test/libtestutil.a"
+        ],
         "test/bio_readbuffer_test" => [
             "libcrypto",
             "test/libtestutil.a"
@@ -7415,10 +7412,6 @@ our %unified_info = (
             "libcrypto",
             "libssl"
         ],
-        "test/buildtest_c_quic" => [
-            "libcrypto",
-            "libssl"
-        ],
         "test/buildtest_c_rand" => [
             "libcrypto",
             "libssl"
@@ -10200,7 +10193,6 @@ our %unified_info = (
                 "ssl/libssl-lib-ssl_init.o",
                 "ssl/libssl-lib-ssl_lib.o",
                 "ssl/libssl-lib-ssl_mcnf.o",
-                "ssl/libssl-lib-ssl_quic.o",
                 "ssl/libssl-lib-ssl_rsa.o",
                 "ssl/libssl-lib-ssl_rsa_legacy.o",
                 "ssl/libssl-lib-ssl_sess.o",
@@ -10251,7 +10243,6 @@ our %unified_info = (
                 "ssl/statem/libssl-lib-statem_clnt.o",
                 "ssl/statem/libssl-lib-statem_dtls.o",
                 "ssl/statem/libssl-lib-statem_lib.o",
-                "ssl/statem/libssl-lib-statem_quic.o",
                 "ssl/statem/libssl-lib-statem_srvr.o"
             ],
             "products" => {
@@ -12454,9 +12445,6 @@ our %unified_info = (
         "doc/html/man3/SSL_CTX_set_psk_client_callback.html" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/html/man3/SSL_CTX_set_quic_method.html" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/html/man3/SSL_CTX_set_quiet_shutdown.html" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -14848,9 +14836,6 @@ our %unified_info = (
         "doc/man/man3/SSL_CTX_set_psk_client_callback.3" => [
             "doc/man3/SSL_CTX_set_psk_client_callback.pod"
         ],
-        "doc/man/man3/SSL_CTX_set_quic_method.3" => [
-            "doc/man3/SSL_CTX_set_quic_method.pod"
-        ],
         "doc/man/man3/SSL_CTX_set_quiet_shutdown.3" => [
             "doc/man3/SSL_CTX_set_quiet_shutdown.pod"
         ],
@@ -16215,10 +16200,6 @@ our %unified_info = (
             "test/generate_buildtest.pl",
             "provider"
         ],
-        "test/buildtest_quic.c" => [
-            "test/generate_buildtest.pl",
-            "quic"
-        ],
         "test/buildtest_rand.c" => [
             "test/generate_buildtest.pl",
             "rand"
@@ -16820,7 +16801,6 @@ our %unified_info = (
             "doc/html/man3/SSL_CTX_set_num_tickets.html",
             "doc/html/man3/SSL_CTX_set_options.html",
             "doc/html/man3/SSL_CTX_set_psk_client_callback.html",
-            "doc/html/man3/SSL_CTX_set_quic_method.html",
             "doc/html/man3/SSL_CTX_set_quiet_shutdown.html",
             "doc/html/man3/SSL_CTX_set_read_ahead.html",
             "doc/html/man3/SSL_CTX_set_record_padding_callback.html",
@@ -18279,6 +18259,10 @@ our %unified_info = (
             "include",
             "apps/include"
         ],
+        "test/bio_pw_callback_test" => [
+            "include",
+            "apps/include"
+        ],
         "test/bio_readbuffer_test" => [
             "include",
             "apps/include"
@@ -18441,9 +18425,6 @@ our %unified_info = (
         "test/buildtest_c_provider" => [
             "include"
         ],
-        "test/buildtest_c_quic" => [
-            "include"
-        ],
         "test/buildtest_c_rand" => [
             "include"
         ],
@@ -19816,7 +19797,6 @@ our %unified_info = (
             "doc/man/man3/SSL_CTX_set_num_tickets.3",
             "doc/man/man3/SSL_CTX_set_options.3",
             "doc/man/man3/SSL_CTX_set_psk_client_callback.3",
-            "doc/man/man3/SSL_CTX_set_quic_method.3",
             "doc/man/man3/SSL_CTX_set_quiet_shutdown.3",
             "doc/man/man3/SSL_CTX_set_read_ahead.3",
             "doc/man/man3/SSL_CTX_set_record_padding_callback.3",
@@ -20150,6 +20130,7 @@ our %unified_info = (
         "test/bio_enc_test",
         "test/bio_memleak_test",
         "test/bio_prefix_text",
+        "test/bio_pw_callback_test",
         "test/bio_readbuffer_test",
         "test/bioprinttest",
         "test/bn_internal_test",
@@ -20202,7 +20183,6 @@ our %unified_info = (
         "test/buildtest_c_pem2",
         "test/buildtest_c_prov_ssl",
         "test/buildtest_c_provider",
-        "test/buildtest_c_quic",
         "test/buildtest_c_rand",
         "test/buildtest_c_rc2",
         "test/buildtest_c_rc4",
@@ -24328,7 +24308,6 @@ our %unified_info = (
             "ssl/libssl-lib-ssl_init.o",
             "ssl/libssl-lib-ssl_lib.o",
             "ssl/libssl-lib-ssl_mcnf.o",
-            "ssl/libssl-lib-ssl_quic.o",
             "ssl/libssl-lib-ssl_rsa.o",
             "ssl/libssl-lib-ssl_rsa_legacy.o",
             "ssl/libssl-lib-ssl_sess.o",
@@ -24355,7 +24334,6 @@ our %unified_info = (
             "ssl/statem/libssl-lib-statem_clnt.o",
             "ssl/statem/libssl-lib-statem_dtls.o",
             "ssl/statem/libssl-lib-statem_lib.o",
-            "ssl/statem/libssl-lib-statem_quic.o",
             "ssl/statem/libssl-lib-statem_srvr.o"
         ],
         "providers/common/der/libcommon-lib-der_digests_gen.o" => [
@@ -25596,9 +25574,6 @@ our %unified_info = (
         "ssl/libssl-lib-ssl_mcnf.o" => [
             "ssl/ssl_mcnf.c"
         ],
-        "ssl/libssl-lib-ssl_quic.o" => [
-            "ssl/ssl_quic.c"
-        ],
         "ssl/libssl-lib-ssl_rsa.o" => [
             "ssl/ssl_rsa.c"
         ],
@@ -25680,9 +25655,6 @@ our %unified_info = (
         "ssl/statem/libssl-lib-statem_lib.o" => [
             "ssl/statem/statem_lib.c"
         ],
-        "ssl/statem/libssl-lib-statem_quic.o" => [
-            "ssl/statem/statem_quic.c"
-        ],
         "ssl/statem/libssl-lib-statem_srvr.o" => [
             "ssl/statem/statem_srvr.c"
         ],
@@ -25813,6 +25785,12 @@ our %unified_info = (
         "test/bio_prefix_text-bin-bio_prefix_text.o" => [
             "test/bio_prefix_text.c"
         ],
+        "test/bio_pw_callback_test" => [
+            "test/bio_pw_callback_test-bin-bio_pw_callback_test.o"
+        ],
+        "test/bio_pw_callback_test-bin-bio_pw_callback_test.o" => [
+            "test/bio_pw_callback_test.c"
+        ],
         "test/bio_readbuffer_test" => [
             "test/bio_readbuffer_test-bin-bio_readbuffer_test.o"
         ],
@@ -26125,12 +26103,6 @@ our %unified_info = (
         "test/buildtest_c_provider-bin-buildtest_provider.o" => [
             "test/buildtest_provider.c"
         ],
-        "test/buildtest_c_quic" => [
-            "test/buildtest_c_quic-bin-buildtest_quic.o"
-        ],
-        "test/buildtest_c_quic-bin-buildtest_quic.o" => [
-            "test/buildtest_quic.c"
-        ],
         "test/buildtest_c_rand" => [
             "test/buildtest_c_rand-bin-buildtest_rand.o"
         ],
@@ -27586,7 +27558,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close BUILDFILE;
         rename("$buildfile.new", $buildfile)
             or die "Trying to rename $buildfile.new to $buildfile: $!";
@@ -27608,7 +27580,7 @@ _____
                        # defined in one template stick around for the
                        # next, making them combinable
                        PACKAGE => 'OpenSSL::safe')
-            or die $Text::Template::ERROR;
+            or die $OpenSSL::Template::ERROR;
         close CONFIGURATION_H;
 
         # When using stat() on Windows, we can get it to perform better by
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/crypto/buildinf.h
index f750c629cde372..cb9544336c42ba 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/crypto/buildinf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by util/mkbuildinf.pl
  *
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris64-x86_64-gcc"
-#define DATE "built on: Mon Sep 30 17:15:02 2024 UTC"
+#define DATE "built on: Wed Mar  5 21:08:18 2025 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/openssl/opensslv.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/openssl/opensslv.h
index 819878c21bf304..8e11963343e9fa 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/openssl/opensslv.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/openssl/opensslv.h
@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  0
-# define OPENSSL_VERSION_PATCH  15
+# define OPENSSL_VERSION_PATCH  16
 
 /*
  * Additional version information
@@ -42,7 +42,7 @@ extern "C" {
 # define OPENSSL_VERSION_PRE_RELEASE ""
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
 /* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
-# define OPENSSL_VERSION_BUILD_METADATA "+quic"
+# define OPENSSL_VERSION_BUILD_METADATA ""
 
 /*
  * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
@@ -57,7 +57,7 @@ extern "C" {
  * be related to the API version expressed with the macros above.
  * This is defined in free form.
  */
-# define OPENSSL_SHLIB_VERSION 81.3
+# define OPENSSL_SHLIB_VERSION 3
 
 /*
  * SECTION 2: USEFUL MACROS
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.0.15"
-# define OPENSSL_FULL_VERSION_STR "3.0.15+quic"
+# define OPENSSL_VERSION_STR "3.0.16"
+# define OPENSSL_FULL_VERSION_STR "3.0.16"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "3 Sep 2024"
+# define OPENSSL_RELEASE_DATE "11 Feb 2025"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.15+quic 3 Sep 2024"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/openssl/ssl.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/openssl/ssl.h
index 0f1915755ae8a4..3df725c56d6c5e 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/openssl/ssl.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/openssl/ssl.h
@@ -2593,75 +2593,6 @@ void SSL_set_allow_early_data_cb(SSL *s,
 const char *OSSL_default_cipher_list(void);
 const char *OSSL_default_ciphersuites(void);
 
-#  ifndef OPENSSL_NO_QUIC
-/*
- * QUIC integration - The QUIC interface matches BoringSSL
- *
- * ssl_encryption_level_t represents a specific QUIC encryption level used to
- * transmit handshake messages. BoringSSL has this as an 'enum'.
- */
-#include <openssl/quic.h>
-
-/* Used by Chromium/QUIC - moved from evp.h to avoid breaking FIPS checksums */
-# define X25519_PRIVATE_KEY_LEN          32
-# define X25519_PUBLIC_VALUE_LEN         32
-
-/* moved from types.h to avoid breaking FIPS checksums */
-typedef struct ssl_quic_method_st SSL_QUIC_METHOD;
-
-typedef enum ssl_encryption_level_t {
-    ssl_encryption_initial = 0,
-    ssl_encryption_early_data,
-    ssl_encryption_handshake,
-    ssl_encryption_application
-} OSSL_ENCRYPTION_LEVEL;
-
-struct ssl_quic_method_st {
-    int (*set_encryption_secrets)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t *read_secret,
-                                  const uint8_t *write_secret, size_t secret_len);
-    int (*add_handshake_data)(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t *data, size_t len);
-    int (*flush_flight)(SSL *ssl);
-    int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
-};
-
-__owur int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
-__owur int SSL_set_quic_transport_params(SSL *ssl,
-                                         const uint8_t *params,
-                                         size_t params_len);
-void SSL_get_peer_quic_transport_params(const SSL *ssl,
-                                        const uint8_t **out_params,
-                                        size_t *out_params_len);
-__owur size_t SSL_quic_max_handshake_flight_len(const SSL *ssl, OSSL_ENCRYPTION_LEVEL level);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_read_level(const SSL *ssl);
-__owur OSSL_ENCRYPTION_LEVEL SSL_quic_write_level(const SSL *ssl);
-__owur int SSL_provide_quic_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL level,
-                                 const uint8_t *data, size_t len);
-__owur int SSL_process_quic_post_handshake(SSL *ssl);
-
-__owur int SSL_is_quic(SSL *ssl);
-
-/* BoringSSL API */
-void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
-
-/*
- * Set an explicit value that you want to use
- * If 0 (default) the server will use the highest extenstion the client sent
- * If 0 (default) the client will send both extensions
- */
-void SSL_set_quic_transport_version(SSL *ssl, int version);
-__owur int SSL_get_quic_transport_version(const SSL *ssl);
-/* Returns the negotiated version, or -1 on error */
-__owur int SSL_get_peer_quic_transport_version(const SSL *ssl);
-
-int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *c);
-
-void SSL_set_quic_early_data_enabled(SSL *ssl, int enabled);
-
-#  endif
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/progs.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/progs.h
index f1d15624839fbb..be55f61503d405 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/progs.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/include/progs.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by apps/progs.pl
  *
- * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/openssl.gypi b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/openssl.gypi
index 18879acfa1918b..44ff54ede30479 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/openssl.gypi
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/openssl.gypi
@@ -19,7 +19,6 @@
       'openssl/ssl/ssl_init.c',
       'openssl/ssl/ssl_lib.c',
       'openssl/ssl/ssl_mcnf.c',
-      'openssl/ssl/ssl_quic.c',
       'openssl/ssl/ssl_rsa.c',
       'openssl/ssl/ssl_rsa_legacy.c',
       'openssl/ssl/ssl_sess.c',
@@ -46,7 +45,6 @@
       'openssl/ssl/statem/statem_clnt.c',
       'openssl/ssl/statem/statem_dtls.c',
       'openssl/ssl/statem/statem_lib.c',
-      'openssl/ssl/statem/statem_quic.c',
       'openssl/ssl/statem/statem_srvr.c',
       'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
diff --git a/deps/openssl/openssl/crypto/perlasm/x86asm.pl b/deps/openssl/openssl/crypto/perlasm/x86asm.pl
index 8dcde9eacaa3d1..98a7159a5f131c 100644
--- a/deps/openssl/openssl/crypto/perlasm/x86asm.pl
+++ b/deps/openssl/openssl/crypto/perlasm/x86asm.pl
@@ -174,9 +174,9 @@ sub ::vprotd
 
 sub ::endbranch
 {
-    &::generic("#ifdef __CET__\n");
+    &::generic("%ifdef __CET__\n");
     &::data_byte(0xf3,0x0f,0x1e,0xfb);
-    &::generic("#endif\n");
+    &::generic("%endif\n");
 }
 
 # label management
diff --git a/deps/openssl/openssl/include/crypto/bn_conf.h b/deps/openssl/openssl/include/crypto/bn_conf.h
new file mode 100644
index 00000000000000..79400c6472a49c
--- /dev/null
+++ b/deps/openssl/openssl/include/crypto/bn_conf.h
@@ -0,0 +1 @@
+#include "../../../config/bn_conf.h"
diff --git a/deps/openssl/openssl/include/crypto/dso_conf.h b/deps/openssl/openssl/include/crypto/dso_conf.h
new file mode 100644
index 00000000000000..e7f2afa9872320
--- /dev/null
+++ b/deps/openssl/openssl/include/crypto/dso_conf.h
@@ -0,0 +1 @@
+#include "../../../config/dso_conf.h"
diff --git a/deps/openssl/openssl/include/openssl/asn1.h b/deps/openssl/openssl/include/openssl/asn1.h
new file mode 100644
index 00000000000000..cd9fc7cc706c37
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/asn1.h
@@ -0,0 +1 @@
+#include "../../../config/asn1.h"
diff --git a/deps/openssl/openssl/include/openssl/asn1t.h b/deps/openssl/openssl/include/openssl/asn1t.h
new file mode 100644
index 00000000000000..6ff4f574949bbd
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/asn1t.h
@@ -0,0 +1 @@
+#include "../../../config/asn1t.h"
diff --git a/deps/openssl/openssl/include/openssl/bio.h b/deps/openssl/openssl/include/openssl/bio.h
new file mode 100644
index 00000000000000..dcece3cb4d6ebf
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/bio.h
@@ -0,0 +1 @@
+#include "../../../config/bio.h"
diff --git a/deps/openssl/openssl/include/openssl/cmp.h b/deps/openssl/openssl/include/openssl/cmp.h
new file mode 100644
index 00000000000000..7c8a6dc96fc360
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/cmp.h
@@ -0,0 +1 @@
+#include "../../../config/cmp.h"
diff --git a/deps/openssl/openssl/include/openssl/cms.h b/deps/openssl/openssl/include/openssl/cms.h
new file mode 100644
index 00000000000000..33a00775c9fa76
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/cms.h
@@ -0,0 +1 @@
+#include "../../../config/cms.h"
diff --git a/deps/openssl/openssl/include/openssl/conf.h b/deps/openssl/openssl/include/openssl/conf.h
new file mode 100644
index 00000000000000..2712886cafcd78
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/conf.h
@@ -0,0 +1 @@
+#include "../../../config/conf.h"
diff --git a/deps/openssl/openssl/include/openssl/configuration.h b/deps/openssl/openssl/include/openssl/configuration.h
new file mode 100644
index 00000000000000..8ffad996047c5e
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/configuration.h
@@ -0,0 +1 @@
+#include "../../../config/configuration.h"
diff --git a/deps/openssl/openssl/include/openssl/crmf.h b/deps/openssl/openssl/include/openssl/crmf.h
new file mode 100644
index 00000000000000..4103852ecb21c2
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/crmf.h
@@ -0,0 +1 @@
+#include "../../../config/crmf.h"
diff --git a/deps/openssl/openssl/include/openssl/crypto.h b/deps/openssl/openssl/include/openssl/crypto.h
new file mode 100644
index 00000000000000..6d0e701ebd3c19
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/crypto.h
@@ -0,0 +1 @@
+#include "../../../config/crypto.h"
diff --git a/deps/openssl/openssl/include/openssl/ct.h b/deps/openssl/openssl/include/openssl/ct.h
new file mode 100644
index 00000000000000..7ebb84387135be
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/ct.h
@@ -0,0 +1 @@
+#include "../../../config/ct.h"
diff --git a/deps/openssl/openssl/include/openssl/err.h b/deps/openssl/openssl/include/openssl/err.h
new file mode 100644
index 00000000000000..bf482070474781
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/err.h
@@ -0,0 +1 @@
+#include "../../../config/err.h"
diff --git a/deps/openssl/openssl/include/openssl/ess.h b/deps/openssl/openssl/include/openssl/ess.h
new file mode 100644
index 00000000000000..64cc016225119f
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/ess.h
@@ -0,0 +1 @@
+#include "../../../config/ess.h"
diff --git a/deps/openssl/openssl/include/openssl/fipskey.h b/deps/openssl/openssl/include/openssl/fipskey.h
new file mode 100644
index 00000000000000..c012013d98d4e8
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/fipskey.h
@@ -0,0 +1 @@
+#include "../../../config/fipskey.h"
diff --git a/deps/openssl/openssl/include/openssl/lhash.h b/deps/openssl/openssl/include/openssl/lhash.h
new file mode 100644
index 00000000000000..8d824f5cfe6274
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/lhash.h
@@ -0,0 +1 @@
+#include "../../../config/lhash.h"
diff --git a/deps/openssl/openssl/include/openssl/ocsp.h b/deps/openssl/openssl/include/openssl/ocsp.h
new file mode 100644
index 00000000000000..5b13afedf36bb6
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/ocsp.h
@@ -0,0 +1 @@
+#include "../../../config/ocsp.h"
diff --git a/deps/openssl/openssl/include/openssl/opensslv.h b/deps/openssl/openssl/include/openssl/opensslv.h
new file mode 100644
index 00000000000000..078cfba40fbe73
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/opensslv.h
@@ -0,0 +1 @@
+#include "../../../config/opensslv.h"
diff --git a/deps/openssl/openssl/include/openssl/pkcs12.h b/deps/openssl/openssl/include/openssl/pkcs12.h
new file mode 100644
index 00000000000000..2d7e2c08e99175
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/pkcs12.h
@@ -0,0 +1 @@
+#include "../../../config/pkcs12.h"
diff --git a/deps/openssl/openssl/include/openssl/pkcs7.h b/deps/openssl/openssl/include/openssl/pkcs7.h
new file mode 100644
index 00000000000000..b553f9d0f053b0
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/pkcs7.h
@@ -0,0 +1 @@
+#include "../../../config/pkcs7.h"
diff --git a/deps/openssl/openssl/include/openssl/safestack.h b/deps/openssl/openssl/include/openssl/safestack.h
new file mode 100644
index 00000000000000..989eafb33023b9
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/safestack.h
@@ -0,0 +1 @@
+#include "../../../config/safestack.h"
diff --git a/deps/openssl/openssl/include/openssl/srp.h b/deps/openssl/openssl/include/openssl/srp.h
new file mode 100644
index 00000000000000..9df42dad4c3127
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/srp.h
@@ -0,0 +1 @@
+#include "../../../config/srp.h"
diff --git a/deps/openssl/openssl/include/openssl/ssl.h b/deps/openssl/openssl/include/openssl/ssl.h
new file mode 100644
index 00000000000000..eb74ca98a9759a
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/ssl.h
@@ -0,0 +1 @@
+#include "../../../config/ssl.h"
diff --git a/deps/openssl/openssl/include/openssl/ui.h b/deps/openssl/openssl/include/openssl/ui.h
new file mode 100644
index 00000000000000..f5edb766b4fc6c
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/ui.h
@@ -0,0 +1 @@
+#include "../../../config/ui.h"
diff --git a/deps/openssl/openssl/include/openssl/x509.h b/deps/openssl/openssl/include/openssl/x509.h
new file mode 100644
index 00000000000000..ed28bd68cb2474
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/x509.h
@@ -0,0 +1 @@
+#include "../../../config/x509.h"
diff --git a/deps/openssl/openssl/include/openssl/x509_vfy.h b/deps/openssl/openssl/include/openssl/x509_vfy.h
new file mode 100644
index 00000000000000..9270a3ee09750a
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/x509_vfy.h
@@ -0,0 +1 @@
+#include "../../../config/x509_vfy.h"
diff --git a/deps/openssl/openssl/include/openssl/x509v3.h b/deps/openssl/openssl/include/openssl/x509v3.h
new file mode 100644
index 00000000000000..5629ae9a3a90af
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/x509v3.h
@@ -0,0 +1 @@
+#include "../../../config/x509v3.h"

From 0e3cd9ec006769f96e76478179897e5c8404222c Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Sun, 9 Feb 2025 07:44:13 -0500
Subject: [PATCH 017/138] deps: update zlib to 1.3.0.1-motley-788cb3c
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/56655
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
---
 deps/zlib/CMakeLists.txt                      |   1 +
 deps/zlib/contrib/bench/zlib_bench.cc         |  11 +-
 deps/zlib/contrib/minizip/Makefile            |  18 +-
 deps/zlib/contrib/minizip/README.chromium     |  11 +-
 deps/zlib/contrib/minizip/ints.h              |  57 +++
 deps/zlib/contrib/minizip/ioapi.h             |  35 +-
 deps/zlib/contrib/minizip/iowin32.c           |  16 +-
 deps/zlib/contrib/minizip/miniunz.c           |  32 +-
 deps/zlib/contrib/minizip/minizip.c           |  17 +-
 deps/zlib/contrib/minizip/mztools.c           |  61 +--
 deps/zlib/contrib/minizip/skipset.h           | 361 ++++++++++++++++++
 deps/zlib/contrib/minizip/unzip.c             |  13 +-
 deps/zlib/contrib/minizip/unzip.h             |   6 +-
 deps/zlib/contrib/minizip/zip.c               | 255 ++++++++++++-
 deps/zlib/contrib/minizip/zip.h               |  24 +-
 deps/zlib/google/compression_utils.cc         |  11 +-
 deps/zlib/google/compression_utils.h          |   5 +-
 deps/zlib/google/zip_internal.cc              |   4 +-
 .../0008-minizip-zip-unzip-tools.patch        |  35 +-
 ...0015-minizip-unzip-enable-decryption.patch |  11 -
 src/zlib_version.h                            |   2 +-
 21 files changed, 828 insertions(+), 158 deletions(-)
 create mode 100644 deps/zlib/contrib/minizip/ints.h
 create mode 100644 deps/zlib/contrib/minizip/skipset.h

diff --git a/deps/zlib/CMakeLists.txt b/deps/zlib/CMakeLists.txt
index 59d77c3a413628..ebf9cd41248655 100644
--- a/deps/zlib/CMakeLists.txt
+++ b/deps/zlib/CMakeLists.txt
@@ -386,6 +386,7 @@ if (BUILD_MINIZIP_BIN)
   add_executable(minizip_bin contrib/minizip/minizip.c contrib/minizip/ioapi.c
     contrib/minizip/ioapi.h contrib/minizip/unzip.c
     contrib/minizip/unzip.h contrib/minizip/zip.c contrib/minizip/zip.h
+    contrib/minizip/ints.h contrib/minizip/skipset.h
     )
   target_link_libraries(minizip_bin zlib)
 endif()
diff --git a/deps/zlib/contrib/bench/zlib_bench.cc b/deps/zlib/contrib/bench/zlib_bench.cc
index 6df296c8721056..5d84b8c9cb6438 100644
--- a/deps/zlib/contrib/bench/zlib_bench.cc
+++ b/deps/zlib/contrib/bench/zlib_bench.cc
@@ -18,18 +18,19 @@
  *   g++|clang++ -O3 -Wall -std=c++11 zlib_bench.cc -lstdc++ -lz
  */
 
+#include <memory.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+
 #include <algorithm>
 #include <chrono>
 #include <fstream>
 #include <memory>
+#include <new>
 #include <string>
 #include <vector>
 
-#include <memory.h>
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
 #include "zlib.h"
 
 void error_exit(const char* error, int code) {
diff --git a/deps/zlib/contrib/minizip/Makefile b/deps/zlib/contrib/minizip/Makefile
index aac76e07f6b999..b3e050a0416c00 100644
--- a/deps/zlib/contrib/minizip/Makefile
+++ b/deps/zlib/contrib/minizip/Makefile
@@ -1,5 +1,5 @@
-CC=cc
-CFLAGS := $(CFLAGS) -O -I../..
+CC?=cc
+CFLAGS := -O $(CFLAGS) -I../..
 
 UNZ_OBJS = miniunz.o unzip.o ioapi.o ../../libz.a
 ZIP_OBJS = minizip.o zip.o   ioapi.o ../../libz.a
@@ -9,13 +9,21 @@ ZIP_OBJS = minizip.o zip.o   ioapi.o ../../libz.a
 
 all: miniunz minizip
 
-miniunz:  $(UNZ_OBJS)
+miniunz.o: miniunz.c unzip.h iowin32.h
+minizip.o: minizip.c zip.h iowin32.h ints.h
+unzip.o: unzip.c unzip.h crypt.h
+zip.o: zip.c zip.h crypt.h skipset.h ints.h
+ioapi.o: ioapi.c ioapi.h ints.h
+iowin32.o: iowin32.c iowin32.h ioapi.h
+mztools.o: mztools.c unzip.h
+
+miniunz: $(UNZ_OBJS)
 	$(CC) $(CFLAGS) -o $@ $(UNZ_OBJS)
 
-minizip:  $(ZIP_OBJS)
+minizip: $(ZIP_OBJS)
 	$(CC) $(CFLAGS) -o $@ $(ZIP_OBJS)
 
-test:	miniunz minizip
+test: miniunz minizip
 	@rm -f test.*
 	@echo hello hello hello > test.txt
 	./minizip test test.txt
diff --git a/deps/zlib/contrib/minizip/README.chromium b/deps/zlib/contrib/minizip/README.chromium
index ceaff34f0f3fa6..6728765dd7580d 100644
--- a/deps/zlib/contrib/minizip/README.chromium
+++ b/deps/zlib/contrib/minizip/README.chromium
@@ -1,8 +1,8 @@
 Name: ZIP file API for reading file entries in a ZIP archive
 Short Name: minizip
 URL: https://github.com/madler/zlib/tree/master/contrib/minizip
-Version: 1.3.0.1
-Revision: 643e17b7498d12ab8d15565662880579692f769d
+Version: 1.3.1.1
+Revision: ef24c4c7502169f016dcd2a26923dbaf3216748c
 License: Zlib
 License File: //third_party/zlib/LICENSE
 Shipped: yes
@@ -14,6 +14,13 @@ Minizip provides API on top of zlib that can enumerate and extract ZIP archive
 files. See minizip.md for chromium build instructions.
 
 Local Modifications:
+- OS macro tweaks for Android and Fuchsia
+  0000-build.patch (the contrib/minizip/ parts)
+  0008-minizip-zip-unzip-tools.patch (crrev.com/886990)
+
+- Fix build on UWP. (crrev.com/750639)
+  0004-fix-uwp.patch
+
 - Fixed uncompressing files with wrong uncompressed size set
   crrev.com/268940
   0014-minizip-unzip-with-incorrect-size.patch
diff --git a/deps/zlib/contrib/minizip/ints.h b/deps/zlib/contrib/minizip/ints.h
new file mode 100644
index 00000000000000..4c84375b2138de
--- /dev/null
+++ b/deps/zlib/contrib/minizip/ints.h
@@ -0,0 +1,57 @@
+/* ints.h -- create integer types for 8, 16, 32, and 64 bits
+ * Copyright (C) 2024 Mark Adler
+ * For conditions of distribution and use, see the copyright notice in zlib.h
+ *
+ * There exist compilers with limits.h, but not stdint.h or inttypes.h.
+ */
+
+#ifndef INTS_H
+#define INTS_H
+#include <limits.h>
+#if defined(UCHAR_MAX) && UCHAR_MAX == 0xff
+    typedef signed char i8_t;
+    typedef unsigned char ui8_t;
+#else
+#   error "no 8-bit integer"
+#endif
+#if defined(USHRT_MAX) && USHRT_MAX == 0xffff
+    typedef short i16_t;
+    typedef unsigned short ui16_t;
+#elif defined(UINT_MAX) && UINT_MAX == 0xffff
+    typedef int i16_t;
+    typedef unsigned ui16_t;
+#else
+#   error "no 16-bit integer"
+#endif
+#if defined(UINT_MAX) && UINT_MAX == 0xffffffff
+    typedef int i32_t;
+    typedef unsigned ui32_t;
+#   define PI32 "d"
+#   define PUI32 "u"
+#elif defined(ULONG_MAX) && ULONG_MAX == 0xffffffff
+    typedef long i32_t;
+    typedef unsigned long ui32_t;
+#   define PI32 "ld"
+#   define PUI32 "lu"
+#else
+#   error "no 32-bit integer"
+#endif
+#if defined(ULONG_MAX) && ULONG_MAX == 0xffffffffffffffff
+    typedef long i64_t;
+    typedef unsigned long ui64_t;
+#   define PI64 "ld"
+#   define PUI64 "lu"
+#elif defined(ULLONG_MAX) && ULLONG_MAX == 0xffffffffffffffff
+    typedef long long i64_t;
+    typedef unsigned long long ui64_t;
+#   define PI64 "lld"
+#   define PUI64 "llu"
+#elif defined(ULONG_LONG_MAX) && ULONG_LONG_MAX == 0xffffffffffffffff
+    typedef long long i64_t;
+    typedef unsigned long long ui64_t;
+#   define PI64 "lld"
+#   define PUI64 "llu"
+#else
+#   error "no 64-bit integer"
+#endif
+#endif
diff --git a/deps/zlib/contrib/minizip/ioapi.h b/deps/zlib/contrib/minizip/ioapi.h
index a2d2e6e60d9250..f3b193d8030575 100644
--- a/deps/zlib/contrib/minizip/ioapi.h
+++ b/deps/zlib/contrib/minizip/ioapi.h
@@ -18,8 +18,8 @@
 
 */
 
-#ifndef _ZLIBIOAPI64_H
-#define _ZLIBIOAPI64_H
+#ifndef ZLIBIOAPI64_H
+#define ZLIBIOAPI64_H
 
 #if (!defined(_WIN32)) && (!defined(WIN32)) && (!defined(__APPLE__))
 
@@ -67,39 +67,12 @@
 #endif
 #endif
 
-/*
-#ifndef ZPOS64_T
-  #ifdef _WIN32
-                #define ZPOS64_T fpos_t
-  #else
-    #include <stdint.h>
-    #define ZPOS64_T uint64_t
-  #endif
-#endif
-*/
-
 #ifdef HAVE_MINIZIP64_CONF_H
 #include "mz64conf.h"
 #endif
 
-/* a type chosen by DEFINE */
-#ifdef HAVE_64BIT_INT_CUSTOM
-typedef  64BIT_INT_CUSTOM_TYPE ZPOS64_T;
-#else
-#ifdef HAS_STDINT_H
-#include "stdint.h"
-typedef uint64_t ZPOS64_T;
-#else
-
-
-
-#if defined(_MSC_VER) || defined(__BORLANDC__)
-typedef unsigned __int64 ZPOS64_T;
-#else
-typedef unsigned long long int ZPOS64_T;
-#endif
-#endif
-#endif
+#include "ints.h"
+typedef ui64_t ZPOS64_T;
 
 /* Maximum unsigned 32-bit value used as placeholder for zip64 */
 #ifndef MAXU32
diff --git a/deps/zlib/contrib/minizip/iowin32.c b/deps/zlib/contrib/minizip/iowin32.c
index 3f6867fd7e40b5..393c98676f0eff 100644
--- a/deps/zlib/contrib/minizip/iowin32.c
+++ b/deps/zlib/contrib/minizip/iowin32.c
@@ -88,7 +88,7 @@ static voidpf win32_build_iowin(HANDLE hFile) {
 }
 
 voidpf ZCALLBACK win32_open64_file_func(voidpf opaque, const void* filename, int mode) {
-    const char* mode_fopen = NULL;
+    (void)opaque;
     DWORD dwDesiredAccess,dwCreationDisposition,dwShareMode,dwFlagsAndAttributes ;
     HANDLE hFile = NULL;
 
@@ -116,7 +116,7 @@ voidpf ZCALLBACK win32_open64_file_func(voidpf opaque, const void* filename, int
 
 
 voidpf ZCALLBACK win32_open64_file_funcA(voidpf opaque, const void* filename, int mode) {
-    const char* mode_fopen = NULL;
+    (void)opaque;
     DWORD dwDesiredAccess,dwCreationDisposition,dwShareMode,dwFlagsAndAttributes ;
     HANDLE hFile = NULL;
 
@@ -139,7 +139,7 @@ voidpf ZCALLBACK win32_open64_file_funcA(voidpf opaque, const void* filename, in
 
 
 voidpf ZCALLBACK win32_open64_file_funcW(voidpf opaque, const void* filename, int mode) {
-    const char* mode_fopen = NULL;
+    (void)opaque;
     DWORD dwDesiredAccess,dwCreationDisposition,dwShareMode,dwFlagsAndAttributes ;
     HANDLE hFile = NULL;
 
@@ -158,7 +158,7 @@ voidpf ZCALLBACK win32_open64_file_funcW(voidpf opaque, const void* filename, in
 
 
 voidpf ZCALLBACK win32_open_file_func(voidpf opaque, const char* filename, int mode) {
-    const char* mode_fopen = NULL;
+    (void)opaque;
     DWORD dwDesiredAccess,dwCreationDisposition,dwShareMode,dwFlagsAndAttributes ;
     HANDLE hFile = NULL;
 
@@ -186,6 +186,7 @@ voidpf ZCALLBACK win32_open_file_func(voidpf opaque, const char* filename, int m
 
 
 uLong ZCALLBACK win32_read_file_func(voidpf opaque, voidpf stream, void* buf,uLong size) {
+    (void)opaque;
     uLong ret=0;
     HANDLE hFile = NULL;
     if (stream!=NULL)
@@ -207,6 +208,7 @@ uLong ZCALLBACK win32_read_file_func(voidpf opaque, voidpf stream, void* buf,uLo
 
 
 uLong ZCALLBACK win32_write_file_func(voidpf opaque, voidpf stream, const void* buf, uLong size) {
+    (void)opaque;
     uLong ret=0;
     HANDLE hFile = NULL;
     if (stream!=NULL)
@@ -246,6 +248,7 @@ static BOOL MySetFilePointerEx(HANDLE hFile, LARGE_INTEGER pos, LARGE_INTEGER *n
 }
 
 long ZCALLBACK win32_tell_file_func(voidpf opaque, voidpf stream) {
+    (void)opaque;
     long ret=-1;
     HANDLE hFile = NULL;
     if (stream!=NULL)
@@ -268,6 +271,7 @@ long ZCALLBACK win32_tell_file_func(voidpf opaque, voidpf stream) {
 }
 
 ZPOS64_T ZCALLBACK win32_tell64_file_func(voidpf opaque, voidpf stream) {
+    (void)opaque;
     ZPOS64_T ret= (ZPOS64_T)-1;
     HANDLE hFile = NULL;
     if (stream!=NULL)
@@ -292,6 +296,7 @@ ZPOS64_T ZCALLBACK win32_tell64_file_func(voidpf opaque, voidpf stream) {
 
 
 long ZCALLBACK win32_seek_file_func(voidpf opaque, voidpf stream, uLong offset, int origin) {
+    (void)opaque;
     DWORD dwMoveMethod=0xFFFFFFFF;
     HANDLE hFile = NULL;
 
@@ -329,6 +334,7 @@ long ZCALLBACK win32_seek_file_func(voidpf opaque, voidpf stream, uLong offset,
 }
 
 long ZCALLBACK win32_seek64_file_func(voidpf opaque, voidpf stream, ZPOS64_T offset, int origin) {
+    (void)opaque;
     DWORD dwMoveMethod=0xFFFFFFFF;
     HANDLE hFile = NULL;
     long ret=-1;
@@ -367,6 +373,7 @@ long ZCALLBACK win32_seek64_file_func(voidpf opaque, voidpf stream, ZPOS64_T off
 }
 
 int ZCALLBACK win32_close_file_func(voidpf opaque, voidpf stream) {
+    (void)opaque;
     int ret=-1;
 
     if (stream!=NULL)
@@ -384,6 +391,7 @@ int ZCALLBACK win32_close_file_func(voidpf opaque, voidpf stream) {
 }
 
 int ZCALLBACK win32_error_file_func(voidpf opaque, voidpf stream) {
+    (void)opaque;
     int ret=-1;
     if (stream!=NULL)
     {
diff --git a/deps/zlib/contrib/minizip/miniunz.c b/deps/zlib/contrib/minizip/miniunz.c
index 5b4312e5647cd2..f4ad16bdd377ba 100644
--- a/deps/zlib/contrib/minizip/miniunz.c
+++ b/deps/zlib/contrib/minizip/miniunz.c
@@ -39,6 +39,9 @@
 #endif
 
 
+#ifndef _CRT_SECURE_NO_WARNINGS
+#  define _CRT_SECURE_NO_WARNINGS
+#endif
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -79,10 +82,11 @@
 
 /* change_file_date : change the date/time of a file
     filename : the filename of the file where date/time must be modified
-    dosdate : the new date at the MSDos format (4 bytes)
+    dosdate : the new date at the MSDOS format (4 bytes)
     tmu_date : the SAME new date at the tm_unz format */
 static void change_file_date(const char *filename, uLong dosdate, tm_unz tmu_date) {
 #ifdef _WIN32
+  (void)tmu_date;
   HANDLE hFile;
   FILETIME ftm,ftLocal,ftCreate,ftLastAcc,ftLastWrite;
 
@@ -93,8 +97,7 @@ static void change_file_date(const char *filename, uLong dosdate, tm_unz tmu_dat
   LocalFileTimeToFileTime(&ftLocal,&ftm);
   SetFileTime(hFile,&ftm,&ftLastAcc,&ftm);
   CloseHandle(hFile);
-#else
-#if defined(unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
+#elif defined(__unix__) || defined(__unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
   (void)dosdate;
   struct utimbuf ut;
   struct tm newdate;
@@ -116,7 +119,6 @@ static void change_file_date(const char *filename, uLong dosdate, tm_unz tmu_dat
   (void)dosdate;
   (void)tmu_date;
 #endif
-#endif
 }
 
 
@@ -125,9 +127,9 @@ static void change_file_date(const char *filename, uLong dosdate, tm_unz tmu_dat
 
 static int mymkdir(const char* dirname) {
     int ret=0;
-#if defined(_WIN32)
+#ifdef _WIN32
     ret = _mkdir(dirname);
-#elif defined(unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
+#elif defined(__unix__) || defined(__unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
     ret = mkdir (dirname,0775);
 #else
     (void)dirname;
@@ -238,7 +240,7 @@ static int do_list(unzFile uf) {
     printf("  ------  ------     ---- -----   ----    ----   ------     ----\n");
     for (i=0;i<gi.number_entry;i++)
     {
-        char filename_inzip[256];
+        char filename_inzip[65536+1];
         unz_file_info64 file_info;
         uLong ratio=0;
         const char *string_method = "";
@@ -303,7 +305,7 @@ static int do_list(unzFile uf) {
 
 
 static int do_extract_currentfile(unzFile uf, const int* popt_extract_without_path, int* popt_overwrite, const char* password) {
-    char filename_inzip[256];
+    char filename_inzip[65536+1];
     char* filename_withoutpath;
     char* p;
     int err=UNZ_OK;
@@ -354,6 +356,20 @@ static int do_extract_currentfile(unzFile uf, const int* popt_extract_without_pa
         else
             write_filename = filename_withoutpath;
 
+        if (write_filename[0]!='\0')
+        {
+            const char* relative_check = write_filename;
+            while (relative_check[1]!='\0')
+            {
+                if (relative_check[0]=='.' && relative_check[1]=='.')
+                    write_filename = relative_check;
+                relative_check++;
+            }
+        }
+
+        while (write_filename[0]=='/' || write_filename[0]=='.')
+            write_filename++;
+
         err = unzOpenCurrentFilePassword(uf,password);
         if (err!=UNZ_OK)
         {
diff --git a/deps/zlib/contrib/minizip/minizip.c b/deps/zlib/contrib/minizip/minizip.c
index 9eb3956a55e00f..53fdd363e62227 100644
--- a/deps/zlib/contrib/minizip/minizip.c
+++ b/deps/zlib/contrib/minizip/minizip.c
@@ -40,6 +40,9 @@
 
 
 
+#ifndef _CRT_SECURE_NO_WARNINGS
+#  define _CRT_SECURE_NO_WARNINGS
+#endif
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -58,6 +61,7 @@
 #endif
 
 #include "zip.h"
+#include "ints.h"
 
 #ifdef _WIN32
         #define USEWIN32IOAPI
@@ -73,6 +77,7 @@
 /* f: name of file to get info on, tmzip: return value: access,
    modification and creation times, dt: dostime */
 static int filetime(const char *f, tm_zip *tmzip, uLong *dt) {
+  (void)tmzip;
   int ret = 0;
   {
       FILETIME ftLocal;
@@ -90,8 +95,7 @@ static int filetime(const char *f, tm_zip *tmzip, uLong *dt) {
   }
   return ret;
 }
-#else
-#if defined(unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
+#elif defined(__unix__) || defined(__unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
 /* f: name of file to get info on, tmzip: return value: access,
    modification and creation times, dt: dostime */
 static int filetime(const char *f, tm_zip *tmzip, uLong *dt) {
@@ -142,7 +146,6 @@ static int filetime(const char *f, tm_zip *tmzip, uLong *dt) {
     return 0;
 }
 #endif
-#endif
 
 
 
@@ -191,7 +194,7 @@ static int getFileCrc(const char* filenameinzip, void* buf, unsigned long size_b
         do
         {
             err = ZIP_OK;
-            size_read = fread(buf,1,size_buf,fin);
+            size_read = (unsigned long)fread(buf,1,size_buf,fin);
             if (size_read < size_buf)
                 if (feof(fin)==0)
             {
@@ -223,7 +226,7 @@ static int isLargeFile(const char* filename) {
     FSEEKO_FUNC(pFile, 0, SEEK_END);
     pos = (ZPOS64_T)FTELLO_FUNC(pFile);
 
-                printf("File : %s is %llu bytes\n", filename, pos);
+                printf("File : %s is %"PUI64" bytes\n", filename, pos);
 
     if(pos >= 0xffffffff)
      largeFile = 1;
@@ -243,7 +246,7 @@ int main(int argc, char *argv[]) {
     char filename_try[MAXFILENAME+16];
     int zipok;
     int err=0;
-    size_t size_buf=0;
+    unsigned long size_buf=0;
     void* buf=NULL;
     const char* password=NULL;
 
@@ -305,7 +308,7 @@ int main(int argc, char *argv[]) {
     }
     else
     {
-        int i,len;
+        int len;
         int dot_found=0;
 
         zipok = 1 ;
diff --git a/deps/zlib/contrib/minizip/mztools.c b/deps/zlib/contrib/minizip/mztools.c
index c8d23756155731..f86c1e71b0954e 100644
--- a/deps/zlib/contrib/minizip/mztools.c
+++ b/deps/zlib/contrib/minizip/mztools.c
@@ -5,6 +5,9 @@
 */
 
 /* Code */
+#ifndef _CRT_SECURE_NO_WARNINGS
+#  define _CRT_SECURE_NO_WARNINGS
+#endif
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -140,28 +143,28 @@ extern int ZEXPORT unzRepair(const char* file, const char* fileOut, const char*
 
         /* Central directory entry */
         {
-          char header[46];
+          char central[46];
           char* comment = "";
           int comsize = (int) strlen(comment);
-          WRITE_32(header, 0x02014b50);
-          WRITE_16(header + 4, version);
-          WRITE_16(header + 6, version);
-          WRITE_16(header + 8, gpflag);
-          WRITE_16(header + 10, method);
-          WRITE_16(header + 12, filetime);
-          WRITE_16(header + 14, filedate);
-          WRITE_32(header + 16, crc);
-          WRITE_32(header + 20, cpsize);
-          WRITE_32(header + 24, uncpsize);
-          WRITE_16(header + 28, fnsize);
-          WRITE_16(header + 30, extsize);
-          WRITE_16(header + 32, comsize);
-          WRITE_16(header + 34, 0);     /* disk # */
-          WRITE_16(header + 36, 0);     /* int attrb */
-          WRITE_32(header + 38, 0);     /* ext attrb */
-          WRITE_32(header + 42, currentOffset);
+          WRITE_32(central, 0x02014b50);
+          WRITE_16(central + 4, version);
+          WRITE_16(central + 6, version);
+          WRITE_16(central + 8, gpflag);
+          WRITE_16(central + 10, method);
+          WRITE_16(central + 12, filetime);
+          WRITE_16(central + 14, filedate);
+          WRITE_32(central + 16, crc);
+          WRITE_32(central + 20, cpsize);
+          WRITE_32(central + 24, uncpsize);
+          WRITE_16(central + 28, fnsize);
+          WRITE_16(central + 30, extsize);
+          WRITE_16(central + 32, comsize);
+          WRITE_16(central + 34, 0);    /* disk # */
+          WRITE_16(central + 36, 0);    /* int attrb */
+          WRITE_32(central + 38, 0);    /* ext attrb */
+          WRITE_32(central + 42, currentOffset);
           /* Header */
-          if (fwrite(header, 1, 46, fpOutCD) == 46) {
+          if (fwrite(central, 1, 46, fpOutCD) == 46) {
             offsetCD += 46;
 
             /* Filename */
@@ -215,23 +218,23 @@ extern int ZEXPORT unzRepair(const char* file, const char* fileOut, const char*
     /* Final central directory  */
     {
       int entriesZip = entries;
-      char header[22];
+      char end[22];
       char* comment = ""; // "ZIP File recovered by zlib/minizip/mztools";
       int comsize = (int) strlen(comment);
       if (entriesZip > 0xffff) {
         entriesZip = 0xffff;
       }
-      WRITE_32(header, 0x06054b50);
-      WRITE_16(header + 4, 0);    /* disk # */
-      WRITE_16(header + 6, 0);    /* disk # */
-      WRITE_16(header + 8, entriesZip);   /* hack */
-      WRITE_16(header + 10, entriesZip);  /* hack */
-      WRITE_32(header + 12, offsetCD);    /* size of CD */
-      WRITE_32(header + 16, offset);      /* offset to CD */
-      WRITE_16(header + 20, comsize);     /* comment */
+      WRITE_32(end, 0x06054b50);
+      WRITE_16(end + 4, 0);         /* disk # */
+      WRITE_16(end + 6, 0);         /* disk # */
+      WRITE_16(end + 8, entriesZip);        /* hack */
+      WRITE_16(end + 10, entriesZip);       /* hack */
+      WRITE_32(end + 12, offsetCD);         /* size of CD */
+      WRITE_32(end + 16, offset);           /* offset to CD */
+      WRITE_16(end + 20, comsize);          /* comment */
 
       /* Header */
-      if (fwrite(header, 1, 22, fpOutCD) == 22) {
+      if (fwrite(end, 1, 22, fpOutCD) == 22) {
 
         /* Comment field */
         if (comsize > 0) {
diff --git a/deps/zlib/contrib/minizip/skipset.h b/deps/zlib/contrib/minizip/skipset.h
new file mode 100644
index 00000000000000..5e648b9d234899
--- /dev/null
+++ b/deps/zlib/contrib/minizip/skipset.h
@@ -0,0 +1,361 @@
+// skipset.h -- set operations using a skiplist
+// Copyright (C) 2024 Mark Adler
+// See MiniZip_info.txt for the license.
+
+// This implements a skiplist set, i.e. just keys, no data, with ~O(log n) time
+// insert and search operations. The application defines the type of a key, and
+// provides a function to compare two keys.
+
+// This header is not definitions of functions found in another source file --
+// it creates the set functions, with the application's key type, right where
+// the #include is. Before this header is #included, these must be defined:
+//
+// 1. A macro or typedef for set_key_t, the type of a key.
+// 2. A macro or function set_cmp(a, b) to compare two keys. The return values
+//    are < 0 for a < b, 0 for a == b, and > 0 for a > b.
+// 3. A macro or function set_drop(s, k) to release the key k's resources, if
+//    any, when doing a set_end() or set_clear(). s is a pointer to the set
+//    that key is in, for use with set_free() if desired.
+//
+// Example usage:
+//
+//      typedef int set_key_t;
+//      #define set_cmp(a, b) ((a) < (b) ? -1 : (a) == (b) ? 0 : 1)
+//      #define set_drop(s, k)
+//      #include "skipset.h"
+//
+//      int test(void) {        // return 0: good, 1: bad, -1: out of memory
+//          set_t set;
+//          if (setjmp(set.env))
+//              return -1;
+//          set_start(&set);
+//          set_insert(&set, 2);
+//          set_insert(&set, 1);
+//          set_insert(&set, 7);
+//          int bad = !set_found(&set, 2);
+//          bad = bad || set_found(&set, 5);
+//          set_end(&set);
+//          return bad;
+//      }
+//
+// Interface summary (see more details below):
+// - set_t is the type of the set being operated on (a set_t pointer is passed)
+// - set_start() initializes a new, empty set (initialize set.env first)
+// - set_insert() inserts a new key into the set, or not if it's already there
+// - set_found() determines whether or not a key is in the set
+// - set_end() ends the use of the set, freeing all memory
+// - set_clear() empties the set, equivalent to set_end() and then set_start()
+// - set_ok() checks if set appears to be usable, i.e. started and not ended
+//
+// Auxiliary functions available to the application:
+// - set_alloc() allocates memory with optional tracking (#define SET_TRACK)
+// - set_free() deallocates memory allocated by set_alloc()
+// - set_rand() returns 32 random bits (seeded by set_start())
+
+#ifndef SKIPSET_H
+#define SKIPSET_H
+
+#include <stdlib.h>     // realloc(), free(), NULL, size_t
+#include <stddef.h>     // ptrdiff_t
+#include <setjmp.h>     // jmp_buf, longjmp()
+#include <errno.h>      // ENOMEM
+#include <time.h>       // time(), clock()
+#include <assert.h>     // assert.h
+#include "ints.h"       // i16_t, ui32_t, ui64_t
+
+// Structures and functions below noted as "--private--" should not be used by
+// the application. set_t is partially private and partially public -- see the
+// comments there.
+
+// There is no POSIX random() in MSVC, and rand() is awful. For portability, we
+// cannot rely on a library function for random numbers. Instead we use the
+// fast and effective algorithm below, invented by Melissa O'Neill.
+
+// *Really* minimal PCG32 code / (c) 2014 M.E. O'Neill / www.pcg-random.org
+// Licensed under Apache License 2.0 (NO WARRANTY, etc. see website)
+// --private-- Random number generator state.
+typedef struct {
+    ui64_t state;       // 64-bit generator state
+    ui64_t inc;         // 63-bit sequence id
+} set_rand_t;
+// --private-- Initialize the state *gen using seed and seq. seed seeds the
+// advancing 64-bit state. seq is a sequence selection constant.
+void set_seed(set_rand_t *gen, ui64_t seed, ui64_t seq) {
+    gen->inc = (seq << 1) | 1;
+    gen->state = (seed + gen->inc) * 6364136223846793005ULL + gen->inc;
+}
+// Return 32 random bits, advancing the state *gen.
+ui32_t set_rand(set_rand_t *gen) {
+    ui64_t state = gen->state;
+    gen->state = state * 6364136223846793005ULL + gen->inc;
+    ui32_t mix = (ui32_t)(((state >> 18) ^ state) >> 27);
+    int rot = state >> 59;
+    return (mix >> rot) | (mix << ((-rot) & 31));
+}
+// End of PCG32 code.
+
+// --private-- Linked-list node.
+typedef struct set_node_s set_node_t;
+struct set_node_s {
+    set_key_t key;          // the key (not used for head or path)
+    i16_t size;             // number of allocated pointers in right[]
+    i16_t fill;             // number of pointers in right[] filled in
+    set_node_t **right;     // pointer for each level, each to the right
+};
+
+// A set. The application sets env, may use gen with set_rand(), and may read
+// allocs and memory. The remaining variables are --private-- .
+typedef struct set_s {
+    set_node_t *head;       // skiplist head -- no key, just links
+    set_node_t *path;       // right[] is path to key from set_found()
+    set_node_t *node;       // node under construction, in case of longjmp()
+    i16_t depth;            // maximum depth of the skiplist
+    ui64_t ran;             // a precious trove of random bits
+    set_rand_t gen;         // random number generator state
+    jmp_buf env;            // setjmp() environment for allocation errors
+#ifdef SET_TRACK
+    size_t allocs;          // number of allocations
+    size_t memory;          // total amount of allocated memory (>= requests)
+#endif
+} set_t;
+
+// Memory allocation and deallocation. set_alloc(set, ptr, size) returns a
+// pointer to an allocation of size bytes if ptr is NULL, or the previous
+// allocation ptr resized to size bytes. set_alloc() will never return NULL.
+// set_free(set, ptr) frees an allocation created by set_alloc(). These may be
+// used by the application. e.g. if allocation tracking is desired.
+#ifdef SET_TRACK
+// Track the number of allocations and the total backing memory size.
+#  if defined(_WIN32)
+#    include <malloc.h>
+#    define SET_ALLOC_SIZE(ptr) _msize(ptr)
+#  elif defined(__MACH__)
+#    include <malloc/malloc.h>
+#    define SET_ALLOC_SIZE(ptr) malloc_size(ptr)
+#  elif defined(__linux__)
+#    include <malloc.h>
+#    define SET_ALLOC_SIZE(ptr) malloc_usable_size(ptr)
+#  elif defined(__FreeBSD__)
+#    include <malloc_np.h>
+#    define SET_ALLOC_SIZE(ptr) malloc_usable_size(ptr)
+#  elif defined(__NetBSD__)
+#    include <jemalloc/jemalloc.h>
+#    define SET_ALLOC_SIZE(ptr) malloc_usable_size(ptr)
+#  else     // e.g. OpenBSD
+#    define SET_ALLOC_SIZE(ptr) 0
+#  endif
+// With tracking.
+void *set_alloc(set_t *set, void *ptr, size_t size) {
+    size_t had = ptr == NULL ? 0 : SET_ALLOC_SIZE(ptr);
+    void *mem = realloc(ptr, size);
+    if (mem == NULL)
+        longjmp(set->env, ENOMEM);
+    set->allocs += ptr == NULL;
+    set->memory += SET_ALLOC_SIZE(mem) - had;
+    return mem;
+}
+void set_free(set_t *set, void *ptr) {
+    if (ptr != NULL) {
+        set->allocs--;
+        set->memory -= SET_ALLOC_SIZE(ptr);
+        free(ptr);
+    }
+}
+#else
+// Without tracking.
+void *set_alloc(set_t *set, void *ptr, size_t size) {
+    void *mem = realloc(ptr, size);
+    if (mem == NULL)
+        longjmp(set->env, ENOMEM);
+    return mem;
+}
+void set_free(set_t *set, void *ptr) {
+    (void)set;
+    free(ptr);
+}
+#endif
+
+// --private-- Grow node's array right[] as needed to be able to hold at least
+// want links. If fill is true, assure that the first want links are filled in,
+// setting them to set->head if not previously filled in. Otherwise it is
+// assumed that the first want links are about to be filled in.
+void set_grow(set_t *set, set_node_t *node, int want, int fill) {
+    if (node->size < want) {
+        int more = node->size ? node->size : 1;
+        while (more < want)
+            more <<= 1;
+        node->right = set_alloc(set, node->right, more * sizeof(set_node_t *));
+        node->size = (i16_t)more;
+    }
+    int i;
+    if (fill)
+        for (i = node->fill; i < want; i++)
+            node->right[i] = set->head;
+    node->fill = (i16_t)want;
+}
+
+// --private-- Return a new node. key is left uninitialized.
+set_node_t *set_node(set_t *set) {
+    set_node_t *node = set_alloc(set, NULL, sizeof(set_node_t));
+    node->size = 0;
+    node->fill = 0;
+    node->right = NULL;
+    return node;
+}
+
+// --private-- Free the list linked from head, along with the keys.
+void set_sweep(set_t *set) {
+    set_node_t *step = set->head->right[0];
+    while (step != set->head) {
+        set_node_t *next = step->right[0];      // save link to next node
+        set_drop(set, step->key);
+        set_free(set, step->right);
+        set_free(set, step);
+        step = next;
+    }
+}
+
+// Initialize a new set. set->env must be initialized using setjmp() before
+// set_start() is called. A longjmp(set->env, ENOMEM) will be used to handle a
+// memory allocation failure during any of the operations. (See setjmp.h and
+// errno.h.) The set can still be used if this happens, assuming that it didn't
+// happen during set_start(). Whether set_start() completed or not, set_end()
+// can be used to free the set's memory after a longjmp().
+void set_start(set_t *set) {
+#ifdef SET_TRACK
+    set->allocs = 0;
+    set->memory = 0;
+#endif
+    set->head = set->path = set->node = NULL;   // in case set_node() fails
+    set->path = set_node(set);
+    set->head = set_node(set);
+    set_grow(set, set->head, 1, 1); // one link back to head for an empty set
+    *(unsigned char *)&set->head->key = 137;    // set id
+    set->depth = 0;
+    set_seed(&set->gen, ((ui64_t)(ptrdiff_t)set << 32) ^
+                        ((ui64_t)time(NULL) << 12) ^ clock(), 0);
+    set->ran = 1;
+}
+
+// Return true if *set appears to be in a usable state. If *set has been zeroed
+// out, then set_ok(set) will be false and set_end(set) will be safe.
+int set_ok(set_t *set) {
+    return set->head != NULL &&
+           set->head->right != NULL &&
+           *(unsigned char *)&set->head->key == 137;
+}
+
+// Empty the set. This frees the memory used for the previous set contents.
+// After set_clear(), *set is ready for use, as if after a set_start().
+void set_clear(set_t *set) {
+    assert(set_ok(set) && "improper use");
+
+    // Free all the keys and their nodes.
+    set_sweep(set);
+
+    // Leave the head and path allocations as is. Clear their contents, with
+    // head pointing to itself and setting depth to zero, for an empty set.
+    set->head->right[0] = set->head;
+    set->head->fill = 1;
+    set->path->fill = 0;
+    set->depth = 0;
+}
+
+// Done using the set -- free all allocations. The only operation on *set
+// permitted after this is set_start(). Though another set_end() would do no
+// harm. This can be done at any time after a set_start(), or after a longjmp()
+// on any allocation failure, including during a set_start().
+void set_end(set_t *set) {
+    if (set->head != NULL) {
+        // Empty the set and free the head node.
+        if (set->head->right != NULL) {
+            set_sweep(set);
+            set_free(set, set->head->right);
+        }
+        set_free(set, set->head);
+        set->head = NULL;
+    }
+    if (set->path != NULL) {
+        // Free the path work area.
+        set_free(set, set->path->right);
+        set_free(set, set->path);
+        set->path = NULL;
+    }
+    if (set->node != NULL) {
+        // Free the node that was under construction when longjmp() hit.
+        set_drop(set, set->node->key);
+        set_free(set, set->node->right);
+        set_free(set, set->node);
+        set->node = NULL;
+    }
+}
+
+// Look for key. Return 1 if found or 0 if not. This also puts the path to get
+// there in set->path, for use by set_insert().
+int set_found(set_t *set, set_key_t key) {
+    assert(set_ok(set) && "improper use");
+
+    // Start at depth and work down and right as determined by key comparisons.
+    set_node_t *head = set->head, *here = head;
+    int i = set->depth;
+    set_grow(set, set->path, i + 1, 0);
+    do {
+        while (here->right[i] != head &&
+               set_cmp(here->right[i]->key, key) < 0)
+            here = here->right[i];
+        set->path->right[i] = here;
+    } while (i--);
+
+    // See if the key matches.
+    here = here->right[0];
+    return here != head && set_cmp(here->key, key) == 0;
+}
+
+// Insert the key key. Return 0 on success, or 1 if key is already in the set.
+int set_insert(set_t *set, set_key_t key) {
+    assert(set_ok(set) && "improper use");
+
+    if (set_found(set, key))
+        // That key is already in the set.
+        return 1;
+
+    // Randomly generate a new level-- level 0 with probability 1/2, 1 with
+    // probability 1/4, 2 with probability 1/8, etc.
+    int level = 0;
+    for (;;) {
+        if (set->ran == 1)
+            // Ran out. Get another 32 random bits.
+            set->ran = set_rand(&set->gen) | (1ULL << 32);
+        int bit = set->ran & 1;
+        set->ran >>= 1;
+        if (bit)
+            break;
+        assert(level < 32767 &&
+               "Overhead, without any fuss, the stars were going out.");
+        level++;
+    }
+    if (level > set->depth) {
+        // The maximum depth is now deeper. Update the structures.
+        set_grow(set, set->path, level + 1, 1);
+        set_grow(set, set->head, level + 1, 1);
+        set->depth = (i16_t)level;
+    }
+
+    // Make a new node for the provided key, and insert it in the lists up to
+    // and including level.
+    set->node = set_node(set);
+    set->node->key = key;
+    set_grow(set, set->node, level + 1, 0);
+    int i;
+    for (i = 0; i <= level; i++) {
+        set->node->right[i] = set->path->right[i]->right[i];
+        set->path->right[i]->right[i] = set->node;
+    }
+    set->node = NULL;
+    return 0;
+}
+
+#else
+#error ** another skiplist set already created here
+// Would need to implement a prefix in order to support multiple sets.
+#endif
diff --git a/deps/zlib/contrib/minizip/unzip.c b/deps/zlib/contrib/minizip/unzip.c
index 3576a8504dde0c..a39e1752f6d2ed 100644
--- a/deps/zlib/contrib/minizip/unzip.c
+++ b/deps/zlib/contrib/minizip/unzip.c
@@ -88,7 +88,7 @@
 
 
 #ifndef CASESENSITIVITYDEFAULT_NO
-#  if !defined(unix) && !defined(CASESENSITIVITYDEFAULT_YES)
+#  if (!defined(__unix__) && !defined(__unix) || defined(__CYGWIN__))  && !defined(CASESENSITIVITYDEFAULT_YES)
 #    define CASESENSITIVITYDEFAULT_NO
 #  endif
 #endif
@@ -113,7 +113,7 @@
 const char unz_copyright[] =
    " unzip 1.01 Copyright 1998-2004 Gilles Vollant - http://www.winimage.com/zLibDll";
 
-/* unz_file_info_interntal contain internal info about a file in zipfile*/
+/* unz_file_info64_internal contain internal info about a file in zipfile*/
 typedef struct unz_file_info64_internal_s
 {
     ZPOS64_T offset_curfile;/* relative offset of local header 8 bytes */
@@ -336,7 +336,6 @@ extern int ZEXPORT unzStringFileNameCompare (const char*  fileName1,
 #define CENTRALDIRINVALID ((ZPOS64_T)(-1))
 #endif
 
-
 /*
   Locate the Central directory of a zipfile (at the end, just before
     the global comment)
@@ -467,7 +466,7 @@ local ZPOS64_T unz64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
     if (unz64local_getLong(pzlib_filefunc_def,filestream,&uL)!=UNZ_OK)
         return CENTRALDIRINVALID;
 
-    /* number of the disk with the start of the zip64 end of  central directory */
+    /* number of the disk with the start of the zip64 end of central directory */
     if (unz64local_getLong(pzlib_filefunc_def,filestream,&uL)!=UNZ_OK)
         return CENTRALDIRINVALID;
     if (uL != 0)
@@ -514,9 +513,9 @@ local unzFile unzOpenInternal(const void *path,
     ZPOS64_T central_pos;
     uLong   uL;
 
-    uLong number_disk;          /* number of the current dist, used for
+    uLong number_disk;          /* number of the current disk, used for
                                    spanning ZIP, unsupported, always 0*/
-    uLong number_disk_with_CD;  /* number the the disk with central dir, used
+    uLong number_disk_with_CD;  /* number the disk with central dir, used
                                    for spanning ZIP, unsupported, always 0*/
     ZPOS64_T number_entry_CD;      /* total number of entries in
                                    the central dir
@@ -1682,7 +1681,7 @@ extern int ZEXPORT unzReadCurrentFile(unzFile file, voidp buf, unsigned len) {
                 uInt i;
                 for(i=0;i<uReadThis;i++)
                   pfile_in_zip_read_info->read_buffer[i] =
-                      zdecode(s->keys,s->pcrc_32_tab,
+                      (char)zdecode(s->keys,s->pcrc_32_tab,
                               pfile_in_zip_read_info->read_buffer[i]);
             }
 #            endif
diff --git a/deps/zlib/contrib/minizip/unzip.h b/deps/zlib/contrib/minizip/unzip.h
index 14105840f6d247..ceb614e7832b4d 100644
--- a/deps/zlib/contrib/minizip/unzip.h
+++ b/deps/zlib/contrib/minizip/unzip.h
@@ -306,13 +306,17 @@ extern int ZEXPORT unzGetCurrentFileInfo(unzFile file,
   Get Info about the current file
   if pfile_info!=NULL, the *pfile_info structure will contain some info about
         the current file
-  if szFileName!=NULL, the filemane string will be copied in szFileName
+  if szFileName!=NULL, the filename string will be copied in szFileName
             (fileNameBufferSize is the size of the buffer)
   if extraField!=NULL, the extra field information will be copied in extraField
             (extraFieldBufferSize is the size of the buffer).
             This is the Central-header version of the extra field
   if szComment!=NULL, the comment string of the file will be copied in szComment
             (commentBufferSize is the size of the buffer)
+  The file name and comment will be zero-terminated if there is room in the
+  provided buffer. Otherwise the buffer will contain as much as will fit. If at
+  least 65537 bytes of room is provided, then the result will always be
+  complete and zero-terminated.
 */
 
 
diff --git a/deps/zlib/contrib/minizip/zip.c b/deps/zlib/contrib/minizip/zip.c
index e2e9da07c5f307..93d2612e29a030 100644
--- a/deps/zlib/contrib/minizip/zip.c
+++ b/deps/zlib/contrib/minizip/zip.c
@@ -25,8 +25,10 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <stdint.h>
 #include <time.h>
+#ifndef ZLIB_CONST
+#  define ZLIB_CONST
+#endif
 #include "zlib.h"
 #include "zip.h"
 
@@ -123,6 +125,19 @@ typedef struct linkedlist_data_s
 } linkedlist_data;
 
 
+// zipAlreadyThere() set functions for a set of zero-terminated strings, and
+// a block_t type for reading the central directory datablocks.
+typedef char *set_key_t;
+#define set_cmp(a, b) strcmp(a, b)
+#define set_drop(s, k) set_free(s, k)
+#include "skipset.h"
+typedef struct {
+    unsigned char *next;        // next byte in datablock data
+    size_t left;                // number of bytes left in data (at least)
+    linkedlist_datablock_internal *node;    // current datablock
+} block_t;
+
+
 typedef struct
 {
     z_stream stream;            /* zLib stream structure for inflate */
@@ -174,6 +189,10 @@ typedef struct
     char *globalcomment;
 #endif
 
+    // Support for zipAlreadyThere().
+    set_t set;              // set for detecting name collisions
+    block_t block;          // block for reading the central directory
+
 } zip64_internal;
 
 
@@ -264,6 +283,228 @@ local int add_data_in_datablock(linkedlist_data* ll, const void* buf, uLong len)
     return ZIP_OK;
 }
 
+// zipAlreadyThere() operations. "set" in the zip internal structure keeps the
+// set of names that are in the under-construction central directory so far. A
+// skipset provides ~O(log n) time insertion and searching. Central directory
+// records, stored in a linked list of allocated memory datablocks, is read
+// through "block" in the zip internal structure.
+
+// The block_*() functions support extracting the central directory file names
+// from the datablocks. They are designed to support a growing directory by
+// automatically continuing once more data has been appended to the linked
+// datablocks.
+
+// Initialize *block to the head of list. This should only be called once the
+// list has at least some data in it, i.e. list->first_block is not NULL.
+local void block_init(block_t *block, linkedlist_data *list) {
+    block->node = list->first_block;
+    block->next = block->node->data;
+    block->left = block->node->filled_in_this_block;
+}
+
+// Mark *block as bad, with all subsequent reads returning end, even if more
+// data is added to the datablocks. This is invoked if the central directory is
+// invalid, so there is no longer any point in attempting to interpret it.
+local void block_stop(block_t *block) {
+    block->left = 0;
+    block->next = NULL;
+}
+
+// Return true if *block has reached the end of the data in the datablocks.
+local int block_end(block_t *block) {
+    linkedlist_datablock_internal *node = block->node;
+    if (node == NULL)
+        // This block was previously terminated with extreme prejudice.
+        return 1;
+    if (block->next < node->data + node->filled_in_this_block)
+        // There are more bytes to read in the current datablock.
+        return 0;
+    while (node->next_datablock != NULL) {
+        if (node->filled_in_this_block != 0)
+            // There are some bytes in a later datablock.
+            return 0;
+        node = node->next_datablock;
+    }
+    // Reached the end of the list of datablocks. There's nothing.
+    return 1;
+}
+
+// Return one byte from *block, or -1 if the end is reached.
+local int block_get(block_t *block) {
+    while (block->left == 0) {
+        if (block->node == NULL)
+            // We've been marked bad. Return end.
+            return -1;
+        // Update left in case more was filled in since we were last here.
+        block->left = block->node->filled_in_this_block -
+                      (block->next - block->node->data);
+        if (block->left != 0)
+            // There was indeed more data appended in the current datablock.
+            break;
+        if (block->node->next_datablock == NULL)
+            // No more data here, and there is no next datablock. At the end.
+            return -1;
+        // Try the next datablock for more data.
+        block->node = block->node->next_datablock;
+        block->next = block->node->data;
+        block->left = block->node->filled_in_this_block;
+    }
+    // We have a byte to return.
+    block->left--;
+    return *block->next++;
+}
+
+// Return a 16-bit unsigned little-endian value from block, or a negative value
+// if the end is reached.
+local long block_get2(block_t *block) {
+    long got = block_get(block);
+    return got | ((unsigned long)block_get(block) << 8);
+}
+
+// Read up to len bytes from block into buf. Return the number of bytes read.
+local size_t block_read(block_t *block, unsigned char *buf, size_t len) {
+    size_t need = len;
+    while (need) {
+        if (block->left == 0) {
+            // Get a byte to update and step through the linked list as needed.
+            int got = block_get(block);
+            if (got == -1)
+                // Reached the end.
+                break;
+            *buf++ = (unsigned char)got;
+            need--;
+            continue;
+        }
+        size_t take = need > block->left ? block->left : need;
+        memcpy(buf, block->next, take);
+        block->next += take;
+        block->left -= take;
+        buf += take;
+        need -= take;
+    }
+    return len - need;      // return the number of bytes copied
+}
+
+// Skip n bytes in block. Return 0 on success or -1 if there are less than n
+// bytes to the end.
+local int block_skip(block_t *block, size_t n) {
+    while (n > block->left) {
+        n -= block->left;
+        block->next += block->left;
+        block->left = 0;
+        if (block_get(block) == -1)
+            return -1;
+        n--;
+    }
+    block->next += n;
+    block->left -= n;
+    return 0;
+}
+
+// Process the next central directory record at *block. Return the allocated,
+// zero-terminated file name, or NULL for end of input or invalid data. If
+// invalid, *block is marked bad. This uses *set for the allocation of memory.
+local char *block_central_name(block_t *block, set_t *set) {
+    char *name = NULL;
+    for (;;) {
+        if (block_end(block))
+            // At the end of the central directory (so far).
+            return NULL;
+
+        // Check for a central directory record signature.
+        if (block_get2(block) != (CENTRALHEADERMAGIC & 0xffff) ||
+            block_get2(block) != (CENTRALHEADERMAGIC >> 16))
+            // Incorrect signature.
+            break;
+
+        // Go through the remaining fixed-length portion of the record,
+        // extracting the lengths of the three variable-length fields.
+        block_skip(block, 24);
+        unsigned flen = block_get2(block);      // file name length
+        unsigned xlen = block_get2(block);      // extra field length
+        unsigned clen = block_get2(block);      // comment field length
+        if (block_skip(block, 12) == -1)
+            // Premature end of the record.
+            break;
+
+        // Extract the name and skip over the extra and comment fields.
+        name = set_alloc(set, NULL, flen + 1);
+        if (block_read(block, (unsigned char *)name, flen) < flen ||
+            block_skip(block, xlen + clen) == -1)
+            // Premature end of the record.
+            break;
+
+        // Check for embedded nuls in the name.
+        if (memchr(name, 0, flen) != NULL) {
+            // This name can never match the zero-terminated name provided to
+            // zipAlreadyThere(), so we discard it and go back to get another
+            // name. (Who the heck is putting nuls inside their zip file entry
+            // names anyway?)
+            set_free(set, name);
+            continue;
+        }
+
+        // All good. Return the zero-terminated file name.
+        name[flen] = 0;
+        return name;
+    }
+
+    // Invalid signature or premature end of the central directory record.
+    // Abandon trying to process the central directory.
+    set_free(set, name);
+    block_stop(block);
+    return NULL;
+}
+
+// Return 0 if name is not in the central directory so far, 1 if it is, -1 if
+// the central directory is invalid, -2 if out of memory, or ZIP_PARAMERROR if
+// file is NULL.
+extern int ZEXPORT zipAlreadyThere(zipFile file, char const *name) {
+    zip64_internal *zip = file;
+    if (zip == NULL)
+        return ZIP_PARAMERROR;
+    if (zip->central_dir.first_block == NULL)
+        // No central directory yet, so no, name isn't there.
+        return 0;
+    if (setjmp(zip->set.env)) {
+        // Memory allocation failure.
+        set_end(&zip->set);
+        return -2;
+    }
+    if (!set_ok(&zip->set)) {
+        // This is the first time here with some central directory content. We
+        // construct this set of names only on demand. Prepare set and block.
+        set_start(&zip->set);
+        block_init(&zip->block, &zip->central_dir);
+    }
+
+    // Update the set of names from the current central directory contents.
+    // This reads any new central directory records since the last time we were
+    // here.
+    for (;;) {
+        char *there = block_central_name(&zip->block, &zip->set);
+        if (there == NULL) {
+            if (zip->block.next == NULL)
+                // The central directory is invalid.
+                return -1;
+            break;
+        }
+
+        // Add there to the set.
+        if (set_insert(&zip->set, there))
+            // There's already a duplicate in the central directory! We'll just
+            // let this be and carry on.
+            set_free(&zip->set, there);
+    }
+
+    // Return true if name is in the central directory.
+    size_t len = strlen(name);
+    char *copy = set_alloc(&zip->set, NULL, len + 1);
+    strcpy(copy, name);
+    int found = set_found(&zip->set, copy);
+    set_free(&zip->set, copy);
+    return found;
+}
 
 
 /****************************************************************************/
@@ -551,7 +792,7 @@ local ZPOS64_T zip64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
 
     for (i=(int)uReadSize-3; (i--)>0;)
     {
-      // Signature "0x07064b50" Zip64 end of central directory locater
+      // Signature "0x07064b50" Zip64 end of central directory locator
       if (((*(buf+i))==0x50) && ((*(buf+i+1))==0x4b) && ((*(buf+i+2))==0x06) && ((*(buf+i+3))==0x07))
       {
         uPosFound = uReadPos+(unsigned)i;
@@ -575,7 +816,7 @@ local ZPOS64_T zip64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
   if (zip64local_getLong(pzlib_filefunc_def,filestream,&uL)!=ZIP_OK)
     return 0;
 
-  /* number of the disk with the start of the zip64 end of  central directory */
+  /* number of the disk with the start of the zip64 end of central directory */
   if (zip64local_getLong(pzlib_filefunc_def,filestream,&uL)!=ZIP_OK)
     return 0;
   if (uL != 0)
@@ -843,6 +1084,7 @@ extern zipFile ZEXPORT zipOpen3(const void *pathname, int append, zipcharpc* glo
     ziinit.number_entry = 0;
     ziinit.add_position_when_writing_offset = 0;
     init_linkedlist(&(ziinit.central_dir));
+    memset(&ziinit.set, 0, sizeof(set_t));  // make sure set appears dormant
 
 
 
@@ -1027,7 +1269,6 @@ extern int ZEXPORT zipOpenNewFileInZip4_64(zipFile file, const char* filename, c
     int err = ZIP_OK;
 
 #    ifdef NOCRYPT
-    (crcForCrypting);
     if (password != NULL)
         return ZIP_PARAMERROR;
 #    endif
@@ -1412,7 +1653,7 @@ extern int ZEXPORT zipWriteInFileInZip(zipFile file, const void* buf, unsigned i
     else
 #endif
     {
-      zi->ci.stream.next_in = (Bytef*)(uintptr_t)buf;
+      zi->ci.stream.next_in = buf;
       zi->ci.stream.avail_in = len;
 
       while ((err==ZIP_OK) && (zi->ci.stream.avail_in>0))
@@ -1608,7 +1849,7 @@ extern int ZEXPORT zipCloseFileInZipRaw64(zipFile file, ZPOS64_T uncompressed_si
 
       if((uLong)(datasize + 4) > zi->ci.size_centralExtraFree)
       {
-        // we can not write more data to the buffer that we have room for.
+        // we cannot write more data to the buffer that we have room for.
         return ZIP_BADZIPFILE;
       }
 
@@ -1871,6 +2112,8 @@ extern int ZEXPORT zipClose(zipFile file, const char* global_comment) {
     }
     free_linkedlist(&(zi->central_dir));
 
+    set_end(&zi->set);          // set was zeroed, so this is safe
+
     pos = centraldir_pos_inzip - zi->add_position_when_writing_offset;
     if(pos >= 0xffffffff || zi->number_entry >= 0xFFFF)
     {
diff --git a/deps/zlib/contrib/minizip/zip.h b/deps/zlib/contrib/minizip/zip.h
index 3e230d3405f603..1f7f0b263d4f9b 100644
--- a/deps/zlib/contrib/minizip/zip.h
+++ b/deps/zlib/contrib/minizip/zip.h
@@ -35,7 +35,7 @@
 
         See header of zip.h
 
-*/
+ */
 
 #ifndef _zip12_H
 #define _zip12_H
@@ -127,12 +127,12 @@ extern zipFile ZEXPORT zipOpen64(const void *pathname, int append);
      If the zipfile cannot be opened, the return value is NULL.
      Else, the return value is a zipFile Handle, usable with other function
        of this zip package.
-*/
+ */
 
 /* Note : there is no delete function into a zipfile.
    If you want delete file into a zipfile, you must open a zipfile, and create another
    Of course, you can use RAW reading and writing to copy the file you did not want delete
-*/
+ */
 
 extern zipFile ZEXPORT zipOpen2(const char *pathname,
                                 int append,
@@ -186,7 +186,7 @@ extern int ZEXPORT zipOpenNewFileInZip64(zipFile file,
   zip64 is set to 1 if a zip64 extended information block should be added to the local file header.
                     this MUST be '1' if the uncompressed size is >= 0xffffffff.
 
-*/
+ */
 
 
 extern int ZEXPORT zipOpenNewFileInZip2(zipFile file,
@@ -311,12 +311,12 @@ extern int ZEXPORT zipWriteInFileInZip(zipFile file,
                                        unsigned len);
 /*
   Write data in the zipfile
-*/
+ */
 
 extern int ZEXPORT zipCloseFileInZip(zipFile file);
 /*
   Close the current file in the zipfile
-*/
+ */
 
 extern int ZEXPORT zipCloseFileInZipRaw(zipFile file,
                                         uLong uncompressed_size,
@@ -326,17 +326,23 @@ extern int ZEXPORT zipCloseFileInZipRaw64(zipFile file,
                                           ZPOS64_T uncompressed_size,
                                           uLong crc32);
 
+extern int ZEXPORT zipAlreadyThere(zipFile file,
+                                   char const* name);
+/*
+  See if name is already in file's central directory.
+ */
+
 /*
   Close the current file in the zipfile, for file opened with
     parameter raw=1 in zipOpenNewFileInZip2
   uncompressed_size and crc32 are value for the uncompressed size
-*/
+ */
 
 extern int ZEXPORT zipClose(zipFile file,
                             const char* global_comment);
 /*
   Close the zipfile
-*/
+ */
 
 
 extern int ZEXPORT zipRemoveExtraInfoBlock(char* pData, int* dataLen, short sHeader);
@@ -355,7 +361,7 @@ extern int ZEXPORT zipRemoveExtraInfoBlock(char* pData, int* dataLen, short sHea
 
                         Remove ZIP64 Extra information from a Local File Header extra field data
         zipRemoveExtraInfoBlock(pLocalHeaderExtraFieldData, &nLocalHeaderExtraFieldDataLen, 0x0001);
-*/
+ */
 
 #ifdef __cplusplus
 }
diff --git a/deps/zlib/google/compression_utils.cc b/deps/zlib/google/compression_utils.cc
index 0ba31101489fde..d50c969504bea7 100644
--- a/deps/zlib/google/compression_utils.cc
+++ b/deps/zlib/google/compression_utils.cc
@@ -89,19 +89,18 @@ bool GzipUncompress(const std::string& input, std::string* output) {
   return false;
 }
 
-bool GzipUncompress(base::span<const char> input,
-                    base::span<const char> output) {
-  return GzipUncompress(base::as_bytes(input), base::as_bytes(output));
+bool GzipUncompress(base::span<const char> input, base::span<char> output) {
+  return GzipUncompress(base::as_bytes(input), base::as_writable_bytes(output));
 }
 
 bool GzipUncompress(base::span<const uint8_t> input,
-                    base::span<const uint8_t> output) {
+                    base::span<uint8_t> output) {
   uLongf uncompressed_size = GetUncompressedSize(input);
   if (uncompressed_size > output.size())
     return false;
   return zlib_internal::GzipUncompressHelper(
-             reinterpret_cast<Bytef*>(const_cast<uint8_t*>(output.data())),
-             &uncompressed_size, reinterpret_cast<const Bytef*>(input.data()),
+             reinterpret_cast<Bytef*>(output.data()), &uncompressed_size,
+             reinterpret_cast<const Bytef*>(input.data()),
              static_cast<uLongf>(input.size())) == Z_OK;
 }
 
diff --git a/deps/zlib/google/compression_utils.h b/deps/zlib/google/compression_utils.h
index ea399816f60351..fd81153076dfbb 100644
--- a/deps/zlib/google/compression_utils.h
+++ b/deps/zlib/google/compression_utils.h
@@ -43,12 +43,11 @@ bool GzipUncompress(const std::string& input, std::string* output);
 // needed. |output|'s size must be at least as large as the return value from
 // GetUncompressedSize.
 // Returns true for success.
-bool GzipUncompress(base::span<const char> input,
-                    base::span<const char> output);
+bool GzipUncompress(base::span<const char> input, base::span<char> output);
 
 // Like the above method, but using uint8_t instead.
 bool GzipUncompress(base::span<const uint8_t> input,
-                    base::span<const uint8_t> output);
+                    base::span<uint8_t> output);
 
 // Uncompresses the data in |input| using gzip, and writes the results to
 // |output|, which must NOT be the underlying string of |input|, and is resized
diff --git a/deps/zlib/google/zip_internal.cc b/deps/zlib/google/zip_internal.cc
index e6b5a4fc3bcb00..f33da592cf810a 100644
--- a/deps/zlib/google/zip_internal.cc
+++ b/deps/zlib/google/zip_internal.cc
@@ -397,14 +397,14 @@ Compression GetCompressionMethod(const base::FilePath& path) {
 
 
   // Skip the leading dot.
-  base::FilePath::StringPieceType ext_without_dot = ext;
+  base::FilePath::StringViewType ext_without_dot = ext;
   DCHECK_EQ(ext_without_dot.front(), FILE_PATH_LITERAL('.'));
   ext_without_dot.remove_prefix(1);
 
   // Well known filename extensions of files that a likely to be already
   // compressed. The extensions are in lower case without the leading dot.
   static constexpr auto kExts =
-      base::MakeFixedFlatSet<base::FilePath::StringPieceType>({
+      base::MakeFixedFlatSet<base::FilePath::StringViewType>({
           FILE_PATH_LITERAL("3g2"),   //
           FILE_PATH_LITERAL("3gp"),   //
           FILE_PATH_LITERAL("7z"),    //
diff --git a/deps/zlib/patches/0008-minizip-zip-unzip-tools.patch b/deps/zlib/patches/0008-minizip-zip-unzip-tools.patch
index 273a8c98011bed..a359e0f72b0f97 100644
--- a/deps/zlib/patches/0008-minizip-zip-unzip-tools.patch
+++ b/deps/zlib/patches/0008-minizip-zip-unzip-tools.patch
@@ -9,7 +9,7 @@ Subject: [PATCH] Build minizip zip and unzip tools
  2 files changed, 9 insertions(+), 11 deletions(-)
 
 diff --git a/third_party/zlib/contrib/minizip/miniunz.c b/third_party/zlib/contrib/minizip/miniunz.c
-index 8ada038dbd4e7..5b4312e5647cd 100644
+index 616c30325e07c..f4ad16bdd377b 100644
 --- a/third_party/zlib/contrib/minizip/miniunz.c
 +++ b/third_party/zlib/contrib/minizip/miniunz.c
 @@ -12,7 +12,7 @@
@@ -30,31 +30,26 @@ index 8ada038dbd4e7..5b4312e5647cd 100644
  // In darwin and perhaps other BSD variants off_t is a 64 bit value, hence no need for specific 64 bit functions
  #define FOPEN_FUNC(filename, mode) fopen(filename, mode)
  #define FTELLO_FUNC(stream) ftello(stream)
-@@ -94,7 +94,7 @@ static void change_file_date(const char *filename, uLong dosdate, tm_unz tmu_dat
+@@ -97,7 +97,7 @@ static void change_file_date(const char *filename, uLong dosdate, tm_unz tmu_dat
+   LocalFileTimeToFileTime(&ftLocal,&ftm);
    SetFileTime(hFile,&ftm,&ftLastAcc,&ftm);
    CloseHandle(hFile);
- #else
--#if defined(unix) || defined(__APPLE__)
-+#if defined(unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
+-#elif defined(__unix__) || defined(__unix) || defined(__APPLE__)
++#elif defined(__unix__) || defined(__unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
    (void)dosdate;
    struct utimbuf ut;
    struct tm newdate;
-@@ -125,11 +125,9 @@ static void change_file_date(const char *filename, uLong dosdate, tm_unz tmu_dat
- 
- static int mymkdir(const char* dirname) {
+@@ -129,7 +129,7 @@ static int mymkdir(const char* dirname) {
      int ret=0;
--#ifdef _WIN32
-+#if defined(_WIN32)
+ #ifdef _WIN32
      ret = _mkdir(dirname);
--#elif unix
--    ret = mkdir (dirname,0775);
--#elif __APPLE__
-+#elif defined(unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
+-#elif defined(__unix__) || defined(__unix) || defined(__APPLE__)
++#elif defined(__unix__) || defined(__unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
      ret = mkdir (dirname,0775);
  #else
      (void)dirname;
 diff --git a/third_party/zlib/contrib/minizip/minizip.c b/third_party/zlib/contrib/minizip/minizip.c
-index 26ee8d029efe6..9eb3956a55e00 100644
+index a44e36a01869d..53fdd363e6222 100644
 --- a/third_party/zlib/contrib/minizip/minizip.c
 +++ b/third_party/zlib/contrib/minizip/minizip.c
 @@ -12,8 +12,7 @@
@@ -76,14 +71,12 @@ index 26ee8d029efe6..9eb3956a55e00 100644
  // In darwin and perhaps other BSD variants off_t is a 64 bit value, hence no need for specific 64 bit functions
  #define FOPEN_FUNC(filename, mode) fopen(filename, mode)
  #define FTELLO_FUNC(stream) ftello(stream)
-@@ -92,7 +91,7 @@ static int filetime(const char *f, tm_zip *tmzip, uLong *dt) {
+@@ -96,7 +95,7 @@ static int filetime(const char *f, tm_zip *tmzip, uLong *dt) {
+   }
    return ret;
  }
- #else
--#if defined(unix) || defined(__APPLE__)
-+#if defined(unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
+-#elif defined(__unix__) || defined(__unix) || defined(__APPLE__)
++#elif defined(__unix__) || defined(__unix) || defined(__APPLE__) || defined(__Fuchsia__) || defined(__ANDROID_API__)
  /* f: name of file to get info on, tmzip: return value: access,
     modification and creation times, dt: dostime */
  static int filetime(const char *f, tm_zip *tmzip, uLong *dt) {
---
-2.31.1.818.g46aad6cb9e-goog
diff --git a/deps/zlib/patches/0015-minizip-unzip-enable-decryption.patch b/deps/zlib/patches/0015-minizip-unzip-enable-decryption.patch
index 966e83c7dc5d76..feeeb1c400777d 100644
--- a/deps/zlib/patches/0015-minizip-unzip-enable-decryption.patch
+++ b/deps/zlib/patches/0015-minizip-unzip-enable-decryption.patch
@@ -18,17 +18,6 @@ diff --git a/third_party/zlib/contrib/minizip/unzip.c b/third_party/zlib/contrib
 index 82275d6c1775d..c8a01b23efd42 100644
 --- a/third_party/zlib/contrib/minizip/unzip.c
 +++ b/third_party/zlib/contrib/minizip/unzip.c
-@@ -68,10 +68,6 @@
- #include <stdlib.h>
- #include <string.h>
- 
--#ifndef NOUNCRYPT
--        #define NOUNCRYPT
--#endif
--
- #include "zlib.h"
- #include "unzip.h"
- 
 @@ -1502,6 +1498,7 @@ extern int ZEXPORT unzOpenCurrentFile3(unzFile file, int* method,
              zdecode(s->keys,s->pcrc_32_tab,source[i]);
  
diff --git a/src/zlib_version.h b/src/zlib_version.h
index 3b53884aae2206..adbfb15d6c66f9 100644
--- a/src/zlib_version.h
+++ b/src/zlib_version.h
@@ -2,5 +2,5 @@
 // Refer to tools/dep_updaters/update-zlib.sh
 #ifndef SRC_ZLIB_VERSION_H_
 #define SRC_ZLIB_VERSION_H_
-#define ZLIB_VERSION "1.3.0.1-motley-82a5fec"
+#define ZLIB_VERSION "1.3.0.1-motley-788cb3c"
 #endif  // SRC_ZLIB_VERSION_H_

From 1218dbbea553520c8350a74f51c7d2af52674bb8 Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Fri, 18 Apr 2025 09:22:02 -0400
Subject: [PATCH 018/138] deps: update zlib to 1.3.0.1-motley-780819f

PR-URL: https://github.com/nodejs/node/pull/57768
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
---
 deps/zlib/BUILD.gn                            |  2 +-
 deps/zlib/deflate.c                           | 14 +++---
 ...flate-move-zmemzero-after-null-check.patch | 49 +++++++++++++++++++
 src/zlib_version.h                            |  2 +-
 4 files changed, 58 insertions(+), 9 deletions(-)
 create mode 100644 deps/zlib/patches/0017-deflate-move-zmemzero-after-null-check.patch

diff --git a/deps/zlib/BUILD.gn b/deps/zlib/BUILD.gn
index 378bd0df75ca22..2a898d2a60cfa2 100644
--- a/deps/zlib/BUILD.gn
+++ b/deps/zlib/BUILD.gn
@@ -70,7 +70,7 @@ source_set("zlib_common_headers") {
 use_arm_neon_optimizations = false
 if ((current_cpu == "arm" || current_cpu == "arm64") &&
     !(is_win && !is_clang)) {
-  # TODO(richard.townsend@arm.com): Optimizations temporarily disabled for
+  # TODO(ritownsend@google.com): Optimizations temporarily disabled for
   # Windows on Arm MSVC builds, see http://crbug.com/v8/10012.
   if (arm_use_neon) {
     use_arm_neon_optimizations = true
diff --git a/deps/zlib/deflate.c b/deps/zlib/deflate.c
index 8a5281c2b6cd8d..49496bb3b05618 100644
--- a/deps/zlib/deflate.c
+++ b/deps/zlib/deflate.c
@@ -485,14 +485,7 @@ int ZEXPORT deflateInit2_(z_streamp strm, int level, int method,
     s->window = (Bytef *) ZALLOC(strm,
                                  s->w_size + WINDOW_PADDING,
                                  2*sizeof(Byte));
-    /* Avoid use of unitialized values in the window, see crbug.com/1137613 and
-     * crbug.com/1144420 */
-    zmemzero(s->window, (s->w_size + WINDOW_PADDING) * (2 * sizeof(Byte)));
     s->prev   = (Posf *)  ZALLOC(strm, s->w_size, sizeof(Pos));
-    /* Avoid use of uninitialized value, see:
-     * https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11360
-     */
-    zmemzero(s->prev, s->w_size * sizeof(Pos));
     s->head   = (Posf *)  ZALLOC(strm, s->hash_size, sizeof(Pos));
 
     s->high_water = 0;      /* nothing written to s->window yet */
@@ -551,6 +544,13 @@ int ZEXPORT deflateInit2_(z_streamp strm, int level, int method,
         deflateEnd (strm);
         return Z_MEM_ERROR;
     }
+    /* Avoid use of unitialized values in the window, see crbug.com/1137613 and
+     * crbug.com/1144420 */
+    zmemzero(s->window, (s->w_size + WINDOW_PADDING) * (2 * sizeof(Byte)));
+    /* Avoid use of uninitialized value, see:
+     * https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11360
+     */
+    zmemzero(s->prev, s->w_size * sizeof(Pos));
 #ifdef LIT_MEM
     s->d_buf = (ushf *)(s->pending_buf + (s->lit_bufsize << 1));
     s->l_buf = s->pending_buf + (s->lit_bufsize << 2);
diff --git a/deps/zlib/patches/0017-deflate-move-zmemzero-after-null-check.patch b/deps/zlib/patches/0017-deflate-move-zmemzero-after-null-check.patch
new file mode 100644
index 00000000000000..ac8ade53621ae0
--- /dev/null
+++ b/deps/zlib/patches/0017-deflate-move-zmemzero-after-null-check.patch
@@ -0,0 +1,49 @@
+From 93f86001b67609106c658fe0908a9b7931245b8a Mon Sep 17 00:00:00 2001
+From: pedro martelletto <martelletto@google.com>
+Date: Thu, 3 Apr 2025 16:46:42 +0000
+Subject: [PATCH] [zlib] Deflate: move zmemzero after NULL check
+
+ZALLOC() might fail, in which case dereferencing the returned pointer
+results in undefined behaviour. N.B. These conditions are not reachable
+from Chromium, as Chromium will abort rather than return nullptr from
+malloc. Found by libfido2's fuzz harness.
+---
+ third_party/zlib/deflate.c | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/third_party/zlib/deflate.c b/third_party/zlib/deflate.c
+index 8a5281c2b6cd8..49496bb3b0561 100644
+--- a/third_party/zlib/deflate.c
++++ b/third_party/zlib/deflate.c
+@@ -485,14 +485,7 @@ int ZEXPORT deflateInit2_(z_streamp strm, int level, int method,
+     s->window = (Bytef *) ZALLOC(strm,
+                                  s->w_size + WINDOW_PADDING,
+                                  2*sizeof(Byte));
+-    /* Avoid use of unitialized values in the window, see crbug.com/1137613 and
+-     * crbug.com/1144420 */
+-    zmemzero(s->window, (s->w_size + WINDOW_PADDING) * (2 * sizeof(Byte)));
+     s->prev   = (Posf *)  ZALLOC(strm, s->w_size, sizeof(Pos));
+-    /* Avoid use of uninitialized value, see:
+-     * https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11360
+-     */
+-    zmemzero(s->prev, s->w_size * sizeof(Pos));
+     s->head   = (Posf *)  ZALLOC(strm, s->hash_size, sizeof(Pos));
+ 
+     s->high_water = 0;      /* nothing written to s->window yet */
+@@ -551,6 +544,13 @@ int ZEXPORT deflateInit2_(z_streamp strm, int level, int method,
+         deflateEnd (strm);
+         return Z_MEM_ERROR;
+     }
++    /* Avoid use of unitialized values in the window, see crbug.com/1137613 and
++     * crbug.com/1144420 */
++    zmemzero(s->window, (s->w_size + WINDOW_PADDING) * (2 * sizeof(Byte)));
++    /* Avoid use of uninitialized value, see:
++     * https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11360
++     */
++    zmemzero(s->prev, s->w_size * sizeof(Pos));
+ #ifdef LIT_MEM
+     s->d_buf = (ushf *)(s->pending_buf + (s->lit_bufsize << 1));
+     s->l_buf = s->pending_buf + (s->lit_bufsize << 2);
+-- 
+2.49.0.504.g3bcea36a83-goog
+
diff --git a/src/zlib_version.h b/src/zlib_version.h
index adbfb15d6c66f9..7d0fae9137f694 100644
--- a/src/zlib_version.h
+++ b/src/zlib_version.h
@@ -2,5 +2,5 @@
 // Refer to tools/dep_updaters/update-zlib.sh
 #ifndef SRC_ZLIB_VERSION_H_
 #define SRC_ZLIB_VERSION_H_
-#define ZLIB_VERSION "1.3.0.1-motley-788cb3c"
+#define ZLIB_VERSION "1.3.0.1-motley-780819f"
 #endif  // SRC_ZLIB_VERSION_H_

From 0473e35b7f75f6e2b311f66e57ec52b826e9e646 Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Mon, 9 Jun 2025 21:07:34 -0400
Subject: [PATCH 019/138] deps: update zlib to 1.3.1-470d3a2

PR-URL: https://github.com/nodejs/node/pull/58628
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 deps/zlib/BUILD.gn                            |  18 +-
 deps/zlib/CMakeLists.txt                      |  11 +-
 deps/zlib/OWNERS                              |   5 +-
 deps/zlib/README.chromium                     |  15 +-
 deps/zlib/contrib/minizip/README.chromium     |   5 +
 deps/zlib/contrib/minizip/unzip.c             |  42 ++++
 deps/zlib/contrib/tests/fuzzers/BUILD.gn      |   6 +
 .../tests/fuzzers/minizip_unzip_fuzzer.cc     | 119 ++++++++++
 deps/zlib/deflate.c                           |  36 +--
 deps/zlib/deflate.h                           |  14 +-
 deps/zlib/google/OWNERS                       |   1 -
 .../test/data/create_symlink_test_zips.py     |  48 ++++
 .../test/data/symlink_absolute_path.zip       | Bin 0 -> 153 bytes
 .../test/data/symlink_duplicate_link.zip      | Bin 0 -> 206 bytes
 .../test/data/symlink_evil_relative_path.zip  | Bin 0 -> 239 bytes
 .../test/data/symlink_follow_own_link.zip     | Bin 0 -> 205 bytes
 .../google/test/data/symlink_too_large.zip    | Bin 0 -> 10114 bytes
 deps/zlib/google/test/data/symlinks.zip       | Bin 0 -> 585 bytes
 deps/zlib/google/test_data.filelist           |   7 +
 deps/zlib/google/zip.cc                       | 209 +++++++++++++-----
 deps/zlib/google/zip.h                        |  30 ++-
 deps/zlib/google/zip_internal.h               |   8 +-
 deps/zlib/google/zip_reader.cc                |  12 +-
 deps/zlib/google/zip_reader.h                 |   3 +
 deps/zlib/google/zip_reader_unittest.cc       |  25 +++
 deps/zlib/google/zip_unittest.cc              | 103 ++++++++-
 deps/zlib/gzguts.h                            |   8 +-
 deps/zlib/gzlib.c                             |  12 +-
 deps/zlib/inftrees.c                          |   6 +-
 deps/zlib/inftrees.h                          |   2 +-
 deps/zlib/patches/0006-fix-check_match.patch  |  42 ----
 ...nizip-parse-unicode-path-extra-field.patch |  16 ++
 .../patches/0018-support-prefixed-zip64.patch |  82 +++++++
 deps/zlib/test/minigzip.c                     |   2 +-
 deps/zlib/trees.c                             |  53 ++++-
 deps/zlib/zconf.h                             |  10 +-
 deps/zlib/zconf.h.cmakein                     |  10 +-
 deps/zlib/zconf.h.in                          |  10 +-
 deps/zlib/zlib.3                              |   6 +-
 deps/zlib/zlib.gyp                            |   8 +-
 deps/zlib/zlib.h                              |  24 +-
 deps/zlib/zlib.map                            | 200 ++++++++---------
 deps/zlib/zutil.h                             |   4 +-
 src/zlib_version.h                            |   2 +-
 44 files changed, 890 insertions(+), 324 deletions(-)
 create mode 100644 deps/zlib/contrib/tests/fuzzers/minizip_unzip_fuzzer.cc
 create mode 100644 deps/zlib/google/test/data/create_symlink_test_zips.py
 create mode 100644 deps/zlib/google/test/data/symlink_absolute_path.zip
 create mode 100644 deps/zlib/google/test/data/symlink_duplicate_link.zip
 create mode 100644 deps/zlib/google/test/data/symlink_evil_relative_path.zip
 create mode 100644 deps/zlib/google/test/data/symlink_follow_own_link.zip
 create mode 100644 deps/zlib/google/test/data/symlink_too_large.zip
 create mode 100644 deps/zlib/google/test/data/symlinks.zip
 delete mode 100644 deps/zlib/patches/0006-fix-check_match.patch
 create mode 100644 deps/zlib/patches/0018-support-prefixed-zip64.patch

diff --git a/deps/zlib/BUILD.gn b/deps/zlib/BUILD.gn
index 2a898d2a60cfa2..9f3938021f7a44 100644
--- a/deps/zlib/BUILD.gn
+++ b/deps/zlib/BUILD.gn
@@ -173,12 +173,15 @@ if (use_arm_neon_optimizations) {
   }
 }
 
-config("zlib_inflate_chunk_simd_config") {
+config("zlib_data_chunk_simd_config") {
   if (use_x86_x64_optimizations) {
     defines = [ "INFLATE_CHUNK_SIMD_SSE2" ]
 
     if (current_cpu == "x64") {
-      defines += [ "INFLATE_CHUNK_READ_64LE" ]
+      defines += [
+        "INFLATE_CHUNK_READ_64LE",
+        "DEFLATE_CHUNK_WRITE_64LE",
+      ]
     }
   }
 
@@ -186,12 +189,15 @@ config("zlib_inflate_chunk_simd_config") {
     defines = [ "INFLATE_CHUNK_SIMD_NEON" ]
 
     if (current_cpu == "arm64") {
-      defines += [ "INFLATE_CHUNK_READ_64LE" ]
+      defines += [
+        "INFLATE_CHUNK_READ_64LE",
+        "DEFLATE_CHUNK_WRITE_64LE",
+      ]
     }
   }
 }
 
-source_set("zlib_inflate_chunk_simd") {
+source_set("zlib_data_chunk_simd") {
   visibility = [ ":*" ]
 
   if (use_x86_x64_optimizations || use_arm_neon_optimizations) {
@@ -213,7 +219,7 @@ source_set("zlib_inflate_chunk_simd") {
   configs += [ "//build/config/compiler:no_chromium_code" ]
   configs += [ ":zlib_warnings" ]
 
-  public_configs = [ ":zlib_inflate_chunk_simd_config" ]
+  public_configs = [ ":zlib_data_chunk_simd_config" ]
 
   public_deps = [ ":zlib_common_headers" ]
 }
@@ -336,7 +342,7 @@ component("zlib") {
   if (use_x86_x64_optimizations || use_arm_neon_optimizations) {
     deps += [
       ":zlib_adler32_simd",
-      ":zlib_inflate_chunk_simd",
+      ":zlib_data_chunk_simd",
       ":zlib_slide_hash_simd",
     ]
 
diff --git a/deps/zlib/CMakeLists.txt b/deps/zlib/CMakeLists.txt
index ebf9cd41248655..f90e719ef4d34c 100644
--- a/deps/zlib/CMakeLists.txt
+++ b/deps/zlib/CMakeLists.txt
@@ -3,7 +3,7 @@ set(CMAKE_ALLOW_LOOSE_LOOP_CONSTRUCTS ON)
 
 project(zlib C)
 
-set(VERSION "1.3.0.1")
+set(VERSION "1.3.1")
 
 set(INSTALL_BIN_DIR "${CMAKE_INSTALL_PREFIX}/bin" CACHE PATH "Installation directory for executables")
 set(INSTALL_LIB_DIR "${CMAKE_INSTALL_PREFIX}/lib" CACHE PATH "Installation directory for libraries")
@@ -47,6 +47,7 @@ if (ENABLE_SIMD_OPTIMIZATIONS)
     add_definitions(-DINFLATE_CHUNK_SIMD_SSE2)
     add_definitions(-DADLER32_SIMD_SSSE3)
     add_definitions(-DINFLATE_CHUNK_READ_64LE)
+    add_definitions(-DDEFLATE_CHUNK_WRITE_64LE)
     add_definitions(-DCRC32_SIMD_SSE42_PCLMUL)
     if (ENABLE_SIMD_AVX512)
       add_definitions(-DCRC32_SIMD_AVX512_PCLMUL)
@@ -64,6 +65,7 @@ if (ENABLE_SIMD_OPTIMIZATIONS)
     add_definitions(-DINFLATE_CHUNK_SIMD_NEON)
     add_definitions(-DADLER32_SIMD_NEON)
     add_definitions(-DINFLATE_CHUNK_READ_64LE)
+    add_definitions(-DDEFLATE_CHUNK_WRITE_64LE)
     add_definitions(-DCRC32_ARMV8_CRC32)
     add_definitions(-DDEFLATE_SLIDE_HASH_NEON)
     # Required by CPU features detection code.
@@ -83,10 +85,13 @@ if (ENABLE_SIMD_OPTIMIZATIONS)
     add_definitions(-DDEFLATE_SLIDE_HASH_RVV)
     add_definitions(-DADLER32_SIMD_RVV)
 
-    # TODO(cavalcantii): add remaining flags as we port optimizations to RVV.
     # chunk_copy is required for READ64 and unconditional decode of literals.
     add_definitions(-DINFLATE_CHUNK_GENERIC)
     add_definitions(-DINFLATE_CHUNK_READ_64LE)
+    add_definitions(-DDEFLATE_CHUNK_WRITE_64LE)
+
+    # TODO(cavalcantii): only missing optimization is SLIDE_HASH, got port it
+    # to RISCV.
 
     # Tested with clang-17, unaligned loads are required by read64 & chunk_copy.
     # TODO(cavalcantii): replace internal clang flags for -munaligned-access
@@ -267,7 +272,9 @@ if(MINGW)
 endif(MINGW)
 
 add_library(zlib SHARED ${ZLIB_SRCS} ${ZLIB_DLL_SRCS} ${ZLIB_PUBLIC_HDRS} ${ZLIB_PRIVATE_HDRS})
+target_include_directories(zlib PUBLIC ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR})
 add_library(zlibstatic STATIC ${ZLIB_SRCS} ${ZLIB_PUBLIC_HDRS} ${ZLIB_PRIVATE_HDRS})
+target_include_directories(zlibstatic PUBLIC ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR})
 set_target_properties(zlib PROPERTIES DEFINE_SYMBOL ZLIB_DLL)
 set_target_properties(zlib PROPERTIES SOVERSION 1)
 
diff --git a/deps/zlib/OWNERS b/deps/zlib/OWNERS
index 3a821578a748b3..333dabdbae6096 100644
--- a/deps/zlib/OWNERS
+++ b/deps/zlib/OWNERS
@@ -1,4 +1,3 @@
-agl@chromium.org
 cavalcantii@chromium.org
-cblume@chromium.org
-scroggo@google.com
+hans@chromium.org
+agl@chromium.org  #{LAST_RESORT_SUGGESTION}
diff --git a/deps/zlib/README.chromium b/deps/zlib/README.chromium
index 92c5bfd1af200e..1f7c7460451113 100644
--- a/deps/zlib/README.chromium
+++ b/deps/zlib/README.chromium
@@ -1,9 +1,9 @@
 Name: zlib
 Short Name: zlib
 URL: http://zlib.net/
-Version: 1.3.0.1
-Revision: ac8f12c97d1afd9bafa9c710f827d40a407d3266
-CPEPrefix: cpe:/a:zlib:zlib:1.3.0.1
+Version: 1.3.1
+Revision: 51b7f2abdade71cd9bb0e7a373ef2610ec6f9daf
+CPEPrefix: cpe:/a:zlib:zlib:1.3.1
 Security Critical: yes
 Shipped: yes
 License: Zlib
@@ -21,14 +21,17 @@ also implements the zlib (RFC 1950) and gzip (RFC 1952) wrapper formats.
 Local Modifications:
  - Only source code from the zlib distribution used to build the zlib and
    minizip libraries are present. Many other files have been omitted. Only *.c
-   and *.h files from the upstream root directory and contrib/minizip were
-   imported.
+   and *.h files from the upstream root directory, contrib/minizip and
+   examples/zpipe.c were imported.
+ - The files named '*simd*' are original x86/Arm/RISC-V specific optimizations.
  - The contents of the google directory are original Chromium-specific
    additions.
+ - The contents of the 'contrib' of directory are either Chromium-specific
+   additions or heavily patched zlib files (e.g. inffast_chunk*).
  - Added chromeconf.h
  - Plus the changes in 'patches' folder.
  - Code in contrib/ other than contrib/minizip was added to match zlib's
    contributor layout.
- - In sync with 1.2.13 official release
+ - In sync with 1.3.1 official release
  - ZIP reader modified to allow for progress callbacks during extraction.
  - ZIP reader modified to add detection of AES encrypted content.
diff --git a/deps/zlib/contrib/minizip/README.chromium b/deps/zlib/contrib/minizip/README.chromium
index 6728765dd7580d..ee70ec59ad1bf2 100644
--- a/deps/zlib/contrib/minizip/README.chromium
+++ b/deps/zlib/contrib/minizip/README.chromium
@@ -34,3 +34,8 @@ Local Modifications:
   https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT section 4.6.9.
   (see crrev.com/1002476)
   0016-minizip-parse-unicode-path-extra-field.patch
+
+- Added support for zip64 archives that have extra bytes on front (for example,
+  large CRX files).
+  0018-support-prefixed-zip64.patch
+
diff --git a/deps/zlib/contrib/minizip/unzip.c b/deps/zlib/contrib/minizip/unzip.c
index a39e1752f6d2ed..95a945c0ac5fe9 100644
--- a/deps/zlib/contrib/minizip/unzip.c
+++ b/deps/zlib/contrib/minizip/unzip.c
@@ -482,6 +482,46 @@ local ZPOS64_T unz64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
     if (uL != 1)
         return CENTRALDIRINVALID;
 
+    /* If bytes are pre-pended to the archive, relativeOffset must be advanced
+       by that many bytes. The central dir must exist between the specified
+       relativeOffset and uPosFound. */
+    if (relativeOffset > uPosFound)
+        return CENTRALDIRINVALID;
+    const int BUFSIZE = 1024 * 4;
+    buf = (unsigned char*)ALLOC(BUFSIZE);
+    if (buf==NULL)
+        return CENTRALDIRINVALID;
+    // Zip64 EOCDR is at least 48 bytes long.
+    while (uPosFound - relativeOffset >= 48) {
+        int found = 0;
+        uLong uReadSize = uPosFound - relativeOffset;
+        if (uReadSize > BUFSIZE) {
+            uReadSize = BUFSIZE;
+        }
+        if (ZSEEK64(*pzlib_filefunc_def, filestream, relativeOffset, ZLIB_FILEFUNC_SEEK_SET) != 0) {
+            break;
+        }
+        if (ZREAD64(*pzlib_filefunc_def, filestream, buf, uReadSize) != uReadSize) {
+            break;
+        }
+        for (int i = 0; i < uReadSize - 3; ++i) {
+            // Looking for 0x06064b50, the Zip64 EOCDR signature.
+            if (buf[i] == 0x50 && buf[i + 1] == 0x4b &&
+                buf[i + 2] == 0x06 && buf[i + 3] == 0x06)
+            {
+                relativeOffset += i;
+                found = 1;
+                break;
+            }
+        }
+        if (found) {
+            break;
+        }
+        // Re-read the last 3 bytes, in case they're the front of the signature.
+        relativeOffset += uReadSize - 3;
+    }
+    free(buf);
+
     /* Goto end of central directory record */
     if (ZSEEK64(*pzlib_filefunc_def,filestream, relativeOffset,ZLIB_FILEFUNC_SEEK_SET)!=0)
         return CENTRALDIRINVALID;
@@ -1005,6 +1045,8 @@ local int unz64local_GetCurrentFileInfoInternal(unzFile file,
                     {
                         uLong uSizeRead;
 
+                        file_info.size_filename = fileNameSize;
+
                         if (fileNameSize < fileNameBufferSize)
                         {
                              *(szFileName + fileNameSize) = '\0';
diff --git a/deps/zlib/contrib/tests/fuzzers/BUILD.gn b/deps/zlib/contrib/tests/fuzzers/BUILD.gn
index d7db4b3459bae2..1538482f2ec041 100644
--- a/deps/zlib/contrib/tests/fuzzers/BUILD.gn
+++ b/deps/zlib/contrib/tests/fuzzers/BUILD.gn
@@ -43,3 +43,9 @@ fuzzer_test("zlib_deflate_fuzzer") {
   sources = [ "deflate_fuzzer.cc" ]
   deps = [ "../../../:zlib" ]
 }
+
+fuzzer_test("minizip_unzip_fuzzer") {
+  sources = [ "minizip_unzip_fuzzer.cc" ]
+  deps = [ "../../../:minizip" ]
+  include_dirs = [ "//third_party/zlib/contrib/minizip" ]
+}
diff --git a/deps/zlib/contrib/tests/fuzzers/minizip_unzip_fuzzer.cc b/deps/zlib/contrib/tests/fuzzers/minizip_unzip_fuzzer.cc
new file mode 100644
index 00000000000000..3b9fa446bfba60
--- /dev/null
+++ b/deps/zlib/contrib/tests/fuzzers/minizip_unzip_fuzzer.cc
@@ -0,0 +1,119 @@
+// Copyright 2025 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <algorithm>
+#include <cstdint>
+#include <cstring>
+#include <vector>
+
+#include "unzip.h"
+
+// Fuzzer builds often have NDEBUG set, so roll our own assert macro.
+#define ASSERT(cond)                                                           \
+  do {                                                                         \
+    if (!(cond)) {                                                             \
+      fprintf(stderr, "%s:%d Assert failed: %s\n", __FILE__, __LINE__, #cond); \
+      exit(1);                                                                 \
+    }                                                                          \
+  } while (0)
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  // Mock read-only filesystem with only one file, file_data. In the calls
+  // below, 'opaque' points to file_data, and 'strm' points to the file's seek
+  // position, which is heap allocated so that failing to "close" it triggers a
+  // leak error.
+  std::vector<uint8_t> file_data(data, data + size);
+  zlib_filefunc64_def file_func = {
+      .zopen64_file = [](void* opaque, const void* filename,
+                         int mode) -> void* {
+        ASSERT(mode == (ZLIB_FILEFUNC_MODE_READ | ZLIB_FILEFUNC_MODE_EXISTING));
+        return new size_t(0);
+      },
+      .zread_file = [](void* opaque, void* strm, void* buf,
+                       uLong size) -> uLong {
+        std::vector<uint8_t>* vec = static_cast<std::vector<uint8_t>*>(opaque);
+        size_t* pos = static_cast<size_t*>(strm);
+        if (*pos >= vec->size()) {
+          return 0;
+        }
+        size = std::min(static_cast<size_t>(size), vec->size() - *pos);
+        memcpy(buf, vec->data() + *pos, size);
+        (*pos) += size;
+        return size;
+      },
+      .zwrite_file = [](void*, void*, const void*, uLong) -> uLong {
+        ASSERT(0 && "Writing is not supported.");
+        return 0;
+      },
+      .ztell64_file = [](void*, void* strm) -> ZPOS64_T {
+        return *static_cast<size_t*>(strm);
+      },
+      .zseek64_file = [](void* opaque, void* strm, ZPOS64_T offset,
+                         int origin) -> long {
+        std::vector<uint8_t>* vec = static_cast<std::vector<uint8_t>*>(opaque);
+        size_t* pos = static_cast<size_t*>(strm);
+        switch (origin) {
+          case ZLIB_FILEFUNC_SEEK_SET:
+            *pos = offset;
+            break;
+          case ZLIB_FILEFUNC_SEEK_CUR:
+            *pos = *pos + offset;
+            break;
+          case ZLIB_FILEFUNC_SEEK_END:
+            *pos = vec->size() + offset;
+            break;
+          default:
+            ASSERT(0 && "Invalid origin");
+        }
+        return 0;
+      },
+      .zclose_file = [](void*, void* strm) -> int {
+        delete static_cast<size_t*>(strm);
+        return 0;
+      },
+      .zerror_file = [](void*, void*) -> int { return 0; },
+      .opaque = &file_data};
+
+  unzFile uzf = unzOpen2_64("foo.zip", &file_func);
+  if (uzf == NULL) {
+    return 0;
+  }
+
+  while (true) {
+    unz_file_info64 info = {0};
+
+    // TODO: Pass nullptrs and different buffer sizes to cover more code.
+    char filename[UINT16_MAX + 1];  // +1 for the null terminator.
+    char extra[UINT16_MAX];         // No null terminator.
+    char comment[UINT16_MAX + 1];   // +1 for the null terminator.
+
+    if (unzGetCurrentFileInfo64(uzf, &info, filename, sizeof(filename), extra,
+                                sizeof(extra), comment, sizeof(comment)) == UNZ_OK) {
+      ASSERT(info.size_filename <= UINT16_MAX);
+      ASSERT(info.size_file_extra <= UINT16_MAX);
+      ASSERT(info.size_file_comment <= UINT16_MAX);
+
+      ASSERT(filename[info.size_filename] == '\0');
+      ASSERT(comment[info.size_file_comment] == '\0');
+    }
+
+    if (unzOpenCurrentFile(uzf) == UNZ_OK) {
+      while (true) {
+        char buffer[4096];
+        int num_read = unzReadCurrentFile(uzf, buffer, sizeof(buffer));
+        if (num_read <= 0) {
+          break;
+        }
+      }
+      unzCloseCurrentFile(uzf);
+    }
+
+    if (unzGoToNextFile(uzf) != UNZ_OK) {
+      break;
+    }
+  }
+
+  unzClose(uzf);
+  return 0;
+}
diff --git a/deps/zlib/deflate.c b/deps/zlib/deflate.c
index 49496bb3b05618..872ba79017836b 100644
--- a/deps/zlib/deflate.c
+++ b/deps/zlib/deflate.c
@@ -1,5 +1,5 @@
 /* deflate.c -- compress data using the deflation algorithm
- * Copyright (C) 1995-2023 Jean-loup Gailly and Mark Adler
+ * Copyright (C) 1995-2024 Jean-loup Gailly and Mark Adler
  * For conditions of distribution and use, see copyright notice in zlib.h
  */
 
@@ -69,7 +69,7 @@
 #endif
 
 const char deflate_copyright[] =
-   " deflate 1.3.0.1 Copyright 1995-2023 Jean-loup Gailly and Mark Adler ";
+   " deflate 1.3.1 Copyright 1995-2024 Jean-loup Gailly and Mark Adler ";
 /*
   If you use the zlib library in a product, an acknowledgment is welcome
   in the documentation of your product. If for some reason you cannot
@@ -790,7 +790,11 @@ int ZEXPORT deflatePrime(z_streamp strm, int bits, int value) {
         put = Buf_size - s->bi_valid;
         if (put > bits)
             put = bits;
+#if defined(DEFLATE_CHUNK_WRITE_64LE)
+        s->bi_buf |= (uint64_t)((value & ((1ULL << put) - 1)) << s->bi_valid);
+#else
         s->bi_buf |= (ush)((value & ((1 << put) - 1)) << s->bi_valid);
+#endif /* DEFLATE_CHUNK_WRITE_64LE */
         s->bi_valid += put;
         _tr_flush_bits(s);
         value >>= put;
@@ -1663,13 +1667,21 @@ local uInt longest_match(deflate_state *s, IPos cur_match) {
  */
 local void check_match(deflate_state *s, IPos start, IPos match, int length) {
     /* check that the match is indeed a match */
-    if (zmemcmp(s->window + match,
-                s->window + start, length) != EQUAL) {
-        fprintf(stderr, " start %u, match %u, length %d\n",
-                start, match, length);
+    Bytef *back = s->window + (int)match, *here = s->window + start;
+    IPos len = length;
+    if (match == (IPos)-1) {
+        /* match starts one byte before the current window -- just compare the
+           subsequent length-1 bytes */
+        back++;
+        here++;
+        len--;
+    }
+    if (zmemcmp(back, here, len) != EQUAL) {
+        fprintf(stderr, " start %u, match %d, length %d\n",
+                start, (int)match, length);
         do {
-            fprintf(stderr, "%c%c", s->window[match++], s->window[start++]);
-        } while (--length != 0);
+            fprintf(stderr, "(%02x %02x)", *back++, *here++);
+        } while (--len != 0);
         z_error("invalid match");
     }
     if (z_verbose > 1) {
@@ -2106,13 +2118,7 @@ local block_state deflate_slow(deflate_state *s, int flush) {
             uInt max_insert = s->strstart + s->lookahead - MIN_MATCH;
             /* Do not insert strings in hash table beyond this. */
 
-            if (s->prev_match == -1) {
-                /* The window has slid one byte past the previous match,
-                 * so the first byte cannot be compared. */
-                check_match(s, s->strstart, s->prev_match + 1, s->prev_length - 1);
-            } else {
-                check_match(s, s->strstart - 1, s->prev_match, s->prev_length);
-            }
+            check_match(s, s->strstart - 1, s->prev_match, s->prev_length);
 
             _tr_tally_dist(s, s->strstart - 1 - s->prev_match,
                            s->prev_length - MIN_MATCH, bflush);
diff --git a/deps/zlib/deflate.h b/deps/zlib/deflate.h
index 099d35943192bf..b699f6b73b3a76 100644
--- a/deps/zlib/deflate.h
+++ b/deps/zlib/deflate.h
@@ -1,5 +1,5 @@
 /* deflate.h -- internal compression state
- * Copyright (C) 1995-2018 Jean-loup Gailly
+ * Copyright (C) 1995-2024 Jean-loup Gailly
  * For conditions of distribution and use, see copyright notice in zlib.h
  */
 
@@ -13,6 +13,10 @@
 #ifndef DEFLATE_H
 #define DEFLATE_H
 
+#if defined(DEFLATE_CHUNK_WRITE_64LE)
+#include <stdint.h>
+#endif
+
 #include "zutil.h"
 
 /* define NO_GZIP when compiling if you want to disable gzip header and
@@ -52,7 +56,11 @@
 #define MAX_BITS 15
 /* All codes must not exceed MAX_BITS bits */
 
+#if defined(DEFLATE_CHUNK_WRITE_64LE)
+#define Buf_size 64
+#else
 #define Buf_size 16
+#endif
 /* size of bit buffer in bi_buf */
 
 #define INIT_STATE    42    /* zlib header -> BUSY_STATE */
@@ -261,7 +269,11 @@ typedef struct internal_state {
     ulg bits_sent;      /* bit length of compressed data sent mod 2^32 */
 #endif
 
+#if defined(DEFLATE_CHUNK_WRITE_64LE)
+    uint64_t bi_buf;
+#else
     ush bi_buf;
+#endif
     /* Output buffer. bits are inserted starting at the bottom (least
      * significant bits).
      */
diff --git a/deps/zlib/google/OWNERS b/deps/zlib/google/OWNERS
index 868af3cc662852..1bd83ac482eec9 100644
--- a/deps/zlib/google/OWNERS
+++ b/deps/zlib/google/OWNERS
@@ -2,5 +2,4 @@ satorux@chromium.org
 
 # compression_utils*
 asvitkine@chromium.org
-isherman@chromium.org
 cavalcantii@chromium.org
diff --git a/deps/zlib/google/test/data/create_symlink_test_zips.py b/deps/zlib/google/test/data/create_symlink_test_zips.py
new file mode 100644
index 00000000000000..833887acaf7614
--- /dev/null
+++ b/deps/zlib/google/test/data/create_symlink_test_zips.py
@@ -0,0 +1,48 @@
+# Creates zip files for symlink-related tests.
+import zipfile
+
+
+def make_zip(filename):
+    return zipfile.ZipFile(filename, 'w', zipfile.ZIP_DEFLATED)
+
+
+def make_link(zf, target, link):
+    zip_info = zipfile.ZipInfo(link)
+    zip_info.external_attr = 0o120777 << 16  # lrwxrwxrwx
+    zf.writestr(zip_info, target)
+
+
+def make_file(zf, path, content):
+    zf.writestr(zipfile.ZipInfo(path), content)
+
+
+def make_test_zips():
+    with make_zip('symlinks.zip') as zf:
+        make_file(zf, 'a.txt', 'A')
+        make_file(zf, 'b.txt', 'B')
+        make_file(zf, 'dir/c.txt', 'C')
+        make_link(zf, '../a.txt', 'dir/a_link')
+        make_link(zf, 'b.txt', 'b_link')
+        make_link(zf, 'dir/c.txt', 'c_link')
+
+    with make_zip('symlink_evil_relative_path.zip') as zf:
+        make_file(zf, 'dir/a.txt', 'A')
+        make_link(zf, 'dir/../dir/../../outside.txt', 'evil_link')
+
+    with make_zip('symlink_absolute_path.zip') as zf:
+        make_link(zf, '/absolute/path/to/outside.txt', 'absolute_link')
+
+    with make_zip('symlink_too_large.zip') as zf:
+        make_link(zf, 'a' * 10000, 'big_link')
+
+    with make_zip('symlink_follow_own_link.zip') as zf:
+        make_link(zf, 'file', 'link')
+        make_file(zf, 'link', 'Hello world')
+
+    with make_zip('symlink_duplicate_link.zip') as zf:
+        make_link(zf, 'target_1', 'link')
+        make_link(zf, 'target_2', 'link')
+
+
+if __name__ == '__main__':
+    make_test_zips()
diff --git a/deps/zlib/google/test/data/symlink_absolute_path.zip b/deps/zlib/google/test/data/symlink_absolute_path.zip
new file mode 100644
index 0000000000000000000000000000000000000000..0bcf88b67d7e491985e9137b8180a12ebdedf4e1
GIT binary patch
literal 153
zcmWIWW@Zs#fB;2?wF@;JWq}+J<^|%!q~iRX(vsBpoXoszeHc%_Ah9Gvza(EjzqF({
uGbL58q@pCin~_O`8MjFg8yFb=F9fk*CV|Zj@MdKL2{HnqHIViIaToye10I<G

literal 0
HcmV?d00001

diff --git a/deps/zlib/google/test/data/symlink_duplicate_link.zip b/deps/zlib/google/test/data/symlink_duplicate_link.zip
new file mode 100644
index 0000000000000000000000000000000000000000..19830110a10c8e2d7593fda746be87e95329b633
GIT binary patch
literal 206
zcmWIWW@Zs#fB;2?n{9vWIDi}wW&z@y%)IQ9#G>@nl6b=a6qU)>zb?n2(kQ^2kx7IZ
nx2X`@7#RL91hGJNpzA<49ic-Du7i~gB+3MYDL^^|#9;scPlO<3

literal 0
HcmV?d00001

diff --git a/deps/zlib/google/test/data/symlink_evil_relative_path.zip b/deps/zlib/google/test/data/symlink_evil_relative_path.zip
new file mode 100644
index 0000000000000000000000000000000000000000..9aded0337de443627d7fd044d6fe32b0999cad34
GIT binary patch
literal 239
zcmWIWW@Zs#fB;2??s+#aGXgmv%n8IPnML}EdL<PljsYm@4ltGE$^hj-7^E(>EHfuQ
zCo?Y_q(M(lA4&mP`K2YrnJK9tGXlIBnM9azTLv@-3>rYTBdkW(hHf`R69dElg&II6
V+$90ttZX1DCLqiM(%B#m0{|s6C{zFd

literal 0
HcmV?d00001

diff --git a/deps/zlib/google/test/data/symlink_follow_own_link.zip b/deps/zlib/google/test/data/symlink_follow_own_link.zip
new file mode 100644
index 0000000000000000000000000000000000000000..933ede55632338fdf50beadf0d39b8a92c31cf43
GIT binary patch
literal 205
zcmWIWW@Zs#fB;1X0kio%EI<wn=Vaz(r)B1(2B4@4ns=?68>k9|K`KG2JW_LV@)gSS
zi*ix|ycwB9m~k5l)By(n7lJ5|W^^6s7C_W9Ff=f#!F8~*fkc^rFa<~lgE$NT4<Z|n

literal 0
HcmV?d00001

diff --git a/deps/zlib/google/test/data/symlink_too_large.zip b/deps/zlib/google/test/data/symlink_too_large.zip
new file mode 100644
index 0000000000000000000000000000000000000000..f226aedf21e6eb83f60627c1310b7666e231c8f0
GIT binary patch
literal 10114
zcmeI&u?@m75CzZ+0YsT13sA8^Mxb%y4G=U@1Y!i%pk^ob0b7BR1<?DJb!V5a{yDYF
zKIUxW{=DtGT|~W`@_CxZ!)3ajk3xU|0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
v0t5&UAV7cs0Rja6Kp>}P(YL>QbDu(8ydHJ?w&-$Nt?RofXDD+hExU*}oo(Jn

literal 0
HcmV?d00001

diff --git a/deps/zlib/google/test/data/symlinks.zip b/deps/zlib/google/test/data/symlinks.zip
new file mode 100644
index 0000000000000000000000000000000000000000..24e3fbdcca8d4bf49a07104fe8512dbdd1fbdadb
GIT binary patch
literal 585
zcmWIWW@Zs#fB;2??s+#aGXgmv%nHPbdL<PljsYlY49{QiLROOmQsacGX8Hf?wlFoE
zKyy+ui}aI0>YP#4bwuSq=K#usFc(x^Vth_!Ubdc|KG<?p^;x~%Z6J4nFdGmjfz^Ut
zfU0mql-doD#UKn)m<(13cSe9WBa;X-Zhr%HfI$Pu6Od3q*Mc4l5Dg3r4U8&4Ce%r&
zwxEX!LW>8GiPLfDfdtd`e_;Vs8zjikU5Fl72z?8HOi0k7>p>4Ugr1W?CL|OCyjej(
P3Jg~^22d=211kam{%%>W

literal 0
HcmV?d00001

diff --git a/deps/zlib/google/test_data.filelist b/deps/zlib/google/test_data.filelist
index 0a9d20bcea605a..5b29f3665e3e70 100644
--- a/deps/zlib/google/test_data.filelist
+++ b/deps/zlib/google/test_data.filelist
@@ -15,11 +15,18 @@ test/data/Repeated File Name.zip
 test/data/SJIS Bug 846195.zip
 test/data/Windows Special Names.zip
 test/data/Wrong CRC.zip
+test/data/create_symlink_test_zips.py
 test/data/create_test_zip.sh
 test/data/empty.zip
 test/data/evil.zip
 test/data/evil_via_absolute_file_name.zip
 test/data/evil_via_invalid_utf8.zip
+test/data/symlink_absolute_path.zip
+test/data/symlink_duplicate_link.zip
+test/data/symlink_evil_relative_path.zip
+test/data/symlink_follow_own_link.zip
+test/data/symlink_too_large.zip
+test/data/symlinks.zip
 test/data/test.zip
 test/data/test/foo.txt
 test/data/test/foo/bar.txt
diff --git a/deps/zlib/google/zip.cc b/deps/zlib/google/zip.cc
index 87065b9188785a..48c821e4219bf7 100644
--- a/deps/zlib/google/zip.cc
+++ b/deps/zlib/google/zip.cc
@@ -4,13 +4,16 @@
 
 #include "third_party/zlib/google/zip.h"
 
+#include <cstdint>
 #include <string>
 #include <vector>
 
 #include "base/files/file.h"
 #include "base/files/file_enumerator.h"
+#include "base/files/file_path.h"
 #include "base/files/file_util.h"
 #include "base/functional/bind.h"
+#include "base/functional/callback.h"
 #include "base/logging.h"
 #include "base/memory/ptr_util.h"
 #include "base/strings/string_util.h"
@@ -23,6 +26,11 @@
 namespace zip {
 namespace {
 
+#if defined(OS_POSIX)
+// The maximum allowed size of a symbolic link in bytes.
+constexpr uint64_t kMaxSymlinkFileSize = 8192;
+#endif
+
 bool IsHiddenFile(const base::FilePath& file_path) {
   return file_path.BaseName().value()[0] == '.';
 }
@@ -36,6 +44,34 @@ bool CreateDirectory(const base::FilePath& extract_dir,
   return ok;
 }
 
+#if defined(OS_POSIX)
+// Creates a symbolic link at |extract_dir|/|target| to |link|. Fails if |link|
+// points outside of |extract_dir|.
+bool CreateSymbolicLink(const base::FilePath& extract_dir,
+                        const base::FilePath& target,
+                        const base::FilePath& link) {
+  const base::FilePath full_link_path = extract_dir.Append(link);
+  if (target.IsAbsolute()) {
+    LOG(ERROR) << "Won't create link with an absolute target "
+               << Redact(target);
+    return false;
+  }
+  std::optional<base::FilePath> absolute_target =
+      base::MakeAbsoluteFilePathNoResolveSymbolicLinks(
+          full_link_path.DirName().Append(target));
+  if (!absolute_target) {
+    LOG(ERROR) << "Failed to make an absolute path to " << Redact(target);
+    return false;
+  }
+  if (!extract_dir.IsParent(*absolute_target)) {
+    LOG(ERROR) << "Won't create link with target outside extract dir "
+               << Redact(target);
+    return false;
+  }
+  return base::CreateSymbolicLink(target, full_link_path);
+}
+#endif  // defined(OS_POSIX)
+
 // Creates a WriterDelegate that can write a file at |extract_dir|/|entry_path|.
 std::unique_ptr<WriterDelegate> CreateFilePathWriterDelegate(
     const base::FilePath& extract_dir,
@@ -113,6 +149,95 @@ class DirectFileAccessor : public FileAccessor {
   const base::FilePath src_dir_;
 };
 
+// |symlink_creator| may be null in which case symbolic link entries are
+// considered errors.
+bool UnzipImpl(
+    const base::PlatformFile& src_file,
+    WriterFactory writer_factory,
+    DirectoryCreator directory_creator,
+    UnzipOptions options,
+    base::RepeatingCallback<bool(const base::FilePath&, const base::FilePath&)>
+        symlink_creator) {
+  ZipReader reader;
+  reader.SetEncoding(std::move(options.encoding));
+  reader.SetPassword(std::move(options.password));
+
+  if (!reader.OpenFromPlatformFile(src_file)) {
+    LOG(ERROR) << "Cannot open ZIP from file handle " << src_file;
+    return false;
+  }
+
+  while (const ZipReader::Entry* const entry = reader.Next()) {
+    if (entry->is_unsafe) {
+      LOG(ERROR) << "Found unsafe entry " << Redact(entry->path) << " in ZIP";
+      if (!options.continue_on_error) {
+        return false;
+      }
+      continue;
+    }
+
+    if (options.filter && !options.filter.Run(entry->path)) {
+      VLOG(1) << "Skipped ZIP entry " << Redact(entry->path);
+      continue;
+    }
+
+    if (entry->is_directory) {
+      // It's a directory.
+      if (!directory_creator.Run(entry->path)) {
+        LOG(ERROR) << "Cannot create directory " << Redact(entry->path);
+        if (!options.continue_on_error) {
+          return false;
+        }
+      }
+
+      continue;
+    }
+
+#if defined(OS_POSIX)
+    if (entry->is_symbolic_link) {
+      if (!symlink_creator) {
+        LOG(ERROR) << "Skipping symbolic link " << Redact(entry->path);
+        if (!options.continue_on_error) {
+          return false;
+        }
+        continue;
+      }
+      std::string target;
+      if (!reader.ExtractCurrentEntryToString(kMaxSymlinkFileSize, &target)) {
+        LOG(ERROR) << "Failed to read link target " << Redact(entry->path);
+        if (!options.continue_on_error) {
+          return false;
+        }
+        continue;
+      }
+      if (!symlink_creator.Run(base::FilePath(target), entry->path)) {
+        LOG(ERROR) << "Failed to create symbolic link " << Redact(entry->path);
+        if (!options.continue_on_error) {
+          return false;
+        }
+        continue;
+      }
+      continue;
+    }
+#endif  // defined(OS_POSIX)
+
+    // It's a file.
+    std::unique_ptr<WriterDelegate> writer = writer_factory.Run(entry->path);
+    if (!writer ||
+        (options.progress ? !reader.ExtractCurrentEntryWithListener(
+                                writer.get(), options.progress)
+                          : !reader.ExtractCurrentEntry(writer.get()))) {
+      LOG(ERROR) << "Cannot extract file " << Redact(entry->path)
+                 << " from ZIP";
+      if (!options.continue_on_error) {
+        return false;
+      }
+    }
+  }
+
+  return reader.ok();
+}
+
 }  // namespace
 
 std::ostream& operator<<(std::ostream& out, const Progress& progress) {
@@ -132,15 +257,17 @@ bool Zip(const ZipParams& params) {
     DCHECK(params.dest_file.empty());
     zip_writer =
         internal::ZipWriter::CreateWithFd(params.dest_fd, file_accessor);
-    if (!zip_writer)
+    if (!zip_writer) {
       return false;
+    }
   }
 #endif
 
   if (!zip_writer) {
     zip_writer = internal::ZipWriter::Create(params.dest_file, file_accessor);
-    if (!zip_writer)
+    if (!zip_writer) {
       return false;
+    }
   }
 
   zip_writer->SetProgressCallback(params.progress_callback,
@@ -148,7 +275,7 @@ bool Zip(const ZipParams& params) {
   zip_writer->SetRecursive(params.recursive);
   zip_writer->ContinueOnError(params.continue_on_error);
 
-  if (!params.include_hidden_files || params.filter_callback)
+  if (!params.include_hidden_files || params.filter_callback) {
     zip_writer->SetFilterCallback(base::BindRepeating(
         [](const ZipParams* const params, const base::FilePath& path) -> bool {
           return (params->include_hidden_files || !IsHiddenFile(path)) &&
@@ -156,16 +283,19 @@ bool Zip(const ZipParams& params) {
                   params->filter_callback.Run(params->src_dir.Append(path)));
         },
         &params));
+  }
 
   if (params.src_files.empty()) {
     // No source items are specified. Zip the entire source directory.
     zip_writer->SetRecursive(true);
-    if (!zip_writer->AddDirectoryContents(base::FilePath()))
+    if (!zip_writer->AddDirectoryContents(base::FilePath())) {
       return false;
+    }
   } else {
     // Only zip the specified source items.
-    if (!zip_writer->AddMixedEntries(params.src_files))
+    if (!zip_writer->AddMixedEntries(params.src_files)) {
       return false;
+    }
   }
 
   return zip_writer->Close();
@@ -173,7 +303,8 @@ bool Zip(const ZipParams& params) {
 
 bool Unzip(const base::FilePath& src_file,
            const base::FilePath& dest_dir,
-           UnzipOptions options) {
+           UnzipOptions options,
+           UnzipSymlinkOption symlink_option) {
   base::File file(src_file, base::File::FLAG_OPEN | base::File::FLAG_READ);
   if (!file.IsValid()) {
     PLOG(ERROR) << "Cannot open " << Redact(src_file) << ": "
@@ -184,63 +315,27 @@ bool Unzip(const base::FilePath& src_file,
   DLOG_IF(WARNING, !base::IsDirectoryEmpty(dest_dir))
       << "ZIP extraction directory is not empty: " << dest_dir;
 
-  return Unzip(file.GetPlatformFile(),
-               base::BindRepeating(&CreateFilePathWriterDelegate, dest_dir),
-               base::BindRepeating(&CreateDirectory, dest_dir),
-               std::move(options));
+  base::RepeatingCallback<bool(const base::FilePath&, const base::FilePath&)>
+      symlink_creator;
+#if defined(OS_POSIX)
+  if (symlink_option == UnzipSymlinkOption::PRESERVE) {
+    symlink_creator = base::BindRepeating(&CreateSymbolicLink, dest_dir);
+  }
+#endif  // defined(OS_POSIX)
+
+  return UnzipImpl(file.GetPlatformFile(),
+                   base::BindRepeating(&CreateFilePathWriterDelegate, dest_dir),
+                   base::BindRepeating(&CreateDirectory, dest_dir),
+                   std::move(options), symlink_creator);
 }
 
 bool Unzip(const base::PlatformFile& src_file,
            WriterFactory writer_factory,
            DirectoryCreator directory_creator,
            UnzipOptions options) {
-  ZipReader reader;
-  reader.SetEncoding(std::move(options.encoding));
-  reader.SetPassword(std::move(options.password));
-
-  if (!reader.OpenFromPlatformFile(src_file)) {
-    LOG(ERROR) << "Cannot open ZIP from file handle " << src_file;
-    return false;
-  }
-
-  while (const ZipReader::Entry* const entry = reader.Next()) {
-    if (entry->is_unsafe) {
-      LOG(ERROR) << "Found unsafe entry " << Redact(entry->path) << " in ZIP";
-      if (!options.continue_on_error)
-        return false;
-      continue;
-    }
-
-    if (options.filter && !options.filter.Run(entry->path)) {
-      VLOG(1) << "Skipped ZIP entry " << Redact(entry->path);
-      continue;
-    }
-
-    if (entry->is_directory) {
-      // It's a directory.
-      if (!directory_creator.Run(entry->path)) {
-        LOG(ERROR) << "Cannot create directory " << Redact(entry->path);
-        if (!options.continue_on_error)
-          return false;
-      }
-
-      continue;
-    }
-
-    // It's a file.
-    std::unique_ptr<WriterDelegate> writer = writer_factory.Run(entry->path);
-    if (!writer ||
-        (options.progress ? !reader.ExtractCurrentEntryWithListener(
-                                writer.get(), options.progress)
-                          : !reader.ExtractCurrentEntry(writer.get()))) {
-      LOG(ERROR) << "Cannot extract file " << Redact(entry->path)
-                 << " from ZIP";
-      if (!options.continue_on_error)
-        return false;
-    }
-  }
-
-  return reader.ok();
+  return UnzipImpl(src_file, writer_factory, directory_creator,
+                   std::move(options),
+                   /*symlink_creator=*/{});
 }
 
 bool ZipWithFilterCallback(const base::FilePath& src_dir,
diff --git a/deps/zlib/google/zip.h b/deps/zlib/google/zip.h
index ea8778681da00a..3a574849944610 100644
--- a/deps/zlib/google/zip.h
+++ b/deps/zlib/google/zip.h
@@ -193,6 +193,19 @@ struct UnzipOptions {
   bool continue_on_error = false;
 };
 
+// Option of the Unzip function to control handling of symbolic link entries.
+enum class UnzipSymlinkOption {
+  // Don't preserve internal symbolic links. On POSIX, consider symbolic link
+  // entries as errors. On other platforms, links are not differentiated from
+  // regular files.
+  DONT_PRESERVE,
+#if defined(OS_POSIX)
+  // Preserve internal symbolic links. Links which point outside of the
+  // extraction directory or specify an absolute target are rejected.
+  PRESERVE,
+#endif
+};
+
 typedef base::RepeatingCallback<std::unique_ptr<WriterDelegate>(
     const base::FilePath&)>
     WriterFactory;
@@ -206,13 +219,16 @@ bool Unzip(const base::PlatformFile& zip_file,
            DirectoryCreator directory_creator,
            UnzipOptions options = {});
 
-// Unzips the contents of |zip_file| into |dest_dir|.
-// This function does not overwrite any existing file.
-// A filename collision will result in an error.
-// Therefore, |dest_dir| should initially be an empty directory.
-bool Unzip(const base::FilePath& zip_file,
-           const base::FilePath& dest_dir,
-           UnzipOptions options = {});
+// Unzips the contents of |zip_file| into |dest_dir|.  This function does not
+// overwrite any existing file.  A filename collision will result in an error.
+// Therefore, |dest_dir| should initially be an empty directory. If
+// |allow_symlinks| is set internal symbolics links will be preserved. Else,
+// symbolic link entries are considered errors.
+bool Unzip(
+    const base::FilePath& zip_file,
+    const base::FilePath& dest_dir,
+    UnzipOptions options = {},
+    UnzipSymlinkOption symlink_option = UnzipSymlinkOption::DONT_PRESERVE);
 
 }  // namespace zip
 
diff --git a/deps/zlib/google/zip_internal.h b/deps/zlib/google/zip_internal.h
index f107d7fe883541..550cab0bbd71bc 100644
--- a/deps/zlib/google/zip_internal.h
+++ b/deps/zlib/google/zip_internal.h
@@ -7,6 +7,8 @@
 
 #include <string>
 
+#include <stdint.h>
+
 #include "base/time/time.h"
 #include "build/build_config.h"
 
@@ -79,8 +81,10 @@ bool ZipOpenNewFileInZip(zipFile zip_file,
 // PNG...) then the compression method is simply kStored.
 Compression GetCompressionMethod(const base::FilePath& path);
 
-const int kZipMaxPath = 256;
-const int kZipBufSize = 8192;
+// ZIP file names are up to 2^16 - 1, buffers should be 1 larger (for \0).
+inline constexpr int kZipMaxPath = UINT16_MAX + 1;
+
+inline constexpr int kZipBufSize = 8192;
 
 }  // namespace internal
 }  // namespace zip
diff --git a/deps/zlib/google/zip_reader.cc b/deps/zlib/google/zip_reader.cc
index 182a802ad84000..f71fcf51778cb9 100644
--- a/deps/zlib/google/zip_reader.cc
+++ b/deps/zlib/google/zip_reader.cc
@@ -9,6 +9,7 @@
 #include <utility>
 
 #include "base/check.h"
+#include "base/containers/heap_array.h"
 #include "base/files/file.h"
 #include "base/files/file_util.h"
 #include "base/functional/bind.h"
@@ -209,16 +210,17 @@ bool ZipReader::OpenEntry() {
 
   // Get entry info.
   unz_file_info64 info = {};
-  char path_in_zip[internal::kZipMaxPath] = {};
+  auto path_in_zip = base::HeapArray<char>::WithSize(internal::kZipMaxPath);
   if (const UnzipError err{unzGetCurrentFileInfo64(
-          zip_file_, &info, path_in_zip, sizeof(path_in_zip) - 1, nullptr, 0,
-          nullptr, 0)};
+          zip_file_, &info, path_in_zip.data(), path_in_zip.size() - 1,
+          nullptr, 0, nullptr, 0)};
       err != UNZ_OK) {
     LOG(ERROR) << "Cannot get entry from ZIP: " << err;
     return false;
   }
 
-  entry_.path_in_original_encoding = path_in_zip;
+  DCHECK(path_in_zip[info.size_filename] == '\0');
+  entry_.path_in_original_encoding = path_in_zip.data();
 
   // Convert path from original encoding to Unicode.
   std::u16string path_in_utf16;
@@ -260,8 +262,10 @@ bool ZipReader::OpenEntry() {
 
 #if defined(OS_POSIX)
   entry_.posix_mode = (info.external_fa >> 16L) & (S_IRWXU | S_IRWXG | S_IRWXO);
+  entry_.is_symbolic_link = S_ISLNK(info.external_fa >> 16L);
 #else
   entry_.posix_mode = 0;
+  entry_.is_symbolic_link = false;
 #endif
 
   return true;
diff --git a/deps/zlib/google/zip_reader.h b/deps/zlib/google/zip_reader.h
index 0dbf50b87b6b91..3caacc0bedd8af 100644
--- a/deps/zlib/google/zip_reader.h
+++ b/deps/zlib/google/zip_reader.h
@@ -143,6 +143,9 @@ class ZipReader {
 
     // Entry POSIX permissions (POSIX systems only).
     int posix_mode;
+
+    // True if the entry is a symbolic link (POSIX systems only).
+    bool is_symbolic_link = false;
   };
 
   ZipReader();
diff --git a/deps/zlib/google/zip_reader_unittest.cc b/deps/zlib/google/zip_reader_unittest.cc
index 46c0beb1453237..d77838cb5e728f 100644
--- a/deps/zlib/google/zip_reader_unittest.cc
+++ b/deps/zlib/google/zip_reader_unittest.cc
@@ -887,6 +887,31 @@ TEST_F(ZipReaderTest, WrongCrc) {
   EXPECT_EQ("This file has been changed after its CRC was computed.", contents);
 }
 
+// The Unicode Path Extra field overrides the regular filename. Make sure the
+// size_filename field is also correctly updated (ZipReader has a DCHECK for
+// this).
+TEST_F(ZipReaderTest, WrongFilenameLength) {
+  static const char test_data[] = {
+      0x50, 0x4b, 0x03, 0x04, 0x0a, 0x03, 0x00, 0x00, 0x00, 0x00, 0xd0, 0x71,
+      0x91, 0x4e, 0xbc, 0x2c, 0x7f, 0x06, 0x09, 0x00, 0x00, 0x00, 0x09, 0x00,
+      0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, 0xc8, 0xfe, 0x20, 0xc8, 0xfe, 0xc8,
+      0xfe, 0x2e, 0x74, 0x78, 0x74, 0xed, 0x95, 0x9c, 0xea, 0xb5, 0xad, 0xeb,
+      0xa7, 0x90, 0x50, 0x4b, 0x01, 0x02, 0x3f, 0x03, 0x0a, 0x03, 0x00, 0x00,
+      0x00, 0x00, 0xd0, 0x71, 0x91, 0x4e, 0xbc, 0x2c, 0x7f, 0x06, 0x09, 0x00,
+      0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x17, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x20, 0x80, 0xc9, 0x81, 0x00, 0x00, 0x00, 0x00,
+      0xc8, 0xfe, 0x20, 0xc8, 0xfe, 0xc8, 0xfe, 0x2e, 0x74, 0x78, 0x74, 0x75,
+      0x70, 0x13, 0x00, 0x01, 0xe9, 0x73, 0xbf, 0xc8, 0xec, 0x83, 0x88, 0x20,
+      0xeb, 0xac, 0xb8, 0xec, 0x84, 0x9c, 0x2e, 0x74, 0x78, 0x74, 0x50, 0x4b,
+      0x05, 0x06, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x50, 0x00,
+      0x00, 0x00, 0x32, 0x00, 0x00, 0x00, 0x00, 0x00};
+
+  std::string test_string(test_data, sizeof(test_data));
+  ZipReader reader;
+  ASSERT_TRUE(reader.OpenFromString(test_string));
+  reader.Next();
+}
+
 class FileWriterDelegateTest : public ::testing::Test {
  protected:
   void SetUp() override {
diff --git a/deps/zlib/google/zip_unittest.cc b/deps/zlib/google/zip_unittest.cc
index 2bcfa309281fce..150844ae3eb712 100644
--- a/deps/zlib/google/zip_unittest.cc
+++ b/deps/zlib/google/zip_unittest.cc
@@ -60,8 +60,9 @@ std::vector<std::string> GetRelativePaths(const base::FilePath& dir,
 bool CreateFile(const std::string& content,
                 base::FilePath* file_path,
                 base::File* file) {
-  if (!base::CreateTemporaryFile(file_path))
+  if (!base::CreateTemporaryFile(file_path)) {
     return false;
+  }
 
   if (!base::WriteFile(*file_path, content)) {
     return false;
@@ -93,8 +94,9 @@ class ProgressWriterDelegate : public zip::WriterDelegate {
  private:
   void LogProgressIfNecessary() {
     const base::TimeTicks now = base::TimeTicks::Now();
-    if (next_progress_report_time_ > now)
+    if (next_progress_report_time_ > now) {
       return;
+    }
 
     next_progress_report_time_ = now + progress_period_;
     LogProgress();
@@ -184,8 +186,9 @@ class VirtualFileSystem : public zip::FileAccessor {
     DCHECK(subdirs);
 
     const auto it = file_tree_.find(path);
-    if (it == file_tree_.end())
+    if (it == file_tree_.end()) {
       return false;
+    }
 
     for (const base::FilePath& file : it->second.files) {
       DCHECK(!file.empty());
@@ -204,8 +207,9 @@ class VirtualFileSystem : public zip::FileAccessor {
     DCHECK(!path.IsAbsolute());
     DCHECK(info);
 
-    if (!file_tree_.count(path))
+    if (!file_tree_.count(path)) {
       return false;
+    }
 
     info->is_directory = !files_.count(path);
     info->last_modified =
@@ -309,8 +313,9 @@ class ZipTest : public PlatformTest {
 
     size_t expected_count = 0;
     for (const base::FilePath& path : zip_contents_) {
-      if (expect_hidden_files || path.BaseName().value()[0] != '.')
+      if (expect_hidden_files || path.BaseName().value()[0] != '.') {
         ++expected_count;
+      }
     }
 
     EXPECT_EQ(expected_count, count);
@@ -788,8 +793,8 @@ TEST_F(ZipTest, UnzipMixedPaths) {
       "c/NUL",                    // Disappears on Windows
       "nul.very long extension",  // Disappears on Windows
 #ifndef OS_APPLE
-      "CASE",                     // Conflicts with "Case"
-      "case",                     // Conflicts with "Case"
+      "CASE",  // Conflicts with "Case"
+      "case",  // Conflicts with "Case"
 #endif
 #endif
       " NUL.txt",                  //
@@ -956,6 +961,90 @@ TEST_F(ZipTest, UnzipOnlyDirectories) {
   EXPECT_FALSE(base::PathExists(dir_foo_bar.AppendASCII("quux.txt")));
 }
 
+#if defined(OS_POSIX)
+
+TEST_F(ZipTest, UnzipSymlinks) {
+  ASSERT_TRUE(zip::Unzip(GetDataDirectory().AppendASCII("symlinks.zip"),
+                         test_dir_, /*options=*/{},
+                         zip::UnzipSymlinkOption::PRESERVE));
+
+  EXPECT_TRUE(base::PathExists(test_dir_.AppendASCII("a.txt")));
+  EXPECT_TRUE(base::PathExists(test_dir_.AppendASCII("b.txt")));
+  EXPECT_TRUE(base::PathExists(test_dir_.AppendASCII("dir/c.txt")));
+  base::FilePath target;
+  ASSERT_TRUE(
+      base::ReadSymbolicLink(test_dir_.AppendASCII("dir/a_link"), &target));
+  EXPECT_EQ(target.AsUTF8Unsafe(), "../a.txt");
+  ASSERT_TRUE(base::ReadSymbolicLink(test_dir_.AppendASCII("b_link"), &target));
+  EXPECT_EQ(target.AsUTF8Unsafe(), "b.txt");
+  ASSERT_TRUE(base::ReadSymbolicLink(test_dir_.AppendASCII("c_link"), &target));
+  EXPECT_EQ(target.AsUTF8Unsafe(), "dir/c.txt");
+}
+
+TEST_F(ZipTest, UnzipRejectsSymlinks) {
+  EXPECT_FALSE(zip::Unzip(GetDataDirectory().AppendASCII("symlinks.zip"),
+                          test_dir_, /*options=*/{},
+                          zip::UnzipSymlinkOption::DONT_PRESERVE));
+}
+
+TEST_F(ZipTest, UnzipSkipsSymlinks) {
+  ASSERT_TRUE(zip::Unzip(GetDataDirectory().AppendASCII("symlinks.zip"),
+                         test_dir_,
+                         {
+                             .continue_on_error = true,
+                         },
+                         zip::UnzipSymlinkOption::DONT_PRESERVE));
+
+  EXPECT_TRUE(base::PathExists(test_dir_.AppendASCII("a.txt")));
+  EXPECT_TRUE(base::PathExists(test_dir_.AppendASCII("b.txt")));
+  EXPECT_TRUE(base::PathExists(test_dir_.AppendASCII("dir/c.txt")));
+  EXPECT_FALSE(base::PathExists(test_dir_.AppendASCII("dir/a_link")));
+  EXPECT_FALSE(base::PathExists(test_dir_.AppendASCII("b_link")));
+  EXPECT_FALSE(base::PathExists(test_dir_.AppendASCII("c_link")));
+}
+
+TEST_F(ZipTest, UnzipSymlinksRejectsEvilRelativePath) {
+  const base::FilePath zip_path =
+      GetDataDirectory().AppendASCII("symlink_evil_relative_path.zip");
+  ASSERT_TRUE(base::PathExists(zip_path));
+  EXPECT_FALSE(zip::Unzip(zip_path, test_dir_, /*options=*/{},
+                          zip::UnzipSymlinkOption::PRESERVE));
+}
+
+TEST_F(ZipTest, UnzipSymlinksRejectsAbsolutePath) {
+  const base::FilePath zip_path =
+      GetDataDirectory().AppendASCII("symlink_absolute_path.zip");
+  ASSERT_TRUE(base::PathExists(zip_path));
+  EXPECT_FALSE(zip::Unzip(zip_path, test_dir_, /*options=*/{},
+                          zip::UnzipSymlinkOption::PRESERVE));
+}
+
+TEST_F(ZipTest, UnzipSymlinksRejectsSymlinkTooLarge) {
+  const base::FilePath zip_path =
+      GetDataDirectory().AppendASCII("symlink_too_large.zip");
+  ASSERT_TRUE(base::PathExists(zip_path));
+  EXPECT_FALSE(zip::Unzip(zip_path, test_dir_, /*options=*/{},
+                          zip::UnzipSymlinkOption::PRESERVE));
+}
+
+TEST_F(ZipTest, UnzipSymlinksNoFollowOwnLink) {
+  const base::FilePath zip_path =
+      GetDataDirectory().AppendASCII("symlink_follow_own_link.zip");
+  ASSERT_TRUE(base::PathExists(zip_path));
+  EXPECT_FALSE(zip::Unzip(zip_path, test_dir_, /*options=*/{},
+                          zip::UnzipSymlinkOption::PRESERVE));
+}
+
+TEST_F(ZipTest, UnzipSymlinksRejectsDuplicateLink) {
+  const base::FilePath zip_path =
+      GetDataDirectory().AppendASCII("symlink_duplicate_link.zip");
+  ASSERT_TRUE(base::PathExists(zip_path));
+  EXPECT_FALSE(zip::Unzip(zip_path, test_dir_, /*options=*/{},
+                          zip::UnzipSymlinkOption::PRESERVE));
+}
+
+#endif  // defined(OS_POSIX)
+
 // Tests that a ZIP archive containing SJIS-encoded file names can be correctly
 // extracted if the encoding is specified.
 TEST_F(ZipTest, UnzipSjis) {
diff --git a/deps/zlib/gzguts.h b/deps/zlib/gzguts.h
index f9375047e8c58f..eba72085bb756b 100644
--- a/deps/zlib/gzguts.h
+++ b/deps/zlib/gzguts.h
@@ -1,5 +1,5 @@
 /* gzguts.h -- zlib internal header definitions for gz* operations
- * Copyright (C) 2004-2019 Mark Adler
+ * Copyright (C) 2004-2024 Mark Adler
  * For conditions of distribution and use, see copyright notice in zlib.h
  */
 
@@ -210,9 +210,5 @@ char ZLIB_INTERNAL *gz_strwinerror(DWORD error);
 /* GT_OFF(x), where x is an unsigned value, is true if x > maximum z_off64_t
    value -- needed when comparing unsigned to z_off64_t, which is signed
    (possible z_off64_t types off_t, off64_t, and long are all signed) */
-#ifdef INT_MAX
-#  define GT_OFF(x) (sizeof(int) == sizeof(z_off64_t) && (x) > INT_MAX)
-#else
 unsigned ZLIB_INTERNAL gz_intmax(void);
-#  define GT_OFF(x) (sizeof(int) == sizeof(z_off64_t) && (x) > gz_intmax())
-#endif
+#define GT_OFF(x) (sizeof(int) == sizeof(z_off64_t) && (x) > gz_intmax())
diff --git a/deps/zlib/gzlib.c b/deps/zlib/gzlib.c
index 0d3ebf8d297e57..7136395f89a953 100644
--- a/deps/zlib/gzlib.c
+++ b/deps/zlib/gzlib.c
@@ -1,5 +1,5 @@
 /* gzlib.c -- zlib functions common to reading and writing gzip files
- * Copyright (C) 2004-2019 Mark Adler
+ * Copyright (C) 2004-2024 Mark Adler
  * For conditions of distribution and use, see copyright notice in zlib.h
  */
 
@@ -566,20 +566,20 @@ void ZLIB_INTERNAL gz_error(gz_statep state, int err, const char *msg) {
 #endif
 }
 
-#ifndef INT_MAX
 /* portably return maximum value for an int (when limits.h presumed not
    available) -- we need to do this to cover cases where 2's complement not
    used, since C standard permits 1's complement and sign-bit representations,
    otherwise we could just use ((unsigned)-1) >> 1 */
 unsigned ZLIB_INTERNAL gz_intmax(void) {
-    unsigned p, q;
-
-    p = 1;
+#ifdef INT_MAX
+    return INT_MAX;
+#else
+    unsigned p = 1, q;
     do {
         q = p;
         p <<= 1;
         p++;
     } while (p > q);
     return q >> 1;
-}
 #endif
+}
diff --git a/deps/zlib/inftrees.c b/deps/zlib/inftrees.c
index 73d5a776987ce1..98cfe164458c40 100644
--- a/deps/zlib/inftrees.c
+++ b/deps/zlib/inftrees.c
@@ -1,5 +1,5 @@
 /* inftrees.c -- generate Huffman trees for efficient decoding
- * Copyright (C) 1995-2023 Mark Adler
+ * Copyright (C) 1995-2024 Mark Adler
  * For conditions of distribution and use, see copyright notice in zlib.h
  */
 
@@ -9,7 +9,7 @@
 #define MAXBITS 15
 
 const char inflate_copyright[] =
-   " inflate 1.3.0.1 Copyright 1995-2023 Mark Adler ";
+   " inflate 1.3.1 Copyright 1995-2024 Mark Adler ";
 /*
   If you use the zlib library in a product, an acknowledgment is welcome
   in the documentation of your product. If for some reason you cannot
@@ -57,7 +57,7 @@ int ZLIB_INTERNAL inflate_table(codetype type, unsigned short FAR *lens,
         35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0};
     static const unsigned short lext[31] = { /* Length codes 257..285 extra */
         16, 16, 16, 16, 16, 16, 16, 16, 17, 17, 17, 17, 18, 18, 18, 18,
-        19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 16, 70, 200};
+        19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 16, 203, 77};
     static const unsigned short dbase[32] = { /* Distance codes 0..29 base */
         1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
         257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
diff --git a/deps/zlib/inftrees.h b/deps/zlib/inftrees.h
index f11f29c0761c15..6e7f0fa2a8afde 100644
--- a/deps/zlib/inftrees.h
+++ b/deps/zlib/inftrees.h
@@ -41,7 +41,7 @@ typedef struct {
    examples/enough.c found in the zlib distribution.  The arguments to that
    program are the number of symbols, the initial root table size, and the
    maximum bit length of a code.  "enough 286 10 15" for literal/length codes
-   returns returns 1332, and "enough 30 9 15" for distance codes returns 592.
+   returns 1332, and "enough 30 9 15" for distance codes returns 592.
    The initial root table size (10 or 9) is found in the fifth argument of the
    inflate_table() calls in inflate.c and infback.c.  If the root table size is
    changed, then these maximum sizes would be need to be recalculated and
diff --git a/deps/zlib/patches/0006-fix-check_match.patch b/deps/zlib/patches/0006-fix-check_match.patch
deleted file mode 100644
index b21c363b1ec1e7..00000000000000
--- a/deps/zlib/patches/0006-fix-check_match.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 8304bdda5293ffd5b3efce8e4f54904b387029d6 Mon Sep 17 00:00:00 2001
-From: Hans Wennborg <hans@chromium.org>
-Date: Wed, 23 Sep 2020 16:36:38 +0200
-Subject: [PATCH] Avoid crashing in check_match when prev_match == -1
-
-prev_match can be set to -1 after sliding the window. In that case, the
-window has slid past the first byte of the last match, which means it
-cannot be compared in check_match.
-
-This would cause zlib to crash on some inputs to deflate when built
-with ZLIB_DEBUG enabled.
-
-Check for this situation and avoid crashing by not trying to compare
-the first byte.
-
-Bug: 1113142
----
- third_party/zlib/deflate.c | 8 +++++++-
- 1 file changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/third_party/zlib/deflate.c b/third_party/zlib/deflate.c
-index cfdd2f46b230..d70732ec6fc2 100644
---- a/third_party/zlib/deflate.c
-+++ b/third_party/zlib/deflate.c
-@@ -2060,7 +2060,13 @@ local block_state deflate_slow(s, flush)
-             uInt max_insert = s->strstart + s->lookahead - MIN_MATCH;
-             /* Do not insert strings in hash table beyond this. */
- 
--            check_match(s, s->strstart-1, s->prev_match, s->prev_length);
-+            if (s->prev_match == -1) {
-+                /* The window has slid one byte past the previous match,
-+                 * so the first byte cannot be compared. */
-+                check_match(s, s->strstart, s->prev_match+1, s->prev_length-1);
-+            } else {
-+                check_match(s, s->strstart-1, s->prev_match, s->prev_length);
-+            }
- 
-             _tr_tally_dist(s, s->strstart -1 - s->prev_match,
-                            s->prev_length - MIN_MATCH, bflush);
--- 
-2.28.0.681.g6f77f65b4e-goog
-
diff --git a/deps/zlib/patches/0016-minizip-parse-unicode-path-extra-field.patch b/deps/zlib/patches/0016-minizip-parse-unicode-path-extra-field.patch
index 9a99a8ae027dfc..73ea055d5bbd30 100644
--- a/deps/zlib/patches/0016-minizip-parse-unicode-path-extra-field.patch
+++ b/deps/zlib/patches/0016-minizip-parse-unicode-path-extra-field.patch
@@ -21,6 +21,20 @@ Date:   Thu May 12 03:29:52 2022 +0000
     Commit-Queue: Alex Danilo <adanilo@chromium.org>
     Cr-Commit-Position: refs/heads/main@{#1002476}
 
+commit 5a56f75b0da23a10f2c6d9068029a00e53425ddf
+Author: Hans Wennborg <hans@chromium.org>
+Date:   Fri May 16 15:48:19 2025 +0200
+
+    [minizip] Set filename length when using the Unicode Path Extra field
+
+    This is a follow-up to crrev.com/1002476 which added support for parsing
+    the Unicode Path Extra field, which overrides the regular filename. It
+    also needs to update the filename length.
+
+    Bug: 40623474
+    Change-Id: Ifab65f470736b45b1b51a1cc130a5753a2b20583
+    Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6553931
+
 diff --git a/third_party/zlib/contrib/minizip/unzip.c b/third_party/zlib/contrib/minizip/unzip.c
 index c8a01b23efd42..42677cff82c96 100644
 --- a/third_party/zlib/contrib/minizip/unzip.c
@@ -93,6 +107,8 @@ index c8a01b23efd42..42677cff82c96 100644
 +                    {
 +                        uLong uSizeRead;
 +
++                        file_info.size_filename = fileNameSize;
++
 +                        if (fileNameSize < fileNameBufferSize)
 +                        {
 +                             *(szFileName + fileNameSize) = '\0';
diff --git a/deps/zlib/patches/0018-support-prefixed-zip64.patch b/deps/zlib/patches/0018-support-prefixed-zip64.patch
new file mode 100644
index 00000000000000..9e1b4732344dab
--- /dev/null
+++ b/deps/zlib/patches/0018-support-prefixed-zip64.patch
@@ -0,0 +1,82 @@
+commit 410a23e8a442e3de4f8df29339946a7d826120d0
+Author: Joshua Pawlicki <waffles@chromium.org>
+Date:   Wed May 14 10:58:18 2025 -0700
+
+    [zip]: Allow zip64 files to have prepended content.
+
+    This was already supported for non-zip64 files.
+
+    Fixed: 414848094
+    Change-Id: I3bd79f4b5175d8abca8d8e81f26373037868dcf8
+    Cq-Include-Trybots: luci.chromium.try:ios-blink-dbg-fyi
+    Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6533087
+    Commit-Queue: Joshua Pawlicki <waffles@chromium.org>
+    Auto-Submit: Joshua Pawlicki <waffles@chromium.org>
+    Reviewed-by: Hans Wennborg <hans@chromium.org>
+    Cr-Commit-Position: refs/heads/main@{#1460236}
+
+commit 3daf10f4a4cd6dbfaaaef6a90091f7c6c3148a24
+Author: Hans Wennborg <hans@chromium.org>
+Date:   Fri May 16 15:35:36 2025 +0200
+
+    [minizip] Fix possible infinite loop in unz64local_SearchCentralDir64
+
+    This is a follow-up to crrev.com/1460236, where `uPosFound - 48` could
+    overflow, resulting in a possible readSize of 3, which meant the loop
+    did not make progress.
+
+    Bug: 414848094
+    Change-Id: Icda653b2c9ac59161fb2aba9ac287fe510ee8653
+    Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6554217
+
+diff --git a/third_party/zlib/contrib/minizip/unzip.c b/third_party/zlib/contrib/minizip/unzip.c
+index a39e1752f6d2e..2c8a73e87e011 100644
+--- a/third_party/zlib/contrib/minizip/unzip.c
++++ b/third_party/zlib/contrib/minizip/unzip.c
+@@ -482,6 +482,44 @@ local ZPOS64_T unz64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
+     if (uL != 1)
+         return CENTRALDIRINVALID;
+ 
++    /* If bytes are pre-pended to the archive, relativeOffset must be advanced
++       by that many bytes. The central dir must exist between the specified
++       relativeOffset and uPosFound. */
++    const int BUFSIZE = 1024 * 4;
++    buf = (unsigned char*)ALLOC(BUFSIZE);
++    if (buf==NULL)
++        return CENTRALDIRINVALID;
++    if (relativeOffset > uPosFound)
++        return CENTRALDIRINVALID;
++    // Zip64 EOCDR is at least 48 bytes long.
++    while (relativeOffset + 48 <= uPosFound) {
++        int found = 0;
++        uLong uReadSize = uPosFound - relativeOffset;
++        if (uReadSize > BUFSIZE) {
++            uReadSize = BUFSIZE;
++        }
++        if (ZSEEK64(*pzlib_filefunc_def, filestream, relativeOffset, ZLIB_FILEFUNC_SEEK_SET) != 0) {
++            break;
++        }
++        if (ZREAD64(*pzlib_filefunc_def, filestream, buf, uReadSize) != uReadSize) {
++            break;
++        }
++        for (int i = 0; i < uReadSize - 3; ++i) {
++            // Looking for 0x06064b50, the Zip64 EOCDR signature.
++            if (buf[i] == 0x50 && buf[i + 1] == 0x4b &&
++                buf[i + 2] == 0x06 && buf[i + 3] == 0x06)
++            {
++                relativeOffset += i;
++                found = 1;
++                break;
++            }
++        }
++        if (found) {
++            break;
++        }
++        // Re-read the last 3 bytes, in case they're the front of the signature.
++        relativeOffset += uReadSize - 3;
++    }
++    free(buf);
++
+     /* Goto end of central directory record */
+     if (ZSEEK64(*pzlib_filefunc_def,filestream, relativeOffset,ZLIB_FILEFUNC_SEEK_SET)!=0)
+         return CENTRALDIRINVALID;
diff --git a/deps/zlib/test/minigzip.c b/deps/zlib/test/minigzip.c
index c72356dbccf255..134e10e6c3e947 100644
--- a/deps/zlib/test/minigzip.c
+++ b/deps/zlib/test/minigzip.c
@@ -303,7 +303,7 @@ static void error(const char *msg) {
 #ifdef USE_MMAP /* MMAP version, Miguel Albrecht <malbrech@eso.org> */
 
 /* Try compressing the input file at once using mmap. Return Z_OK if
- * if success, Z_ERRNO otherwise.
+ * success, Z_ERRNO otherwise.
  */
 static int gz_compress_mmap(FILE *in, gzFile out) {
     int len;
diff --git a/deps/zlib/trees.c b/deps/zlib/trees.c
index 38135273c9c3bc..7359429702f791 100644
--- a/deps/zlib/trees.c
+++ b/deps/zlib/trees.c
@@ -1,5 +1,5 @@
 /* trees.c -- output deflated data using Huffman coding
- * Copyright (C) 1995-2021 Jean-loup Gailly
+ * Copyright (C) 1995-2024 Jean-loup Gailly
  * detect_data_type() function provided freely by Cosmin Truta, 2006
  * For conditions of distribution and use, see copyright notice in zlib.h
  */
@@ -141,11 +141,18 @@ local TCONST static_tree_desc static_bl_desc =
  * Output a short LSB first on the stream.
  * IN assertion: there is enough room in pendingBuf.
  */
+#if defined(DEFLATE_CHUNK_WRITE_64LE)
+#define put_short(s, w) { \
+    uint16_t data = (uint16_t)(w); \
+    zmemcpy(&s->pending_buf[s->pending], &data, sizeof(data)); \
+    s->pending += 2; \
+  }
+#else
 #define put_short(s, w) { \
     put_byte(s, (uch)((w) & 0xff)); \
     put_byte(s, (uch)((ush)(w) >> 8)); \
 }
-
+#endif /* DEFLATE_CHUNK_WRITE_64LE */
 /* ===========================================================================
  * Reverse the first len bits of a code, using straightforward code (a faster
  * method would use a table)
@@ -164,6 +171,13 @@ local unsigned bi_reverse(unsigned code, int len) {
  * Flush the bit buffer, keeping at most 7 bits in it.
  */
 local void bi_flush(deflate_state *s) {
+#if defined(DEFLATE_CHUNK_WRITE_64LE)
+    while (s->bi_valid >= 16) {
+        put_short(s, s->bi_buf);
+        s->bi_buf >>= 16;
+        s->bi_valid -= 16;
+    }
+#endif /* DEFLATE_CHUNK_WRITE_64LE */
     if (s->bi_valid == 16) {
         put_short(s, s->bi_buf);
         s->bi_buf = 0;
@@ -173,12 +187,21 @@ local void bi_flush(deflate_state *s) {
         s->bi_buf >>= 8;
         s->bi_valid -= 8;
     }
+
+    Assert(s->bi_valid >= 0 && s->bi_valid <= 7, "bad bi_flush");
 }
 
 /* ===========================================================================
  * Flush the bit buffer and align the output on a byte boundary
  */
 local void bi_windup(deflate_state *s) {
+#if defined(DEFLATE_CHUNK_WRITE_64LE)
+    while (s->bi_valid >= 16) {
+        put_short(s, s->bi_buf);
+        s->bi_buf >>= 16;
+        s->bi_valid -= 16;
+    }
+#endif /* DEFLATE_CHUNK_WRITE_64LE */
     if (s->bi_valid > 8) {
         put_short(s, s->bi_buf);
     } else if (s->bi_valid > 0) {
@@ -248,7 +271,28 @@ local void gen_trees_header(void);
  * Send a value on a given number of bits.
  * IN assertion: length <= 16 and value fits in length bits.
  */
+#if defined(DEFLATE_CHUNK_WRITE_64LE)
+local void send_bits(deflate_state *s, uint64_t value, int length)
+{
+    Tracevv((stderr," l %2d v %4llx ", length, (unsigned long long)value));
+    Assert(s->bi_valid >= 0 && s->bi_valid <= 63, "invalid bi_valid");
+    Assert(length > 0 && length <= 15, "invalid length");
 #ifdef ZLIB_DEBUG
+    s->bits_sent += (ulg)length;
+#endif
+
+    s->bi_buf |= (value << s->bi_valid);
+    s->bi_valid += length;
+
+    if (s->bi_valid >= Buf_size) {
+      zmemcpy(&s->pending_buf[s->pending], &s->bi_buf, sizeof(s->bi_buf));
+      s->pending += 8;
+      s->bi_valid -= Buf_size;
+      s->bi_buf = value >> (length - s->bi_valid);
+    }
+    Assert(s->bi_valid >= 0 && s->bi_valid <= 63, "invalid bi_valid");
+}
+#elif defined(ZLIB_DEBUG)
 local void send_bits(deflate_state *s, int value, int length) {
     Tracevv((stderr," l %2d v %4x ", length, value));
     Assert(length > 0 && length <= 15, "invalid length");
@@ -268,8 +312,7 @@ local void send_bits(deflate_state *s, int value, int length) {
         s->bi_valid += length;
     }
 }
-#else /* !ZLIB_DEBUG */
-
+#else /* !ZLIB_DEBUG && !DEFLATE_CHUNK_WRITE_64LE */
 #define send_bits(s, value, length) \
 { int len = length;\
   if (s->bi_valid > (int)Buf_size - len) {\
@@ -283,7 +326,7 @@ local void send_bits(deflate_state *s, int value, int length) {
     s->bi_valid += len;\
   }\
 }
-#endif /* ZLIB_DEBUG */
+#endif /* DEFLATE_CHUNK_WRITE_64LE */
 
 
 /* the arguments must not have side effects */
diff --git a/deps/zlib/zconf.h b/deps/zlib/zconf.h
index 4f2ebbb755e433..d72d337f701c30 100644
--- a/deps/zlib/zconf.h
+++ b/deps/zlib/zconf.h
@@ -1,5 +1,5 @@
 /* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-2016 Jean-loup Gailly, Mark Adler
+ * Copyright (C) 1995-2024 Jean-loup Gailly, Mark Adler
  * For conditions of distribution and use, see copyright notice in zlib.h
  */
 
@@ -312,14 +312,6 @@
 #  endif
 #endif
 
-#ifndef Z_ARG /* function prototypes for stdarg */
-#  if defined(STDC) || defined(Z_HAVE_STDARG_H)
-#    define Z_ARG(args)  args
-#  else
-#    define Z_ARG(args)  ()
-#  endif
-#endif
-
 /* The following definitions for FAR are needed only for MSDOS mixed
  * model programming (small or medium model with some far allocations).
  * This was tested only with MSC; for other MSDOS compilers you may have
diff --git a/deps/zlib/zconf.h.cmakein b/deps/zlib/zconf.h.cmakein
index 310c43928a299f..0abe3bc9d8fa4e 100644
--- a/deps/zlib/zconf.h.cmakein
+++ b/deps/zlib/zconf.h.cmakein
@@ -1,5 +1,5 @@
 /* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-2016 Jean-loup Gailly, Mark Adler
+ * Copyright (C) 1995-2024 Jean-loup Gailly, Mark Adler
  * For conditions of distribution and use, see copyright notice in zlib.h
  */
 
@@ -302,14 +302,6 @@
 #  endif
 #endif
 
-#ifndef Z_ARG /* function prototypes for stdarg */
-#  if defined(STDC) || defined(Z_HAVE_STDARG_H)
-#    define Z_ARG(args)  args
-#  else
-#    define Z_ARG(args)  ()
-#  endif
-#endif
-
 /* The following definitions for FAR are needed only for MSDOS mixed
  * model programming (small or medium model with some far allocations).
  * This was tested only with MSC; for other MSDOS compilers you may have
diff --git a/deps/zlib/zconf.h.in b/deps/zlib/zconf.h.in
index fb76ffe312ae45..62adc8d8431f2f 100644
--- a/deps/zlib/zconf.h.in
+++ b/deps/zlib/zconf.h.in
@@ -1,5 +1,5 @@
 /* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-2016 Jean-loup Gailly, Mark Adler
+ * Copyright (C) 1995-2024 Jean-loup Gailly, Mark Adler
  * For conditions of distribution and use, see copyright notice in zlib.h
  */
 
@@ -300,14 +300,6 @@
 #  endif
 #endif
 
-#ifndef Z_ARG /* function prototypes for stdarg */
-#  if defined(STDC) || defined(Z_HAVE_STDARG_H)
-#    define Z_ARG(args)  args
-#  else
-#    define Z_ARG(args)  ()
-#  endif
-#endif
-
 /* The following definitions for FAR are needed only for MSDOS mixed
  * model programming (small or medium model with some far allocations).
  * This was tested only with MSC; for other MSDOS compilers you may have
diff --git a/deps/zlib/zlib.3 b/deps/zlib/zlib.3
index adc5b7f03e8c95..c716020ea9c420 100644
--- a/deps/zlib/zlib.3
+++ b/deps/zlib/zlib.3
@@ -1,4 +1,4 @@
-.TH ZLIB 3 "xx Aug 2023"
+.TH ZLIB 3 "22 Jan 2024"
 .SH NAME
 zlib \- compression/decompression library
 .SH SYNOPSIS
@@ -105,9 +105,9 @@ before asking for help.
 Send questions and/or comments to zlib@gzip.org,
 or (for the Windows DLL version) to Gilles Vollant (info@winimage.com).
 .SH AUTHORS AND LICENSE
-Version 1.2.3.0.1
+Version 1.3.1
 .LP
-Copyright (C) 1995-2022 Jean-loup Gailly and Mark Adler
+Copyright (C) 1995-2024 Jean-loup Gailly and Mark Adler
 .LP
 This software is provided 'as-is', without any express or implied
 warranty.  In no event will the authors be held liable for any damages
diff --git a/deps/zlib/zlib.gyp b/deps/zlib/zlib.gyp
index 25f570fbe7bdb6..9753250e427d9c 100644
--- a/deps/zlib/zlib.gyp
+++ b/deps/zlib/zlib.gyp
@@ -134,7 +134,7 @@
         #   ],
         # }, # zlib_crc32_simd
         {
-          'target_name': 'zlib_inflate_chunk_simd',
+          'target_name': 'zlib_data_chunk_simd',
           'type': 'static_library',
           'conditions': [
             ['target_arch in "ia32 x64" and OS!="ios"', {
@@ -167,9 +167,9 @@
             'include_dirs': [ '<(ZLIB_ROOT)' ],
           },
           'sources': [
-            '<!@pymod_do_main(GN-scraper "<(ZLIB_ROOT)/BUILD.gn" "\\"zlib_inflate_chunk_simd\\".*?sources = ")',
+            '<!@pymod_do_main(GN-scraper "<(ZLIB_ROOT)/BUILD.gn" "\\"zlib_data_chunk_simd\\".*?sources = ")',
           ],
-        }, # zlib_inflate_chunk_simd
+        }, # zlib_data_chunk_simd
         {
           'target_name': 'zlib',
           'type': 'static_library',
@@ -198,7 +198,7 @@
             }],
             # Incorporate optimizations where possible.
             ['(target_arch in "ia32 x64" and OS!="ios") or arm_fpu=="neon"', {
-              'dependencies': [ 'zlib_inflate_chunk_simd' ],
+              'dependencies': [ 'zlib_data_chunk_simd' ],
               'sources': [ '<(ZLIB_ROOT)/slide_hash_simd.h' ]
             }, {
               'defines': [ 'CPU_NO_SIMD' ],
diff --git a/deps/zlib/zlib.h b/deps/zlib/zlib.h
index f1b149b93e4346..8b2f6c1db99a5e 100644
--- a/deps/zlib/zlib.h
+++ b/deps/zlib/zlib.h
@@ -1,7 +1,7 @@
 /* zlib.h -- interface of the 'zlib' general purpose compression library
-  version 1.3.0.1, August xxth, 2023
+  version 1.3.1, January 22nd, 2024
 
-  Copyright (C) 1995-2023 Jean-loup Gailly and Mark Adler
+  Copyright (C) 1995-2024 Jean-loup Gailly and Mark Adler
 
   This software is provided 'as-is', without any express or implied
   warranty.  In no event will the authors be held liable for any damages
@@ -37,12 +37,12 @@
 extern "C" {
 #endif
 
-#define ZLIB_VERSION "1.3.0.1-motley"
-#define ZLIB_VERNUM 0x1301
+#define ZLIB_VERSION "1.3.1"
+#define ZLIB_VERNUM 0x1310
 #define ZLIB_VER_MAJOR 1
 #define ZLIB_VER_MINOR 3
-#define ZLIB_VER_REVISION 0
-#define ZLIB_VER_SUBREVISION 1
+#define ZLIB_VER_REVISION 1
+#define ZLIB_VER_SUBREVISION 0
 
 /*
     The 'zlib' compression library provides in-memory compression and
@@ -935,10 +935,10 @@ ZEXTERN int ZEXPORT inflateSync(z_streamp strm);
      inflateSync returns Z_OK if a possible full flush point has been found,
    Z_BUF_ERROR if no more input was provided, Z_DATA_ERROR if no flush point
    has been found, or Z_STREAM_ERROR if the stream structure was inconsistent.
-   In the success case, the application may save the current current value of
-   total_in which indicates where valid compressed data was found.  In the
-   error case, the application may repeatedly call inflateSync, providing more
-   input each time, until success or end of the input data.
+   In the success case, the application may save the current value of total_in
+   which indicates where valid compressed data was found.  In the error case,
+   the application may repeatedly call inflateSync, providing more input each
+   time, until success or end of the input data.
 */
 
 ZEXTERN int ZEXPORT inflateCopy(z_streamp dest,
@@ -1757,14 +1757,14 @@ ZEXTERN uLong ZEXPORT crc32_combine(uLong crc1, uLong crc2, z_off_t len2);
    seq1 and seq2 with lengths len1 and len2, CRC-32 check values were
    calculated for each, crc1 and crc2.  crc32_combine() returns the CRC-32
    check value of seq1 and seq2 concatenated, requiring only crc1, crc2, and
-   len2.
+   len2. len2 must be non-negative.
 */
 
 /*
 ZEXTERN uLong ZEXPORT crc32_combine_gen(z_off_t len2);
 
      Return the operator corresponding to length len2, to be used with
-   crc32_combine_op().
+   crc32_combine_op(). len2 must be non-negative.
 */
 
 ZEXTERN uLong ZEXPORT crc32_combine_op(uLong crc1, uLong crc2, uLong op);
diff --git a/deps/zlib/zlib.map b/deps/zlib/zlib.map
index b330b606febbea..31544f2e93da1a 100644
--- a/deps/zlib/zlib.map
+++ b/deps/zlib/zlib.map
@@ -1,100 +1,100 @@
-ZLIB_1.2.0 {
-  global:
-    compressBound;
-    deflateBound;
-    inflateBack;
-    inflateBackEnd;
-    inflateBackInit_;
-    inflateCopy;
-  local:
-    deflate_copyright;
-    inflate_copyright;
-    inflate_fast;
-    inflate_table;
-    zcalloc;
-    zcfree;
-    z_errmsg;
-    gz_error;
-    gz_intmax;
-    _*;
-};
-
-ZLIB_1.2.0.2 {
-    gzclearerr;
-    gzungetc;
-    zlibCompileFlags;
-} ZLIB_1.2.0;
-
-ZLIB_1.2.0.8 {
-    deflatePrime;
-} ZLIB_1.2.0.2;
-
-ZLIB_1.2.2 {
-    adler32_combine;
-    crc32_combine;
-    deflateSetHeader;
-    inflateGetHeader;
-} ZLIB_1.2.0.8;
-
-ZLIB_1.2.2.3 {
-    deflateTune;
-    gzdirect;
-} ZLIB_1.2.2;
-
-ZLIB_1.2.2.4 {
-    inflatePrime;
-} ZLIB_1.2.2.3;
-
-ZLIB_1.2.3.3 {
-    adler32_combine64;
-    crc32_combine64;
-    gzopen64;
-    gzseek64;
-    gztell64;
-    inflateUndermine;
-} ZLIB_1.2.2.4;
-
-ZLIB_1.2.3.4 {
-    inflateReset2;
-    inflateMark;
-} ZLIB_1.2.3.3;
-
-ZLIB_1.2.3.5 {
-    gzbuffer;
-    gzoffset;
-    gzoffset64;
-    gzclose_r;
-    gzclose_w;
-} ZLIB_1.2.3.4;
-
-ZLIB_1.2.5.1 {
-    deflatePending;
-} ZLIB_1.2.3.5;
-
-ZLIB_1.2.5.2 {
-    deflateResetKeep;
-    gzgetc_;
-    inflateResetKeep;
-} ZLIB_1.2.5.1;
-
-ZLIB_1.2.7.1 {
-    inflateGetDictionary;
-    gzvprintf;
-} ZLIB_1.2.5.2;
-
-ZLIB_1.2.9 {
-    inflateCodesUsed;
-    inflateValidate;
-    uncompress2;
-    gzfread;
-    gzfwrite;
-    deflateGetDictionary;
-    adler32_z;
-    crc32_z;
-} ZLIB_1.2.7.1;
-
-ZLIB_1.2.12 {
-	crc32_combine_gen;
-	crc32_combine_gen64;
-	crc32_combine_op;
-} ZLIB_1.2.9;
+ZLIB_1.2.0 {
+  global:
+    compressBound;
+    deflateBound;
+    inflateBack;
+    inflateBackEnd;
+    inflateBackInit_;
+    inflateCopy;
+  local:
+    deflate_copyright;
+    inflate_copyright;
+    inflate_fast;
+    inflate_table;
+    zcalloc;
+    zcfree;
+    z_errmsg;
+    gz_error;
+    gz_intmax;
+    _*;
+};
+
+ZLIB_1.2.0.2 {
+    gzclearerr;
+    gzungetc;
+    zlibCompileFlags;
+} ZLIB_1.2.0;
+
+ZLIB_1.2.0.8 {
+    deflatePrime;
+} ZLIB_1.2.0.2;
+
+ZLIB_1.2.2 {
+    adler32_combine;
+    crc32_combine;
+    deflateSetHeader;
+    inflateGetHeader;
+} ZLIB_1.2.0.8;
+
+ZLIB_1.2.2.3 {
+    deflateTune;
+    gzdirect;
+} ZLIB_1.2.2;
+
+ZLIB_1.2.2.4 {
+    inflatePrime;
+} ZLIB_1.2.2.3;
+
+ZLIB_1.2.3.3 {
+    adler32_combine64;
+    crc32_combine64;
+    gzopen64;
+    gzseek64;
+    gztell64;
+    inflateUndermine;
+} ZLIB_1.2.2.4;
+
+ZLIB_1.2.3.4 {
+    inflateReset2;
+    inflateMark;
+} ZLIB_1.2.3.3;
+
+ZLIB_1.2.3.5 {
+    gzbuffer;
+    gzoffset;
+    gzoffset64;
+    gzclose_r;
+    gzclose_w;
+} ZLIB_1.2.3.4;
+
+ZLIB_1.2.5.1 {
+    deflatePending;
+} ZLIB_1.2.3.5;
+
+ZLIB_1.2.5.2 {
+    deflateResetKeep;
+    gzgetc_;
+    inflateResetKeep;
+} ZLIB_1.2.5.1;
+
+ZLIB_1.2.7.1 {
+    inflateGetDictionary;
+    gzvprintf;
+} ZLIB_1.2.5.2;
+
+ZLIB_1.2.9 {
+    inflateCodesUsed;
+    inflateValidate;
+    uncompress2;
+    gzfread;
+    gzfwrite;
+    deflateGetDictionary;
+    adler32_z;
+    crc32_z;
+} ZLIB_1.2.7.1;
+
+ZLIB_1.2.12 {
+	crc32_combine_gen;
+	crc32_combine_gen64;
+	crc32_combine_op;
+} ZLIB_1.2.9;
diff --git a/deps/zlib/zutil.h b/deps/zlib/zutil.h
index 2e2f57665bba81..045a35a4f55522 100644
--- a/deps/zlib/zutil.h
+++ b/deps/zlib/zutil.h
@@ -1,5 +1,5 @@
 /* zutil.h -- internal interface and configuration of the compression library
- * Copyright (C) 1995-2022 Jean-loup Gailly, Mark Adler
+ * Copyright (C) 1995-2024 Jean-loup Gailly, Mark Adler
  * For conditions of distribution and use, see copyright notice in zlib.h
  */
 
@@ -71,7 +71,7 @@ typedef unsigned long  ulg;
 extern z_const char * const z_errmsg[10]; /* indexed by 2-zlib_error */
 /* (size given to avoid silly warnings with Visual C++) */
 
-#define ERR_MSG(err) z_errmsg[Z_NEED_DICT-(err)]
+#define ERR_MSG(err) z_errmsg[(err) < -6 || (err) > 2 ? 9 : 2 - (err)]
 
 #define ERR_RETURN(strm,err) \
   return (strm->msg = ERR_MSG(err), (err))
diff --git a/src/zlib_version.h b/src/zlib_version.h
index 7d0fae9137f694..67856b28ad6146 100644
--- a/src/zlib_version.h
+++ b/src/zlib_version.h
@@ -2,5 +2,5 @@
 // Refer to tools/dep_updaters/update-zlib.sh
 #ifndef SRC_ZLIB_VERSION_H_
 #define SRC_ZLIB_VERSION_H_
-#define ZLIB_VERSION "1.3.0.1-motley-780819f"
+#define ZLIB_VERSION "1.3.1-470d3a2"
 #endif  // SRC_ZLIB_VERSION_H_

From 28e33acf30afa6cdb040e58a638cfd34ea5d512f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 23 Feb 2025 01:45:37 +0100
Subject: [PATCH 020/138] meta: bump `step-security/harden-runner` from 2.10.2
 to 2.10.4

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.2 to 2.10.4.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/0080882f6c36860b6ba35c610c98ce87d4e2f26f...cb605e52c26070c328afc4562f0b4ada7618a84e)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/56863
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 75c67cc238dbc3..e8983e42cfdd2d 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -33,7 +33,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f  # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e  # v2.10.4
         with:
           egress-policy: audit  # TODO: change to 'egress-policy: block' after couple of runs
 

From 5361bb9157ce3533e38b14f60dce457cd5357d05 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 3 Mar 2025 18:15:26 +0000
Subject: [PATCH 021/138] meta: bump step-security/harden-runner from 2.10.4 to
 2.11.0

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.4 to 2.11.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/cb605e52c26070c328afc4562f0b4ada7618a84e...4d991eb9b905ef189e4c376166672c3f2f230481)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57258
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index e8983e42cfdd2d..b2e1b893e81960 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -33,7 +33,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e  # v2.10.4
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481  # v2.11.0
         with:
           egress-policy: audit  # TODO: change to 'egress-policy: block' after couple of runs
 

From b4c4c024907932806b2853bacf535139b2f6cf52 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 7 Jun 2025 08:56:47 +0000
Subject: [PATCH 022/138] meta: bump step-security/harden-runner from 2.11.0 to
 2.12.0

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...0634a2670c59f64b4a01f0f96f84700a4088b9f0)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58109
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index b2e1b893e81960..d7e898882c1e60 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -33,7 +33,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481  # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0  # v2.12.0
         with:
           egress-policy: audit  # TODO: change to 'egress-policy: block' after couple of runs
 

From 99a271e588def2c670e582aa1eddaab8516476bb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 4 Jul 2025 12:33:36 +0000
Subject: [PATCH 023/138] meta: bump step-security/harden-runner from 2.12.0 to
 2.12.2

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.0 to 2.12.2.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.12.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58923
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index d7e898882c1e60..5425a7ab6c6669 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -33,7 +33,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0  # v2.12.0
+        uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49  # v2.12.2
         with:
           egress-policy: audit  # TODO: change to 'egress-policy: block' after couple of runs
 

From 72ea8aac3406e5220ca9e37e805af97379476202 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 23 Feb 2025 01:42:45 +0100
Subject: [PATCH 024/138] meta: bump `github/codeql-action` from 3.27.5 to
 3.28.8

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.5 to 3.28.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/f09c1c0a94de965c15400f5634aa42fac8fb8f88...dd746615b3b9d728a6a37ca2045b68ca76d4841a)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/56859
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 5425a7ab6c6669..81f7c20ef40495 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -73,6 +73,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88  # v3.27.5
+        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a  # v3.28.8
         with:
           sarif_file: results.sarif

From 01415153de5f49e1fb07bad9d6c611eef8ca96f0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 8 Mar 2025 15:55:29 +0000
Subject: [PATCH 025/138] meta: bump github/codeql-action from 3.28.8 to
 3.28.10

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.8 to 3.28.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/dd746615b3b9d728a6a37ca2045b68ca76d4841a...b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57254
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 81f7c20ef40495..c8ba515944e792 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -73,6 +73,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a  # v3.28.8
+        uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d  # v3.28.10
         with:
           sarif_file: results.sarif

From 091e5c1bb98ad7774afc13abf9a666a0a0c79fef Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 3 Apr 2025 18:41:19 +0000
Subject: [PATCH 026/138] meta: bump github/codeql-action from 3.28.10 to
 3.28.13
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.10 to 3.28.13.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d...1b549b9259bda1cb5ddde3b41741a82a2d15a841)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57716
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index c8ba515944e792..71eff657263481 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -73,6 +73,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d  # v3.28.10
+        uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841  # v3.28.13
         with:
           sarif_file: results.sarif

From 889654eb2c0223d22a2be6c468ff0aee013ea303 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 25 May 2025 18:23:52 +0000
Subject: [PATCH 027/138] meta: bump github/codeql-action from 3.28.11 to
 3.28.16
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.11 to 3.28.16.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3.28.11...28deaeda66b76a05916b6923827895f2b14ab387)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58112
Reviewed-By: Michaël Zasso <targos@protonmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 71eff657263481..68beb71e8465f7 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -73,6 +73,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841  # v3.28.13
+        uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387  # v3.28.16
         with:
           sarif_file: results.sarif

From 4ef09990f1cad70f77eec0d830fbf90938d7d03d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 7 Jun 2025 09:07:04 +0000
Subject: [PATCH 028/138] meta: bump github/codeql-action from 3.28.16 to
 3.28.18
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.16 to 3.28.18.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/28deaeda66b76a05916b6923827895f2b14ab387...ff0a06e83cb2de871e5a09832bc6a81e7276941f)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58552
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 68beb71e8465f7..a22715ce8c7e62 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -73,6 +73,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387  # v3.28.16
+        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f  # v3.28.18
         with:
           sarif_file: results.sarif

From c12aae1e7828a2958bf51e7fe55c4eacf6b1a5df Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 4 Jul 2025 12:33:28 +0000
Subject: [PATCH 029/138] meta: bump github/codeql-action from 3.28.18 to
 3.29.2

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.18 to 3.29.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/ff0a06e83cb2de871e5a09832bc6a81e7276941f...181d5eefc20863364f96762470ba6f862bdef56b)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58922
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index a22715ce8c7e62..c953efd58eee0a 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -73,6 +73,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f  # v3.28.18
+        uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b  # v3.29.2
         with:
           sarif_file: results.sarif

From 2a0175c291bfe3c91aa6b4b03d58ab9a9ee0f991 Mon Sep 17 00:00:00 2001
From: Chengzhong Wu <cwu631@bloomberg.net>
Date: Wed, 29 Jan 2025 10:36:17 +0000
Subject: [PATCH 030/138] meta: add @nodejs/url as codeowner
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/56783
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
---
 .github/CODEOWNERS | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index bbb1fd0adc5729..15936e05aa9b89 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -35,7 +35,6 @@
 
 # net
 
-/deps/ada @nodejs/url
 /deps/cares @nodejs/net
 /doc/api/dgram.md @nodejs/net
 /doc/api/dns.md @nodejs/net
@@ -47,14 +46,11 @@
 /lib/internal/js_stream_socket.js @nodejs/net
 /lib/internal/net.js @nodejs/net
 /lib/internal/socket_list.js @nodejs/net
-/lib/internal/url.js @nodejs/url
 /lib/net.js @nodejs/net
-/lib/url.js @nodejs/url
 /src/cares_wrap.cc @nodejs/net
 /src/connect_wrap.* @nodejs/net
 /src/connection_wrap.* @nodejs/net
 /src/node_sockaddr* @nodejs/net
-/src/node_url.* @nodejs/url
 /src/tcp_wrap.* @nodejs/net
 /src/udp_wrap.* @nodejs/net
 
@@ -186,3 +182,10 @@
 /lib/internal/navigator.js @nodejs/web-standards
 /test/fixtures/wpt/ @nodejs/web-standards
 /test/wpt/ @nodejs/web-standards
+
+# URL
+/deps/ada @nodejs/url
+/lib/internal/url.js @nodejs/url
+/lib/url.js @nodejs/url
+/src/node_url.* @nodejs/url
+/test/fixtures/wpt/url @nodejs/url

From 89c37891a004834bb90246a62d979424ac6bc912 Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Wed, 5 Feb 2025 04:32:05 -0500
Subject: [PATCH 031/138] meta: move one or more collaborators to emeritus

PR-URL: https://github.com/nodejs/node/pull/56889
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 README.md | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 4c8aff04743c3b..116b169c71f8fa 100644
--- a/README.md
+++ b/README.md
@@ -369,8 +369,6 @@ For information about the governance of the Node.js project, see
   **Minwoo Jung** <<nodecorelab@gmail.com>> (he/him)
 * [KhafraDev](https://github.com/KhafraDev) -
   **Matthew Aitken** <<maitken033380023@gmail.com>> (he/him)
-* [kvakil](https://github.com/kvakil) -
-  **Keyhan Vakil** <<kvakil@sylph.kvakil.me>>
 * [legendecas](https://github.com/legendecas) -
   **Chengzhong Wu** <<legendecas@gmail.com>> (he/him)
 * [lemire](https://github.com/lemire) -
@@ -581,6 +579,8 @@ For information about the governance of the Node.js project, see
   **Kunal Pathak** <<kunal.pathak@microsoft.com>>
 * [kuriyosh](https://github.com/kuriyosh) -
   **Yoshiki Kurihara** <<yosyos0306@gmail.com>> (he/him)
+* [kvakil](https://github.com/kvakil) -
+  **Keyhan Vakil** <<kvakil@sylph.kvakil.me>>
 * [lance](https://github.com/lance) -
   **Lance Ball** <<lball@redhat.com>> (he/him)
 * [Leko](https://github.com/Leko) -
@@ -753,8 +753,6 @@ maintaining the Node.js project.
   **Frank Qiu** <<iam.frankqiu@gmail.com>> (he/him)
 * [KevinEady](https://github.com/KevinEady) -
   **Kevin Eady** <<kevin.c.eady@gmail.com>> (he/him)
-* [kvakil](https://github.com/kvakil) -
-  **Keyhan Vakil** <<kvakil@sylph.kvakil.me>>
 * [marsonya](https://github.com/marsonya) -
   **Akhil Marsonya** <<akhil.marsonya27@gmail.com>> (he/him)
 * [meixg](https://github.com/meixg) -

From 5462c257f81cd496cff7a76e8353c3644ce1bdde Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 8 Feb 2025 10:40:23 +0100
Subject: [PATCH 032/138] meta: bump `actions/setup-node` from 4.1.0 to 4.2.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/56868
Refs: https://github.com/actions/setup-node/commit/1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/auto-start-ci.yml               | 2 +-
 .github/workflows/commit-lint.yml                 | 2 +-
 .github/workflows/commit-queue.yml                | 2 +-
 .github/workflows/create-release-proposal.yml     | 2 +-
 .github/workflows/daily-wpt-fyi.yml               | 2 +-
 .github/workflows/daily.yml                       | 2 +-
 .github/workflows/doc.yml                         | 2 +-
 .github/workflows/find-inactive-collaborators.yml | 2 +-
 .github/workflows/find-inactive-tsc.yml           | 2 +-
 .github/workflows/linters.yml                     | 6 +++---
 .github/workflows/update-v8.yml                   | 2 +-
 .github/workflows/update-wpt.yml                  | 2 +-
 12 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/auto-start-ci.yml b/.github/workflows/auto-start-ci.yml
index 3703a28abbc231..af001e7c2170e0 100644
--- a/.github/workflows/auto-start-ci.yml
+++ b/.github/workflows/auto-start-ci.yml
@@ -50,7 +50,7 @@ jobs:
           persist-credentials: false
 
       - name: Install Node.js
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/commit-lint.yml b/.github/workflows/commit-lint.yml
index 1eb5622358ed7d..f6033f671e016f 100644
--- a/.github/workflows/commit-lint.yml
+++ b/.github/workflows/commit-lint.yml
@@ -23,7 +23,7 @@ jobs:
           persist-credentials: false
       - run: git reset HEAD^2
       - name: Install Node.js
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Validate commit message
diff --git a/.github/workflows/commit-queue.yml b/.github/workflows/commit-queue.yml
index 0317e17e6605f4..58b0fac64f6472 100644
--- a/.github/workflows/commit-queue.yml
+++ b/.github/workflows/commit-queue.yml
@@ -72,7 +72,7 @@ jobs:
 
       # Install dependencies
       - name: Install Node.js
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Install @node-core/utils
diff --git a/.github/workflows/create-release-proposal.yml b/.github/workflows/create-release-proposal.yml
index 0b580eab81ac76..d3491a031ad8dd 100644
--- a/.github/workflows/create-release-proposal.yml
+++ b/.github/workflows/create-release-proposal.yml
@@ -40,7 +40,7 @@ jobs:
 
       # Install dependencies
       - name: Install Node.js
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/daily-wpt-fyi.yml b/.github/workflows/daily-wpt-fyi.yml
index ebac102f63e115..b1ecc43c1b0a16 100644
--- a/.github/workflows/daily-wpt-fyi.yml
+++ b/.github/workflows/daily-wpt-fyi.yml
@@ -51,7 +51,7 @@ jobs:
         run: echo "NIGHTLY=$(curl -s https://nodejs.org/download/nightly/index.json | jq -r '[.[] | select(.files[] | contains("linux-x64"))][0].version')" >> $GITHUB_ENV
       - name: Install Node.js
         id: setup-node
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NIGHTLY || matrix.node-version }}
           check-latest: true
diff --git a/.github/workflows/daily.yml b/.github/workflows/daily.yml
index e929e8168b0e66..8bb36fd6c6667c 100644
--- a/.github/workflows/daily.yml
+++ b/.github/workflows/daily.yml
@@ -19,7 +19,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
index 6bf6254abf3555..746a9929688d01 100644
--- a/.github/workflows/doc.yml
+++ b/.github/workflows/doc.yml
@@ -28,7 +28,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/find-inactive-collaborators.yml b/.github/workflows/find-inactive-collaborators.yml
index 30ae63ee115be8..7172e4581d30b7 100644
--- a/.github/workflows/find-inactive-collaborators.yml
+++ b/.github/workflows/find-inactive-collaborators.yml
@@ -25,7 +25,7 @@ jobs:
           persist-credentials: false
 
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/find-inactive-tsc.yml b/.github/workflows/find-inactive-tsc.yml
index 85c16ad0648fca..9007b1f5bf200f 100644
--- a/.github/workflows/find-inactive-tsc.yml
+++ b/.github/workflows/find-inactive-tsc.yml
@@ -34,7 +34,7 @@ jobs:
           repository: nodejs/TSC
 
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index 0149bace5b8e23..efa165b2b75388 100644
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -29,7 +29,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
@@ -60,7 +60,7 @@ jobs:
           fetch-depth: 0
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Set up Python ${{ env.PYTHON_VERSION }}
@@ -97,7 +97,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml
index 2d28ae5d602099..ac6ab28172faea 100644
--- a/.github/workflows/update-v8.yml
+++ b/.github/workflows/update-v8.yml
@@ -30,7 +30,7 @@ jobs:
             ~/.npm
           key: ${{ runner.os }}-build-${{ env.cache-name }}
       - name: Install Node.js
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Install @node-core/utils
diff --git a/.github/workflows/update-wpt.yml b/.github/workflows/update-wpt.yml
index 72ec030e9d645a..aaa3c3c978e479 100644
--- a/.github/workflows/update-wpt.yml
+++ b/.github/workflows/update-wpt.yml
@@ -32,7 +32,7 @@ jobs:
           persist-credentials: false
 
       - name: Install Node.js
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
+        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 

From e8beaaaedff8edad44fc95250eb5cd66a304c851 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 10 Feb 2025 16:24:21 +0100
Subject: [PATCH 033/138] meta: bump `actions/upload-artifact` from 4.4.3 to
 4.6.0

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/56861
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 .github/workflows/daily-wpt-fyi.yml | 2 +-
 .github/workflows/doc.yml           | 2 +-
 .github/workflows/scorecard.yml     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/daily-wpt-fyi.yml b/.github/workflows/daily-wpt-fyi.yml
index b1ecc43c1b0a16..c90aac58315832 100644
--- a/.github/workflows/daily-wpt-fyi.yml
+++ b/.github/workflows/daily-wpt-fyi.yml
@@ -127,7 +127,7 @@ jobs:
         run: cp wptreport.json wptreport-${{ steps.setup-node.outputs.node-version }}.json
       - name: Upload GitHub Actions artifact
         if: ${{ env.WPT_REPORT != '' }}
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882  # v4.4.3
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08  # v4.6.0
         with:
           path: out/wpt/wptreport-*.json
           name: WPT Report for ${{ steps.setup-node.outputs.node-version }}
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
index 746a9929688d01..65d4d5d1221dec 100644
--- a/.github/workflows/doc.yml
+++ b/.github/workflows/doc.yml
@@ -35,7 +35,7 @@ jobs:
         run: npx envinfo
       - name: Build
         run: NODE=$(command -v node) make doc-only
-      - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882  # v4.4.3
+      - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08  # v4.6.0
         with:
           name: docs
           path: out/doc
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index c953efd58eee0a..ddf8df9a252c67 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -65,7 +65,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: Upload artifact
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882  # v4.4.3
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08  # v4.6.0
         with:
           name: SARIF file
           path: results.sarif

From ecf4252f7c1e2e2875bc7453c93fc45e5ed87afd Mon Sep 17 00:00:00 2001
From: Jan Olaf Martin <jan.krems@gmail.com>
Date: Thu, 13 Feb 2025 08:47:52 -0800
Subject: [PATCH 034/138] meta: update last name for jkrems
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Also adds current work email to mailmap.

PR-URL: https://github.com/nodejs/node/pull/57006
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Jordan Harband <ljharb@gmail.com>
Reviewed-By: Jason Zhang <xzha4350@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
---
 .mailmap  | 3 ++-
 README.md | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.mailmap b/.mailmap
index c197dd83e271a0..a060a422d49cce 100644
--- a/.mailmap
+++ b/.mailmap
@@ -240,7 +240,8 @@ James Ide <ide@jameside.com> <ide@users.noreply.github.com>
 James M Snell <jasnell@gmail.com>
 James Nimlos <james@nimlos.com>
 James Sumners <james@sumners.email> <james.sumners@gmail.com>
-Jan Krems <jan.krems@gmail.com> <jan.krems@groupon.com>
+Jan Martin <jan.krems@gmail.com>
+Jan Martin <jan.krems@gmail.com> <jankrems@google.com>
 Jem Bezooyen <github@jem.dev> <jem@hipmedia.ca>
 Jem Bezooyen <github@jem.dev> <jem@sendwithus.com>
 Jenna Vuong <jennavuong@gmail.com> <hello@jennavuong.com>
diff --git a/README.md b/README.md
index 116b169c71f8fa..c7b103c83d15bd 100644
--- a/README.md
+++ b/README.md
@@ -360,7 +360,7 @@ For information about the governance of the Node.js project, see
 * [jazelly](https://github.com/jazelly) -
   **Jason Zhang** <<xzha4350@gmail.com>> (he/him)
 * [jkrems](https://github.com/jkrems) -
-  **Jan Krems** <<jan.krems@gmail.com>> (he/him)
+  **Jan Martin** <<jan.krems@gmail.com>> (he/him)
 * [joyeecheung](https://github.com/joyeecheung) -
   **Joyee Cheung** <<joyeec9h3@gmail.com>> (she/her)
 * [juanarbol](https://github.com/juanarbol) -

From 9cac93d9c38f3be7e8501f34c9a78ae7f684b1ef Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 23 Feb 2025 01:43:52 +0100
Subject: [PATCH 035/138] meta: bump `actions/stale` from 9.0.0 to 9.1.0

Bumps [actions/stale](https://github.com/actions/stale) from 9.0.0 to 9.1.0.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/28ca1036281a5e5922ead5184a1bbf96e5fc984e...5bef64f19d7facfb25b37b414482c7164d639639)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/56860
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/close-stale-feature-requests.yml | 2 +-
 .github/workflows/close-stalled.yml                | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/close-stale-feature-requests.yml b/.github/workflows/close-stale-feature-requests.yml
index 301dbff620c602..17bac3b83f50d9 100644
--- a/.github/workflows/close-stale-feature-requests.yml
+++ b/.github/workflows/close-stale-feature-requests.yml
@@ -41,7 +41,7 @@ jobs:
     if: github.repository == 'nodejs/node'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e  # v9.0.0
+      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639  # v9.1.0
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           days-before-stale: 180
diff --git a/.github/workflows/close-stalled.yml b/.github/workflows/close-stalled.yml
index 7ece19e2e2d6b2..6bf526baf01034 100644
--- a/.github/workflows/close-stalled.yml
+++ b/.github/workflows/close-stalled.yml
@@ -20,7 +20,7 @@ jobs:
     if: github.repository == 'nodejs/node'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e  # v9.0.0
+      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639  # v9.1.0
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           days-before-close: 30

From 52e518444d0f39049bf0e9406076248f440f1130 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 23 Feb 2025 01:44:47 +0100
Subject: [PATCH 036/138] meta: bump `actions/cache` from 4.1.2 to 4.2.0

Bumps [actions/cache](https://github.com/actions/cache) from 4.1.2 to 4.2.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/6849a6489940f00c2f30c0fb92c6274307ccb58a...1bd1e32a3bdc45362d1e726936510720a7c30a57)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/56862
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
---
 .github/workflows/update-v8.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml
index ac6ab28172faea..33b31ab1e9d619 100644
--- a/.github/workflows/update-v8.yml
+++ b/.github/workflows/update-v8.yml
@@ -20,7 +20,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Cache node modules and update-v8
-        uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a  # v4.1.2
+        uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57  # v4.2.0
         id: cache-v8-npm
         env:
           cache-name: cache-v8-npm

From 56decfe2d1acd944a9a683baac88c61b7350a6cd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 23 Feb 2025 01:46:35 +0100
Subject: [PATCH 037/138] meta: bump `codecov/codecov-action` from 5.0.7 to
 5.3.1

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.0.7 to 5.3.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/015f24e6818733317a2da2edd6290ab26238649a...13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/56864
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/coverage-windows.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/coverage-windows.yml b/.github/workflows/coverage-windows.yml
index fada006e321520..8b4aeb08c22535 100644
--- a/.github/workflows/coverage-windows.yml
+++ b/.github/workflows/coverage-windows.yml
@@ -71,6 +71,6 @@ jobs:
       - name: Clean tmp
         run: npx rimraf ./coverage/tmp
       - name: Upload
-        uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a  # v5.0.7
+        uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3  # v5.3.1
         with:
           directory: ./coverage

From d3c5ad7510bd5ed93b1d6c46c9a00940e419e00c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 23 Feb 2025 01:48:33 +0100
Subject: [PATCH 038/138] meta: bump `peter-evans/create-pull-request` from
 7.0.5 to 7.0.6
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.5 to 7.0.6.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/5e914681df9dc83aa4e4905692ca88beb2f9e91f...67ccf781d68cd99b580ae25a5c18a1cc84ffff1f)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/56866
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
---
 .github/workflows/tools.yml     | 2 +-
 .github/workflows/update-v8.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/tools.yml b/.github/workflows/tools.yml
index c4bf9d16151299..ca9bbc16fa6e7b 100644
--- a/.github/workflows/tools.yml
+++ b/.github/workflows/tools.yml
@@ -309,7 +309,7 @@ jobs:
         if: env.COMMIT_MSG == '' && (github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id)
         run: |
           echo "COMMIT_MSG=${{ matrix.subsystem }}: update ${{ matrix.id }} to ${{ env.NEW_VERSION }}" >> "$GITHUB_ENV"
-      - uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f  # v7.0.5
+      - uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f  # v7.0.6
         if: github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml
index 33b31ab1e9d619..dd031535f815df 100644
--- a/.github/workflows/update-v8.yml
+++ b/.github/workflows/update-v8.yml
@@ -45,7 +45,7 @@ jobs:
             cat temp-output
             tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true
             rm temp-output
-      - uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f  # v7.0.5
+      - uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f  # v7.0.6
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
         with:

From e949359a567a71c170405de01f9791ce5a119f96 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 23 Feb 2025 01:49:29 +0100
Subject: [PATCH 039/138] meta: bump `actions/setup-python` from 5.3.0 to 5.4.0

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/0b93645e9fea7318ecaed2b359559ac225c90a2b...42375524e23c412d93fb67b49958b491fce71c38)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/56867
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/coverage-windows.yml | 2 +-
 .github/workflows/daily-wpt-fyi.yml    | 2 +-
 .github/workflows/linters.yml          | 8 ++++----
 .github/workflows/test-internet.yml    | 2 +-
 .github/workflows/test-macos.yml       | 2 +-
 .github/workflows/tools.yml            | 2 +-
 6 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/coverage-windows.yml b/.github/workflows/coverage-windows.yml
index 8b4aeb08c22535..8aa925fd4f727a 100644
--- a/.github/workflows/coverage-windows.yml
+++ b/.github/workflows/coverage-windows.yml
@@ -49,7 +49,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Install deps
diff --git a/.github/workflows/daily-wpt-fyi.yml b/.github/workflows/daily-wpt-fyi.yml
index c90aac58315832..7074b7120c24cf 100644
--- a/.github/workflows/daily-wpt-fyi.yml
+++ b/.github/workflows/daily-wpt-fyi.yml
@@ -39,7 +39,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index efa165b2b75388..21e3c6d609e4b1 100644
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -44,7 +44,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
@@ -64,7 +64,7 @@ jobs:
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
@@ -122,7 +122,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
@@ -139,7 +139,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/test-internet.yml b/.github/workflows/test-internet.yml
index eced01cfbdaa0e..7c3060e4d58d39 100644
--- a/.github/workflows/test-internet.yml
+++ b/.github/workflows/test-internet.yml
@@ -48,7 +48,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/test-macos.yml b/.github/workflows/test-macos.yml
index 285d67bdb8580d..21e6233bf541ef 100644
--- a/.github/workflows/test-macos.yml
+++ b/.github/workflows/test-macos.yml
@@ -52,7 +52,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Set up sccache
diff --git a/.github/workflows/tools.yml b/.github/workflows/tools.yml
index ca9bbc16fa6e7b..f2ee685cade9b6 100644
--- a/.github/workflows/tools.yml
+++ b/.github/workflows/tools.yml
@@ -298,7 +298,7 @@ jobs:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
         if: matrix.id == 'icu' && (github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id)
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - run: ${{ matrix.run }}

From 5f5bb8b986070c9771c6c7f83c5221c755d71a0e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 3 Mar 2025 18:15:09 +0000
Subject: [PATCH 040/138] meta: bump actions/upload-artifact from 4.6.0 to
 4.6.1

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.0 to 4.6.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08...4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57255
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 .github/workflows/daily-wpt-fyi.yml | 2 +-
 .github/workflows/doc.yml           | 2 +-
 .github/workflows/scorecard.yml     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/daily-wpt-fyi.yml b/.github/workflows/daily-wpt-fyi.yml
index 7074b7120c24cf..795b85f6a18943 100644
--- a/.github/workflows/daily-wpt-fyi.yml
+++ b/.github/workflows/daily-wpt-fyi.yml
@@ -127,7 +127,7 @@ jobs:
         run: cp wptreport.json wptreport-${{ steps.setup-node.outputs.node-version }}.json
       - name: Upload GitHub Actions artifact
         if: ${{ env.WPT_REPORT != '' }}
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08  # v4.6.0
+        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1  # v4.6.1
         with:
           path: out/wpt/wptreport-*.json
           name: WPT Report for ${{ steps.setup-node.outputs.node-version }}
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
index 65d4d5d1221dec..18e0f952871644 100644
--- a/.github/workflows/doc.yml
+++ b/.github/workflows/doc.yml
@@ -35,7 +35,7 @@ jobs:
         run: npx envinfo
       - name: Build
         run: NODE=$(command -v node) make doc-only
-      - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08  # v4.6.0
+      - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1  # v4.6.1
         with:
           name: docs
           path: out/doc
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index ddf8df9a252c67..2e3f85b3fb2c7f 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -65,7 +65,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: Upload artifact
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08  # v4.6.0
+        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1  # v4.6.1
         with:
           name: SARIF file
           path: results.sarif

From 4fad2b875865182d74a0b918c82482139391ad80 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 3 Mar 2025 18:15:17 +0000
Subject: [PATCH 041/138] meta: bump actions/cache from 4.2.0 to 4.2.2

Bumps [actions/cache](https://github.com/actions/cache) from 4.2.0 to 4.2.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/1bd1e32a3bdc45362d1e726936510720a7c30a57...d4323d4df104b026a6aa633fdb11d772146be0bf)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57256
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 .github/workflows/update-v8.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml
index dd031535f815df..11a295bc961b58 100644
--- a/.github/workflows/update-v8.yml
+++ b/.github/workflows/update-v8.yml
@@ -20,7 +20,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Cache node modules and update-v8
-        uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57  # v4.2.0
+        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf  # v4.2.2
         id: cache-v8-npm
         env:
           cache-name: cache-v8-npm

From cc2abb5d17df08f28de4ee75025620c5633fb3ef Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 3 Mar 2025 18:15:38 +0000
Subject: [PATCH 042/138] meta: bump peter-evans/create-pull-request from 7.0.6
 to 7.0.7

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.6 to 7.0.7.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/67ccf781d68cd99b580ae25a5c18a1cc84ffff1f...dd2324fc52d5d43c699a5636bcf19fceaa70c284)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57259
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
---
 .github/workflows/tools.yml     | 2 +-
 .github/workflows/update-v8.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/tools.yml b/.github/workflows/tools.yml
index f2ee685cade9b6..bf6e59c2b6a934 100644
--- a/.github/workflows/tools.yml
+++ b/.github/workflows/tools.yml
@@ -309,7 +309,7 @@ jobs:
         if: env.COMMIT_MSG == '' && (github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id)
         run: |
           echo "COMMIT_MSG=${{ matrix.subsystem }}: update ${{ matrix.id }} to ${{ env.NEW_VERSION }}" >> "$GITHUB_ENV"
-      - uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f  # v7.0.6
+      - uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284  # v7.0.7
         if: github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml
index 11a295bc961b58..5303466688bf33 100644
--- a/.github/workflows/update-v8.yml
+++ b/.github/workflows/update-v8.yml
@@ -45,7 +45,7 @@ jobs:
             cat temp-output
             tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true
             rm temp-output
-      - uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f  # v7.0.6
+      - uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284  # v7.0.7
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
         with:

From 8d4ec412b9bc6a4289f9bd3d8084b90891728f14 Mon Sep 17 00:00:00 2001
From: Darshan Sen <raisinten@gmail.com>
Date: Fri, 7 Mar 2025 20:22:43 +0530
Subject: [PATCH 043/138] meta: move RaisinTen back to collaborators, triagers
 and SEA champion
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Refs: https://github.com/nodejs/TSC/issues/1690
Signed-off-by: Darshan Sen <raisinten@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/57292
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Jordan Harband <ljharb@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
---
 README.md                                 | 6 ++++--
 doc/contributing/strategic-initiatives.md | 3 ++-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index c7b103c83d15bd..b88a046073963d 100644
--- a/README.md
+++ b/README.md
@@ -415,6 +415,8 @@ For information about the governance of the Node.js project, see
   **Stephen Belanger** <<admin@stephenbelanger.com>> (he/him)
 * [RafaelGSS](https://github.com/RafaelGSS) -
   **Rafael Gonzaga** <<rafael.nunu@hotmail.com>> (he/him)
+* [RaisinTen](https://github.com/RaisinTen) -
+  **Darshan Sen** <<raisinten@gmail.com>> (he/him) - [Support me](https://github.com/sponsors/RaisinTen)
 * [richardlau](https://github.com/richardlau) -
   **Richard Lau** <<rlau@redhat.com>>
 * [rluvaton](https://github.com/rluvaton) -
@@ -645,8 +647,6 @@ For information about the governance of the Node.js project, see
   **Peter Marshall** <<petermarshall@chromium.org>> (he/him)
 * [puzpuzpuz](https://github.com/puzpuzpuz) -
   **Andrey Pechkurov** <<apechkurov@gmail.com>> (he/him)
-* [RaisinTen](https://github.com/RaisinTen) -
-  **Darshan Sen** <<raisinten@gmail.com>> (he/him)
 * [refack](https://github.com/refack) -
   **Refael Ackermann (רפאל פלחי)** <<refack@gmail.com>> (he/him/הוא/אתה)
 * [rexagod](https://github.com/rexagod) -
@@ -761,6 +761,8 @@ maintaining the Node.js project.
   **Mert Can Altin** <<mertgold60@gmail.com>>
 * [preveen-stack](https://github.com/preveen-stack) -
   **Preveen Padmanabhan** <<wide4head@gmail.com>> (he/him)
+* [RaisinTen](https://github.com/RaisinTen) -
+  **Darshan Sen** <<raisinten@gmail.com>> (he/him)
 * [RedYetiDev](https://github.com/redyetidev) -
   **Aviv Keller** <<redyetidev@gmail.com>> (they/them)
 * [VoltrexKeyva](https://github.com/VoltrexKeyva) -
diff --git a/doc/contributing/strategic-initiatives.md b/doc/contributing/strategic-initiatives.md
index 5af550441db29a..0799a6958a9b40 100644
--- a/doc/contributing/strategic-initiatives.md
+++ b/doc/contributing/strategic-initiatives.md
@@ -14,7 +14,7 @@ agenda to ensure they are active and have the support they need.
 | Startup Snapshot       | [Joyee Cheung][joyeecheung]      | <https://github.com/nodejs/node/issues/35711>     |
 | V8 Currency            | [Michaël Zasso][targos]          |                                                   |
 | Next-10                | [Michael Dawson][mhdawson]       | <https://github.com/nodejs/next-10>               |
-| Single executable apps |                                  | <https://github.com/nodejs/node/issues/43432>     |
+| Single executable apps | [Darshan Sen][RaisinTen]         | <https://github.com/nodejs/single-executable>     |
 | Performance            |                                  | <https://github.com/nodejs/performance>           |
 | Primordials            | [Benjamin Gruenbaum][benjamingr] | <https://github.com/nodejs/primordials-use-cases> |
 
@@ -39,6 +39,7 @@ agenda to ensure they are active and have the support they need.
 
 </details>
 
+[RaisinTen]: https://github.com/RaisinTen
 [aduh95]: https://github.com/aduh95
 [benjamingr]: https://github.com/benjamingr
 [jasnell]: https://github.com/jasnell

From 7e1ff7b332fdebd7a32cd24c39ca6ecef122d667 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 8 Mar 2025 15:55:20 +0000
Subject: [PATCH 044/138] meta: bump ossf/scorecard-action from 2.4.0 to 2.4.1

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](https://github.com/ossf/scorecard-action/compare/62b2cac7ed8198b15735ed49ab1e5cf35480ba46...f49aabe0b5af0936a0987cfb85d86b75731b0186)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57253
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 2e3f85b3fb2c7f..a17630bba01a0b 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -43,7 +43,7 @@ jobs:
           persist-credentials: false
 
       - name: Run analysis
-        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46  # v2.4.0
+        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186  # v2.4.1
         with:
           results_file: results.sarif
           results_format: sarif

From 3f981b8537b763a514cff982d9075f1af3000b36 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 8 Mar 2025 15:55:45 +0000
Subject: [PATCH 045/138] meta: bump codecov/codecov-action from 5.3.1 to 5.4.0

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.3.1 to 5.4.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3...0565863a31f2c772f9f0395002a31e3f06189574)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57257
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/coverage-windows.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/coverage-windows.yml b/.github/workflows/coverage-windows.yml
index 8aa925fd4f727a..2607848e47b4bc 100644
--- a/.github/workflows/coverage-windows.yml
+++ b/.github/workflows/coverage-windows.yml
@@ -71,6 +71,6 @@ jobs:
       - name: Clean tmp
         run: npx rimraf ./coverage/tmp
       - name: Upload
-        uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3  # v5.3.1
+        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574  # v5.4.0
         with:
           directory: ./coverage

From 704562fb7abd3536f2ee7e008c317d961995eee5 Mon Sep 17 00:00:00 2001
From: "Claudio W." <cwunder@gnome.org>
Date: Fri, 14 Mar 2025 08:07:25 +0000
Subject: [PATCH 046/138] meta: move ovflowd to emeritus

PR-URL: https://github.com/nodejs/node/pull/57443
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index b88a046073963d..3f4b2d8d1b4c04 100644
--- a/README.md
+++ b/README.md
@@ -403,8 +403,6 @@ For information about the governance of the Node.js project, see
   **Moshe Atlow** <<moshe@atlow.co.il>> (he/him)
 * [MrJithil](https://github.com/MrJithil) -
   **Jithil P Ponnan** <<jithil@outlook.com>> (he/him)
-* [ovflowd](https://github.com/ovflowd) -
-  **Claudio Wunder** <<cwunder@gnome.org>> (he/they)
 * [panva](https://github.com/panva) -
   **Filip Skokan** <<panva.ip@gmail.com>> (he/him)
 * [pimterry](https://github.com/pimterry) -
@@ -629,6 +627,8 @@ For information about the governance of the Node.js project, see
   **Alexis Campailla** <<orangemocha@nodejs.org>>
 * [othiym23](https://github.com/othiym23) -
   **Forrest L Norvell** <<ogd@aoaioxxysz.net>> (they/them/themself)
+* [ovflowd](https://github.com/ovflowd) -
+  **Claudio Wunder** <<cwunder@gnome.org>> (he/they)
 * [oyyd](https://github.com/oyyd) -
   **Ouyang Yadong** <<oyydoibh@gmail.com>> (he/him)
 * [petkaantonov](https://github.com/petkaantonov) -

From d10949b7d8355f4b459116bd47dbd15a0a73d4d4 Mon Sep 17 00:00:00 2001
From: Antoine du Hamel <duhamelantoine1995@gmail.com>
Date: Wed, 19 Mar 2025 21:06:12 +0100
Subject: [PATCH 047/138] meta: edit collaborator nomination process
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- recommend more strongly a private discussion prior to a public one.
- add requirement for the nominee to publicly accept the nomination.
- move recommendation for heads up comment from "How to review
  nominations" section to "Nominating new Collaborator" section.

PR-URL: https://github.com/nodejs/node/pull/57483
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Jake Yuesong Li <jake.yuesong@gmail.com>
Reviewed-By: Jordan Harband <ljharb@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Jacob Smith <jacob@frende.me>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: LiviaMedeiros <livia@cirno.name>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
---
 GOVERNANCE.md | 64 ++++++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 51 insertions(+), 13 deletions(-)

diff --git a/GOVERNANCE.md b/GOVERNANCE.md
index f898396952a7d2..cc4dc06a52d506 100644
--- a/GOVERNANCE.md
+++ b/GOVERNANCE.md
@@ -146,8 +146,31 @@ Contributions can be:
 
 ### Nominating a new Collaborator
 
-To nominate a new Collaborator, open an issue in the [nodejs/node][] repository.
-Provide a summary of the nominee's contributions. For example:
+To nominate a new Collaborator:
+
+1. **Optional but strongly recommended**: open a
+   [discussion in the nodejs/collaborators][] repository. Provide a summary of
+   the nominee's contributions (see below for an example).
+2. **Optional but strongly recommended**: After sufficient wait time (e.g. 72
+   hours), if the nomination proposal has received some support and no explicit
+   block, add a comment in the private discussion stating you're planning on
+   opening a public issue, e.g. "I see a number of approvals and no block, I'll
+   be opening a public nomination issue if I don't hear any objections in the
+   next 72 hours".
+3. **Optional but strongly recommended**: Privately contact the nominee to make
+   sure they're comfortable with the nomination.
+4. Open an issue in the [nodejs/node][] repository. Provide a summary of
+   the nominee's contributions (see below for an example). Mention
+   @nodejs/collaborators in the issue to notify other collaborators about
+   the nomination.
+
+The _Optional but strongly recommended_ steps are optional in the sense that
+skipping them would not invalidate the nomination, but it could put the nominee
+in a very awkward situation if a nomination they didn't ask for pops out of
+nowhere only to be rejected. Do not skip those steps unless you're absolutely
+certain the nominee is fine with the public scrutiny.
+
+Example of list of contributions:
 
 * Commits in the [nodejs/node][] repository.
   * Use the link `https://github.com/nodejs/node/commits?author=GITHUB_ID`
@@ -166,23 +189,38 @@ Provide a summary of the nominee's contributions. For example:
   organization
 * Other participation in the wider Node.js community
 
-Mention @nodejs/collaborators in the issue to notify other collaborators about
-the nomination.
-
-The nomination passes if no collaborators oppose it after one week. In the case
+The nomination passes if no collaborators oppose it after one week, and if the
+nominee publicly accepts it. In the case
 of an objection, the TSC is responsible for working with the individuals
 involved and finding a resolution.
 
-There are steps a nominator can take in advance to make a nomination as
-frictionless as possible. To request feedback from other collaborators in
-private, use the [collaborators discussion page][]
-(which only collaborators may view). A nominator may also work with the
-nominee to improve their contribution profile.
-
 Collaborators might overlook someone with valuable contributions. In that case,
 the contributor may open an issue or contact a collaborator to request a
 nomination.
 
+#### How to review a collaborator nomination
+
+A collaborator nomination can be reviewed in the same way one would review a PR
+adding a feature:
+
+* If you see the nomination as something positive to the project, say so!
+* If you are neutral, or feel you don't know enough to have an informed opinion,
+  it's certainly OK to not interact with the nomination.
+* If you think the nomination was made too soon, or can be detrimental to the
+  project, share your concerns, ideally before the public nomination is opened,
+  and avoid sharing those concerns outside of the Collaborator discussion area.
+  Ideally, list what step(s) the nominee could take that would make you
+  approve their nomination.
+  Given that there is no "Request for changes" feature in discussions and issues,
+  try to be explicit when your comment is expressing a blocking concern.
+  Similarly, once the blocking concern has been addressed, explicitly say so.
+
+Our goal is to keep gate-keeping at a minimal, but it cannot be zero since being
+a collaborator requires trust (collaborators can start CI jobs, use their veto,
+push commits, etc.), so what's the minimal amount is subjective, and there will
+be cases where collaborators disagree on whether a nomination should move
+forward.
+
 ### Onboarding
 
 After the nomination passes, a TSC member onboards the new collaborator. See
@@ -196,6 +234,6 @@ The TSC follows a [Consensus Seeking][] decision-making model per the
 
 [Consensus Seeking]: https://en.wikipedia.org/wiki/Consensus-seeking_decision-making
 [TSC Charter]: https://github.com/nodejs/TSC/blob/HEAD/TSC-Charter.md
-[collaborators discussion page]: https://github.com/nodejs/collaborators/discussions/categories/collaborator-nominations
+[discussion in the nodejs/collaborators]: https://github.com/nodejs/collaborators/discussions/categories/collaborator-nominations
 [nodejs/help]: https://github.com/nodejs/help
 [nodejs/node]: https://github.com/nodejs/node

From 45e9b88363653fc7692eaa09e8f1359c069c75e2 Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Thu, 20 Mar 2025 12:40:11 -0700
Subject: [PATCH 048/138] meta: remove collaborator self-nomination
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Anyone with sufficient involvement in Node.js such that becoming a
collaborator would benefit Node.js, is going to have plenty of people to
ask. The self-nomination process has been entirely superfluous the
entire time I've been involved in Node.js. Simplify things and get rid
of it.

PR-URL: https://github.com/nodejs/node/pull/57537
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Jordan Harband <ljharb@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Edy Silva <edigleyssonsilva@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
---
 GOVERNANCE.md | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/GOVERNANCE.md b/GOVERNANCE.md
index cc4dc06a52d506..377ad0a438018e 100644
--- a/GOVERNANCE.md
+++ b/GOVERNANCE.md
@@ -194,10 +194,6 @@ nominee publicly accepts it. In the case
 of an objection, the TSC is responsible for working with the individuals
 involved and finding a resolution.
 
-Collaborators might overlook someone with valuable contributions. In that case,
-the contributor may open an issue or contact a collaborator to request a
-nomination.
-
 #### How to review a collaborator nomination
 
 A collaborator nomination can be reviewed in the same way one would review a PR

From 4abe83ec03ef520b111cb68ce0120e1a9b45e9a3 Mon Sep 17 00:00:00 2001
From: James M Snell <jasnell@gmail.com>
Date: Sun, 16 Mar 2025 09:53:26 -0700
Subject: [PATCH 049/138] meta: add some clarification to the nomination
 process
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Update GOVERNANCE.md

PR-URL: https://github.com/nodejs/node/pull/57503
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
Reviewed-By: Jordan Harband <ljharb@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
---
 GOVERNANCE.md | 100 ++++++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 85 insertions(+), 15 deletions(-)

diff --git a/GOVERNANCE.md b/GOVERNANCE.md
index 377ad0a438018e..cf5bc188ad3055 100644
--- a/GOVERNANCE.md
+++ b/GOVERNANCE.md
@@ -144,6 +144,44 @@ Contributions can be:
 * Participation in other projects, teams, and working groups of the Node.js
   organization.
 
+Collaborators should be people volunteering to do unglamorous work because it's
+the right thing to do, they find the work itself satisfying, and they care about
+Node.js and its users. People should get collaborator status because they're
+doing work and are likely to continue doing work where having the abilities that
+come with collaborator status are helpful (abilities like starting CI jobs,
+reviewing and approving PRs, etc.). That will usually--but, very importantly, not
+always--be work involving committing to the `nodejs/node` repository. For an example
+of an exception, someone working primarily on the website might benefit from being
+able to start Jenkins CI jobs to test changes to documentation tooling. That,
+along with signals indicating commitment to Node.js, personal integrity, etc.,
+should be enough for a successful nomination.
+
+It is important to understand that potential collaborators may have vastly
+different areas and levels of expertise, interest, and skill. The Node.js
+project is large and complex, and it is not expected that every collaborator
+will have the same level of expertise in every area of the project. The
+complexity or "sophistication" of an individual’s contributions, or even their
+relative engineering "skill" level, are not primary factors in determining
+whether they should be a collaborator. The primary factors do include the quality
+of their contributions (do the contributions make sense, do they add value, do
+they follow documented guidelines, are they authentic and well-intentioned,
+etc.), their commitment to the project, can their judgement be trusted, and do
+they have the ability to work well with others.
+
+#### The Authenticity of Contributors
+
+The Node.js project does not require that contributors use their legal names or
+provide any personal information verifying their identity.
+
+It is not uncommon for malicious actors to attempt to gain commit access to
+open-source projects in order to inject malicious code or for other nefarious
+purposes. The Node.js project has a number of mechanisms in place to prevent
+this, but it is important to be vigilant. If you have concerns about the
+authenticity of a contributor, please raise them with the TSC. Anyone nominating
+a new collaborator should take reasonable steps to verify that the contributions
+of the nominee are authentic and made in good faith. This is not always easy,
+but it is important.
+
 ### Nominating a new Collaborator
 
 To nominate a new Collaborator:
@@ -153,10 +191,10 @@ To nominate a new Collaborator:
    the nominee's contributions (see below for an example).
 2. **Optional but strongly recommended**: After sufficient wait time (e.g. 72
    hours), if the nomination proposal has received some support and no explicit
-   block, add a comment in the private discussion stating you're planning on
-   opening a public issue, e.g. "I see a number of approvals and no block, I'll
-   be opening a public nomination issue if I don't hear any objections in the
-   next 72 hours".
+   block, and any questions/concerns have been addressed, add a comment in the
+   private discussion stating you're planning on opening a public issue, e.g.
+   "I see a number of approvals and no block, I'll be opening a public
+   nomination issue if I don't hear any objections in the next 72 hours".
 3. **Optional but strongly recommended**: Privately contact the nominee to make
    sure they're comfortable with the nomination.
 4. Open an issue in the [nodejs/node][] repository. Provide a summary of
@@ -189,10 +227,14 @@ Example of list of contributions:
   organization
 * Other participation in the wider Node.js community
 
-The nomination passes if no collaborators oppose it after one week, and if the
-nominee publicly accepts it. In the case
-of an objection, the TSC is responsible for working with the individuals
-involved and finding a resolution.
+The nomination passes if no collaborators oppose it (as described in the
+following section) after one week. In the case of an objection, the TSC is
+responsible for working with the individuals involved and finding a resolution.
+The TSC may, following typical TSC consensus seeking processes, choose to
+advance a nomination that has otherwise failed to reach a natural consensus or
+clear path forward even if there are outstanding objections. The TSC may also
+choose to prevent a nomination from advancing if the TSC determines that any
+objections have not been adequately addressed.
 
 #### How to review a collaborator nomination
 
@@ -203,13 +245,8 @@ adding a feature:
 * If you are neutral, or feel you don't know enough to have an informed opinion,
   it's certainly OK to not interact with the nomination.
 * If you think the nomination was made too soon, or can be detrimental to the
-  project, share your concerns, ideally before the public nomination is opened,
-  and avoid sharing those concerns outside of the Collaborator discussion area.
-  Ideally, list what step(s) the nominee could take that would make you
-  approve their nomination.
-  Given that there is no "Request for changes" feature in discussions and issues,
-  try to be explicit when your comment is expressing a blocking concern.
-  Similarly, once the blocking concern has been addressed, explicitly say so.
+  project, share your concerns. See the section "How to oppose a collaborator
+  nomination" below.
 
 Our goal is to keep gate-keeping at a minimal, but it cannot be zero since being
 a collaborator requires trust (collaborators can start CI jobs, use their veto,
@@ -217,6 +254,39 @@ push commits, etc.), so what's the minimal amount is subjective, and there will
 be cases where collaborators disagree on whether a nomination should move
 forward.
 
+Refrain from discussing or debating aspects of the nomination process
+itself directly within a nomination private discussion or public issue.
+Such discussions can derail and frustrate the nomination causing unnecessary
+friction. Move such discussions to a separate issue or discussion thread.
+
+##### How to oppose a collaborator nomination
+
+An important rule of thumb is that the nomination process is intended to be
+biased strongly towards implicit approval of the nomination. This means
+discussion and review around the proposal should be more geared towards "I have
+reasons to say no..." as opposed to "Give me reasons to say yes...".
+
+Given that there is no "Request for changes" feature in discussions and issues,
+try to be explicit when your comment is expressing a blocking concern.
+Similarly, once the blocking concern has been addressed, explicitly say so.
+
+Explicit opposition would typically be signaled as some form of clear
+and unambiguous comment like, "I don't believe this nomination should pass".
+Asking clarifying questions or expressing general concerns is not the same as
+explicit opposition; however, a best effort should be made to answer such
+questions or addressing those concerns before advancing the nomination.
+
+Opposition does not need to be public. Ideally, the comment showing opposition,
+and any discussion thereof, should be done in the private discussion _before_
+the public issue is opened. Opposition _should_ be paired with clear suggestions
+for positive, concrete, and unambiguous next steps that the nominee can take to
+overcome the objection and allow it to move forward. While such suggestions are
+technically optional, they are _strongly encouraged_ to prevent the nomination
+from stalling indefinitely or objections from being overridden by the TSC.
+
+Remember that all private discussions about a nomination will be visible to
+the nominee once they are onboarded.
+
 ### Onboarding
 
 After the nomination passes, a TSC member onboards the new collaborator. See

From 47004ef37f0ec0a01bbde4bd01423597fb1179a6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 3 Apr 2025 18:40:55 +0000
Subject: [PATCH 050/138] meta: bump actions/upload-artifact from 4.6.1 to
 4.6.2
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.1 to 4.6.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1...ea165f8d65b6e75b540449e92b4886f43607fa02)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 4.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57713
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
---
 .github/workflows/daily-wpt-fyi.yml | 2 +-
 .github/workflows/doc.yml           | 2 +-
 .github/workflows/scorecard.yml     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/daily-wpt-fyi.yml b/.github/workflows/daily-wpt-fyi.yml
index 795b85f6a18943..b00b5359bff90b 100644
--- a/.github/workflows/daily-wpt-fyi.yml
+++ b/.github/workflows/daily-wpt-fyi.yml
@@ -127,7 +127,7 @@ jobs:
         run: cp wptreport.json wptreport-${{ steps.setup-node.outputs.node-version }}.json
       - name: Upload GitHub Actions artifact
         if: ${{ env.WPT_REPORT != '' }}
-        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1  # v4.6.1
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4.6.2
         with:
           path: out/wpt/wptreport-*.json
           name: WPT Report for ${{ steps.setup-node.outputs.node-version }}
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
index 18e0f952871644..a5a4110ac73aa1 100644
--- a/.github/workflows/doc.yml
+++ b/.github/workflows/doc.yml
@@ -35,7 +35,7 @@ jobs:
         run: npx envinfo
       - name: Build
         run: NODE=$(command -v node) make doc-only
-      - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1  # v4.6.1
+      - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4.6.2
         with:
           name: docs
           path: out/doc
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index a17630bba01a0b..79d98afeadf827 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -65,7 +65,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: Upload artifact
-        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1  # v4.6.1
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4.6.2
         with:
           name: SARIF file
           path: results.sarif

From d3970685bd91543316dae02fed8820935f1b1220 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 3 Apr 2025 18:41:03 +0000
Subject: [PATCH 051/138] meta: bump actions/setup-node from 4.2.0 to 4.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a...cdca7365b2dadb8aad0a33bc7601856ffabcc48e)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57714
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
---
 .github/workflows/auto-start-ci.yml               | 2 +-
 .github/workflows/commit-lint.yml                 | 2 +-
 .github/workflows/commit-queue.yml                | 2 +-
 .github/workflows/create-release-proposal.yml     | 2 +-
 .github/workflows/daily-wpt-fyi.yml               | 2 +-
 .github/workflows/daily.yml                       | 2 +-
 .github/workflows/doc.yml                         | 2 +-
 .github/workflows/find-inactive-collaborators.yml | 2 +-
 .github/workflows/find-inactive-tsc.yml           | 2 +-
 .github/workflows/linters.yml                     | 6 +++---
 .github/workflows/update-v8.yml                   | 2 +-
 .github/workflows/update-wpt.yml                  | 2 +-
 12 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/auto-start-ci.yml b/.github/workflows/auto-start-ci.yml
index af001e7c2170e0..97d9c9482b2754 100644
--- a/.github/workflows/auto-start-ci.yml
+++ b/.github/workflows/auto-start-ci.yml
@@ -50,7 +50,7 @@ jobs:
           persist-credentials: false
 
       - name: Install Node.js
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/commit-lint.yml b/.github/workflows/commit-lint.yml
index f6033f671e016f..f6273871a8a26b 100644
--- a/.github/workflows/commit-lint.yml
+++ b/.github/workflows/commit-lint.yml
@@ -23,7 +23,7 @@ jobs:
           persist-credentials: false
       - run: git reset HEAD^2
       - name: Install Node.js
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Validate commit message
diff --git a/.github/workflows/commit-queue.yml b/.github/workflows/commit-queue.yml
index 58b0fac64f6472..556843635dd676 100644
--- a/.github/workflows/commit-queue.yml
+++ b/.github/workflows/commit-queue.yml
@@ -72,7 +72,7 @@ jobs:
 
       # Install dependencies
       - name: Install Node.js
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Install @node-core/utils
diff --git a/.github/workflows/create-release-proposal.yml b/.github/workflows/create-release-proposal.yml
index d3491a031ad8dd..0ce9a40541c87e 100644
--- a/.github/workflows/create-release-proposal.yml
+++ b/.github/workflows/create-release-proposal.yml
@@ -40,7 +40,7 @@ jobs:
 
       # Install dependencies
       - name: Install Node.js
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/daily-wpt-fyi.yml b/.github/workflows/daily-wpt-fyi.yml
index b00b5359bff90b..15c218ad744262 100644
--- a/.github/workflows/daily-wpt-fyi.yml
+++ b/.github/workflows/daily-wpt-fyi.yml
@@ -51,7 +51,7 @@ jobs:
         run: echo "NIGHTLY=$(curl -s https://nodejs.org/download/nightly/index.json | jq -r '[.[] | select(.files[] | contains("linux-x64"))][0].version')" >> $GITHUB_ENV
       - name: Install Node.js
         id: setup-node
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NIGHTLY || matrix.node-version }}
           check-latest: true
diff --git a/.github/workflows/daily.yml b/.github/workflows/daily.yml
index 8bb36fd6c6667c..b6ba485f48f072 100644
--- a/.github/workflows/daily.yml
+++ b/.github/workflows/daily.yml
@@ -19,7 +19,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
index a5a4110ac73aa1..f25cd80c5939b2 100644
--- a/.github/workflows/doc.yml
+++ b/.github/workflows/doc.yml
@@ -28,7 +28,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/find-inactive-collaborators.yml b/.github/workflows/find-inactive-collaborators.yml
index 7172e4581d30b7..595751b6a455a9 100644
--- a/.github/workflows/find-inactive-collaborators.yml
+++ b/.github/workflows/find-inactive-collaborators.yml
@@ -25,7 +25,7 @@ jobs:
           persist-credentials: false
 
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/find-inactive-tsc.yml b/.github/workflows/find-inactive-tsc.yml
index 9007b1f5bf200f..e553a5145128c7 100644
--- a/.github/workflows/find-inactive-tsc.yml
+++ b/.github/workflows/find-inactive-tsc.yml
@@ -34,7 +34,7 @@ jobs:
           repository: nodejs/TSC
 
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index 21e3c6d609e4b1..e70b0495fcbea8 100644
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -29,7 +29,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
@@ -60,7 +60,7 @@ jobs:
           fetch-depth: 0
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Set up Python ${{ env.PYTHON_VERSION }}
@@ -97,7 +97,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml
index 5303466688bf33..3190b54711e415 100644
--- a/.github/workflows/update-v8.yml
+++ b/.github/workflows/update-v8.yml
@@ -30,7 +30,7 @@ jobs:
             ~/.npm
           key: ${{ runner.os }}-build-${{ env.cache-name }}
       - name: Install Node.js
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Install @node-core/utils
diff --git a/.github/workflows/update-wpt.yml b/.github/workflows/update-wpt.yml
index aaa3c3c978e479..cc8aeeea2b1030 100644
--- a/.github/workflows/update-wpt.yml
+++ b/.github/workflows/update-wpt.yml
@@ -32,7 +32,7 @@ jobs:
           persist-credentials: false
 
       - name: Install Node.js
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a  # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 

From 46388a4e2a4afa9a2b329b921e110abcc98f062f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 3 Apr 2025 18:41:11 +0000
Subject: [PATCH 052/138] meta: bump actions/cache from 4.2.2 to 4.2.3
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [actions/cache](https://github.com/actions/cache) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/d4323d4df104b026a6aa633fdb11d772146be0bf...5a3ec84eff668545956fd18022155c47e93e2684)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: 4.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57715
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/update-v8.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml
index 3190b54711e415..ea9ffb21247310 100644
--- a/.github/workflows/update-v8.yml
+++ b/.github/workflows/update-v8.yml
@@ -20,7 +20,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Cache node modules and update-v8
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf  # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684  # v4.2.3
         id: cache-v8-npm
         env:
           cache-name: cache-v8-npm

From 9046ef4fb32e26a164a4ea2e14879776093c346e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 3 Apr 2025 18:41:28 +0000
Subject: [PATCH 053/138] meta: bump peter-evans/create-pull-request from 7.0.7
 to 7.0.8

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.7 to 7.0.8.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/dd2324fc52d5d43c699a5636bcf19fceaa70c284...271a8d0340265f705b14b6d32b9829c1cb33d45e)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-version: 7.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57717
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 .github/workflows/tools.yml     | 2 +-
 .github/workflows/update-v8.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/tools.yml b/.github/workflows/tools.yml
index bf6e59c2b6a934..9ffd5e915d5601 100644
--- a/.github/workflows/tools.yml
+++ b/.github/workflows/tools.yml
@@ -309,7 +309,7 @@ jobs:
         if: env.COMMIT_MSG == '' && (github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id)
         run: |
           echo "COMMIT_MSG=${{ matrix.subsystem }}: update ${{ matrix.id }} to ${{ env.NEW_VERSION }}" >> "$GITHUB_ENV"
-      - uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284  # v7.0.7
+      - uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e  # v7.0.8
         if: github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml
index ea9ffb21247310..a984339488ecf5 100644
--- a/.github/workflows/update-v8.yml
+++ b/.github/workflows/update-v8.yml
@@ -45,7 +45,7 @@ jobs:
             cat temp-output
             tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true
             rm temp-output
-      - uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284  # v7.0.7
+      - uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e  # v7.0.8
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
         with:

From c6a88561f5c5d19ff5fd33751c003568886ac1b2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 3 Apr 2025 18:41:43 +0000
Subject: [PATCH 054/138] meta: bump actions/setup-python from 5.4.0 to 5.5.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/42375524e23c412d93fb67b49958b491fce71c38...8d9ed9ac5c53483de85588cdf95a591a75ab9f55)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: 5.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/57718
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/coverage-windows.yml | 2 +-
 .github/workflows/daily-wpt-fyi.yml    | 2 +-
 .github/workflows/linters.yml          | 8 ++++----
 .github/workflows/test-internet.yml    | 2 +-
 .github/workflows/test-macos.yml       | 2 +-
 .github/workflows/tools.yml            | 2 +-
 6 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/coverage-windows.yml b/.github/workflows/coverage-windows.yml
index 2607848e47b4bc..0ada43321eb5ed 100644
--- a/.github/workflows/coverage-windows.yml
+++ b/.github/workflows/coverage-windows.yml
@@ -49,7 +49,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Install deps
diff --git a/.github/workflows/daily-wpt-fyi.yml b/.github/workflows/daily-wpt-fyi.yml
index 15c218ad744262..f8664adb1eb582 100644
--- a/.github/workflows/daily-wpt-fyi.yml
+++ b/.github/workflows/daily-wpt-fyi.yml
@@ -39,7 +39,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index e70b0495fcbea8..5b2f484b9a2c18 100644
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -44,7 +44,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
@@ -64,7 +64,7 @@ jobs:
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
@@ -122,7 +122,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
@@ -139,7 +139,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/test-internet.yml b/.github/workflows/test-internet.yml
index 7c3060e4d58d39..64229dcffc6ed5 100644
--- a/.github/workflows/test-internet.yml
+++ b/.github/workflows/test-internet.yml
@@ -48,7 +48,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/test-macos.yml b/.github/workflows/test-macos.yml
index 21e6233bf541ef..83ef194b18da07 100644
--- a/.github/workflows/test-macos.yml
+++ b/.github/workflows/test-macos.yml
@@ -52,7 +52,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Set up sccache
diff --git a/.github/workflows/tools.yml b/.github/workflows/tools.yml
index 9ffd5e915d5601..a82e43f7c35896 100644
--- a/.github/workflows/tools.yml
+++ b/.github/workflows/tools.yml
@@ -298,7 +298,7 @@ jobs:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
         if: matrix.id == 'icu' && (github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id)
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38  # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - run: ${{ matrix.run }}

From 833b70bbc58364a6d926c26c1dde7b4cdff161d6 Mon Sep 17 00:00:00 2001
From: Matteo Collina <hello@matteocollina.com>
Date: Wed, 23 Apr 2025 17:42:25 +0200
Subject: [PATCH 055/138] meta: allow penetration testing on live system with
 prior authorization

Signed-off-by: Matteo Collina <hello@matteocollina.com>
PR-URL: https://github.com/nodejs/node/pull/57966
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jordan Harband <ljharb@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
---
 SECURITY.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index 3193db0d4dd0b2..08dcf83ce6fd5d 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -72,7 +72,9 @@ When reporting security vulnerabilities, reporters must adhere to the following
 
 3. **Responsible Testing**: When testing potential vulnerabilities:
    * Use isolated, controlled environments.
-   * Do not test on production systems.
+   * Do not test on production systems without prior authorization. Contact
+     the Node.js Technical Steering Committee (<tsc@iojs.org>) for permission or open
+     a HackerOne report.
    * Do not attempt to access or modify other users' data.
    * Immediately stop testing if unauthorized access is gained accidentally.
 

From 2b8449c39a21cdc6a484e20009c50eb970d99701 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 3 May 2025 19:04:32 +0000
Subject: [PATCH 056/138] meta: bump actions/setup-python from 5.5.0 to 5.6.0

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.5.0 to 5.6.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/8d9ed9ac5c53483de85588cdf95a591a75ab9f55...a26af69be951a213d495a4c3e4e4022e16d87065)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58107
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/build-tarball.yml               | 4 ++--
 .github/workflows/coverage-linux-without-intl.yml | 2 +-
 .github/workflows/coverage-linux.yml              | 2 +-
 .github/workflows/coverage-windows.yml            | 2 +-
 .github/workflows/daily-wpt-fyi.yml               | 2 +-
 .github/workflows/linters.yml                     | 8 ++++----
 .github/workflows/test-internet.yml               | 2 +-
 .github/workflows/test-linux.yml                  | 2 +-
 .github/workflows/test-macos.yml                  | 2 +-
 .github/workflows/tools.yml                       | 2 +-
 10 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/build-tarball.yml b/.github/workflows/build-tarball.yml
index 0c73938764165b..e31730931ead7f 100644
--- a/.github/workflows/build-tarball.yml
+++ b/.github/workflows/build-tarball.yml
@@ -46,7 +46,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Set up sccache
@@ -76,7 +76,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Set up sccache
diff --git a/.github/workflows/coverage-linux-without-intl.yml b/.github/workflows/coverage-linux-without-intl.yml
index 5520c7ac608b82..fe447459ef9600 100644
--- a/.github/workflows/coverage-linux-without-intl.yml
+++ b/.github/workflows/coverage-linux-without-intl.yml
@@ -53,7 +53,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Set up sccache
diff --git a/.github/workflows/coverage-linux.yml b/.github/workflows/coverage-linux.yml
index 993207996b9692..8fdca5a0640843 100644
--- a/.github/workflows/coverage-linux.yml
+++ b/.github/workflows/coverage-linux.yml
@@ -53,7 +53,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Set up sccache
diff --git a/.github/workflows/coverage-windows.yml b/.github/workflows/coverage-windows.yml
index 0ada43321eb5ed..7ba90f1dfea77a 100644
--- a/.github/workflows/coverage-windows.yml
+++ b/.github/workflows/coverage-windows.yml
@@ -49,7 +49,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Install deps
diff --git a/.github/workflows/daily-wpt-fyi.yml b/.github/workflows/daily-wpt-fyi.yml
index f8664adb1eb582..db358bfe04bd1c 100644
--- a/.github/workflows/daily-wpt-fyi.yml
+++ b/.github/workflows/daily-wpt-fyi.yml
@@ -39,7 +39,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index 5b2f484b9a2c18..2b599721f0ae17 100644
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -44,7 +44,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
@@ -64,7 +64,7 @@ jobs:
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
@@ -122,7 +122,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
@@ -139,7 +139,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/test-internet.yml b/.github/workflows/test-internet.yml
index 64229dcffc6ed5..7d25113c024f78 100644
--- a/.github/workflows/test-internet.yml
+++ b/.github/workflows/test-internet.yml
@@ -48,7 +48,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/test-linux.yml b/.github/workflows/test-linux.yml
index 6e8ff1fd6492c0..07e9b755f3ee8b 100644
--- a/.github/workflows/test-linux.yml
+++ b/.github/workflows/test-linux.yml
@@ -41,7 +41,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Set up sccache
diff --git a/.github/workflows/test-macos.yml b/.github/workflows/test-macos.yml
index 83ef194b18da07..969b73e0c3a996 100644
--- a/.github/workflows/test-macos.yml
+++ b/.github/workflows/test-macos.yml
@@ -52,7 +52,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - name: Set up sccache
diff --git a/.github/workflows/tools.yml b/.github/workflows/tools.yml
index a82e43f7c35896..7ec9da38630210 100644
--- a/.github/workflows/tools.yml
+++ b/.github/workflows/tools.yml
@@ -298,7 +298,7 @@ jobs:
           persist-credentials: false
       - name: Set up Python ${{ env.PYTHON_VERSION }}
         if: matrix.id == 'icu' && (github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id)
-        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55  # v5.5.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
       - run: ${{ matrix.run }}

From 1b78eb1313ae843de770d9bac1eb612550283875 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 3 May 2025 19:04:40 +0000
Subject: [PATCH 057/138] meta: bump actions/setup-node from 4.3.0 to 4.4.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/cdca7365b2dadb8aad0a33bc7601856ffabcc48e...49933ea5288caeca8642d1e84afbd3f7d6820020)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58111
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/auto-start-ci.yml               | 2 +-
 .github/workflows/commit-lint.yml                 | 2 +-
 .github/workflows/commit-queue.yml                | 2 +-
 .github/workflows/create-release-proposal.yml     | 2 +-
 .github/workflows/daily-wpt-fyi.yml               | 2 +-
 .github/workflows/daily.yml                       | 2 +-
 .github/workflows/doc.yml                         | 2 +-
 .github/workflows/find-inactive-collaborators.yml | 2 +-
 .github/workflows/find-inactive-tsc.yml           | 2 +-
 .github/workflows/linters.yml                     | 6 +++---
 .github/workflows/update-v8.yml                   | 2 +-
 .github/workflows/update-wpt.yml                  | 2 +-
 12 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/auto-start-ci.yml b/.github/workflows/auto-start-ci.yml
index 97d9c9482b2754..2588bc82da3f66 100644
--- a/.github/workflows/auto-start-ci.yml
+++ b/.github/workflows/auto-start-ci.yml
@@ -50,7 +50,7 @@ jobs:
           persist-credentials: false
 
       - name: Install Node.js
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/commit-lint.yml b/.github/workflows/commit-lint.yml
index f6273871a8a26b..4cd44c6d18538f 100644
--- a/.github/workflows/commit-lint.yml
+++ b/.github/workflows/commit-lint.yml
@@ -23,7 +23,7 @@ jobs:
           persist-credentials: false
       - run: git reset HEAD^2
       - name: Install Node.js
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Validate commit message
diff --git a/.github/workflows/commit-queue.yml b/.github/workflows/commit-queue.yml
index 556843635dd676..e9e151ba3d287c 100644
--- a/.github/workflows/commit-queue.yml
+++ b/.github/workflows/commit-queue.yml
@@ -72,7 +72,7 @@ jobs:
 
       # Install dependencies
       - name: Install Node.js
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Install @node-core/utils
diff --git a/.github/workflows/create-release-proposal.yml b/.github/workflows/create-release-proposal.yml
index 0ce9a40541c87e..58cf5a0bba55f6 100644
--- a/.github/workflows/create-release-proposal.yml
+++ b/.github/workflows/create-release-proposal.yml
@@ -40,7 +40,7 @@ jobs:
 
       # Install dependencies
       - name: Install Node.js
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/daily-wpt-fyi.yml b/.github/workflows/daily-wpt-fyi.yml
index db358bfe04bd1c..3cc6e6c54cd28c 100644
--- a/.github/workflows/daily-wpt-fyi.yml
+++ b/.github/workflows/daily-wpt-fyi.yml
@@ -51,7 +51,7 @@ jobs:
         run: echo "NIGHTLY=$(curl -s https://nodejs.org/download/nightly/index.json | jq -r '[.[] | select(.files[] | contains("linux-x64"))][0].version')" >> $GITHUB_ENV
       - name: Install Node.js
         id: setup-node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NIGHTLY || matrix.node-version }}
           check-latest: true
diff --git a/.github/workflows/daily.yml b/.github/workflows/daily.yml
index b6ba485f48f072..ae2b7a577f7b0f 100644
--- a/.github/workflows/daily.yml
+++ b/.github/workflows/daily.yml
@@ -19,7 +19,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
index f25cd80c5939b2..481224e670afb8 100644
--- a/.github/workflows/doc.yml
+++ b/.github/workflows/doc.yml
@@ -28,7 +28,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/find-inactive-collaborators.yml b/.github/workflows/find-inactive-collaborators.yml
index 595751b6a455a9..269bc2db172be8 100644
--- a/.github/workflows/find-inactive-collaborators.yml
+++ b/.github/workflows/find-inactive-collaborators.yml
@@ -25,7 +25,7 @@ jobs:
           persist-credentials: false
 
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/find-inactive-tsc.yml b/.github/workflows/find-inactive-tsc.yml
index e553a5145128c7..9e294994ba8180 100644
--- a/.github/workflows/find-inactive-tsc.yml
+++ b/.github/workflows/find-inactive-tsc.yml
@@ -34,7 +34,7 @@ jobs:
           repository: nodejs/TSC
 
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index 2b599721f0ae17..3f8a54a5918159 100644
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -29,7 +29,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
@@ -60,7 +60,7 @@ jobs:
           fetch-depth: 0
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Set up Python ${{ env.PYTHON_VERSION }}
@@ -97,7 +97,7 @@ jobs:
         with:
           persist-credentials: false
       - name: Use Node.js ${{ env.NODE_VERSION }}
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Environment Information
diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml
index a984339488ecf5..70977609d2971a 100644
--- a/.github/workflows/update-v8.yml
+++ b/.github/workflows/update-v8.yml
@@ -30,7 +30,7 @@ jobs:
             ~/.npm
           key: ${{ runner.os }}-build-${{ env.cache-name }}
       - name: Install Node.js
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Install @node-core/utils
diff --git a/.github/workflows/update-wpt.yml b/.github/workflows/update-wpt.yml
index cc8aeeea2b1030..aba9b2741208b6 100644
--- a/.github/workflows/update-wpt.yml
+++ b/.github/workflows/update-wpt.yml
@@ -32,7 +32,7 @@ jobs:
           persist-credentials: false
 
       - name: Install Node.js
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e  # v4.3.0
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
 

From e1f12fe7378e35d625158780e1bdc134b4c78da5 Mon Sep 17 00:00:00 2001
From: Jonas <jonas@badalic.com>
Date: Fri, 16 May 2025 14:53:33 -0400
Subject: [PATCH 058/138] meta: ignore mailmap changes in linux ci

PR-URL: https://github.com/nodejs/node/pull/58356
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
---
 .github/workflows/test-linux.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/test-linux.yml b/.github/workflows/test-linux.yml
index 07e9b755f3ee8b..bd8569c8dc6d7e 100644
--- a/.github/workflows/test-linux.yml
+++ b/.github/workflows/test-linux.yml
@@ -3,6 +3,7 @@ name: Test Linux
 on:
   pull_request:
     paths-ignore:
+      - .mailmap
       - README.md
       - .github/**
       - '!.github/workflows/test-linux.yml'
@@ -14,6 +15,7 @@ on:
       - v[0-9]+.x-staging
       - v[0-9]+.x
     paths-ignore:
+      - .mailmap
       - README.md
       - .github/**
       - '!.github/workflows/test-linux.yml'

From 1558551ea57a955e7ba80de9c3d1d026feba855a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 24 May 2025 20:45:18 +0000
Subject: [PATCH 059/138] meta: bump actions/download-artifact from 4.2.1 to
 4.3.0

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.2.1 to 4.3.0.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/95815c38cf2ff2164869cbab79da8d1f422bc89e...d3f86a106a0bac45b974a628896c90dbdf5c8093)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58106
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/build-tarball.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-tarball.yml b/.github/workflows/build-tarball.yml
index e31730931ead7f..14121a09cc4450 100644
--- a/.github/workflows/build-tarball.yml
+++ b/.github/workflows/build-tarball.yml
@@ -86,7 +86,7 @@ jobs:
       - name: Environment Information
         run: npx envinfo
       - name: Download tarball
-        uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e  # v4.2.1
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093  # v4.3.0
         with:
           name: tarballs
           path: tarballs

From 7d2f7180b6e5f975cbd9f512aab69f55197eed80 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 25 May 2025 18:23:43 +0000
Subject: [PATCH 060/138] meta: bump codecov/codecov-action from 5.4.0 to 5.4.2
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.4.0 to 5.4.2.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/0565863a31f2c772f9f0395002a31e3f06189574...ad3126e916f78f00edff4ed0317cf185271ccc2d)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: 5.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58110
Reviewed-By: Michaël Zasso <targos@protonmail.com>
---
 .github/workflows/coverage-linux-without-intl.yml | 2 +-
 .github/workflows/coverage-linux.yml              | 2 +-
 .github/workflows/coverage-windows.yml            | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/coverage-linux-without-intl.yml b/.github/workflows/coverage-linux-without-intl.yml
index fe447459ef9600..41c81286fb2c18 100644
--- a/.github/workflows/coverage-linux-without-intl.yml
+++ b/.github/workflows/coverage-linux-without-intl.yml
@@ -80,6 +80,6 @@ jobs:
       - name: Clean tmp
         run: rm -rf coverage/tmp && rm -rf out
       - name: Upload
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574  # v5.4.0
+        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d  # v5.4.2
         with:
           directory: ./coverage
diff --git a/.github/workflows/coverage-linux.yml b/.github/workflows/coverage-linux.yml
index 8fdca5a0640843..b4112298531ad6 100644
--- a/.github/workflows/coverage-linux.yml
+++ b/.github/workflows/coverage-linux.yml
@@ -80,6 +80,6 @@ jobs:
       - name: Clean tmp
         run: rm -rf coverage/tmp && rm -rf out
       - name: Upload
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574  # v5.4.0
+        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d  # v5.4.2
         with:
           directory: ./coverage
diff --git a/.github/workflows/coverage-windows.yml b/.github/workflows/coverage-windows.yml
index 7ba90f1dfea77a..a970348875e405 100644
--- a/.github/workflows/coverage-windows.yml
+++ b/.github/workflows/coverage-windows.yml
@@ -71,6 +71,6 @@ jobs:
       - name: Clean tmp
         run: npx rimraf ./coverage/tmp
       - name: Upload
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574  # v5.4.0
+        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d  # v5.4.2
         with:
           directory: ./coverage

From 631fed8e39fcb5da42ec2345570171f653a3a46c Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Mon, 26 May 2025 09:16:06 -0400
Subject: [PATCH 061/138] meta: move one or more collaborators to emeritus
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58456
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 3f4b2d8d1b4c04..6d1379a877b9d1 100644
--- a/README.md
+++ b/README.md
@@ -397,8 +397,6 @@ For information about the governance of the Node.js project, see
   **Xuguang Mei** <<meixuguang@gmail.com>> (he/him)
 * [mhdawson](https://github.com/mhdawson) -
   **Michael Dawson** <<midawson@redhat.com>> (he/him)
-* [mildsunrise](https://github.com/mildsunrise) -
-  **Alba Mendez** <<me@alba.sh>> (she/her)
 * [MoLow](https://github.com/MoLow) -
   **Moshe Atlow** <<moshe@atlow.co.il>> (he/him)
 * [MrJithil](https://github.com/MrJithil) -
@@ -605,6 +603,8 @@ For information about the governance of the Node.js project, see
   **Mikeal Rogers** <<mikeal.rogers@gmail.com>>
 * [miladfarca](https://github.com/miladfarca) -
   **Milad Fa** <<mfarazma@redhat.com>> (he/him)
+* [mildsunrise](https://github.com/mildsunrise) -
+  **Alba Mendez** <<me@alba.sh>> (she/her)
 * [misterdjules](https://github.com/misterdjules) -
   **Julien Gilli** <<jgilli@netflix.com>>
 * [mmarchini](https://github.com/mmarchini) -

From 4095337e96e9c778f5c229398edbc01910adf949 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 4 Jun 2025 22:04:51 +0000
Subject: [PATCH 062/138] meta: bump rtCamp/action-slack-notify from 2.3.2 to
 2.3.3

Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/rtcamp/action-slack-notify/releases)
- [Commits](https://github.com/rtcamp/action-slack-notify/compare/c33737706dea87cd7784c687dadc9adf1be59990...e31e87e03dd19038e411e38ae27cbad084a90661)

---
updated-dependencies:
- dependency-name: rtCamp/action-slack-notify
  dependency-version: 2.3.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58108
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 .github/workflows/notify-on-push.yml          | 4 ++--
 .github/workflows/notify-on-review-wanted.yml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/notify-on-push.yml b/.github/workflows/notify-on-push.yml
index 14b184deb515c2..a05738f0c5d3f5 100644
--- a/.github/workflows/notify-on-push.yml
+++ b/.github/workflows/notify-on-push.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Slack Notification
-        uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990  # 2.3.2
+        uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661  # 2.3.3
         env:
           SLACK_COLOR: '#DE512A'
           SLACK_ICON: https://github.com/nodejs.png?size=48
@@ -56,7 +56,7 @@ jobs:
           GH_TOKEN: ${{ github.token }}
       - name: Slack Notification
         if: ${{ env.INVALID_COMMIT_MESSAGE }}
-        uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990  # 2.3.2
+        uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661  # 2.3.3
         env:
           SLACK_COLOR: '#DE512A'
           SLACK_ICON: https://github.com/nodejs.png?size=48
diff --git a/.github/workflows/notify-on-review-wanted.yml b/.github/workflows/notify-on-review-wanted.yml
index b4e3490f31f3d6..96eee3096d8b69 100644
--- a/.github/workflows/notify-on-review-wanted.yml
+++ b/.github/workflows/notify-on-review-wanted.yml
@@ -33,7 +33,7 @@ jobs:
           fi
 
       - name: Slack Notification
-        uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990  # 2.3.2
+        uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661  # 2.3.3
         env:
           MSG_MINIMAL: actions url
           SLACK_COLOR: '#3d85c6'

From 2c59789001a325ce887ec7290e7409016232bee6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 4 Jun 2025 22:05:00 +0000
Subject: [PATCH 063/138] meta: bump ossf/scorecard-action from 2.4.1 to 2.4.2

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](https://github.com/ossf/scorecard-action/compare/f49aabe0b5af0936a0987cfb85d86b75731b0186...05b42c624433fc40578a4040d5cf5e36ddca8cde)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58550
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 79d98afeadf827..45a5ab30e74ff6 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -43,7 +43,7 @@ jobs:
           persist-credentials: false
 
       - name: Run analysis
-        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186  # v2.4.1
+        uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde  # v2.4.2
         with:
           results_file: results.sarif
           results_format: sarif

From b145bb28aaf318c67f6f4d5b1a0a11f570c045ce Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 7 Jun 2025 09:06:56 +0000
Subject: [PATCH 064/138] meta: bump codecov/codecov-action from 5.4.2 to 5.4.3
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.4.2 to 5.4.3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/ad3126e916f78f00edff4ed0317cf185271ccc2d...18283e04ce6e62d37312384ff67231eb8fd56d24)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: 5.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58551
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
---
 .github/workflows/coverage-linux-without-intl.yml | 2 +-
 .github/workflows/coverage-linux.yml              | 2 +-
 .github/workflows/coverage-windows.yml            | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/coverage-linux-without-intl.yml b/.github/workflows/coverage-linux-without-intl.yml
index 41c81286fb2c18..956058c6889e4c 100644
--- a/.github/workflows/coverage-linux-without-intl.yml
+++ b/.github/workflows/coverage-linux-without-intl.yml
@@ -80,6 +80,6 @@ jobs:
       - name: Clean tmp
         run: rm -rf coverage/tmp && rm -rf out
       - name: Upload
-        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d  # v5.4.2
+        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24  # v5.4.3
         with:
           directory: ./coverage
diff --git a/.github/workflows/coverage-linux.yml b/.github/workflows/coverage-linux.yml
index b4112298531ad6..3a7ad75d375875 100644
--- a/.github/workflows/coverage-linux.yml
+++ b/.github/workflows/coverage-linux.yml
@@ -80,6 +80,6 @@ jobs:
       - name: Clean tmp
         run: rm -rf coverage/tmp && rm -rf out
       - name: Upload
-        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d  # v5.4.2
+        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24  # v5.4.3
         with:
           directory: ./coverage
diff --git a/.github/workflows/coverage-windows.yml b/.github/workflows/coverage-windows.yml
index a970348875e405..5acb24cfc707df 100644
--- a/.github/workflows/coverage-windows.yml
+++ b/.github/workflows/coverage-windows.yml
@@ -71,6 +71,6 @@ jobs:
       - name: Clean tmp
         run: npx rimraf ./coverage/tmp
       - name: Upload
-        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d  # v5.4.2
+        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24  # v5.4.3
         with:
           directory: ./coverage

From a683cd1232c2575cb4b012f05a2468b304f65d95 Mon Sep 17 00:00:00 2001
From: Ilyas Shabi <ilyasshabi94@gmail.com>
Date: Tue, 1 Jul 2025 19:15:49 +0200
Subject: [PATCH 065/138] meta: add IlyasShabi to collaborators

Fixes: https://github.com/nodejs/node/issues/58766
PR-URL: https://github.com/nodejs/node/pull/58916
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Matthew Aitken <maitken033380023@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 6d1379a877b9d1..696476e3558fe4 100644
--- a/README.md
+++ b/README.md
@@ -351,6 +351,8 @@ For information about the governance of the Node.js project, see
   **Harshitha K P** <<harshitha014@gmail.com>> (she/her)
 * [himself65](https://github.com/himself65) -
   **Zeyu "Alex" Yang** <<himself65@outlook.com>> (he/him)
+* [IlyasShabi](https://github.com/IlyasShabi) -
+  **Ilyas Shabi** <<ilyasshabi94@gmail.com>> (he/him)
 * [jakecastelli](https://github.com/jakecastelli) -
   **Jake Yuesong Li** <<jake.yuesong@gmail.com>> (he/him)
 * [JakobJingleheimer](https://github.com/JakobJingleheimer) -

From 6fa0626327e928118a444de724bf72b35f65336e Mon Sep 17 00:00:00 2001
From: Noritaka Kobayashi <arukimedesu1166777@gmail.com>
Date: Wed, 28 May 2025 17:18:47 +0900
Subject: [PATCH 066/138] doc,src,test: fix typos

PR-URL: https://github.com/nodejs/node/pull/58477
Reviewed-By: Jacob Smith <jacob@frende.me>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Dario Piotrowicz <dario.piotrowicz@gmail.com>
---
 src/quic/sessionticket.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/quic/sessionticket.h b/src/quic/sessionticket.h
index 4700af5743954e..106447f00f6cde 100644
--- a/src/quic/sessionticket.h
+++ b/src/quic/sessionticket.h
@@ -58,7 +58,7 @@ class SessionTicket final : public MemoryRetainer {
 };
 
 // SessionTicket::AppData is a utility class that is used only during the
-// generation or access of TLS stateless sesson tickets. It exists solely to
+// generation or access of TLS stateless session tickets. It exists solely to
 // provide a easier way for Session::Application instances to set relevant
 // metadata in the session ticket when it is created, and the exract and
 // subsequently verify that data when a ticket is received and is being

From 9a36cbb79266ace13f809864a825e5c7c10718f8 Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Tue, 19 Nov 2024 15:31:29 -0300
Subject: [PATCH 067/138] doc: fix relative path mention in --allow-fs

PR-URL: https://github.com/nodejs/node/pull/55791
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
---
 doc/api/cli.md | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/doc/api/cli.md b/doc/api/cli.md
index cff17926e2bc83..219b24a92b799f 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -206,23 +206,18 @@ The valid arguments for the `--allow-fs-read` flag are:
 * Multiple paths can be allowed using multiple `--allow-fs-read` flags.
   Example `--allow-fs-read=/folder1/ --allow-fs-read=/folder1/`
 
-Paths delimited by comma (`,`) are no longer allowed.
-When passing a single flag with a comma a warning will be displayed.
-
 Examples can be found in the [File System Permissions][] documentation.
 
-Relative paths are NOT yet supported by the CLI flag.
-
 The initializer module also needs to be allowed. Consider the following example:
 
 ```console
-$ node --experimental-permission t.js
+$ node --experimental-permission index.js
 
 Error: Access to this API has been restricted
     at node:internal/main/run_main_module:23:47 {
   code: 'ERR_ACCESS_DENIED',
   permission: 'FileSystemRead',
-  resource: '/Users/rafaelgss/repos/os/node/t.js'
+  resource: '/Users/rafaelgss/repos/os/node/index.js'
 }
 ```
 
@@ -258,8 +253,6 @@ When passing a single flag with a comma a warning will be displayed.
 
 Examples can be found in the [File System Permissions][] documentation.
 
-Relative paths are NOT supported through the CLI flag.
-
 ### `--allow-wasi`
 
 <!-- YAML

From 73e51407b76f3f06607970232742d176a23b46fb Mon Sep 17 00:00:00 2001
From: Aviv Keller <redyetidev@gmail.com>
Date: Thu, 21 Nov 2024 18:37:22 -0500
Subject: [PATCH 068/138] doc: remove RedYetiDev from triagers team

PR-URL: https://github.com/nodejs/node/pull/55947
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Jake Yuesong Li <jake.yuesong@gmail.com>
Reviewed-By: Jason Zhang <xzha4350@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
---
 README.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/README.md b/README.md
index 696476e3558fe4..0d825409fcb1e1 100644
--- a/README.md
+++ b/README.md
@@ -765,8 +765,6 @@ maintaining the Node.js project.
   **Preveen Padmanabhan** <<wide4head@gmail.com>> (he/him)
 * [RaisinTen](https://github.com/RaisinTen) -
   **Darshan Sen** <<raisinten@gmail.com>> (he/him)
-* [RedYetiDev](https://github.com/redyetidev) -
-  **Aviv Keller** <<redyetidev@gmail.com>> (they/them)
 * [VoltrexKeyva](https://github.com/VoltrexKeyva) -
   **Mohammed Keyvanzadeh** <<mohammadkeyvanzade94@gmail.com>> (he/him)
 

From 77dbcfce5f7a4e78a8050d9ec175b0f34e7740b6 Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Mon, 13 Jan 2025 06:49:45 -0300
Subject: [PATCH 069/138] doc: add section about using npx with permission
 model

Co-Authored-By: Gar <gar+gh@danger.computer>
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
PR-URL: https://github.com/nodejs/node/pull/56539
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
---
 doc/api/permissions.md | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/doc/api/permissions.md b/doc/api/permissions.md
index 4a17d949721241..ab010cf4d95def 100644
--- a/doc/api/permissions.md
+++ b/doc/api/permissions.md
@@ -581,6 +581,43 @@ does not exist, the wildcard will not be added, and access will be limited to
 yet, make sure to explicitly include the wildcard:
 `/my-path/folder-do-not-exist/*`.
 
+#### Using the Permission Model with `npx`
+
+If you're using [`npx`][] to execute a Node.js script, you can enable the
+Permission Model by passing the `--node-options` flag. For example:
+
+```bash
+npx --node-options="--permission" package-name
+```
+
+This sets the `NODE_OPTIONS` environment variable for all Node.js processes
+spawned by [`npx`][], without affecting the `npx` process itself.
+
+**FileSystemRead Error with `npx`**
+
+The above command will likely throw a `FileSystemRead` invalid access error
+because Node.js requires file system read access to locate and execute the
+package. To avoid this:
+
+1. **Using a Globally Installed Package**
+   Grant read access to the global `node_modules` directory by running:
+
+   ```bash
+   npx --node-options="--permission --allow-fs-read=$(npm prefix -g)" package-name
+   ```
+
+2. **Using the `npx` Cache**
+   If you are installing the package temporarily or relying on the `npx` cache,
+   grant read access to the npm cache directory:
+
+   ```bash
+   npx --node-options="--permission --allow-fs-read=$(npm config get cache)" package-name
+   ```
+
+Any arguments you would normally pass to `node` (e.g., `--allow-*` flags) can
+also be passed through the `--node-options` flag. This flexibility makes it
+easy to configure permissions as needed when using `npx`.
+
 #### Permission Model constraints
 
 There are constraints you need to know before using this system:
@@ -620,6 +657,7 @@ There are constraints you need to know before using this system:
 [`--allow-wasi`]: cli.md#--allow-wasi
 [`--allow-worker`]: cli.md#--allow-worker
 [`--experimental-permission`]: cli.md#--experimental-permission
+[`npx`]: https://docs.npmjs.com/cli/commands/npx
 [`permission.has()`]: process.md#processpermissionhasscope-reference
 [relative-url string]: https://url.spec.whatwg.org/#relative-url-with-fragment-string
 [special schemes]: https://url.spec.whatwg.org/#special-scheme

From 77a0505a32981e6e7f8824a170dd96a6f6cdb514 Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Wed, 5 Feb 2025 16:48:05 -0300
Subject: [PATCH 070/138] doc: update post sec release process
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/56907
Fixes: https://github.com/nodejs-private/security-release/issues/52
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
---
 doc/contributing/security-release-process.md | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/doc/contributing/security-release-process.md b/doc/contributing/security-release-process.md
index 7027b16a00d5e5..e6f2e31da64cb0 100644
--- a/doc/contributing/security-release-process.md
+++ b/doc/contributing/security-release-process.md
@@ -156,14 +156,10 @@ security announcements for more information.
 
 ## Post-Release
 
-* [ ] 1\. **Merge the Next Security Release PR:**
-  * This involves moving the `vulnerabilities.json` file from
-    `security-release/next-security-release` to the `security-release/YYYY-MM-DD`
-    folder and merging the PR.
-
-* [ ] 2\. **Cleanup:**
+* [ ] 1\. **Cleanup:**
   * [ ] `git node security --cleanup`. This command will:
-  * Close PRs and backports.
+  * Update next-security-release folder
+  * Close all PRs and backports labeled with `Security Release`.
   * Close HackerOne reports:
     * Close Resolved
     * Request Disclosure

From 01220607f20366e192c1a9eb7ff35e57dc67ecc1 Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Thu, 13 Feb 2025 11:20:14 -0300
Subject: [PATCH 071/138] doc: update cleanup to trust on vuln db automation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Since https://github.com/nodejs-private/security-release/pull/56 this
process has been automated.

PR-URL: https://github.com/nodejs/node/pull/57004
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
---
 doc/contributing/security-release-process.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/contributing/security-release-process.md b/doc/contributing/security-release-process.md
index e6f2e31da64cb0..9ea616f6de2298 100644
--- a/doc/contributing/security-release-process.md
+++ b/doc/contributing/security-release-process.md
@@ -170,7 +170,7 @@ security announcements for more information.
       Then uncheck the Public Disclosure on HackerOne box at the bottom of the
       page.
       ![screenshot of HackerOne CVE form](https://github.com/nodejs/node/assets/26234614/e22e4f33-7948-4dd2-952e-2f9166f5568d)
-  * [ ] PR machine-readable JSON descriptions of the vulnerabilities to the [core](https://github.com/nodejs/security-wg/tree/HEAD/vuln/core)
+  * PR machine-readable JSON descriptions of the vulnerabilities to the [core](https://github.com/nodejs/security-wg/tree/HEAD/vuln/core)
     vulnerability DB.
   * [ ] Add yourself as a steward in the [Security Release Stewards](https://github.com/nodejs/node/blob/HEAD/doc/contributing/security-release-process.md#security-release-stewards)
 

From 4cd6b3ca739d8be6014a36e8234bc96d26c650f9 Mon Sep 17 00:00:00 2001
From: tpoisseau <22891227+tpoisseau@users.noreply.github.com>
Date: Fri, 14 Feb 2025 15:54:29 +0100
Subject: [PATCH 072/138] doc: buffer: fix typo on `Buffer.copyBytesFrom(`
 `offset` option
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/57015
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 doc/api/buffer.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/api/buffer.md b/doc/api/buffer.md
index 7844b840c9cc8d..38042f4655902f 100644
--- a/doc/api/buffer.md
+++ b/doc/api/buffer.md
@@ -1096,7 +1096,7 @@ added: v19.8.0
 -->
 
 * `view` {TypedArray} The {TypedArray} to copy.
-* `offset` {integer} The starting offset within `view`. **Default:**: `0`.
+* `offset` {integer} The starting offset within `view`. **Default:** `0`.
 * `length` {integer} The number of elements from `view` to copy.
   **Default:** `view.length - offset`.
 * Returns: {Buffer}

From acd4d7f2690fd4f30546f7509be2e7e5ff6766e1 Mon Sep 17 00:00:00 2001
From: Aditi <62544124+Aditi-1400@users.noreply.github.com>
Date: Fri, 14 Feb 2025 20:57:33 +0530
Subject: [PATCH 073/138] doc: improve documentation on argument validation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/56954
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
---
 src/README.md | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)

diff --git a/src/README.md b/src/README.md
index 565ac0df5cec72..036bd13f5b363c 100644
--- a/src/README.md
+++ b/src/README.md
@@ -589,6 +589,68 @@ void InitializeHttpParser(Local<Object> target,
 }
 ```
 
+### Argument validation in public APIs vs. internal code
+
+#### Public API argument sanitization
+
+When arguments come directly from user code, Node.js will typically validate them at the
+JavaScript layer and throws user-friendly
+[errors](https://github.com/nodejs/node/blob/main/doc/contributing/using-internal-errors.md)
+(e.g., `ERR_INVALID_*`), if they are invalid. This helps end users
+quickly understand and fix mistakes in their own code.
+
+This approach ensures that the error message pinpoints which argument is wrong
+and how it should be fixed. Additionally, problems in user code do not cause
+mysterious crashes or hard-to-diagnose failures deeper in the engine.
+
+Example from `zlib.js`:
+
+```js
+function crc32(data, value = 0) {
+  if (typeof data !== 'string' && !isArrayBufferView(data)) {
+    throw new ERR_INVALID_ARG_TYPE('data', ['Buffer', 'TypedArray', 'DataView','string'], data);
+  }
+  validateUint32(value, 'value');
+  return crc32Native(data, value);
+}
+```
+
+The corresponding C++ assertion code for the above example from it's binding `node_zlib.cc`:
+
+```cpp
+CHECK(args[0]->IsArrayBufferView() || args[0]->IsString());
+CHECK(args[1]->IsUint32());
+```
+
+#### Internal code and C++ binding checks
+
+Inside Node.js’s internal layers, especially the C++ [binding function][]s
+typically assume their arguments have already been checked and sanitized
+by the upper-level (JavaScript) callers. As a result, internal C++ code
+often just uses `CHECK()` or similar assertions to confirm that the
+types/values passed in are correct. If that assertion fails, Node.js will
+crash or abort with an internal diagnostic message. This is to avoid
+re-validating every internal function argument repeatedly which can slow
+down the system.
+
+However, in a less common case where the API is implemented completely in
+C++, the arguments would be validated directly in C++, with the errors
+thrown using `THROW_ERR_INVALID_*` macros from `src/node_errors.h`.
+
+For example in `worker_threads.moveMessagePortToContext`:
+
+```cpp
+void MessagePort::MoveToContext(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+  if (!args[0]->IsObject() ||
+      !env->message_port_constructor_template()->HasInstance(args[0])) {
+    return THROW_ERR_INVALID_ARG_TYPE(env,
+        "The \"port\" argument must be a MessagePort instance");
+  }
+  // ...
+}
+```
+
 <a id="exception-handling"></a>
 
 ### Exception handling

From bc7d18b6eab7bf275d3ffbf37cb032989592f1a0 Mon Sep 17 00:00:00 2001
From: Joyee Cheung <joyeec9h3@gmail.com>
Date: Sat, 15 Feb 2025 13:58:08 +0100
Subject: [PATCH 074/138] doc: recommend writing tests in new files and
 including comments
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The previous phrasing encouraged or did not discourage appending
new test cases to existing files - a practice that can reduce
the debuggability of the tests over time as they get bigger and
bigger, some times thousands of lines long with hundreds of
test cases, and make the CI output increasingly difficult to
read when one of the test cases fail in a very long test.

This patch updates the guideline to explicitly discourage appending
test cases this way. Also recommend including an opening comment
to describe what the test does to optimize the test towards the
scenario when it fails.

PR-URL: https://github.com/nodejs/node/pull/57028
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Jake Yuesong Li <jake.yuesong@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
---
 doc/contributing/writing-tests.md | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/doc/contributing/writing-tests.md b/doc/contributing/writing-tests.md
index 0a6af29bf04ac8..8c67ed2c9410c4 100644
--- a/doc/contributing/writing-tests.md
+++ b/doc/contributing/writing-tests.md
@@ -21,9 +21,22 @@ Add tests when:
 ## Test directory structure
 
 See [directory structure overview][] for outline of existing test and locations.
-When deciding on whether to expand an existing test file or create a new one,
-consider going through the files related to the subsystem.
-For example, look for `test-streams` when writing a test for `lib/streams.js`.
+
+## How to write a good test
+
+A good test should be written in a style that is optimial for debugging
+when it fails.
+
+In principle, when adding a new test, it should be placed in a new file.
+Unless there is strong motivation to do so, refrain from appending
+new test cases to an existing file. Similar to the reproductions we ask
+for in the issue tracker, a good test should be as minimal and isolated as
+possible to facilitate debugging.
+
+A good test should come with comments explaining what it tries to test,
+so that when it fails, other contributors can fix it with the full context
+of its intention, and be able to modify it in good confidence when the context
+changes.
 
 ## Test structure
 

From 14fcfc242bc2d1fa952eca27ffdbe6fde5c91687 Mon Sep 17 00:00:00 2001
From: Aditi <62544124+Aditi-1400@users.noreply.github.com>
Date: Sun, 16 Feb 2025 03:41:00 +0530
Subject: [PATCH 075/138] doc: add a note about `require('../common')` in
 testing documentation

PR-URL: https://github.com/nodejs/node/pull/56953
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
---
 test/common/README.md | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/test/common/README.md b/test/common/README.md
index eef654963d5b7d..8dbe4f0cd79310 100644
--- a/test/common/README.md
+++ b/test/common/README.md
@@ -1,6 +1,29 @@
 # Node.js Core Test Common Modules
 
 This directory contains modules used to test the Node.js implementation.
+All tests must begin by requiring the `common` module:
+
+```js
+require('../common');
+```
+
+This is not just a convenience for exporting helper functions etc; it also performs
+several other tasks:
+
+* Verifies that no unintended globals have been leaked to ensure that tests
+  don't accidentally pollute the global namespace.
+
+* Some tests assume a default umask of `0o022`. To enforce this assumption,
+  the common module sets the unmask at startup. Tests that require a
+  different umask can override this setting after loading the module.
+
+* Some tests specify runtime flags (example, `--expose-internals`) via a
+  comment at the top of the file: `// Flags: --expose-internals`.
+  If the test is run without those flags, the common module automatically
+  spawns a child process with proper flags. This ensures that the tests
+  always run under the expected conditions. Because of this behaviour, the
+  common module must be loaded first so that any code below it is not
+  executed until the process has been re-spawned with the correct flags.
 
 ## Table of contents
 

From 7b0ea9ab2dff3ea1543511fc4fc45d7fa9ffe601 Mon Sep 17 00:00:00 2001
From: Dario Piotrowicz <dario.piotrowicz@gmail.com>
Date: Sun, 16 Feb 2025 15:28:33 +0000
Subject: [PATCH 076/138] doc: fix wrong verb form

PR-URL: https://github.com/nodejs/node/pull/57091
Reviewed-By: Jacob Smith <jacob@frende.me>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 doc/api/modules.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/api/modules.md b/doc/api/modules.md
index 3c0c87ff662014..f94f33ccb9ed55 100644
--- a/doc/api/modules.md
+++ b/doc/api/modules.md
@@ -204,7 +204,7 @@ regarding which files are parsed as ECMAScript modules.
   3. The file has a `.js` extension, the closest `package.json` does not contain
      `"type": "commonjs"`, and the module contains ES module syntax.
 
-If the ES Module being loaded meet the requirements, `require()` can load it and
+If the ES Module being loaded meets the requirements, `require()` can load it and
 return the module namespace object. In this case it is similar to dynamic
 `import()` but is run synchronously and returns the name space object
 directly.

From cd8259cb4e883cd3e1855d66045a143e5fff8167 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alexander=20=E2=80=9Cweej=E2=80=9D=20Jones?= <alex@weej.com>
Date: Sun, 16 Feb 2025 18:26:30 +0000
Subject: [PATCH 077/138] doc: `modules.md`: fix `distance` definition
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

It's somewhat esoteric at best to define distance in terms of squared
length!

PR-URL: https://github.com/nodejs/node/pull/57046
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
---
 doc/api/modules.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/api/modules.md b/doc/api/modules.md
index f94f33ccb9ed55..74ae5f3c99189e 100644
--- a/doc/api/modules.md
+++ b/doc/api/modules.md
@@ -213,7 +213,7 @@ With the following ES Modules:
 
 ```mjs
 // distance.mjs
-export function distance(a, b) { return (b.x - a.x) ** 2 + (b.y - a.y) ** 2; }
+export function distance(a, b) { return Math.sqrt((b.x - a.x) ** 2 + (b.y - a.y) ** 2); }
 ```
 
 ```mjs
@@ -265,7 +265,7 @@ export default class Point {
 
 // `distance` is lost to CommonJS consumers of this module, unless it's
 // added to `Point` as a static property.
-export function distance(a, b) { return (b.x - a.x) ** 2 + (b.y - a.y) ** 2; }
+export function distance(a, b) { return Math.sqrt((b.x - a.x) ** 2 + (b.y - a.y) ** 2); }
 export { Point as 'module.exports' }
 ```
 
@@ -289,7 +289,7 @@ named exports attached to it as properties. For example with the example above,
 <!-- eslint-disable @stylistic/js/semi -->
 
 ```mjs
-export function distance(a, b) { return (b.x - a.x) ** 2 + (b.y - a.y) ** 2; }
+export function distance(a, b) { return Math.sqrt((b.x - a.x) ** 2 + (b.y - a.y) ** 2); }
 
 export default class Point {
   constructor(x, y) { this.x = x; this.y = y; }

From 2c3dc569a1364c96c8624e48940145a91e58ba3a Mon Sep 17 00:00:00 2001
From: Dario Piotrowicz <dario.piotrowicz@gmail.com>
Date: Mon, 17 Feb 2025 11:50:49 +0000
Subject: [PATCH 078/138] doc: fix wrong articles used to address modules

PR-URL: https://github.com/nodejs/node/pull/57090
Reviewed-By: Jacob Smith <jacob@frende.me>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 doc/api/modules.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/api/modules.md b/doc/api/modules.md
index 74ae5f3c99189e..0f407ea1773149 100644
--- a/doc/api/modules.md
+++ b/doc/api/modules.md
@@ -249,7 +249,7 @@ This property is experimental and can change in the future. It should only be us
 by tools converting ES modules into CommonJS modules, following existing ecosystem
 conventions. Code authored directly in CommonJS should avoid depending on it.
 
-When a ES Module contains both named exports and a default export, the result returned by `require()`
+When an ES Module contains both named exports and a default export, the result returned by `require()`
 is the module namespace object, which places the default export in the `.default` property, similar to
 the results returned by `import()`.
 To customize what should be returned by `require(esm)` directly, the ES Module can export the
@@ -369,7 +369,7 @@ LOAD_AS_FILE(X)
       1. MAYBE_DETECT_AND_LOAD(X.js)
     c. If the SCOPE/package.json contains "type" field,
       1. If the "type" field is "module", load X.js as an ECMAScript module. STOP.
-      2. If the "type" field is "commonjs", load X.js as an CommonJS module. STOP.
+      2. If the "type" field is "commonjs", load X.js as a CommonJS module. STOP.
     d. MAYBE_DETECT_AND_LOAD(X.js)
 3. If X.json is a file, load X.json to a JavaScript Object. STOP
 4. If X.node is a file, load X.node as binary addon. STOP
@@ -380,7 +380,7 @@ LOAD_INDEX(X)
     b. If no scope was found, load X/index.js as a CommonJS module. STOP.
     c. If the SCOPE/package.json contains "type" field,
       1. If the "type" field is "module", load X/index.js as an ECMAScript module. STOP.
-      2. Else, load X/index.js as an CommonJS module. STOP.
+      2. Else, load X/index.js as a CommonJS module. STOP.
 2. If X/index.json is a file, parse X/index.json to a JavaScript object. STOP
 3. If X/index.node is a file, load X/index.node as binary addon. STOP
 

From 09368db20fd73eda473e5e827dcaf97ce7522221 Mon Sep 17 00:00:00 2001
From: Dario Piotrowicz <dario.piotrowicz@gmail.com>
Date: Tue, 18 Feb 2025 13:13:29 +0000
Subject: [PATCH 079/138] doc: disambiguate pseudo-code statement

the statement `set Y to be the file system root` can be wrongly
interpreted as the file system root being updated to match Y,
removing the `be` term removes this potential interpretation

PR-URL: https://github.com/nodejs/node/pull/57092
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 doc/api/modules.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/api/modules.md b/doc/api/modules.md
index 0f407ea1773149..7138348f2d0870 100644
--- a/doc/api/modules.md
+++ b/doc/api/modules.md
@@ -342,7 +342,7 @@ require(X) from module at path Y
    a. return the core module
    b. STOP
 2. If X begins with '/'
-   a. set Y to be the file system root
+   a. set Y to the file system root
 3. If X begins with './' or '/' or '../'
    a. LOAD_AS_FILE(Y + X)
    b. LOAD_AS_DIRECTORY(Y + X)

From b73a1356ceab8a8a784eade6e591eb174bcac2b4 Mon Sep 17 00:00:00 2001
From: Dario Piotrowicz <dario.piotrowicz@gmail.com>
Date: Sun, 16 Feb 2025 12:00:56 +0000
Subject: [PATCH 080/138] doc: add `module namespace object` links
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/57093
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 doc/api/modules.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/doc/api/modules.md b/doc/api/modules.md
index 7138348f2d0870..8eb8a39cabb3f2 100644
--- a/doc/api/modules.md
+++ b/doc/api/modules.md
@@ -205,7 +205,7 @@ regarding which files are parsed as ECMAScript modules.
      `"type": "commonjs"`, and the module contains ES module syntax.
 
 If the ES Module being loaded meets the requirements, `require()` can load it and
-return the module namespace object. In this case it is similar to dynamic
+return the [module namespace object][]. In this case it is similar to dynamic
 `import()` but is run synchronously and returns the name space object
 directly.
 
@@ -250,7 +250,7 @@ by tools converting ES modules into CommonJS modules, following existing ecosyst
 conventions. Code authored directly in CommonJS should avoid depending on it.
 
 When an ES Module contains both named exports and a default export, the result returned by `require()`
-is the module namespace object, which places the default export in the `.default` property, similar to
+is the [module namespace object][], which places the default export in the `.default` property, similar to
 the results returned by `import()`.
 To customize what should be returned by `require(esm)` directly, the ES Module can export the
 desired value using the string name `"module.exports"`.
@@ -1291,6 +1291,7 @@ This section was moved to
 [`process.features.require_module`]: process.md#processfeaturesrequire_module
 [`require.main`]: #requiremain
 [exports shortcut]: #exports-shortcut
+[module namespace object]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/import#module_namespace_object
 [module resolution]: #all-together
 [native addons]: addons.md
 [subpath exports]: packages.md#subpath-exports

From 1db42b76f79914dd6e4a42133d0013eb6befab1b Mon Sep 17 00:00:00 2001
From: Pavel Romanov <82144989+pavel-romanov8@users.noreply.github.com>
Date: Sun, 23 Feb 2025 07:14:56 +0700
Subject: [PATCH 081/138] doc: remove buffered flag from performance hooks
 examples

PR-URL: https://github.com/nodejs/node/pull/52607
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 doc/api/perf_hooks.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/api/perf_hooks.md b/doc/api/perf_hooks.md
index 0bdf8626f476a7..1113b618378411 100644
--- a/doc/api/perf_hooks.md
+++ b/doc/api/perf_hooks.md
@@ -1849,7 +1849,7 @@ const obs = new PerformanceObserver((list, observer) => {
   performance.clearMeasures();
   observer.disconnect();
 });
-obs.observe({ entryTypes: ['measure'], buffered: true });
+obs.observe({ entryTypes: ['measure'] });
 
 setTimeout(() => {}, 1000);
 ```
@@ -1884,7 +1884,7 @@ const obs = new PerformanceObserver((list) => {
   performance.clearMeasures();
   obs.disconnect();
 });
-obs.observe({ entryTypes: ['function'], buffered: true });
+obs.observe({ entryTypes: ['function'] });
 
 require('some-module');
 ```

From ef3a4675c7d494296f8486c23bac7b520a6eb662 Mon Sep 17 00:00:00 2001
From: Samuel Bronson <naesten@gmail.com>
Date: Sun, 23 Feb 2025 19:32:19 +0000
Subject: [PATCH 082/138] doc: fix web.libera.chat link in pull-requests.md

The old link wasn't prefilling the channel name for me,
and this is the format suggested in the docs:<https://libera.chat/guides/webchat#kiwiirc>

It works, too!

PR-URL: https://github.com/nodejs/node/pull/57076
Reviewed-By: Jordan Harband <ljharb@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 doc/contributing/pull-requests.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/contributing/pull-requests.md b/doc/contributing/pull-requests.md
index 8914d60c95aa2f..201b59f4923910 100644
--- a/doc/contributing/pull-requests.md
+++ b/doc/contributing/pull-requests.md
@@ -53,7 +53,7 @@ help, questions, and discussions.
 development of Node.js core specifically.
 
 Node.js also has an unofficial IRC channel:
-[#Node.js](https://web.libera.chat/?channels=node.js).
+[#Node.js](https://web.libera.chat/#node.js).
 
 ## Setting up your local environment
 

From 3c6206cac94c38b68c1b4db5741aa9af7136d23b Mon Sep 17 00:00:00 2001
From: Edy Silva <edigleyssonsilva@gmail.com>
Date: Fri, 28 Feb 2025 14:13:23 -0300
Subject: [PATCH 083/138] doc: add @geeksilva97 to collaborators

Fixes: https://github.com/nodejs/node/issues/57032
PR-URL: https://github.com/nodejs/node/pull/57241
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 0d825409fcb1e1..2de76376bf0350 100644
--- a/README.md
+++ b/README.md
@@ -337,6 +337,8 @@ For information about the governance of the Node.js project, see
   **Gerhard Stöbich** <<deb2001-github@yahoo.de>> (he/they)
 * [gabrielschulhof](https://github.com/gabrielschulhof) -
   **Gabriel Schulhof** <<gabrielschulhof@gmail.com>>
+* [geeksilva97](https://github.com/geeksilva97) -
+  **Edy Silva** <<edigleyssonsilva@gmail.com>> (he/him)
 * [gengjiawen](https://github.com/gengjiawen) -
   **Jiawen Geng** <<technicalcute@gmail.com>>
 * [GeoffreyBooth](https://github.com/GeoffreyBooth) -

From 026b3cab6a9064ac0a13649dbab0f78fd01c91d3 Mon Sep 17 00:00:00 2001
From: 1ilsang <1ilsang@naver.com>
Date: Sun, 2 Mar 2025 08:29:20 +0900
Subject: [PATCH 084/138] doc: add 1ilsang to triage team

PR-URL: https://github.com/nodejs/node/pull/57183
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Jake Yuesong Li <jake.yuesong@gmail.com>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Jason Zhang <xzha4350@gmail.com>
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 2de76376bf0350..4e5c396305271f 100644
--- a/README.md
+++ b/README.md
@@ -737,6 +737,8 @@ maintaining the Node.js project.
 
 ### Triagers
 
+* [1ilsang](https://github.com/1ilsang) -
+  **Sangchul Lee** <<1ilsang.dev@gmail.com>> (he/him)
 * [atlowChemi](https://github.com/atlowChemi) -
   **Chemi Atlow** <<chemi@atlow.co.il>> (he/him)
 * [Ayase-252](https://github.com/Ayase-252) -

From e6a0c6a0fa56fbf162b519491680f6bec59794f9 Mon Sep 17 00:00:00 2001
From: Colin Ihrig <cjihrig@gmail.com>
Date: Fri, 28 Feb 2025 09:33:00 -0500
Subject: [PATCH 085/138] doc: add missing assert return types
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This commit documents the return types for assert.rejects() and
assert.doesNotReject().

PR-URL: https://github.com/nodejs/node/pull/57219
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 doc/api/assert.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/doc/api/assert.md b/doc/api/assert.md
index 847dfcfd74c742..32194c2bd8c7e4 100644
--- a/doc/api/assert.md
+++ b/doc/api/assert.md
@@ -1092,6 +1092,7 @@ added: v10.0.0
 * `asyncFn` {Function|Promise}
 * `error` {RegExp|Function}
 * `message` {string}
+* Returns: {Promise}
 
 Awaits the `asyncFn` promise or, if `asyncFn` is a function, immediately
 calls the function and awaits the returned promise to complete. It will then
@@ -2036,6 +2037,7 @@ added: v10.0.0
 * `asyncFn` {Function|Promise}
 * `error` {RegExp|Function|Object|Error}
 * `message` {string}
+* Returns: {Promise}
 
 Awaits the `asyncFn` promise or, if `asyncFn` is a function, immediately
 calls the function and awaits the returned promise to complete. It will then

From e688410bda020b4242ce7926c63b0ebfb24e29ab Mon Sep 17 00:00:00 2001
From: David Sanders <dsanders11@ucsbalum.com>
Date: Sat, 1 Mar 2025 15:46:31 -0800
Subject: [PATCH 086/138] doc: fix rendering of DEP0174 description

PR-URL: https://github.com/nodejs/node/pull/56835
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 doc/api/deprecations.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index 21f2ba7d5e1a32..f76628f37b3a15 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -3397,7 +3397,7 @@ changes:
 
 Type: Documentation-only
 
-Calling [`util.promisify`][] on a function that returns a <Promise> will ignore
+Calling [`util.promisify`][] on a function that returns a `Promise` will ignore
 the result of said promise, which can lead to unhandled promise rejections.
 
 ### DEP0175: `util.toUSVString`

From 8c3bc156edc62d8777e3d051e9e42d3f2bef6ba8 Mon Sep 17 00:00:00 2001
From: Eric Fortis <6572038+ericfortis@users.noreply.github.com>
Date: Sun, 2 Mar 2025 12:48:59 -0500
Subject: [PATCH 087/138] doc: clarify `path.isAbsolute` is not path traversal
 mitigation

PR-URL: https://github.com/nodejs/node/pull/57073
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jordan Harband <ljharb@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 doc/api/path.md | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/doc/api/path.md b/doc/api/path.md
index a0619d12287468..62552782808521 100644
--- a/doc/api/path.md
+++ b/doc/api/path.md
@@ -315,17 +315,19 @@ added: v0.11.2
 * `path` {string}
 * Returns: {boolean}
 
-The `path.isAbsolute()` method determines if `path` is an absolute path.
+The `path.isAbsolute()` method determines if the literal `path` is absolute.
+Therefore, it’s not safe for mitigating path traversals.
 
 If the given `path` is a zero-length string, `false` will be returned.
 
 For example, on POSIX:
 
 ```js
-path.isAbsolute('/foo/bar'); // true
-path.isAbsolute('/baz/..');  // true
-path.isAbsolute('qux/');     // false
-path.isAbsolute('.');        // false
+path.isAbsolute('/foo/bar');   // true
+path.isAbsolute('/baz/..');    // true
+path.isAbsolute('/baz/../..'); // true
+path.isAbsolute('qux/');       // false
+path.isAbsolute('.');          // false
 ```
 
 On Windows:

From d06db658fcd25838f7dd27c142acd649444b4b9c Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Wed, 28 May 2025 18:12:15 -0300
Subject: [PATCH 088/138] doc: add Filip Skokan to TSC

Refs: https://github.com/nodejs/TSC/issues/1740
PR-URL: https://github.com/nodejs/node/pull/58499
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
Reviewed-By: Rich Trott <rtrott@gmail.com>
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 4e5c396305271f..631a898d0f7321 100644
--- a/README.md
+++ b/README.md
@@ -180,6 +180,8 @@ For information about the governance of the Node.js project, see
   **Matteo Collina** <<matteo.collina@gmail.com>> (he/him)
 * [mhdawson](https://github.com/mhdawson) -
   **Michael Dawson** <<midawson@redhat.com>> (he/him)
+* [panva](https://github.com/panva) -
+  **Filip Skokan** <<panva.ip@gmail.com>> (he/him)
 * [RafaelGSS](https://github.com/RafaelGSS) -
   **Rafael Gonzaga** <<rafael.nunu@hotmail.com>> (he/him)
 * [richardlau](https://github.com/richardlau) -

From d06bb4dcc2ab686ccbe5fe04439689c1fe862d53 Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Thu, 6 Mar 2025 09:52:04 -0300
Subject: [PATCH 089/138] doc: ping nodejs/tsc for each security pull request

Refs: https://github.com/nodejs/TSC/issues/1687
PR-URL: https://github.com/nodejs/node/pull/57309
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
---
 doc/contributing/security-release-process.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/doc/contributing/security-release-process.md b/doc/contributing/security-release-process.md
index 9ea616f6de2298..0932dfb7b63c1d 100644
--- a/doc/contributing/security-release-process.md
+++ b/doc/contributing/security-release-process.md
@@ -56,6 +56,9 @@ The current security stewards are documented in the main Node.js
     * Use the "summary" feature in HackerOne. Example [2038134](https://hackerone.com/reports/2038134)
     * `git node security --add-report=report_id`
     * `git node security --remove-report=report_id`
+  * Ensure to ping the Node.js TSC team for review of the PRs prior to the release date.
+    * Adding individuals with expertise in the report topic is also a viable option if
+      communicated properly with nodejs/security and TSC.
 
 * [ ] 3\. **Assigning Severity and Writing Team Summary:**
   * [ ] Assign a severity and write a team summary on HackerOne for the reports

From 38e8bbc1315ef4cf2bda2940590724a1328447f6 Mon Sep 17 00:00:00 2001
From: Michael Dawson <midawson@redhat.com>
Date: Tue, 4 Mar 2025 20:50:00 +0000
Subject: [PATCH 090/138] doc: add info on how project manages social media

Signed-off-by: Michael Dawson <midawson@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/57318
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 .../managing-social-media-acounts.md          | 49 +++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 doc/contributing/managing-social-media-acounts.md

diff --git a/doc/contributing/managing-social-media-acounts.md b/doc/contributing/managing-social-media-acounts.md
new file mode 100644
index 00000000000000..3095e0ab740218
--- /dev/null
+++ b/doc/contributing/managing-social-media-acounts.md
@@ -0,0 +1,49 @@
+# Managing social media accounts
+
+The project obtains and manages social media accounts in order to help
+promote the project and to share content that benefits the ecosystem.
+
+Currently the project has the following social media accounts:
+
+* [bluesky](https://bsky.app/profile/nodejs.org)
+* [twitter](https://x.com/nodejs)
+* [Facebook](https://www.facebook.com/nodejsfoundation)
+* [LinkedIn](https://www.linkedin.com/company/node.js-foundation/)
+
+## bluesky
+
+Bluesky is managed directly by the project. Automation is used
+to request posts/reposts as outlined in
+[nodejs/bluesky](https://github.com/nodejs/bluesky).
+
+Login credentials are available to members of the Technical
+Steering Committee, but are not to be used directly except
+in exceptional circumstances.
+
+## Twitter/X
+
+Day to day management of the Twitter/X account has been
+delegated to the Foundation Staff.
+
+In addition, it has been agreed that Releasers may login
+and post when doing a release, and TSC members may post
+an announcement of a release if a releaser is not able to
+do it themselves.
+
+Login credentials are available to members of the Technical
+Steering Committee. Releasers may request access by
+opening an issue in the nodejs/admin repo asking for access.
+
+## Facebook
+
+Day to day management of the Facebook account has been
+delegated to the Foundation Staff.
+
+No project members have access to the Facebook account.
+
+## Linkedin
+
+Day to day management of the LinkedIn account has been
+delegated to the Foundation Staff.
+
+No project members have access to the LinkedIn account.

From cded8e7e7774a6e35d0e37a46b2e295ca6e2d290 Mon Sep 17 00:00:00 2001
From: theanarkh <theratliter@gmail.com>
Date: Tue, 8 Jul 2025 17:42:22 +0800
Subject: [PATCH 091/138] dns: fix parse memory leaky

PR-URL: https://github.com/nodejs/node/pull/58973
Reviewed-By: Zeyu "Alex" Yang <himself65@outlook.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 src/cares_wrap.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/cares_wrap.cc b/src/cares_wrap.cc
index 8ca1595a738e10..2388c60486ed5c 100644
--- a/src/cares_wrap.cc
+++ b/src/cares_wrap.cc
@@ -1319,6 +1319,8 @@ int SoaTraits::Parse(
   if (status != ARES_SUCCESS)
     return status;
 
+  auto cleanup = OnScopeLeave([&]() { ares_free_data(soa_out); });
+
   Local<Object> soa_record = Object::New(env->isolate());
 
   soa_record->Set(env->context(),
@@ -1345,8 +1347,6 @@ int SoaTraits::Parse(
                   Integer::NewFromUnsigned(
                       env->isolate(), soa_out->minttl)).Check();
 
-  ares_free_data(soa_out);
-
   wrap->CallOnComplete(soa_record);
   return ARES_SUCCESS;
 }

From c06f6f3f0541abc31cdb0ddd36f9b65f765b7b90 Mon Sep 17 00:00:00 2001
From: Deokjin Kim <deokjin81.kim@gmail.com>
Date: Tue, 11 Mar 2025 22:54:00 +0900
Subject: [PATCH 092/138] dns: remove redundant code using common variable

`validFamilies` variable is defined 2 times, so remove
redundant code by defining `validFamilies` in util. Plus,
apply the same approach to `validDnsOrders` because it's
also used multiple times.

PR-URL: https://github.com/nodejs/node/pull/57386
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
---
 lib/dns.js                   | 5 +++--
 lib/internal/dns/promises.js | 5 +++--
 lib/internal/dns/utils.js    | 8 ++++++--
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/lib/dns.js b/lib/dns.js
index 448258dfedc10f..3a2e118663bd7a 100644
--- a/lib/dns.js
+++ b/lib/dns.js
@@ -46,6 +46,8 @@ const {
   getDefaultResultOrder,
   setDefaultResultOrder,
   errorCodes: dnsErrorCodes,
+  validDnsOrders,
+  validFamilies,
 } = require('internal/dns/utils');
 const {
   Resolver,
@@ -138,7 +140,6 @@ function onlookupall(err, addresses) {
 
 // Easy DNS A/AAAA look up
 // lookup(hostname, [options,] callback)
-const validFamilies = [0, 4, 6];
 function lookup(hostname, options, callback) {
   let hints = 0;
   let family = 0;
@@ -192,7 +193,7 @@ function lookup(hostname, options, callback) {
       dnsOrder = options.verbatim ? 'verbatim' : 'ipv4first';
     }
     if (options?.order != null) {
-      validateOneOf(options.order, 'options.order', ['ipv4first', 'ipv6first', 'verbatim']);
+      validateOneOf(options.order, 'options.order', validDnsOrders);
       dnsOrder = options.order;
     }
   }
diff --git a/lib/internal/dns/promises.js b/lib/internal/dns/promises.js
index 602ff447fd31f5..de6e591a24946d 100644
--- a/lib/internal/dns/promises.js
+++ b/lib/internal/dns/promises.js
@@ -16,6 +16,8 @@ const {
   getDefaultResultOrder,
   setDefaultResultOrder,
   setDefaultResolver,
+  validDnsOrders,
+  validFamilies,
 } = require('internal/dns/utils');
 
 const {
@@ -177,7 +179,6 @@ function createLookupPromise(family, hostname, all, hints, dnsOrder) {
   });
 }
 
-const validFamilies = [0, 4, 6];
 /**
  * Get the IP address for a given hostname.
  * @param {string} hostname - The hostname to resolve (ex. 'nodejs.org').
@@ -225,7 +226,7 @@ function lookup(hostname, options) {
       dnsOrder = options.verbatim ? 'verbatim' : 'ipv4first';
     }
     if (options?.order != null) {
-      validateOneOf(options.order, 'options.order', ['ipv4first', 'ipv6first', 'verbatim']);
+      validateOneOf(options.order, 'options.order', validDnsOrders);
       dnsOrder = options.order;
     }
   }
diff --git a/lib/internal/dns/utils.js b/lib/internal/dns/utils.js
index a79a5b846a6d18..b0ea4bf99aea02 100644
--- a/lib/internal/dns/utils.js
+++ b/lib/internal/dns/utils.js
@@ -200,6 +200,8 @@ class ResolverBase {
 
 let defaultResolver;
 let dnsOrder;
+const validDnsOrders = ['verbatim', 'ipv4first', 'ipv6first'];
+const validFamilies = [0, 4, 6];
 
 function initializeDns() {
   const orderFromCLI = getOptionValue('--dns-result-order');
@@ -207,7 +209,7 @@ function initializeDns() {
     dnsOrder ??= 'verbatim';
   } else {
     // Allow the deserialized application to override order from CLI.
-    validateOneOf(orderFromCLI, '--dns-result-order', ['verbatim', 'ipv4first', 'ipv6first']);
+    validateOneOf(orderFromCLI, '--dns-result-order', validDnsOrders);
     dnsOrder = orderFromCLI;
   }
 
@@ -279,7 +281,7 @@ function emitInvalidHostnameWarning(hostname) {
 }
 
 function setDefaultResultOrder(value) {
-  validateOneOf(value, 'dnsOrder', ['verbatim', 'ipv4first', 'ipv6first']);
+  validateOneOf(value, 'dnsOrder', validDnsOrders);
   dnsOrder = value;
 }
 
@@ -353,4 +355,6 @@ module.exports = {
   errorCodes,
   createResolverClass,
   initializeDns,
+  validDnsOrders,
+  validFamilies,
 };

From edff105c34a6de6d3861e8fdca69cb8b166240df Mon Sep 17 00:00:00 2001
From: Dario Piotrowicz <dario.piotrowicz@gmail.com>
Date: Tue, 18 Mar 2025 19:30:31 +0000
Subject: [PATCH 093/138] debugger: fix behavior of plain object exec in
 debugger repl

Co-authored-by: Xuguang Mei <meixuguang@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/57498
Fixes: https://github.com/nodejs/node/issues/46808
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Xuguang Mei <meixuguang@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 lib/internal/debugger/inspect_repl.js | 10 +++++++++-
 lib/internal/repl/utils.js            | 17 +++++++++++++++++
 lib/repl.js                           | 10 +++-------
 test/parallel/test-debugger-exec.js   |  5 +++++
 4 files changed, 34 insertions(+), 8 deletions(-)

diff --git a/lib/internal/debugger/inspect_repl.js b/lib/internal/debugger/inspect_repl.js
index b4f454152dc438..0c6e3470694995 100644
--- a/lib/internal/debugger/inspect_repl.js
+++ b/lib/internal/debugger/inspect_repl.js
@@ -56,6 +56,7 @@ const { fileURLToPath } = require('internal/url');
 
 const { customInspectSymbol, SideEffectFreeRegExpPrototypeSymbolReplace } = require('internal/util');
 const { inspect: utilInspect } = require('internal/util/inspect');
+const { isObjectLiteral } = require('internal/repl/utils');
 const debuglog = require('internal/util/debuglog').debuglog('inspect');
 
 const SHORTCUTS = {
@@ -573,8 +574,15 @@ function createRepl(inspector) {
     if (input === '\n') return lastCommand;
     // Add parentheses: exec process.title => exec("process.title");
     const match = RegExpPrototypeExec(/^\s*(?:exec|p)\s+([^\n]*)/, input);
+    input = match ? match[1] : input;
+
+    if (isObjectLiteral(input)) {
+      // Add parentheses to make sure `input` is parsed as an expression
+      input = `(${StringPrototypeTrim(input)})\n`;
+    }
+
     if (match) {
-      lastCommand = `exec(${JSONStringify(match[1])})`;
+      lastCommand = `exec(${JSONStringify(input)})`;
     } else {
       lastCommand = input;
     }
diff --git a/lib/internal/repl/utils.js b/lib/internal/repl/utils.js
index 126f8ae85d0977..79a2c55dff16d7 100644
--- a/lib/internal/repl/utils.js
+++ b/lib/internal/repl/utils.js
@@ -739,6 +739,22 @@ function setupReverseSearch(repl) {
   return { reverseSearch };
 }
 
+const startsWithBraceRegExp = /^\s*{/;
+const endsWithSemicolonRegExp = /;\s*$/;
+
+/**
+ * Checks if some provided code represents an object literal.
+ * This is helpful to prevent confusing repl code evaluations where
+ * strings such as `{ a : 1 }` would get interpreted as block statements
+ * rather than object literals.
+ * @param {string} code the code to check
+ * @returns {boolean} true if the code represents an object literal, false otherwise
+ */
+function isObjectLiteral(code) {
+  return RegExpPrototypeExec(startsWithBraceRegExp, code) !== null &&
+    RegExpPrototypeExec(endsWithSemicolonRegExp, code) === null;
+}
+
 module.exports = {
   REPL_MODE_SLOPPY: Symbol('repl-sloppy'),
   REPL_MODE_STRICT,
@@ -746,4 +762,5 @@ module.exports = {
   kStandaloneREPL: Symbol('kStandaloneREPL'),
   setupPreview,
   setupReverseSearch,
+  isObjectLiteral,
 };
diff --git a/lib/repl.js b/lib/repl.js
index abd7ca512e6295..de503a4488babd 100644
--- a/lib/repl.js
+++ b/lib/repl.js
@@ -171,6 +171,7 @@ const {
   kStandaloneREPL,
   setupPreview,
   setupReverseSearch,
+  isObjectLiteral,
 } = require('internal/repl/utils');
 const {
   constants: {
@@ -441,13 +442,8 @@ function REPLServer(prompt,
     let awaitPromise = false;
     const input = code;
 
-    // It's confusing for `{ a : 1 }` to be interpreted as a block
-    // statement rather than an object literal.  So, we first try
-    // to wrap it in parentheses, so that it will be interpreted as
-    // an expression.  Note that if the above condition changes,
-    // lib/internal/repl/utils.js needs to be changed to match.
-    if (RegExpPrototypeExec(/^\s*{/, code) !== null &&
-        RegExpPrototypeExec(/;\s*$/, code) === null) {
+    if (isObjectLiteral(code)) {
+      // Add parentheses to make sure `code` is parsed as an expression
       code = `(${StringPrototypeTrim(code)})\n`;
       wrappedCmd = true;
     }
diff --git a/test/parallel/test-debugger-exec.js b/test/parallel/test-debugger-exec.js
index 51bc7497345ba2..536e0128ea2a84 100644
--- a/test/parallel/test-debugger-exec.js
+++ b/test/parallel/test-debugger-exec.js
@@ -60,6 +60,11 @@ async function waitInitialBreak() {
       /\[ 'undefined', 'function' \]/,
       'non-paused exec can see global but not module-scope values'
     );
+
+    // Ref: https://github.com/nodejs/node/issues/46808
+    await cli.waitForPrompt();
+    await cli.command('exec { a: 1 }');
+    assert.match(cli.output, /\{ a: 1 \}/);
   } finally {
     await cli.quit();
   }

From d2c5e609ae28e5a3bcd1be52baadbc96c6a96a02 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Mon, 30 Jun 2025 10:39:43 +0200
Subject: [PATCH 094/138] build: disable
 v8_enable_pointer_compression_shared_cage on non-64bit

PR-URL: https://github.com/nodejs/node/pull/58867
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 common.gypi | 1 +
 1 file changed, 1 insertion(+)

diff --git a/common.gypi b/common.gypi
index 888b8b94ca1abd..7b1f180665fbd9 100644
--- a/common.gypi
+++ b/common.gypi
@@ -112,6 +112,7 @@
       # V8 pointer compression only supports 64bit architectures.
       ['target_arch in "arm ia32 mips mipsel ppc"', {
         'v8_enable_pointer_compression': 0,
+        'v8_enable_pointer_compression_shared_cage': 0,
         'v8_enable_31bit_smis_on_64bit_arch': 0,
         'v8_enable_sandbox': 0
       }],

From c647aa4b30913f250981a9c56a3f0847c8e38725 Mon Sep 17 00:00:00 2001
From: Joyee Cheung <joyeec9h3@gmail.com>
Date: Sun, 4 May 2025 20:58:06 +0200
Subject: [PATCH 095/138] build: fix pointer compression builds
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Remove usage of deprecated V8::InitializeSandbox().
- External code space and pointer compression shared cage must
  be enabled when pointer compression builds are enabled.
- We cannot enable the sandbox because that requires allocating
  the array buffer backing stores in the sandbox - we currently
  have many backing stores tied to pointers from C++ land that
  are not even necessarily dynamic (e.g. in static storage).
  Until we manage to get rid of all those, sandbox cannot be
  enabled. Note that enabling pointer compression without
  enabling sandbox is unsupported by V8, and can be broken
  at any time.

PR-URL: https://github.com/nodejs/node/pull/58171
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 common.gypi                      |  5 +++++
 configure.py                     | 10 +++++++++-
 test/cctest/node_test_fixture.cc |  3 ---
 tools/v8_gypfiles/features.gypi  |  8 ++++++++
 4 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/common.gypi b/common.gypi
index 7b1f180665fbd9..fd0d0b9f32aa62 100644
--- a/common.gypi
+++ b/common.gypi
@@ -80,6 +80,7 @@
     'v8_enable_direct_local%': 0,
     'v8_enable_map_packing%': 0,
     'v8_enable_pointer_compression_shared_cage%': 0,
+    'v8_enable_external_code_space%': 0,
     'v8_enable_sandbox%': 0,
     'v8_enable_v8_checks%': 0,
     'v8_enable_zone_compression%': 0,
@@ -114,6 +115,7 @@
         'v8_enable_pointer_compression': 0,
         'v8_enable_pointer_compression_shared_cage': 0,
         'v8_enable_31bit_smis_on_64bit_arch': 0,
+        'v8_enable_external_code_space': 0,
         'v8_enable_sandbox': 0
       }],
       ['target_arch in "ppc64 s390x"', {
@@ -424,6 +426,9 @@
       ['v8_enable_sandbox == 1', {
         'defines': ['V8_ENABLE_SANDBOX',],
       }],
+      ['v8_enable_external_code_space == 1', {
+        'defines': ['V8_EXTERNAL_CODE_SPACE',],
+      }],
       ['v8_deprecation_warnings == 1', {
         'defines': ['V8_DEPRECATION_WARNINGS',],
       }],
diff --git a/configure.py b/configure.py
index 0df90b176e9b54..c84f6ff7385db1 100755
--- a/configure.py
+++ b/configure.py
@@ -1608,7 +1608,15 @@ def configure_v8(o):
   o['variables']['v8_use_siphash'] = 0 if options.without_siphash else 1
   o['variables']['v8_enable_maglev'] = 1 if options.v8_enable_maglev else 0
   o['variables']['v8_enable_pointer_compression'] = 1 if options.enable_pointer_compression else 0
-  o['variables']['v8_enable_sandbox'] = 1 if options.enable_pointer_compression else 0
+  # Using the sandbox requires always allocating array buffer backing stores in the sandbox.
+  # We currently have many backing stores tied to pointers from C++ land that are not
+  # even necessarily dynamic (e.g. in static storage) for fast communication between JS and C++.
+  # Until we manage to get rid of all those, v8_enable_sandbox cannot be used.
+  # Note that enabling pointer compression without enabling sandbox is unsupported by V8,
+  # so this can be broken at any time.
+  o['variables']['v8_enable_sandbox'] = 0
+  o['variables']['v8_enable_pointer_compression_shared_cage'] = 1 if options.enable_pointer_compression else 0
+  o['variables']['v8_enable_external_code_space'] = 1 if options.enable_pointer_compression else 0
   o['variables']['v8_enable_31bit_smis_on_64bit_arch'] = 1 if options.enable_pointer_compression else 0
   o['variables']['v8_enable_shared_ro_heap'] = 0 if options.enable_pointer_compression or options.disable_shared_ro_heap else 1
   o['variables']['v8_enable_extensible_ro_snapshot'] = 0
diff --git a/test/cctest/node_test_fixture.cc b/test/cctest/node_test_fixture.cc
index d2662604d14ae9..66c3591049fc59 100644
--- a/test/cctest/node_test_fixture.cc
+++ b/test/cctest/node_test_fixture.cc
@@ -20,9 +20,6 @@ void NodeTestEnvironment::SetUp() {
   NodeZeroIsolateTestFixture::platform.reset(
       new node::NodePlatform(kV8ThreadPoolSize, tracing_controller));
   v8::V8::InitializePlatform(NodeZeroIsolateTestFixture::platform.get());
-#ifdef V8_ENABLE_SANDBOX
-  ASSERT_TRUE(v8::V8::InitializeSandbox());
-#endif
   cppgc::InitializeProcess(
       NodeZeroIsolateTestFixture::platform->GetPageAllocator());
 
diff --git a/tools/v8_gypfiles/features.gypi b/tools/v8_gypfiles/features.gypi
index c768d7a0f13dc7..45700e940c99b5 100644
--- a/tools/v8_gypfiles/features.gypi
+++ b/tools/v8_gypfiles/features.gypi
@@ -253,6 +253,11 @@
     # Sets -DV8_ENABLE_SANDBOX.
     'v8_enable_sandbox%': 0,
 
+    # Enable support for external code range relative to the pointer compression
+    # cage.
+    # Sets -DV8_EXTERNAL_CODE_SPACE.
+    'v8_enable_external_code_space%': 0,
+
     # Experimental feature for collecting per-class zone memory stats.
     # Requires use_rtti = true
     'v8_enable_precise_zone_stats%': 0,
@@ -371,6 +376,9 @@
       ['v8_enable_sandbox==1', {
         'defines': ['V8_ENABLE_SANDBOX',],
       }],
+      ['v8_enable_external_code_space==1', {
+        'defines': ['V8_EXTERNAL_CODE_SPACE',],
+      }],
       ['v8_enable_object_print==1', {
         'defines': ['OBJECT_PRINT',],
       }],

From 9991788e4a601f87dc21205109a69995d47ff75d Mon Sep 17 00:00:00 2001
From: Marco Ippolito <marcoippolito54@gmail.com>
Date: Sun, 16 Mar 2025 13:28:49 +0100
Subject: [PATCH 096/138] http: coerce content-length to number

PR-URL: https://github.com/nodejs/node/pull/57458
Fixes: https://github.com/nodejs/node/issues/57456
Reviewed-By: Tim Perry <pimterry@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
---
 lib/_http_outgoing.js                         |  2 +-
 .../test-http-content-length-mismatch.js      | 20 +++++++++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/lib/_http_outgoing.js b/lib/_http_outgoing.js
index 7c6639201889ea..60deb453ee3f22 100644
--- a/lib/_http_outgoing.js
+++ b/lib/_http_outgoing.js
@@ -606,7 +606,7 @@ function matchHeader(self, state, field, value) {
       break;
     case 'content-length':
       state.contLen = true;
-      self._contentLength = value;
+      self._contentLength = +value;
       self._removedContLen = false;
       break;
     case 'date':
diff --git a/test/parallel/test-http-content-length-mismatch.js b/test/parallel/test-http-content-length-mismatch.js
index 540acbe759d84a..2d4714694d8a79 100644
--- a/test/parallel/test-http-content-length-mismatch.js
+++ b/test/parallel/test-http-content-length-mismatch.js
@@ -78,3 +78,23 @@ function shouldThrowOnFewerBytes() {
 shouldThrowOnMoreBytes();
 shouldNotThrow();
 shouldThrowOnFewerBytes();
+
+
+{
+  const server = http.createServer(common.mustCall((req, res) => {
+    res.strictContentLength = true;
+    // Pass content-length as string
+    res.setHeader('content-length', '5');
+    res.end('12345');
+  }));
+
+
+  server.listen(0, common.mustCall(() => {
+    http.get({ port: server.address().port }, common.mustCall((res) => {
+      res.resume().on('end', common.mustCall(() => {
+        assert.strictEqual(res.statusCode, 200);
+        server.close();
+      }));
+    }));
+  }));
+}

From 9dc9604502b6b4cf890ba71e1766867cb1a63bcc Mon Sep 17 00:00:00 2001
From: jhofstee <jeroen@myspectrum.nl>
Date: Wed, 9 Apr 2025 12:24:13 +0200
Subject: [PATCH 097/138] zlib: fix pointer alignment
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The function AllocForBrotli prefixes the allocated memory with its
size, and returns a pointer to the region after it. This pointer can
however no longer be suitably aligned. Correct this by allocating
the maximum of the the size of the size_t and the max alignment.

On Arm 32bits the size_t is 4 bytes long, but the alignment is 8 for
some NEON instructions. When Brotli is compiled with optimizations
enabled newer GCC versions will use the NEON instructions and trigger
a bus error killing node.

see https://github.com/google/brotli/issues/1159

PR-URL: https://github.com/nodejs/node/pull/57727
Reviewed-By: Shelley Vohr <shelley.vohr@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Daniel Lemire <daniel@lemire.me>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
---
 src/node_zlib.cc | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/node_zlib.cc b/src/node_zlib.cc
index 66370e4165979c..a537e766722852 100644
--- a/src/node_zlib.cc
+++ b/src/node_zlib.cc
@@ -493,20 +493,22 @@ class CompressionStream : public AsyncWrap, public ThreadPoolWork {
   }
 
   static void* AllocForBrotli(void* data, size_t size) {
-    size += sizeof(size_t);
+    constexpr size_t offset = std::max(sizeof(size_t), alignof(max_align_t));
+    size += offset;
     CompressionStream* ctx = static_cast<CompressionStream*>(data);
     char* memory = UncheckedMalloc(size);
     if (UNLIKELY(memory == nullptr)) return nullptr;
     *reinterpret_cast<size_t*>(memory) = size;
     ctx->unreported_allocations_.fetch_add(size,
                                            std::memory_order_relaxed);
-    return memory + sizeof(size_t);
+    return memory + offset;
   }
 
   static void FreeForZlib(void* data, void* pointer) {
     if (UNLIKELY(pointer == nullptr)) return;
     CompressionStream* ctx = static_cast<CompressionStream*>(data);
-    char* real_pointer = static_cast<char*>(pointer) - sizeof(size_t);
+    constexpr size_t offset = std::max(sizeof(size_t), alignof(max_align_t));
+    char* real_pointer = static_cast<char*>(pointer) - offset;
     size_t real_size = *reinterpret_cast<size_t*>(real_pointer);
     ctx->unreported_allocations_.fetch_sub(real_size,
                                            std::memory_order_relaxed);

From 1b83a2bd2dc7220b749d72e222f340cb510ee373 Mon Sep 17 00:00:00 2001
From: Jimmy Leung <43258070+hkleungai@users.noreply.github.com>
Date: Tue, 27 May 2025 11:00:30 +0800
Subject: [PATCH 098/138] zlib: remove mentions of unexposed Z_TREES constant
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

`Z_TREES` is never exposed on `DefineZlibConstants()`, hence it shall be
removed.

This fix is applicable to v18+.

Refs: https://github.com/nodejs/node/blob/main/src/node_zlib.cc
PR-URL: https://github.com/nodejs/node/pull/58371
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
---
 doc/api/zlib.md | 1 -
 lib/zlib.js     | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/doc/api/zlib.md b/doc/api/zlib.md
index b4c763a130a372..fe026b44e39aa4 100644
--- a/doc/api/zlib.md
+++ b/doc/api/zlib.md
@@ -599,7 +599,6 @@ Allowed flush values.
 * `zlib.constants.Z_FULL_FLUSH`
 * `zlib.constants.Z_FINISH`
 * `zlib.constants.Z_BLOCK`
-* `zlib.constants.Z_TREES`
 
 Return codes for the compression/decompression functions. Negative
 values are errors, positive values are used for special but normal
diff --git a/lib/zlib.js b/lib/zlib.js
index 2fc3b88d72cf49..09986a16d51f95 100644
--- a/lib/zlib.js
+++ b/lib/zlib.js
@@ -315,7 +315,7 @@ ZlibBase.prototype._final = function(callback) {
 // This is currently only used to figure out which flush flag to use for the
 // last chunk.
 // Roughly, the following holds:
-// Z_NO_FLUSH (< Z_TREES) < Z_BLOCK < Z_PARTIAL_FLUSH <
+// Z_NO_FLUSH < Z_BLOCK < Z_PARTIAL_FLUSH <
 //     Z_SYNC_FLUSH < Z_FULL_FLUSH < Z_FINISH
 const flushiness = [];
 const kFlushFlagList = [Z_NO_FLUSH, Z_BLOCK, Z_PARTIAL_FLUSH,

From 34ae9f8b18abde77b53735d438ce91416b750146 Mon Sep 17 00:00:00 2001
From: Chengzhong Wu <cwu631@bloomberg.net>
Date: Fri, 16 May 2025 08:43:48 +0100
Subject: [PATCH 099/138] vm: import call should return a promise in the
 current context

A `import` call should returns a promise created in the context where
the `import` was called, not the context of `importModuleDynamically`
callback.

PR-URL: https://github.com/nodejs/node/pull/58309
Fixes: https://github.com/nodejs/node/issues/53575
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
---
 src/module_wrap.cc                            |  23 +--
 .../test-vm-module-dynamic-import-promise.js  | 135 ++++++++++++++++++
 2 files changed, 150 insertions(+), 8 deletions(-)
 create mode 100644 test/parallel/test-vm-module-dynamic-import-promise.js

diff --git a/src/module_wrap.cc b/src/module_wrap.cc
index c0776ffbbf0497..a3362e0bafcb11 100644
--- a/src/module_wrap.cc
+++ b/src/module_wrap.cc
@@ -817,16 +817,23 @@ static MaybeLocal<Promise> ImportModuleDynamically(
   };
 
   Local<Value> result;
-  if (import_callback->Call(
-        context,
-        Undefined(isolate),
-        arraysize(import_args),
-        import_args).ToLocal(&result)) {
-    CHECK(result->IsPromise());
-    return handle_scope.Escape(result.As<Promise>());
+  if (!import_callback
+           ->Call(
+               context, Undefined(isolate), arraysize(import_args), import_args)
+           .ToLocal(&result)) {
+    return {};
   }
 
-  return MaybeLocal<Promise>();
+  // Wrap the returned value in a promise created in the referrer context to
+  // avoid dynamic scopes.
+  Local<Promise::Resolver> resolver;
+  if (!Promise::Resolver::New(context).ToLocal(&resolver)) {
+    return {};
+  }
+  if (resolver->Resolve(context, result).IsNothing()) {
+    return {};
+  }
+  return handle_scope.Escape(resolver->GetPromise());
 }
 
 void ModuleWrap::SetImportModuleDynamicallyCallback(
diff --git a/test/parallel/test-vm-module-dynamic-import-promise.js b/test/parallel/test-vm-module-dynamic-import-promise.js
new file mode 100644
index 00000000000000..63493212cd3585
--- /dev/null
+++ b/test/parallel/test-vm-module-dynamic-import-promise.js
@@ -0,0 +1,135 @@
+// Flags: --experimental-vm-modules
+'use strict';
+
+const common = require('../common');
+
+const assert = require('assert');
+const { createContext, Script, SourceTextModule } = require('vm');
+
+// Verifies that a `import` call returns a promise created in the context
+// where the `import` was called, not the context of `importModuleDynamically`
+// callback.
+
+async function testScript() {
+  const ctx = createContext();
+
+  const mod1 = new SourceTextModule('export const a = 1;', {
+    context: ctx,
+  });
+  // No import statements, so must not link statically.
+  await mod1.link(common.mustNotCall());
+
+  const script2 = new Script(`
+    const promise = import("mod1");
+    if (Object.getPrototypeOf(promise) !== Promise.prototype) {
+      throw new Error('Expected promise to be created in the current context');
+    }
+    globalThis.__result = promise;
+  `, {
+    importModuleDynamically: common.mustCall((specifier, referrer) => {
+      assert.strictEqual(specifier, 'mod1');
+      assert.strictEqual(referrer, script2);
+      return mod1;
+    }),
+  });
+  script2.runInContext(ctx);
+
+  // Wait for the promise to resolve.
+  await ctx.__result;
+}
+
+async function testScriptImportFailed() {
+  const ctx = createContext();
+
+  const mod1 = new SourceTextModule('export const a = 1;', {
+    context: ctx,
+  });
+  // No import statements, so must not link statically.
+  await mod1.link(common.mustNotCall());
+
+  const err = new Error('import failed');
+  const script2 = new Script(`
+    const promise = import("mod1");
+    if (Object.getPrototypeOf(promise) !== Promise.prototype) {
+      throw new Error('Expected promise to be created in the current context');
+    }
+    globalThis.__result = promise;
+  `, {
+    importModuleDynamically: common.mustCall((specifier, referrer) => {
+      throw err;
+    }),
+  });
+  script2.runInContext(ctx);
+
+  // Wait for the promise to reject.
+  await assert.rejects(ctx.__result, err);
+}
+
+async function testModule() {
+  const ctx = createContext();
+
+  const mod1 = new SourceTextModule('export const a = 1;', {
+    context: ctx,
+  });
+  // No import statements, so must not link statically.
+  await mod1.link(common.mustNotCall());
+
+  const mod2 = new SourceTextModule(`
+    const promise = import("mod1");
+    if (Object.getPrototypeOf(promise) !== Promise.prototype) {
+      throw new Error('Expected promise to be created in the current context');
+    }
+    await promise;
+  `, {
+    context: ctx,
+    importModuleDynamically: common.mustCall((specifier, referrer) => {
+      assert.strictEqual(specifier, 'mod1');
+      assert.strictEqual(referrer, mod2);
+      return mod1;
+    }),
+  });
+  // No import statements, so must not link statically.
+  await mod2.link(common.mustNotCall());
+  await mod2.evaluate();
+}
+
+async function testModuleImportFailed() {
+  const ctx = createContext();
+
+  const mod1 = new SourceTextModule('export const a = 1;', {
+    context: ctx,
+  });
+  // No import statements, so must not link statically.
+  await mod1.link(common.mustNotCall());
+
+  const err = new Error('import failed');
+  ctx.__err = err;
+  const mod2 = new SourceTextModule(`
+    const promise = import("mod1");
+    if (Object.getPrototypeOf(promise) !== Promise.prototype) {
+      throw new Error('Expected promise to be created in the current context');
+    }
+    await promise.then(() => {
+      throw new Error('Expected promise to be rejected');
+    }, (e) => {
+      if (e !== globalThis.__err) {
+        throw new Error('Expected promise to be rejected with "import failed"');
+      }
+    });
+  `, {
+    context: ctx,
+    importModuleDynamically: common.mustCall((specifier, referrer) => {
+      throw err;
+    }),
+  });
+  // No import statements, so must not link statically.
+  await mod2.link(common.mustNotCall());
+  await mod2.evaluate();
+}
+
+Promise.all([
+  testScript(),
+  testScriptImportFailed(),
+  testModule(),
+  testModuleImportFailed(),
+]).then(common.mustCall());

From ff5cf8a4282cb99354aa1deae70ac99f4e889a8b Mon Sep 17 00:00:00 2001
From: hanguanqiang <hanguanqiang@kylinos.cn>
Date: Wed, 9 Apr 2025 19:48:11 +0800
Subject: [PATCH 100/138] http2: fix check for `frame->hd.type`

According to the comment, this should be checking whether
`frame->hd.type` is `NGHTTP2_GOAWAY`, i.e. `0x07` and not `0x03`.

PR-URL: https://github.com/nodejs/node/pull/57644
Refs: https://github.com/nodejs/node/commit/1b693fa03a0d36bc1dc9ec8d95060e3e5ceeee7b
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
---
 src/node_http2.cc                           | 2 +-
 test/parallel/test-http2-premature-close.js | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/node_http2.cc b/src/node_http2.cc
index c190252e5a5499..d0c30fdfc06658 100644
--- a/src/node_http2.cc
+++ b/src/node_http2.cc
@@ -1214,7 +1214,7 @@ int Http2Session::OnFrameNotSent(nghttp2_session* handle,
     // closed but the Http2Session will still be up causing a memory leak.
     // Therefore, if the GOAWAY frame couldn't be send due to
     // ERR_SESSION_CLOSING we should force close from our side.
-    if (frame->hd.type != 0x03) {
+    if (frame->hd.type != NGHTTP2_GOAWAY) {
       return 0;
     }
   }
diff --git a/test/parallel/test-http2-premature-close.js b/test/parallel/test-http2-premature-close.js
index a9b08f55d8a3b8..df30c429188b69 100644
--- a/test/parallel/test-http2-premature-close.js
+++ b/test/parallel/test-http2-premature-close.js
@@ -29,9 +29,9 @@ async function requestAndClose(server) {
     // Send a valid HEADERS frame
     const headersFrame = Buffer.concat([
       Buffer.from([
-        0x00, 0x00, 0x0c, // Length: 12 bytes
+        0x00, 0x00, 0x0e, // Length: 14 bytes
         0x01, // Type: HEADERS
-        0x05, // Flags: END_HEADERS + END_STREAM
+        0x04, // Flags: END_HEADERS
         (streamId >> 24) & 0xFF, // Stream ID: high byte
         (streamId >> 16) & 0xFF,
         (streamId >> 8) & 0xFF,
@@ -41,7 +41,7 @@ async function requestAndClose(server) {
         0x82, // Indexed Header Field Representation (Predefined ":method: GET")
         0x84, // Indexed Header Field Representation (Predefined ":path: /")
         0x86, // Indexed Header Field Representation (Predefined ":scheme: http")
-        0x44, 0x0a, // Custom ":authority: localhost"
+        0x41, 0x09, // ":authority: localhost" Length: 9 bytes
         0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74,
       ]),
     ]);

From faa08b14ed51a75172a2ff3df1d5a8c1d267893e Mon Sep 17 00:00:00 2001
From: James M Snell <jasnell@gmail.com>
Date: Sat, 22 Feb 2025 15:07:27 -0800
Subject: [PATCH 101/138] lib: fixup incorrect argument order in assertEncoding

PR-URL: https://github.com/nodejs/node/pull/57177
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 lib/internal/fs/utils.js                         |  2 +-
 test/parallel/test-fs-internal-assertencoding.js | 15 +++++++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 test/parallel/test-fs-internal-assertencoding.js

diff --git a/lib/internal/fs/utils.js b/lib/internal/fs/utils.js
index 124432afd434df..a63d2d2b6a4322 100644
--- a/lib/internal/fs/utils.js
+++ b/lib/internal/fs/utils.js
@@ -155,7 +155,7 @@ function lazyLoadFs() {
 function assertEncoding(encoding) {
   if (encoding && !Buffer.isEncoding(encoding)) {
     const reason = 'is invalid encoding';
-    throw new ERR_INVALID_ARG_VALUE(encoding, 'encoding', reason);
+    throw new ERR_INVALID_ARG_VALUE('encoding', encoding, reason);
   }
 }
 
diff --git a/test/parallel/test-fs-internal-assertencoding.js b/test/parallel/test-fs-internal-assertencoding.js
new file mode 100644
index 00000000000000..ea88517b908861
--- /dev/null
+++ b/test/parallel/test-fs-internal-assertencoding.js
@@ -0,0 +1,15 @@
+'use strict';
+
+// Tests to verify that a correctly formatted invalid encoding error
+// is thrown. Originally the internal assertEncoding utility was
+// reversing the arguments when constructing the ERR_INVALID_ARG_VALUE
+// error.
+
+require('../common');
+const { opendirSync } = require('node:fs');
+const { throws } = require('node:assert');
+
+throws(() => opendirSync('.', { encoding: 'no' }), {
+  code: 'ERR_INVALID_ARG_VALUE',
+  message: 'The argument \'encoding\' is invalid encoding. Received \'no\'',
+});

From 41f3dfd21bc68af28bed089bffc934fe1d1ccdf2 Mon Sep 17 00:00:00 2001
From: Aditi <62544124+Aditi-1400@users.noreply.github.com>
Date: Tue, 11 Feb 2025 20:54:02 +0530
Subject: [PATCH 102/138] module: fix require.resolve() crash on non-string
 paths

Previously, `require.resolve()` could crash when:
- The first parameter was a relative path and
- The `paths` array contained non-string entries

This commit fixes the issue by adding a check in
`Module._findPath` to ensure all elements in `paths`
are strings, and adding a validation in `stat` before
calling `InternalModuleStat` to guard against
non-string filenames.

PR-URL: https://github.com/nodejs/node/pull/56942
Fixes: https://github.com/nodejs/node/issues/47698
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 lib/internal/modules/cjs/loader.js             |  7 +++++++
 .../test-require-resolve-invalid-paths.js      | 18 ++++++++++++++++++
 2 files changed, 25 insertions(+)
 create mode 100644 test/parallel/test-require-resolve-invalid-paths.js

diff --git a/lib/internal/modules/cjs/loader.js b/lib/internal/modules/cjs/loader.js
index 33e80234ce8ff1..a02aaa07de27ac 100644
--- a/lib/internal/modules/cjs/loader.js
+++ b/lib/internal/modules/cjs/loader.js
@@ -170,6 +170,7 @@ const {
 
 const {
   codes: {
+    ERR_INVALID_ARG_TYPE,
     ERR_INVALID_ARG_VALUE,
     ERR_INVALID_MODULE_SPECIFIER,
     ERR_REQUIRE_CYCLE_MODULE,
@@ -223,6 +224,9 @@ function internalRequire(module, id) {
  * @param {string} filename Absolute path to the file
  */
 function stat(filename) {
+  // Guard against internal bugs where a non-string filename is passed in by mistake.
+  assert(typeof filename === 'string');
+
   filename = path.toNamespacedPath(filename);
   if (statCache !== null) {
     const result = statCache.get(filename);
@@ -704,6 +708,9 @@ Module._findPath = function(request, paths, isMain) {
   for (let i = 0; i < paths.length; i++) {
     // Don't search further if path doesn't exist
     const curPath = paths[i];
+    if (typeof curPath !== 'string') {
+      throw new ERR_INVALID_ARG_TYPE('paths', 'array of strings', paths);
+    }
     if (insidePath && curPath && _stat(curPath) < 1) {
       continue;
     }
diff --git a/test/parallel/test-require-resolve-invalid-paths.js b/test/parallel/test-require-resolve-invalid-paths.js
new file mode 100644
index 00000000000000..efe929d0c308f4
--- /dev/null
+++ b/test/parallel/test-require-resolve-invalid-paths.js
@@ -0,0 +1,18 @@
+'use strict';
+
+require('../common');
+const assert = require('assert');
+
+// Test invalid `paths` entries: Ensure non-string entries throw an error
+{
+  const paths = [1, false, null, undefined, () => {}, {}];
+  paths.forEach((value) => {
+    assert.throws(
+      () => require.resolve('.', { paths: [value] }),
+      {
+        name: 'TypeError',
+        code: 'ERR_INVALID_ARG_TYPE',
+      }
+    );
+  });
+}

From 043dcdd628ab478ea0a3b48df1c49c58aa440f58 Mon Sep 17 00:00:00 2001
From: theanarkh <theratliter@gmail.com>
Date: Sun, 6 Jul 2025 01:33:23 +0800
Subject: [PATCH 103/138] os: fix GetInterfaceAddresses memory lieaky
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58940
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
---
 src/node_os.cc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/node_os.cc b/src/node_os.cc
index ce2af8d83b7443..ddaf61d5eb6a82 100644
--- a/src/node_os.cc
+++ b/src/node_os.cc
@@ -192,6 +192,9 @@ static void GetInterfaceAddresses(const FunctionCallbackInfo<Value>& args) {
     return args.GetReturnValue().SetUndefined();
   }
 
+  auto cleanup =
+      OnScopeLeave([&]() { uv_free_interface_addresses(interfaces, count); });
+
   Local<Value> no_scope_id = Integer::New(isolate, -1);
   std::vector<Local<Value>> result;
   result.reserve(count * 7);
@@ -243,7 +246,6 @@ static void GetInterfaceAddresses(const FunctionCallbackInfo<Value>& args) {
     }
   }
 
-  uv_free_interface_addresses(interfaces, count);
   args.GetReturnValue().Set(Array::New(isolate, result.data(), result.size()));
 }
 

From 611a147b45bed3917c3e9be13d97a0dfe7b1beb7 Mon Sep 17 00:00:00 2001
From: Daniel Venable <daniel.venable@proton.me>
Date: Thu, 25 Jul 2024 02:01:26 +0000
Subject: [PATCH 104/138] readline: fix unresolved promise on abortion

Fixes: https://github.com/nodejs/node/issues/53497
PR-URL: https://github.com/nodejs/node/pull/54030
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
---
 lib/internal/readline/interface.js               | 16 +++++++++++-----
 lib/readline/promises.js                         |  3 +++
 .../parallel/test-readline-promises-interface.js | 16 ++++++++++++++++
 3 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/lib/internal/readline/interface.js b/lib/internal/readline/interface.js
index e1381b5341aaff..05ff898bfce173 100644
--- a/lib/internal/readline/interface.js
+++ b/lib/internal/readline/interface.js
@@ -32,12 +32,14 @@ const {
   SafeStringIterator,
 } = primordials;
 
-const { codes } = require('internal/errors');
-
 const {
-  ERR_INVALID_ARG_VALUE,
-  ERR_USE_AFTER_CLOSE,
-} = codes;
+  AbortError,
+  codes: {
+    ERR_INVALID_ARG_VALUE,
+    ERR_USE_AFTER_CLOSE,
+  },
+} = require('internal/errors');
+
 const {
   validateAbortSignal,
   validateArray,
@@ -111,6 +113,7 @@ const kPrompt = Symbol('_prompt');
 const kPushToKillRing = Symbol('_pushToKillRing');
 const kPushToUndoStack = Symbol('_pushToUndoStack');
 const kQuestionCallback = Symbol('_questionCallback');
+const kQuestionReject = Symbol('_questionReject');
 const kRedo = Symbol('_redo');
 const kRedoStack = Symbol('_redoStack');
 const kRefreshLine = Symbol('_refreshLine');
@@ -1126,6 +1129,7 @@ class Interface extends InterfaceConstructor {
           } else {
             // This readline instance is finished
             this.close();
+            this[kQuestionReject]?.(new AbortError('Aborted with Ctrl+C'));
           }
           break;
 
@@ -1137,6 +1141,7 @@ class Interface extends InterfaceConstructor {
           if (this.cursor === 0 && this.line.length === 0) {
             // This readline instance is finished
             this.close();
+            this[kQuestionReject]?.(new AbortError('Aborted with Ctrl+D'));
           } else if (this.cursor < this.line.length) {
             this[kDeleteRight]();
           }
@@ -1392,6 +1397,7 @@ module.exports = {
   kQuestion,
   kQuestionCallback,
   kQuestionCancel,
+  kQuestionReject,
   kRefreshLine,
   kSawKeyPress,
   kSawReturnAt,
diff --git a/lib/readline/promises.js b/lib/readline/promises.js
index 286222bfab9a61..dfac30ea821403 100644
--- a/lib/readline/promises.js
+++ b/lib/readline/promises.js
@@ -12,6 +12,7 @@ const {
   Interface: _Interface,
   kQuestion,
   kQuestionCancel,
+  kQuestionReject,
 } = require('internal/readline/interface');
 
 const {
@@ -54,6 +55,8 @@ class Interface extends _Interface {
         };
       }
 
+      this[kQuestionReject] = reject;
+
       this[kQuestion](query, cb);
     });
   }
diff --git a/test/parallel/test-readline-promises-interface.js b/test/parallel/test-readline-promises-interface.js
index b7ce0c4ff20d9a..a984bd20ed9b05 100644
--- a/test/parallel/test-readline-promises-interface.js
+++ b/test/parallel/test-readline-promises-interface.js
@@ -948,6 +948,22 @@ for (let i = 0; i < 12; i++) {
     rli.close();
   }
 
+  // Aborting a question with ctrl+C
+  {
+    const [rli, fi] = getInterface({ terminal: true });
+    assert.rejects(rli.question('hello?'), { name: 'AbortError' })
+        .then(common.mustCall());
+    fi.emit('keypress', '.', { ctrl: true, name: 'c' });
+  }
+
+  // Aborting a question with ctrl+D
+  {
+    const [rli, fi] = getInterface({ terminal: true });
+    assert.rejects(rli.question('hello?'), { name: 'AbortError' })
+        .then(common.mustCall());
+    fi.emit('keypress', '.', { ctrl: true, name: 'd' });
+  }
+
   (async () => {
     const [rli] = getInterface({ terminal });
     const signal = AbortSignal.abort('boom');

From 7ba44290bfad5047db03f0325b8d9b64bb013f28 Mon Sep 17 00:00:00 2001
From: Dario Piotrowicz <dario.piotrowicz@gmail.com>
Date: Tue, 17 Jun 2025 01:39:15 +0100
Subject: [PATCH 105/138] repl: fix tab completion not working with computer
 string properties

PR-URL: https://github.com/nodejs/node/pull/58709
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 lib/repl.js                                   |   2 +-
 .../test-repl-tab-complete-computed-props.js  | 130 ++++++++++++++++++
 2 files changed, 131 insertions(+), 1 deletion(-)
 create mode 100644 test/parallel/test-repl-tab-complete-computed-props.js

diff --git a/lib/repl.js b/lib/repl.js
index de503a4488babd..b78a6b7e3fb240 100644
--- a/lib/repl.js
+++ b/lib/repl.js
@@ -1209,7 +1209,7 @@ const importRE = /\bimport\s*\(\s*['"`](([\w@./:-]+\/)?(?:[\w@./:-]*))(?![^'"`])
 const requireRE = /\brequire\s*\(\s*['"`](([\w@./:-]+\/)?(?:[\w@./:-]*))(?![^'"`])$/;
 const fsAutoCompleteRE = /fs(?:\.promises)?\.\s*[a-z][a-zA-Z]+\(\s*["'](.*)/;
 const simpleExpressionRE =
-    /(?:[\w$'"`[{(](?:\w|\$|['"`\]})])*\??\.)*[a-zA-Z_$](?:\w|\$)*\??\.?$/;
+    /(?:[\w$'"`[{(](?:(\w| |\t)*?['"`]|\$|['"`\]})])*\??(?:\.|])?)*?(?:[a-zA-Z_$])?(?:\w|\$)*\??\.?$/;
 const versionedFileNamesRe = /-\d+\.\d+/;
 
 function isIdentifier(str) {
diff --git a/test/parallel/test-repl-tab-complete-computed-props.js b/test/parallel/test-repl-tab-complete-computed-props.js
new file mode 100644
index 00000000000000..830da99b4c35ee
--- /dev/null
+++ b/test/parallel/test-repl-tab-complete-computed-props.js
@@ -0,0 +1,130 @@
+'use strict';
+
+const common = require('../common');
+const ArrayStream = require('../common/arraystream');
+const { describe, it, before, after } = require('node:test');
+const assert = require('assert');
+
+const repl = require('repl');
+
+function prepareREPL() {
+  const input = new ArrayStream();
+  const replServer = repl.start({
+    prompt: '',
+    input,
+    output: process.stdout,
+    allowBlockingCompletions: true,
+  });
+
+  // Some errors are passed to the domain, but do not callback
+  replServer._domain.on('error', assert.ifError);
+
+  return { replServer, input };
+}
+
+function testCompletion(replServer, { input, expectedCompletions }) {
+  replServer.complete(
+    input,
+    common.mustCall((_error, data) => {
+      assert.deepStrictEqual(data, [expectedCompletions, input]);
+    }),
+  );
+}
+
+describe('REPL tab object completion on computed properties', () => {
+  describe('simple string cases', () => {
+    let replServer;
+
+    before(() => {
+      const { replServer: server, input } = prepareREPL();
+      replServer = server;
+
+      input.run([
+        `
+          const obj = {
+            one: 1,
+            innerObj: { two: 2 },
+            'inner object': { three: 3 },
+          };
+
+          const oneStr = 'one';
+        `,
+      ]);
+    });
+
+    after(() => {
+      replServer.close();
+    });
+
+    it('works with double quoted strings', () => testCompletion(replServer, {
+      input: 'obj["one"].toFi',
+      expectedCompletions: ['obj["one"].toFixed'],
+    }));
+
+    it('works with single quoted strings', () => testCompletion(replServer, {
+      input: "obj['one'].toFi",
+      expectedCompletions: ["obj['one'].toFixed"],
+    }));
+
+    it('works with template strings', () => testCompletion(replServer, {
+      input: 'obj[`one`].toFi',
+      expectedCompletions: ['obj[`one`].toFixed'],
+    }));
+
+    it('works with nested objects', () => {
+      testCompletion(replServer, {
+        input: 'obj["innerObj"].tw',
+        expectedCompletions: ['obj["innerObj"].two'],
+      });
+      testCompletion(replServer, {
+        input: 'obj["innerObj"].two.tofi',
+        expectedCompletions: ['obj["innerObj"].two.toFixed'],
+      });
+    });
+
+    it('works with nested objects combining different type of strings', () => testCompletion(replServer, {
+      input: 'obj["innerObj"][`two`].tofi',
+      expectedCompletions: ['obj["innerObj"][`two`].toFixed'],
+    }));
+
+    it('works with strings with spaces', () => testCompletion(replServer, {
+      input: 'obj["inner object"].th',
+      expectedCompletions: ['obj["inner object"].three'],
+    }));
+  });
+
+  describe('variables as indexes', () => {
+    let replServer;
+
+    before(() => {
+      const { replServer: server, input } = prepareREPL();
+      replServer = server;
+
+      input.run([
+        `
+          const oneStr = 'One';
+          const helloWorldStr = 'Hello' + ' ' + 'World';
+
+          const obj = {
+            [oneStr]: 1,
+            ['Hello World']: 'hello world!',
+          };
+        `,
+      ]);
+    });
+
+    after(() => {
+      replServer.close();
+    });
+
+    it('works with a simple variable', () => testCompletion(replServer, {
+      input: 'obj[oneStr].toFi',
+      expectedCompletions: ['obj[oneStr].toFixed'],
+    }));
+
+    it('works with a computed variable', () => testCompletion(replServer, {
+      input: 'obj[helloWorldStr].tolocaleup',
+      expectedCompletions: ['obj[helloWorldStr].toLocaleUpperCase'],
+    }));
+  });
+});

From f891ae342128f643bba46610e61281b1486b528a Mon Sep 17 00:00:00 2001
From: baki gul <76937950+gulbaki@users.noreply.github.com>
Date: Mon, 23 Jun 2025 09:21:47 +0300
Subject: [PATCH 106/138] repl: avoid deprecated `require.extensions` in tab
 completion
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58653
Fixes: https://github.com/nodejs/node/issues/58641
Reviewed-By: Ethan Arrowood <ethan@arrowood.dev>
Reviewed-By: Dario Piotrowicz <dario.piotrowicz@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 lib/repl.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/repl.js b/lib/repl.js
index b78a6b7e3fb240..87f54b28fe07f3 100644
--- a/lib/repl.js
+++ b/lib/repl.js
@@ -1340,7 +1340,7 @@ function complete(line, callback) {
     filter = completeOn;
     if (this.allowBlockingCompletions) {
       const subdir = match[2] || '';
-      const extensions = ObjectKeys(this.context.require.extensions);
+      const extensions = ObjectKeys(CJSModule._extensions);
       const indexes = ArrayPrototypeMap(extensions,
                                         (extension) => `index${extension}`);
       ArrayPrototypePush(indexes, 'package.json', 'index');

From 80fb80e71b572f5be414d126fadf9709ea059600 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Mon, 30 Jun 2025 11:15:36 +0200
Subject: [PATCH 107/138] src: fix -Wunreachable-code in src/node_api.cc

PR-URL: https://github.com/nodejs/node/pull/58901
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Vladimir Morozov <vmorozov@microsoft.com>
---
 src/node_api.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/node_api.cc b/src/node_api.cc
index d8a203ba420c6c..f9f59de6be98fc 100644
--- a/src/node_api.cc
+++ b/src/node_api.cc
@@ -1046,8 +1046,7 @@ napi_create_external_buffer(napi_env env,
 
 #if defined(V8_ENABLE_SANDBOX)
   return napi_set_last_error(env, napi_no_external_buffers_allowed);
-#endif
-
+#else
   v8::Isolate* isolate = env->isolate;
 
   // The finalizer object will delete itself after invoking the callback.
@@ -1069,6 +1068,7 @@ napi_create_external_buffer(napi_env env,
   // as it will be deleted when the buffer to which it is associated
   // is finalized.
   // coverity[leaked_storage]
+#endif  // V8_ENABLE_SANDBOX
 }
 
 napi_status NAPI_CDECL napi_create_buffer_copy(napi_env env,

From cbec07ea0bde2c8a0eb3c662f6c7e725fed59c64 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Fri, 30 May 2025 12:23:57 +0100
Subject: [PATCH 108/138] src: fix FIPS init error handling

If `--enable-fips` or `--force-fips` fails to be applied during
`ProcessFipsOptions()`, the node process might exit with
`ExitCode::kNoFailure` because `ERR_GET_REASON(ERR_peek_error())` can
return `0` since `ncrypto::testFipsEnabled()` does not populate the
OpenSSL error queue.

You can likely test this locally by running

    node --enable-fips && echo $?

with the current `node` binary from the main branch if compiled without
support for FIPS.

As confirmed by the `XXX` comment here, which was added three years ago
in commit b6971602564fc93c536ad469947536b487c968ea, even if the error
queue was populated properly, the OpenSSL reason codes are not really
related to the Node.js `ExitCode` enumeration.

PR-URL: https://github.com/nodejs/node/pull/58379
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
---
 src/node.cc                       |  5 +----
 test/parallel/test-crypto-fips.js | 29 ++++++++++++++++++++++++++++-
 2 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/src/node.cc b/src/node.cc
index 4ad2c8b80493aa..1137dcafcdc0d6 100644
--- a/src/node.cc
+++ b/src/node.cc
@@ -1171,10 +1171,7 @@ InitializeOncePerProcessInternal(const std::vector<std::string>& args,
     }
 #endif
     if (!crypto::ProcessFipsOptions()) {
-      // XXX: ERR_GET_REASON does not return something that is
-      // useful as an exit code at all.
-      result->exit_code_ =
-          static_cast<ExitCode>(ERR_GET_REASON(ERR_peek_error()));
+      result->exit_code_ = ExitCode::kGenericUserError;
       result->early_return_ = true;
       result->errors_.emplace_back(
           "OpenSSL error when trying to enable FIPS:\n" +
diff --git a/test/parallel/test-crypto-fips.js b/test/parallel/test-crypto-fips.js
index 8a8a8089a3cf3b..3dfbd1fdd409c0 100644
--- a/test/parallel/test-crypto-fips.js
+++ b/test/parallel/test-crypto-fips.js
@@ -22,13 +22,16 @@ const FIPS_ENABLE_ERROR_STRING = 'OpenSSL error when trying to enable FIPS:';
 const CNF_FIPS_ON = fixtures.path('openssl_fips_enabled.cnf');
 const CNF_FIPS_OFF = fixtures.path('openssl_fips_disabled.cnf');
 
+const kNoFailure = 0;
+const kGenericUserError = 1;
+
 let num_children_ok = 0;
 
 function sharedOpenSSL() {
   return process.config.variables.node_shared_openssl;
 }
 
-function testHelper(stream, args, expectedOutput, cmd, env) {
+function testHelper(stream, args, expectedStatus, expectedOutput, cmd, env) {
   const fullArgs = args.concat(['-e', `console.log(${cmd})`]);
   const child = spawnSync(process.execPath, fullArgs, {
     cwd: path.dirname(process.execPath),
@@ -55,6 +58,7 @@ function testHelper(stream, args, expectedOutput, cmd, env) {
         // Normal path where we expect either FIPS enabled or disabled.
         assert.strictEqual(getFipsValue, expectedOutput);
     }
+    assert.strictEqual(child.status, expectedStatus);
     childOk(child);
   }
 
@@ -65,6 +69,7 @@ function testHelper(stream, args, expectedOutput, cmd, env) {
 testHelper(
   testFipsCrypto() ? 'stdout' : 'stderr',
   ['--enable-fips'],
+  testFipsCrypto() ? kNoFailure : kGenericUserError,
   testFipsCrypto() ? FIPS_ENABLED : FIPS_ENABLE_ERROR_STRING,
   'process.versions',
   process.env);
@@ -73,6 +78,7 @@ testHelper(
 testHelper(
   testFipsCrypto() ? 'stdout' : 'stderr',
   ['--force-fips'],
+  testFipsCrypto() ? kNoFailure : kGenericUserError,
   testFipsCrypto() ? FIPS_ENABLED : FIPS_ENABLE_ERROR_STRING,
   'process.versions',
   process.env);
@@ -84,6 +90,7 @@ if (!sharedOpenSSL()) {
   testHelper(
     'stdout',
     [],
+    kNoFailure,
     FIPS_DISABLED,
     'require("crypto").getFips()',
     { ...process.env, 'OPENSSL_CONF': ' ' });
@@ -93,6 +100,7 @@ if (!sharedOpenSSL()) {
 testHelper(
   'stderr',
   [],
+  kGenericUserError,
   'Calling crypto.setFips() is not supported in workers',
   'new worker_threads.Worker(\'require("crypto").setFips(true);\', { eval: true })',
   process.env);
@@ -119,6 +127,7 @@ if (!sharedOpenSSL() && !common.hasOpenSSL3) {
   testHelper(
     'stdout',
     [`--openssl-config=${CNF_FIPS_ON}`],
+    kNoFailure,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_DISABLED,
     'require("crypto").getFips()',
     process.env);
@@ -127,6 +136,7 @@ if (!sharedOpenSSL() && !common.hasOpenSSL3) {
   testHelper(
     'stdout',
     [],
+    kNoFailure,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_DISABLED,
     'require("crypto").getFips()',
     Object.assign({}, process.env, { 'OPENSSL_CONF': CNF_FIPS_ON }));
@@ -135,6 +145,7 @@ if (!sharedOpenSSL() && !common.hasOpenSSL3) {
   testHelper(
     'stdout',
     [`--openssl-config=${CNF_FIPS_ON}`],
+    kNoFailure,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_DISABLED,
     'require("crypto").getFips()',
     Object.assign({}, process.env, { 'OPENSSL_CONF': CNF_FIPS_OFF }));
@@ -148,6 +159,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     'stdout',
     [`--openssl-config=${CNF_FIPS_OFF}`],
+    kNoFailure,
     FIPS_DISABLED,
     'require("crypto").getFips()',
     Object.assign({}, process.env, { 'OPENSSL_CONF': CNF_FIPS_ON }));
@@ -156,6 +168,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     ['--enable-fips', `--openssl-config=${CNF_FIPS_OFF}`],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     'require("crypto").getFips()',
     process.env);
@@ -163,6 +176,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     ['--force-fips', `--openssl-config=${CNF_FIPS_OFF}`],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     'require("crypto").getFips()',
     process.env);
@@ -170,6 +184,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     ['--enable-fips'],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     'require("crypto").getFips()',
     process.env);
@@ -178,6 +193,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     ['--force-fips'],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     'require("crypto").getFips()',
     process.env);
@@ -186,6 +202,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     ['--enable-fips'],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     'require("crypto").getFips()',
     Object.assign({}, process.env, { 'OPENSSL_CONF': CNF_FIPS_OFF }));
@@ -194,6 +211,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     ['--force-fips'],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     'require("crypto").getFips()',
     Object.assign({}, process.env, { 'OPENSSL_CONF': CNF_FIPS_OFF }));
@@ -202,6 +220,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     [],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     '(require("crypto").setFips(true),' +
     'require("crypto").getFips())',
@@ -211,6 +230,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     [],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_DISABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     '(require("crypto").setFips(true),' +
     'require("crypto").setFips(false),' +
@@ -221,6 +241,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     [`--openssl-config=${CNF_FIPS_OFF}`],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     '(require("crypto").setFips(true),' +
     'require("crypto").getFips())',
@@ -230,6 +251,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     'stdout',
     [`--openssl-config=${CNF_FIPS_ON}`],
+    kNoFailure,
     FIPS_DISABLED,
     '(require("crypto").setFips(false),' +
     'require("crypto").getFips())',
@@ -239,6 +261,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     ['--enable-fips'],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_DISABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     '(require("crypto").setFips(false),' +
     'require("crypto").getFips())',
@@ -248,6 +271,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     'stderr',
     ['--force-fips'],
+    kGenericUserError,
     testFipsCrypto() ? FIPS_ERROR_STRING2 : FIPS_UNSUPPORTED_ERROR_STRING,
     'require("crypto").setFips(false)',
     process.env);
@@ -256,6 +280,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     testFipsCrypto() ? 'stdout' : 'stderr',
     ['--force-fips'],
+    testFipsCrypto() ? kNoFailure : kGenericUserError,
     testFipsCrypto() ? FIPS_ENABLED : FIPS_UNSUPPORTED_ERROR_STRING,
     '(require("crypto").setFips(true),' +
     'require("crypto").getFips())',
@@ -265,6 +290,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     'stderr',
     ['--force-fips', '--enable-fips'],
+    kGenericUserError,
     testFipsCrypto() ? FIPS_ERROR_STRING2 : FIPS_UNSUPPORTED_ERROR_STRING,
     'require("crypto").setFips(false)',
     process.env);
@@ -273,6 +299,7 @@ if (!common.hasOpenSSL3) {
   testHelper(
     'stderr',
     ['--enable-fips', '--force-fips'],
+    kGenericUserError,
     testFipsCrypto() ? FIPS_ERROR_STRING2 : FIPS_UNSUPPORTED_ERROR_STRING,
     'require("crypto").setFips(false)',
     process.env);

From 563e61f0121984b6d8aca4b861acfdde12a4ca22 Mon Sep 17 00:00:00 2001
From: Eusgor <100363036+Eusgor@users.noreply.github.com>
Date: Fri, 30 May 2025 02:01:48 +0600
Subject: [PATCH 109/138] src: fix possible dereference of null pointer

There is a CHECK_NOT_NULL check before dereferencing node_env on
line 710 in the "if" block, but there is no CHECK_NOT_NULL check before
dereferencing node_env on line 721. Maybe it makes sense to put
CHECK_NOT_NULL right after calling the Environment::GetCurrent function.

PR-URL: https://github.com/nodejs/node/pull/58459
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
---
 src/node_api.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/node_api.cc b/src/node_api.cc
index f9f59de6be98fc..326e51330f9039 100644
--- a/src/node_api.cc
+++ b/src/node_api.cc
@@ -693,9 +693,9 @@ void napi_module_register_by_symbol(v8::Local<v8::Object> exports,
                                     napi_addon_register_func init,
                                     int32_t module_api_version) {
   node::Environment* node_env = node::Environment::GetCurrent(context);
+  CHECK_NOT_NULL(node_env);
   std::string module_filename = "";
   if (init == nullptr) {
-    CHECK_NOT_NULL(node_env);
     node_env->ThrowError("Module has no declared entry point.");
     return;
   }

From 586b1be11b5fe119a60619bfbbc8545ad609d99d Mon Sep 17 00:00:00 2001
From: Antoine du Hamel <duhamelantoine1995@gmail.com>
Date: Thu, 22 May 2025 20:12:42 +0200
Subject: [PATCH 110/138] src: fix build when using shared simdutf
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58407
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
---
 src/node_i18n.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/node_i18n.cc b/src/node_i18n.cc
index 1ddae30e97257b..44040057999fd1 100644
--- a/src/node_i18n.cc
+++ b/src/node_i18n.cc
@@ -172,7 +172,7 @@ MaybeLocal<Object> TranscodeLatin1ToUcs2(Environment* env,
                                          const char* source,
                                          const size_t source_length,
                                          UErrorCode* status) {
-  MaybeStackBuffer<UChar> destbuf(source_length);
+  MaybeStackBuffer<char16_t> destbuf(source_length);
   auto actual_length =
       simdutf::convert_latin1_to_utf16le(source, source_length, destbuf.out());
   if (actual_length == 0) {
@@ -216,7 +216,7 @@ MaybeLocal<Object> TranscodeUcs2FromUtf8(Environment* env,
                                          UErrorCode* status) {
   size_t expected_utf16_length =
       simdutf::utf16_length_from_utf8(source, source_length);
-  MaybeStackBuffer<UChar> destbuf(expected_utf16_length);
+  MaybeStackBuffer<char16_t> destbuf(expected_utf16_length);
   auto actual_length =
       simdutf::convert_utf8_to_utf16le(source, source_length, destbuf.out());
 

From 5daa7fe2e2cd5f54bc8165810c757edcff9ecf84 Mon Sep 17 00:00:00 2001
From: X-BW <45979878+Whitecx@users.noreply.github.com>
Date: Fri, 9 May 2025 15:41:23 -0400
Subject: [PATCH 111/138] src: fix module buffer allocation

PR-URL: https://github.com/nodejs/node/pull/57738
Reviewed-By: Anna Henningsen <anna@addaleax.net>
---
 src/debug_utils.cc | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/debug_utils.cc b/src/debug_utils.cc
index 9d36082db672ce..df4ad4e9a1e521 100644
--- a/src/debug_utils.cc
+++ b/src/debug_utils.cc
@@ -471,7 +471,7 @@ std::vector<std::string> NativeSymbolDebuggingContext::GetLoadedLibraries() {
   DWORD size_2 = 0;
   // First call to get the size of module array needed
   if (EnumProcessModules(process_handle, nullptr, 0, &size_1)) {
-    MallocedBuffer<HMODULE> modules(size_1);
+    MallocedBuffer<HMODULE> modules(size_1 / sizeof(HMODULE));
 
     // Second call to populate the module array
     if (EnumProcessModules(process_handle, modules.data, size_1, &size_2)) {
@@ -480,16 +480,15 @@ std::vector<std::string> NativeSymbolDebuggingContext::GetLoadedLibraries() {
            i++) {
         WCHAR module_name[MAX_PATH];
         // Obtain and report the full pathname for each module
-        if (GetModuleFileNameExW(process_handle,
-                                 modules.data[i],
-                                 module_name,
-                                 arraysize(module_name) / sizeof(WCHAR))) {
+        if (GetModuleFileNameW(
+                modules.data[i], module_name, arraysize(module_name))) {
           DWORD size = WideCharToMultiByte(
               CP_UTF8, 0, module_name, -1, nullptr, 0, nullptr, nullptr);
           char* str = new char[size];
           WideCharToMultiByte(
               CP_UTF8, 0, module_name, -1, str, size, nullptr, nullptr);
           list.emplace_back(str);
+          delete str;
         }
       }
     }

From 4f004937ec3a9ae785f6dbdf5403a78a4b2d77e4 Mon Sep 17 00:00:00 2001
From: James M Snell <jasnell@gmail.com>
Date: Sun, 20 Apr 2025 20:01:30 -0700
Subject: [PATCH 112/138] src: fixup errorhandling more in various places

PR-URL: https://github.com/nodejs/node/pull/57852
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
---
 src/api/environment.cc |  7 +++++--
 src/js_stream.cc       |  8 +++++---
 src/js_udp_wrap.cc     |  5 +++--
 src/node_contextify.cc |  7 ++++++-
 src/node_http_common.h |  7 +++++--
 src/pipe_wrap.cc       | 10 ++++++----
 src/tcp_wrap.cc        | 10 ++++++----
 src/util.cc            |  7 +++++--
 8 files changed, 41 insertions(+), 20 deletions(-)

diff --git a/src/api/environment.cc b/src/api/environment.cc
index 87f632cdd0ec71..1f732e6bb49de8 100644
--- a/src/api/environment.cc
+++ b/src/api/environment.cc
@@ -528,8 +528,11 @@ MaybeLocal<Value> LoadEnvironment(Environment* env,
   return LoadEnvironment(
       env,
       [&](const StartExecutionCallbackInfo& info) -> MaybeLocal<Value> {
-        Local<Value> main_script =
-            ToV8Value(env->context(), main_script_source_utf8).ToLocalChecked();
+        Local<Value> main_script;
+        if (!ToV8Value(env->context(), main_script_source_utf8)
+                 .ToLocal(&main_script)) {
+          return {};
+        }
         return info.run_cjs->Call(
             env->context(), Null(env->isolate()), 1, &main_script);
       },
diff --git a/src/js_stream.cc b/src/js_stream.cc
index 0d13066f54cf00..b7e63d6509df0e 100644
--- a/src/js_stream.cc
+++ b/src/js_stream.cc
@@ -116,10 +116,13 @@ int JSStream::DoWrite(WriteWrap* w,
   HandleScope scope(env()->isolate());
   Context::Scope context_scope(env()->context());
 
+  int value_int = UV_EPROTO;
+
   MaybeStackBuffer<Local<Value>, 16> bufs_arr(count);
   for (size_t i = 0; i < count; i++) {
-    bufs_arr[i] =
-        Buffer::Copy(env(), bufs[i].base, bufs[i].len).ToLocalChecked();
+    if (!Buffer::Copy(env(), bufs[i].base, bufs[i].len).ToLocal(&bufs_arr[i])) {
+      return value_int;
+    }
   }
 
   Local<Value> argv[] = {
@@ -129,7 +132,6 @@ int JSStream::DoWrite(WriteWrap* w,
 
   TryCatchScope try_catch(env());
   Local<Value> value;
-  int value_int = UV_EPROTO;
   if (!MakeCallback(env()->onwrite_string(),
                     arraysize(argv),
                     argv).ToLocal(&value) ||
diff --git a/src/js_udp_wrap.cc b/src/js_udp_wrap.cc
index a4f183025df4be..51e4f8c45ffd38 100644
--- a/src/js_udp_wrap.cc
+++ b/src/js_udp_wrap.cc
@@ -99,8 +99,9 @@ ssize_t JSUDPWrap::Send(uv_buf_t* bufs,
 
   MaybeStackBuffer<Local<Value>, 16> buffers(nbufs);
   for (size_t i = 0; i < nbufs; i++) {
-    buffers[i] = Buffer::Copy(env(), bufs[i].base, bufs[i].len)
-        .ToLocalChecked();
+    if (!Buffer::Copy(env(), bufs[i].base, bufs[i].len).ToLocal(&buffers[i])) {
+      return value_int;
+    }
     total_len += bufs[i].len;
   }
 
diff --git a/src/node_contextify.cc b/src/node_contextify.cc
index 7f82bca746408b..2b93926a737bfe 100644
--- a/src/node_contextify.cc
+++ b/src/node_contextify.cc
@@ -1184,7 +1184,12 @@ bool ContextifyScript::EvalMachine(Local<Context> context,
     return false;
   }
 
-  args.GetReturnValue().Set(result.ToLocalChecked());
+  // We checked for res being empty previously so this is a bit redundant
+  // but still safer than using ToLocalChecked.
+  Local<Value> res;
+  if (!result.ToLocal(&res)) return false;
+
+  args.GetReturnValue().Set(res);
   return true;
 }
 
diff --git a/src/node_http_common.h b/src/node_http_common.h
index b58e8cb5607aba..e2e13e9972f9ce 100644
--- a/src/node_http_common.h
+++ b/src/node_http_common.h
@@ -414,8 +414,11 @@ class NgRcBufPointer : public MemoryRetainer {
         const char* header_name = reinterpret_cast<const char*>(ptr.data());
         v8::Eternal<v8::String>& eternal = static_str_map[header_name];
         if (eternal.IsEmpty()) {
-          v8::Local<v8::String> str =
-              GetInternalizedString(env, ptr).ToLocalChecked();
+          v8::Local<v8::String> str;
+          if (!GetInternalizedString(env, ptr).ToLocal(&str)) {
+            ptr.reset();
+            return {};
+          }
           eternal.Set(env->isolate(), str);
           return str;
         }
diff --git a/src/pipe_wrap.cc b/src/pipe_wrap.cc
index f3e783233ba660..bdb59a35e966a8 100644
--- a/src/pipe_wrap.cc
+++ b/src/pipe_wrap.cc
@@ -53,10 +53,12 @@ MaybeLocal<Object> PipeWrap::Instantiate(Environment* env,
   EscapableHandleScope handle_scope(env->isolate());
   AsyncHooks::DefaultTriggerAsyncIdScope trigger_scope(parent);
   CHECK_EQ(false, env->pipe_constructor_template().IsEmpty());
-  Local<Function> constructor = env->pipe_constructor_template()
-                                    ->GetFunction(env->context())
-                                    .ToLocalChecked();
-  CHECK_EQ(false, constructor.IsEmpty());
+  Local<Function> constructor;
+  if (!env->pipe_constructor_template()
+           ->GetFunction(env->context())
+           .ToLocal(&constructor)) {
+    return {};
+  }
   Local<Value> type_value = Int32::New(env->isolate(), type);
   return handle_scope.EscapeMaybe(
       constructor->NewInstance(env->context(), 1, &type_value));
diff --git a/src/tcp_wrap.cc b/src/tcp_wrap.cc
index 6c70f270baf63d..84191ff46ee884 100644
--- a/src/tcp_wrap.cc
+++ b/src/tcp_wrap.cc
@@ -59,10 +59,12 @@ MaybeLocal<Object> TCPWrap::Instantiate(Environment* env,
   EscapableHandleScope handle_scope(env->isolate());
   AsyncHooks::DefaultTriggerAsyncIdScope trigger_scope(parent);
   CHECK_EQ(env->tcp_constructor_template().IsEmpty(), false);
-  Local<Function> constructor = env->tcp_constructor_template()
-                                    ->GetFunction(env->context())
-                                    .ToLocalChecked();
-  CHECK_EQ(constructor.IsEmpty(), false);
+  Local<Function> constructor;
+  if (!env->tcp_constructor_template()
+           ->GetFunction(env->context())
+           .ToLocal(&constructor)) {
+    return {};
+  }
   Local<Value> type_value = Int32::New(env->isolate(), type);
   return handle_scope.EscapeMaybe(
       constructor->NewInstance(env->context(), 1, &type_value));
diff --git a/src/util.cc b/src/util.cc
index b24b588aff372f..5450b0931a7432 100644
--- a/src/util.cc
+++ b/src/util.cc
@@ -791,8 +791,11 @@ v8::Maybe<int32_t> GetValidatedFd(Environment* env,
   const bool is_out_of_range = fd < 0 || fd > INT32_MAX;
 
   if (is_out_of_range || !IsSafeJsInt(input)) {
-    Utf8Value utf8_value(
-        env->isolate(), input->ToDetailString(env->context()).ToLocalChecked());
+    Local<String> str;
+    if (!input->ToDetailString(env->context()).ToLocal(&str)) {
+      return v8::Nothing<int32_t>();
+    }
+    Utf8Value utf8_value(env->isolate(), str);
     if (is_out_of_range && !std::isinf(fd)) {
       THROW_ERR_OUT_OF_RANGE(env,
                              "The value of \"fd\" is out of range. "

From 0dd3a8d6d196b11d8304ff99b055948fa910c143 Mon Sep 17 00:00:00 2001
From: StefanStojanovic <stefan.stojanovic@janeasystems.com>
Date: Wed, 2 Jul 2025 13:05:26 +0200
Subject: [PATCH 113/138] win,build: fix MSVS v17.14 compilation issue
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes: https://github.com/nodejs/node/issues/58801
PR-URL: https://github.com/nodejs/node/pull/58902
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Richard Lau <richard.lau@ibm.com>
---
 common.gypi                            | 2 +-
 deps/v8/src/heap/cppgc/marking-state.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/common.gypi b/common.gypi
index fd0d0b9f32aa62..20e81dea955e88 100644
--- a/common.gypi
+++ b/common.gypi
@@ -36,7 +36,7 @@
 
     # Reset this number to 0 on major V8 upgrades.
     # Increment by one for each non-official patch applied to deps/v8.
-    'v8_embedder_string': '-node.29',
+    'v8_embedder_string': '-node.30',
 
     ##### V8 defaults for Node.js #####
 
diff --git a/deps/v8/src/heap/cppgc/marking-state.h b/deps/v8/src/heap/cppgc/marking-state.h
index 4ce1ce4074151b..3153407f4f25bf 100644
--- a/deps/v8/src/heap/cppgc/marking-state.h
+++ b/deps/v8/src/heap/cppgc/marking-state.h
@@ -342,7 +342,7 @@ class MutatorMarkingState final : public BasicMarkingState {
   ~MutatorMarkingState() override = default;
 
   inline bool MarkNoPush(HeapObjectHeader& header) {
-    return MutatorMarkingState::BasicMarkingState::MarkNoPush(header);
+    return BasicMarkingState::MarkNoPush(header);
   }
 
   inline void ReTraceMarkedWeakContainer(cppgc::Visitor&, HeapObjectHeader&);

From 077d5020c43fa6c50be8af0b5753afdf46fe7566 Mon Sep 17 00:00:00 2001
From: Ruben Bridgewater <ruben.bridgewater@datadoghq.com>
Date: Mon, 30 Jun 2025 13:51:40 +0200
Subject: [PATCH 114/138] v8: fix missing callback in heap utils destroy

This fixes the v8.getHeapSnapshot() calls not properly being
destroyed. Pipeline calls would for example not properly end
without the callback being in place.

PR-URL: https://github.com/nodejs/node/pull/58846
Reviewed-By: Ethan Arrowood <ethan@arrowood.dev>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Shelley Vohr <shelley.vohr@gmail.com>
---
 lib/internal/heap_utils.js       |  3 ++-
 test/sequential/test-heapdump.js | 11 +++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/lib/internal/heap_utils.js b/lib/internal/heap_utils.js
index c39d811ab793b0..6d72fb1d628540 100644
--- a/lib/internal/heap_utils.js
+++ b/lib/internal/heap_utils.js
@@ -53,11 +53,12 @@ class HeapSnapshotStream extends Readable {
       this[kHandle].readStart();
   }
 
-  _destroy() {
+  _destroy(err, callback) {
     // Release the references on the handle so that
     // it can be garbage collected.
     this[kHandle][owner_symbol] = undefined;
     this[kHandle] = undefined;
+    callback(err);
   }
 
   [kUpdateTimer]() {
diff --git a/test/sequential/test-heapdump.js b/test/sequential/test-heapdump.js
index 1388623e61f939..ee025f57fb8258 100644
--- a/test/sequential/test-heapdump.js
+++ b/test/sequential/test-heapdump.js
@@ -8,6 +8,7 @@ if (!common.isMainThread)
 const { writeHeapSnapshot, getHeapSnapshot } = require('v8');
 const assert = require('assert');
 const fs = require('fs');
+const { promises: { pipeline }, PassThrough } = require('stream');
 const tmpdir = require('../common/tmpdir');
 
 tmpdir.refresh();
@@ -76,3 +77,13 @@ process.chdir(tmpdir.path);
     JSON.parse(data);
   }));
 }
+
+{
+  const passthrough = new PassThrough();
+  passthrough.on('data', common.mustCallAtLeast(1));
+
+  pipeline(
+    getHeapSnapshot(),
+    passthrough,
+  ).then(common.mustCall());
+}

From 8a29f13becc465dcb9fc38b9de80360aa52b6079 Mon Sep 17 00:00:00 2001
From: HEESEUNG <max980203@snu.ac.kr>
Date: Sun, 6 Apr 2025 16:47:28 +0900
Subject: [PATCH 115/138] =?UTF-8?q?util:=20fix=20parseEnv=20incorrectly=20?=
 =?UTF-8?q?splitting=20multiple=20=E2=80=98=3D=E2=80=98=20in=20value?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Previously, parseEnv would create multiple environment
variables if a single line contained multiple ‘=‘ characters
(e.g. A=B=C would become { A: ‘B=C’, B: ‘C’ }).
This commit ensures that only the first ‘=‘ is used as
the key-value delimiter, and the rest of the line is treated
as the value.

Fixes: https://github.com/nodejs/node/issues/57411
PR-URL: https://github.com/nodejs/node/pull/57421
Reviewed-By: Daniel Lemire <daniel@lemire.me>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
---
 benchmark/fixtures/valid.env         |  2 ++
 src/node_dotenv.cc                   | 38 ++++++++++++++++++++++------
 test/fixtures/dotenv/valid.env       |  2 ++
 test/parallel/test-dotenv.js         |  2 ++
 test/parallel/test-util-parse-env.js |  2 ++
 5 files changed, 38 insertions(+), 8 deletions(-)

diff --git a/benchmark/fixtures/valid.env b/benchmark/fixtures/valid.env
index 120488d57917e0..6df454da653137 100644
--- a/benchmark/fixtures/valid.env
+++ b/benchmark/fixtures/valid.env
@@ -6,6 +6,8 @@ BASIC=basic
 
 # previous line intentionally left blank
 AFTER_LINE=after_line
+A="B=C"
+B=C=D
 EMPTY=
 EMPTY_SINGLE_QUOTES=''
 EMPTY_DOUBLE_QUOTES=""
diff --git a/src/node_dotenv.cc b/src/node_dotenv.cc
index d22783cb779a38..9d2bc526572cd0 100644
--- a/src/node_dotenv.cc
+++ b/src/node_dotenv.cc
@@ -155,7 +155,16 @@ void Dotenv::ParseContent(const std::string_view input) {
     // If there is no equal character, then ignore everything
     auto equal = content.find('=');
     if (equal == std::string_view::npos) {
-      break;
+      auto newline = content.find('\n');
+      if (newline != std::string_view::npos) {
+        // If we used `newline` only,
+        // the '\n' might remain and cause an empty-line parse
+        content.remove_prefix(newline + 1);
+      } else {
+        content = {};
+      }
+      // No valid data here, skip to next line
+      continue;
     }
 
     key = content.substr(0, equal);
@@ -199,7 +208,9 @@ void Dotenv::ParseContent(const std::string_view input) {
         store_.insert_or_assign(std::string(key), multi_line_value);
         auto newline = content.find('\n', closing_quote + 1);
         if (newline != std::string_view::npos) {
-          content.remove_prefix(newline);
+          content.remove_prefix(newline + 1);
+        } else {
+          content = {};
         }
         continue;
       }
@@ -220,7 +231,7 @@ void Dotenv::ParseContent(const std::string_view input) {
         if (newline != std::string_view::npos) {
           value = content.substr(0, newline);
           store_.insert_or_assign(std::string(key), value);
-          content.remove_prefix(newline);
+          content.remove_prefix(newline + 1);
         }
       } else {
         // Example: KEY="value"
@@ -230,8 +241,13 @@ void Dotenv::ParseContent(const std::string_view input) {
         // since there could be newline characters inside the value.
         auto newline = content.find('\n', closing_quote + 1);
         if (newline != std::string_view::npos) {
-          content.remove_prefix(newline);
+          // Use +1 to discard the '\n' itself => next line
+          content.remove_prefix(newline + 1);
+        } else {
+          content = {};
         }
+        // No valid data here, skip to next line
+        continue;
       }
     } else {
       // Regular key value pair.
@@ -247,15 +263,21 @@ void Dotenv::ParseContent(const std::string_view input) {
         if (hash_character != std::string_view::npos) {
           value = content.substr(0, hash_character);
         }
-        content.remove_prefix(newline);
+        store_.insert_or_assign(std::string(key), trim_spaces(value));
+        content.remove_prefix(newline + 1);
       } else {
         // In case the last line is a single key/value pair
         // Example: KEY=VALUE (without a newline at the EOF)
-        value = content.substr(0);
+        value = content;
+        auto hash_char = value.find('#');
+        if (hash_char != std::string_view::npos) {
+          value = content.substr(0, hash_char);
+        }
+        store_.insert_or_assign(std::string(key), trim_spaces(value));
+        content = {};
       }
 
-      value = trim_spaces(value);
-      store_.insert_or_assign(std::string(key), value);
+      store_.insert_or_assign(std::string(key), trim_spaces(value));
     }
   }
 }
diff --git a/test/fixtures/dotenv/valid.env b/test/fixtures/dotenv/valid.env
index 120488d57917e0..6df454da653137 100644
--- a/test/fixtures/dotenv/valid.env
+++ b/test/fixtures/dotenv/valid.env
@@ -6,6 +6,8 @@ BASIC=basic
 
 # previous line intentionally left blank
 AFTER_LINE=after_line
+A="B=C"
+B=C=D
 EMPTY=
 EMPTY_SINGLE_QUOTES=''
 EMPTY_DOUBLE_QUOTES=""
diff --git a/test/parallel/test-dotenv.js b/test/parallel/test-dotenv.js
index 3c81bf98782a97..0115496875e3bb 100644
--- a/test/parallel/test-dotenv.js
+++ b/test/parallel/test-dotenv.js
@@ -82,3 +82,5 @@ assert.strictEqual(process.env.DONT_EXPAND_SQUOTED, 'dontexpand\\nnewlines');
 assert.strictEqual(process.env.EXPORT_EXAMPLE, 'ignore export');
 // Ignore spaces before double quotes to avoid quoted strings as value
 assert.strictEqual(process.env.SPACE_BEFORE_DOUBLE_QUOTES, 'space before double quotes');
+assert.strictEqual(process.env.A, 'B=C');
+assert.strictEqual(process.env.B, 'C=D');
diff --git a/test/parallel/test-util-parse-env.js b/test/parallel/test-util-parse-env.js
index 13d2fda37a09c4..80ab736dd38116 100644
--- a/test/parallel/test-util-parse-env.js
+++ b/test/parallel/test-util-parse-env.js
@@ -11,6 +11,8 @@ const fs = require('node:fs');
   const validContent = fs.readFileSync(validEnvFilePath, 'utf8');
 
   assert.deepStrictEqual(util.parseEnv(validContent), {
+    A: 'B=C',
+    B: 'C=D',
     AFTER_LINE: 'after_line',
     BACKTICKS: 'backticks',
     BACKTICKS_INSIDE_DOUBLE: '`backticks` work inside double quotes',

From 65b1669936c1f5c4ca6109e1faa4f1c7d21d3e0f Mon Sep 17 00:00:00 2001
From: Shima Ryuhei <65934663+islandryu@users.noreply.github.com>
Date: Thu, 17 Apr 2025 22:35:56 +0900
Subject: [PATCH 116/138] util: fix formatting of objects with built-in
 Symbol.toPrimitive

Fixes: https://github.com/nodejs/node/issues/57818
PR-URL: https://github.com/nodejs/node/pull/57832
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
---
 doc/api/util.md                   |  2 +-
 lib/internal/util/inspect.js      | 35 ++++++++++-------
 test/parallel/test-util-format.js | 62 +++++++++++++++++++++++++++++++
 3 files changed, 85 insertions(+), 14 deletions(-)

diff --git a/doc/api/util.md b/doc/api/util.md
index d57230966cbf4b..0bc8f1e8a60dda 100644
--- a/doc/api/util.md
+++ b/doc/api/util.md
@@ -286,7 +286,7 @@ corresponding argument. Supported specifiers are:
 
 * `%s`: `String` will be used to convert all values except `BigInt`, `Object`
   and `-0`. `BigInt` values will be represented with an `n` and Objects that
-  have no user defined `toString` function are inspected using `util.inspect()`
+  have neither a user defined `toString` function nor `Symbol.toPrimitive` function are inspected using `util.inspect()`
   with options `{ depth: 0, colors: false, compact: 3 }`.
 * `%d`: `Number` will be used to convert all values except `BigInt` and
   `Symbol`.
diff --git a/lib/internal/util/inspect.js b/lib/internal/util/inspect.js
index 873e9d5f56165a..ecf5622fcb3e2a 100644
--- a/lib/internal/util/inspect.js
+++ b/lib/internal/util/inspect.js
@@ -2125,27 +2125,32 @@ function hasBuiltInToString(value) {
     value = proxyTarget;
   }
 
-  // Check if value has a custom Symbol.toPrimitive transformation.
-  if (typeof value[SymbolToPrimitive] === 'function') {
-    return false;
-  }
+  let hasOwnToString = ObjectPrototypeHasOwnProperty;
+  let hasOwnToPrimitive = ObjectPrototypeHasOwnProperty;
 
-  // Count objects that have no `toString` function as built-in.
+  // Count objects without `toString` and `Symbol.toPrimitive` function as built-in.
   if (typeof value.toString !== 'function') {
-    return true;
-  }
-
-  // The object has a own `toString` property. Thus it's not not a built-in one.
-  if (ObjectPrototypeHasOwnProperty(value, 'toString')) {
+    if (typeof value[SymbolToPrimitive] !== 'function') {
+      return true;
+    } else if (ObjectPrototypeHasOwnProperty(value, SymbolToPrimitive)) {
+      return false;
+    }
+    hasOwnToString = returnFalse;
+  } else if (ObjectPrototypeHasOwnProperty(value, 'toString')) {
+    return false;
+  } else if (typeof value[SymbolToPrimitive] !== 'function') {
+    hasOwnToPrimitive = returnFalse;
+  } else if (ObjectPrototypeHasOwnProperty(value, SymbolToPrimitive)) {
     return false;
   }
 
-  // Find the object that has the `toString` property as own property in the
-  // prototype chain.
+  // Find the object that has the `toString` property or `Symbol.toPrimitive` property
+  // as own property in the prototype chain.
   let pointer = value;
   do {
     pointer = ObjectGetPrototypeOf(pointer);
-  } while (!ObjectPrototypeHasOwnProperty(pointer, 'toString'));
+  } while (!hasOwnToString(pointer, 'toString') &&
+    !hasOwnToPrimitive(pointer, SymbolToPrimitive));
 
   // Check closer if the object is a built-in.
   const descriptor = ObjectGetOwnPropertyDescriptor(pointer, 'constructor');
@@ -2154,6 +2159,10 @@ function hasBuiltInToString(value) {
     builtInObjects.has(descriptor.value.name);
 }
 
+function returnFalse() {
+  return false;
+}
+
 const firstErrorLine = (error) => StringPrototypeSplit(error.message, '\n', 1)[0];
 let CIRCULAR_ERROR_MESSAGE;
 function tryStringify(arg) {
diff --git a/test/parallel/test-util-format.js b/test/parallel/test-util-format.js
index 8d2cab5a9c7a1c..9d6419b66083b0 100644
--- a/test/parallel/test-util-format.js
+++ b/test/parallel/test-util-format.js
@@ -290,6 +290,68 @@ assert.strictEqual(util.format('%s', -Infinity), '-Infinity');
   assert.strictEqual(util.format('%s', objectWithToPrimitive + ''), 'default context');
 }
 
+// built-in toPrimitive is the same behavior as inspect
+{
+  const date = new Date('2023-10-01T00:00:00Z');
+  assert.strictEqual(util.format('%s', date), util.inspect(date));
+
+  const symbol = Symbol('foo');
+  assert.strictEqual(util.format('%s', symbol), util.inspect(symbol));
+}
+
+// Prototype chain handling for toString
+{
+  function hasToStringButNoToPrimitive() {}
+
+  hasToStringButNoToPrimitive.prototype.toString = function() {
+    return 'hasToStringButNoToPrimitive';
+  };
+
+  let obj = new hasToStringButNoToPrimitive();
+  assert.strictEqual(util.format('%s', obj.toString()), 'hasToStringButNoToPrimitive');
+
+  function inheritsFromHasToStringButNoToPrimitive() {}
+  Object.setPrototypeOf(inheritsFromHasToStringButNoToPrimitive.prototype,
+                        hasToStringButNoToPrimitive.prototype);
+  obj = new inheritsFromHasToStringButNoToPrimitive();
+  assert.strictEqual(util.format('%s', obj.toString()), 'hasToStringButNoToPrimitive');
+}
+
+// Prototype chain handling for Symbol.toPrimitive
+{
+  function hasToPrimitiveButNoToString() {}
+
+  hasToPrimitiveButNoToString.prototype[Symbol.toPrimitive] = function() {
+    return 'hasToPrimitiveButNoToString';
+  };
+
+  let obj = new hasToPrimitiveButNoToString();
+  assert.strictEqual(util.format('%s', obj[Symbol.toPrimitive]()), 'hasToPrimitiveButNoToString');
+  function inheritsFromHasToPrimitiveButNoToString() {}
+  Object.setPrototypeOf(inheritsFromHasToPrimitiveButNoToString.prototype,
+                        hasToPrimitiveButNoToString.prototype);
+  obj = new inheritsFromHasToPrimitiveButNoToString();
+  assert.strictEqual(util.format('%s', obj[Symbol.toPrimitive]()), 'hasToPrimitiveButNoToString');
+}
+
+// Prototype chain handling for both toString and Symbol.toPrimitive
+{
+  function hasBothToStringAndToPrimitive() {}
+  hasBothToStringAndToPrimitive.prototype.toString = function() {
+    return 'toString';
+  };
+  hasBothToStringAndToPrimitive.prototype[Symbol.toPrimitive] = function() {
+    return 'toPrimitive';
+  };
+  let obj = new hasBothToStringAndToPrimitive();
+  assert.strictEqual(util.format('%s', obj.toString()), 'toString');
+  function inheritsFromHasBothToStringAndToPrimitive() {}
+  Object.setPrototypeOf(inheritsFromHasBothToStringAndToPrimitive.prototype,
+                        hasBothToStringAndToPrimitive.prototype);
+  obj = new inheritsFromHasBothToStringAndToPrimitive();
+  assert.strictEqual(util.format('%s', obj.toString()), 'toString');
+}
+
 // JSON format specifier
 assert.strictEqual(util.format('%j'), '%j');
 assert.strictEqual(util.format('%j', 42), '42');

From 6fd58e0338cc144c82bcb67f3160e20d21968361 Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Mon, 18 Aug 2025 01:30:57 -0700
Subject: [PATCH 117/138] tools: update coverage GitHub Actions to fixed
 version
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Refs: https://github.com/codecov/codecov-action/pull/1859
Refs: https://github.com/codecov/codecov-action/issues/1858
PR-URL: https://github.com/nodejs/node/pull/59512
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Zeyu "Alex" Yang <himself65@outlook.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com>
---
 .github/workflows/coverage-linux-without-intl.yml | 2 +-
 .github/workflows/coverage-linux.yml              | 2 +-
 .github/workflows/coverage-windows.yml            | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/coverage-linux-without-intl.yml b/.github/workflows/coverage-linux-without-intl.yml
index 956058c6889e4c..c8e0cafa0f7098 100644
--- a/.github/workflows/coverage-linux-without-intl.yml
+++ b/.github/workflows/coverage-linux-without-intl.yml
@@ -80,6 +80,6 @@ jobs:
       - name: Clean tmp
         run: rm -rf coverage/tmp && rm -rf out
       - name: Upload
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24  # v5.4.3
+        uses: codecov/codecov-action@39a2af19d997be74586469d4062e173ecae614f6  # v5.4.3+
         with:
           directory: ./coverage
diff --git a/.github/workflows/coverage-linux.yml b/.github/workflows/coverage-linux.yml
index 3a7ad75d375875..4e620a7a848f24 100644
--- a/.github/workflows/coverage-linux.yml
+++ b/.github/workflows/coverage-linux.yml
@@ -80,6 +80,6 @@ jobs:
       - name: Clean tmp
         run: rm -rf coverage/tmp && rm -rf out
       - name: Upload
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24  # v5.4.3
+        uses: codecov/codecov-action@39a2af19d997be74586469d4062e173ecae614f6  # v5.4.3+
         with:
           directory: ./coverage
diff --git a/.github/workflows/coverage-windows.yml b/.github/workflows/coverage-windows.yml
index 5acb24cfc707df..3b4848778bc273 100644
--- a/.github/workflows/coverage-windows.yml
+++ b/.github/workflows/coverage-windows.yml
@@ -71,6 +71,6 @@ jobs:
       - name: Clean tmp
         run: npx rimraf ./coverage/tmp
       - name: Upload
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24  # v5.4.3
+        uses: codecov/codecov-action@39a2af19d997be74586469d4062e173ecae614f6  # v5.4.3+
         with:
           directory: ./coverage

From 530473f4795644b69877c100efb1d6d38f5bf9d1 Mon Sep 17 00:00:00 2001
From: "Claudio W." <cwunder@gnome.org>
Date: Thu, 3 Jul 2025 08:48:59 +0200
Subject: [PATCH 118/138] doc: add ovflowd back to core collaborators
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/58911
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jake Yuesong Li <jake.yuesong@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 631a898d0f7321..6081115e8c6d30 100644
--- a/README.md
+++ b/README.md
@@ -407,6 +407,8 @@ For information about the governance of the Node.js project, see
   **Moshe Atlow** <<moshe@atlow.co.il>> (he/him)
 * [MrJithil](https://github.com/MrJithil) -
   **Jithil P Ponnan** <<jithil@outlook.com>> (he/him)
+* [ovflowd](https://github.com/ovflowd) -
+  **Claudio Wunder** <<cwunder@gnome.org>> (he/they)
 * [panva](https://github.com/panva) -
   **Filip Skokan** <<panva.ip@gmail.com>> (he/him)
 * [pimterry](https://github.com/pimterry) -
@@ -633,8 +635,6 @@ For information about the governance of the Node.js project, see
   **Alexis Campailla** <<orangemocha@nodejs.org>>
 * [othiym23](https://github.com/othiym23) -
   **Forrest L Norvell** <<ogd@aoaioxxysz.net>> (they/them/themself)
-* [ovflowd](https://github.com/ovflowd) -
-  **Claudio Wunder** <<cwunder@gnome.org>> (he/they)
 * [oyyd](https://github.com/oyyd) -
   **Ouyang Yadong** <<oyydoibh@gmail.com>> (he/him)
 * [petkaantonov](https://github.com/petkaantonov) -

From 4e6ae787c641f6a456adbdd988ddd4f026c1405e Mon Sep 17 00:00:00 2001
From: Giovanni Bucci <8344987+puskin@users.noreply.github.com>
Date: Tue, 13 May 2025 02:30:33 -0700
Subject: [PATCH 119/138] doc: add puskin to collaborators

Fixes: https://github.com/nodejs/node/issues/58088
PR-URL: https://github.com/nodejs/node/pull/58308
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
---
 .mailmap  | 1 +
 README.md | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/.mailmap b/.mailmap
index a060a422d49cce..e3e502c8716123 100644
--- a/.mailmap
+++ b/.mailmap
@@ -204,6 +204,7 @@ George Adams <gadams@microsoft.com> <george.adams@uk.ibm.com>
 Gerhard Stöbich <deb2001-github@yahoo.de>
 Gibson Fahnestock <gibfahn@gmail.com> <gib@uk.ibm.com>
 Gil Pedersen <git@gpost.dk> <github@gpost.dk>
+Giovanni Bucci <github@puskin.it>
 Graham Fairweather <xotic750@gmail.com> <xotic750@gmail>
 Greg Sabia Tucker <greg@narrowlabs.com> <greg@tucke.rs>
 Gregor Martynus <gregor@martynus.net>
diff --git a/README.md b/README.md
index 6081115e8c6d30..cba3e106faf184 100644
--- a/README.md
+++ b/README.md
@@ -415,6 +415,8 @@ For information about the governance of the Node.js project, see
   **Tim Perry** <<pimterry@gmail.com>> (he/him)
 * [pmarchini](https://github.com/pmarchini)
   **Pietro Marchini** <<pietro.marchini94@gmail.com>> (he/him)
+* [puskin](https://github.com/puskin) -
+  **Giovanni Bucci** <<github@puskin.it>> (he/him)
 * [Qard](https://github.com/Qard) -
   **Stephen Belanger** <<admin@stephenbelanger.com>> (he/him)
 * [RafaelGSS](https://github.com/RafaelGSS) -

From f5b293ad48d605b34819db4d5b7e47a7ac89479e Mon Sep 17 00:00:00 2001
From: Jonas <jonas@badalic.com>
Date: Fri, 16 May 2025 16:19:55 -0400
Subject: [PATCH 120/138] doc: add JonasBa to collaborators
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes: https://github.com/nodejs/node/issues/57410
PR-URL: https://github.com/nodejs/node/pull/58355
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
---
 .mailmap  | 1 +
 README.md | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/.mailmap b/.mailmap
index e3e502c8716123..ec877b4c767a83 100644
--- a/.mailmap
+++ b/.mailmap
@@ -271,6 +271,7 @@ John McGuirk <johnmac81@gmail.com>
 John Musgrave <musgravejw@gmail.com>
 Johnny Ray Austin <johnny@johnnyray.me> <http://johnnyray.me>
 Jon Tippens <jwtippens@gmail.com>
+Jonas Badalic <jonas.badalic@gmail.com> <jonas@badalic.com>
 Jonas Pfenniger <jonas@pfenniger.name> <jonas@stvs.ch>
 Jonathan Gourlay <gourlayjd@linux.com>
 Jonathan Ong <jonathanrichardong@gmail.com> <jonathanong@users.noreply.github.com>
diff --git a/README.md b/README.md
index cba3e106faf184..294919abcfc1e6 100644
--- a/README.md
+++ b/README.md
@@ -367,6 +367,8 @@ For information about the governance of the Node.js project, see
   **Jason Zhang** <<xzha4350@gmail.com>> (he/him)
 * [jkrems](https://github.com/jkrems) -
   **Jan Martin** <<jan.krems@gmail.com>> (he/him)
+* [JonasBa](https://github.com/JonasBa) -
+  **Jonas Badalic** <<jonas.badalic@gmail.com>> (he/him)
 * [joyeecheung](https://github.com/joyeecheung) -
   **Joyee Cheung** <<joyeec9h3@gmail.com>> (she/her)
 * [juanarbol](https://github.com/juanarbol) -

From b1009b5b725fa95578a86bbde6611b92cf6d283a Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Fri, 14 Mar 2025 19:51:52 -0300
Subject: [PATCH 121/138] doc: explicit mention arbitrary code execution as a
 vuln

This request came from Github Open Source Secure and
it's always welcome to clarify the policy

PR-URL: https://github.com/nodejs/node/pull/57426
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
---
 SECURITY.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/SECURITY.md b/SECURITY.md
index 08dcf83ce6fd5d..9650e812914f81 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -141,6 +141,9 @@ a security vulnerability. Examples of unwanted actions are polluting globals,
 causing an unrecoverable crash, or any other unexpected side effects that can
 lead to a loss of confidentiality, integrity, or availability.
 
+For example, if trusted input (like secure application code) is correct,
+then untrusted input must not lead to arbitrary JavaScript code execution.
+
 **Node.js trusts everything else**. Examples include:
 
 * The developers and infrastructure that runs it.

From 621b66a2977729786ab072ab859582d61ea13229 Mon Sep 17 00:00:00 2001
From: Antoine du Hamel <duhamelantoine1995@gmail.com>
Date: Sun, 16 Mar 2025 08:30:14 +0000
Subject: [PATCH 122/138] doc: add review guidelines for collaborator
 nominations
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/57449
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
---
 GOVERNANCE.md | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/GOVERNANCE.md b/GOVERNANCE.md
index cf5bc188ad3055..d24701855d0cb2 100644
--- a/GOVERNANCE.md
+++ b/GOVERNANCE.md
@@ -287,6 +287,34 @@ from stalling indefinitely or objections from being overridden by the TSC.
 Remember that all private discussions about a nomination will be visible to
 the nominee once they are onboarded.
 
+#### How to review a collaborator nomination
+
+A collaborator nomination can be reviewed in the same way one would review a PR
+adding a feature:
+
+* If you see the nomination as something positive to the project, say so!
+* If you are neutral, or feel you don't know enough to have an informed opinion,
+  it's certainly OK to not interact with the nomination.
+* If you think the nomination was made too soon, or can be detrimental to the
+  project, share your concerns, ideally before the public nomination is opened,
+  and avoid sharing those concerns outside of the Collaborator discussion area.
+  Ideally, list what step(s) the nominee could take that would make you
+  approve their nomination.
+  Given that there is no "Request for changes" feature in discussions and issues,
+  try to be explicit when your comment is expressing a blocking concern.
+  Similarly, once the blocking concern has been addressed, explicitly say so.
+
+Our goal is to keep gate-keeping at a minimal, but it cannot be zero since being
+a collaborator requires trust (collaborators can start CI jobs, use their veto,
+push commits, etc.), so what's the minimal amount is subjective, and there will
+be cases where collaborators disagree on whether a nomination should move
+forward.
+
+When concerns have been raised on the private discussion, refrain from opening
+the public issue. If no one has explicitly blocked the nomination and you'd like
+it to move forward, comment something like "If I don't hear any objections
+before (some time), I will open the public issue".
+
 ### Onboarding
 
 After the nomination passes, a TSC member onboards the new collaborator. See

From c1e7fa2586220a223c83d70ab9531324eeaece40 Mon Sep 17 00:00:00 2001
From: Joyee Cheung <joyeec9h3@gmail.com>
Date: Thu, 31 Oct 2024 16:43:57 +0100
Subject: [PATCH 123/138] module: handle .mjs in .js handler in CommonJS
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This refactors the CommonJS loading a bit to create a center point
that handles source loading (`loadSource`) and make format detection
more consistent to pave the way for future synchronous hooks.

- Handle .mjs in the .js handler, similar to how .cjs has been handled.
- Generate the legacy ERR_REQUIRE_ESM in a getRequireESMError() for
  require(esm) handling (when it's disabled).

PR-URL: https://github.com/nodejs/node/pull/55590
Backport-PR-URL: https://github.com/nodejs/node/pull/59504
Refs: https://github.com/nodejs/loaders/pull/198
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Refs: https://github.com/nodejs/node/issues/52697
---
 lib/internal/modules/cjs/loader.js | 165 +++++++++++++++--------------
 1 file changed, 86 insertions(+), 79 deletions(-)

diff --git a/lib/internal/modules/cjs/loader.js b/lib/internal/modules/cjs/loader.js
index a02aaa07de27ac..b12594cc364056 100644
--- a/lib/internal/modules/cjs/loader.js
+++ b/lib/internal/modules/cjs/loader.js
@@ -101,6 +101,9 @@ const kIsMainSymbol = Symbol('kIsMainSymbol');
 const kIsCachedByESMLoader = Symbol('kIsCachedByESMLoader');
 const kRequiredModuleSymbol = Symbol('kRequiredModuleSymbol');
 const kIsExecuting = Symbol('kIsExecuting');
+
+const kFormat = Symbol('kFormat');
+
 // Set first due to cycle with ESM loader functions.
 module.exports = {
   kModuleSource,
@@ -438,10 +441,6 @@ function initializeCJS() {
   // TODO(joyeecheung): deprecate this in favor of a proper hook?
   Module.runMain =
     require('internal/modules/run_main').executeUserEntryPoint;
-
-  if (getOptionValue('--experimental-require-module')) {
-    Module._extensions['.mjs'] = loadESMFromCJS;
-  }
 }
 
 // Given a module name, and a list of paths to test, returns the first
@@ -651,14 +650,7 @@ function resolveExports(nmPath, request) {
 // We don't cache this in case user extends the extensions.
 function getDefaultExtensions() {
   const extensions = ObjectKeys(Module._extensions);
-  if (!getOptionValue('--experimental-require-module')) {
-    return extensions;
-  }
-  // If the .mjs extension is added by --experimental-require-module,
-  // remove it from the supported default extensions to maintain
-  // compatibility.
-  // TODO(joyeecheung): allow both .mjs and .cjs?
-  return ArrayPrototypeFilter(extensions, (ext) => ext !== '.mjs' || Module._extensions['.mjs'] !== loadESMFromCJS);
+  return extensions;
 }
 
 /**
@@ -1270,10 +1262,6 @@ Module.prototype.load = function(filename) {
   this.paths = Module._nodeModulePaths(path.dirname(filename));
 
   const extension = findLongestRegisteredExtension(filename);
-  // allow .mjs to be overridden
-  if (StringPrototypeEndsWith(filename, '.mjs') && !Module._extensions['.mjs']) {
-    throw new ERR_REQUIRE_ESM(filename, true);
-  }
 
   Module._extensions[extension](this, filename);
   this.loaded = true;
@@ -1309,9 +1297,10 @@ let requireModuleWarningMode;
  * Resolve and evaluate it synchronously as ESM if it's ESM.
  * @param {Module} mod CJS module instance
  * @param {string} filename Absolute path of the file.
+ * @param {string} format Format of the module. If it had types, this would be what it is after type-stripping.
+ * @param {string} source Source the module. If it had types, this would have the type stripped.
  */
-function loadESMFromCJS(mod, filename) {
-  const source = getMaybeCachedSource(mod, filename);
+function loadESMFromCJS(mod, filename, format, source) {
   const cascadedLoader = require('internal/modules/esm/loader').getOrInitializeCascadedLoader();
   const isMain = mod[kIsMainSymbol];
   if (isMain) {
@@ -1487,7 +1476,9 @@ function wrapSafe(filename, content, cjsModuleInstance, format) {
  * `exports`) to the file. Returns exception, if any.
  * @param {string} content The source code of the module
  * @param {string} filename The file path of the module
- * @param {'module'|'commonjs'|undefined} format Intended format of the module.
+ * @param {
+ *    'module'|'commonjs'|'commonjs-typescript'|'module-typescript'
+ * } format Intended format of the module.
  */
 Module.prototype._compile = function(content, filename, format) {
   let moduleURL;
@@ -1509,9 +1500,7 @@ Module.prototype._compile = function(content, filename, format) {
   }
 
   if (format === 'module') {
-    // Pass the source into the .mjs extension handler indirectly through the cache.
-    this[kModuleSource] = content;
-    loadESMFromCJS(this, filename);
+    loadESMFromCJS(this, filename, format, content);
     return;
   }
 
@@ -1539,22 +1528,72 @@ Module.prototype._compile = function(content, filename, format) {
 
 /**
  * Get the source code of a module, using cached ones if it's cached.
+ * After this returns, mod[kFormat], mod[kModuleSource] and mod[kURL] will be set.
  * @param {Module} mod Module instance whose source is potentially already cached.
  * @param {string} filename Absolute path to the file of the module.
- * @returns {string}
+ * @returns {{source: string, format?: string}}
  */
-function getMaybeCachedSource(mod, filename) {
-  // If already analyzed the source, then it will be cached.
-  let content;
-  if (mod[kModuleSource] !== undefined) {
-    content = mod[kModuleSource];
+function loadSource(mod, filename, formatFromNode) {
+  if (formatFromNode !== undefined) {
+    mod[kFormat] = formatFromNode;
+  }
+  const format = mod[kFormat];
+
+  let source = mod[kModuleSource];
+  if (source !== undefined) {
     mod[kModuleSource] = undefined;
   } else {
     // TODO(joyeecheung): we can read a buffer instead to speed up
     // compilation.
-    content = fs.readFileSync(filename, 'utf8');
+    source = fs.readFileSync(filename, 'utf8');
+  }
+  return { source, format };
+}
+
+function reconstructErrorStack(err, parentPath, parentSource) {
+  const errLine = StringPrototypeSplit(
+    StringPrototypeSlice(err.stack, StringPrototypeIndexOf(
+      err.stack, '    at ')), '\n', 1)[0];
+  const { 1: line, 2: col } =
+    RegExpPrototypeExec(/(\d+):(\d+)\)/, errLine) || [];
+  if (line && col) {
+    const srcLine = StringPrototypeSplit(parentSource, '\n')[line - 1];
+    const frame = `${parentPath}:${line}\n${srcLine}\n${StringPrototypeRepeat(' ', col - 1)}^\n`;
+    setArrowMessage(err, frame);
+  }
+}
+
+/**
+ * Generate the legacy ERR_REQUIRE_ESM for the cases where require(esm) is disabled.
+ * @param {Module} mod The module being required.
+ * @param {undefined|object} pkg Data of the nearest package.json of the module.
+ * @param {string} content Source code of the module.
+ * @param {string} filename Filename of the module
+ * @returns {Error}
+ */
+function getRequireESMError(mod, pkg, content, filename) {
+  // This is an error path because `require` of a `.js` file in a `"type": "module"` scope is not allowed.
+  const parent = mod[kModuleParent];
+  const parentPath = parent?.filename;
+  const packageJsonPath = pkg?.path ? path.resolve(pkg.path, 'package.json') : null;
+  const usesEsm = containsModuleSyntax(content, filename);
+  const err = new ERR_REQUIRE_ESM(filename, usesEsm, parentPath,
+                                  packageJsonPath);
+  // Attempt to reconstruct the parent require frame.
+  const parentModule = Module._cache[parentPath];
+  if (parentModule) {
+    let parentSource;
+    try {
+      ({ source: parentSource } = loadSource(parentModule, parentPath));
+    } catch {
+      // Continue regardless of error.
+    }
+    if (parentSource) {
+      // TODO(joyeecheung): trim off internal frames from the stack.
+      reconstructErrorStack(err, parentPath, parentSource);
+    }
   }
-  return content;
+  return err;
 }
 
 /**
@@ -1563,57 +1602,25 @@ function getMaybeCachedSource(mod, filename) {
  * @param {string} filename The file path of the module
  */
 Module._extensions['.js'] = function(module, filename) {
-  // If already analyzed the source, then it will be cached.
-  const content = getMaybeCachedSource(module, filename);
-
-  let format;
-  if (StringPrototypeEndsWith(filename, '.js')) {
-    const pkg = packageJsonReader.readPackageScope(filename) || { __proto__: null };
-    // Function require shouldn't be used in ES modules.
-    if (pkg.data?.type === 'module') {
-      if (getOptionValue('--experimental-require-module')) {
-        module._compile(content, filename, 'module');
-        return;
-      }
-
-      // This is an error path because `require` of a `.js` file in a `"type": "module"` scope is not allowed.
-      const parent = module[kModuleParent];
-      const parentPath = parent?.filename;
-      const packageJsonPath = path.resolve(pkg.path, 'package.json');
-      const usesEsm = containsModuleSyntax(content, filename);
-      const err = new ERR_REQUIRE_ESM(filename, usesEsm, parentPath,
-                                      packageJsonPath);
-      // Attempt to reconstruct the parent require frame.
-      if (Module._cache[parentPath]) {
-        let parentSource;
-        try {
-          parentSource = fs.readFileSync(parentPath, 'utf8');
-        } catch {
-          // Continue regardless of error.
-        }
-        if (parentSource) {
-          const errLine = StringPrototypeSplit(
-            StringPrototypeSlice(err.stack, StringPrototypeIndexOf(
-              err.stack, '    at ')), '\n', 1)[0];
-          const { 1: line, 2: col } =
-              RegExpPrototypeExec(/(\d+):(\d+)\)/, errLine) || [];
-          if (line && col) {
-            const srcLine = StringPrototypeSplit(parentSource, '\n')[line - 1];
-            const frame = `${parentPath}:${line}\n${srcLine}\n${
-              StringPrototypeRepeat(' ', col - 1)}^\n`;
-            setArrowMessage(err, frame);
-          }
-        }
-      }
-      throw err;
-    } else if (pkg.data?.type === 'commonjs') {
-      format = 'commonjs';
-    }
-  } else if (StringPrototypeEndsWith(filename, '.cjs')) {
+  let format, pkg;
+  if (StringPrototypeEndsWith(filename, '.cjs')) {
     format = 'commonjs';
+  } else if (StringPrototypeEndsWith(filename, '.mjs')) {
+    format = 'module';
+  } else if (StringPrototypeEndsWith(filename, '.js')) {
+    pkg = packageJsonReader.readPackageScope(filename) || { __proto__: null };
+    const typeFromPjson = pkg.data?.type;
+    if (typeFromPjson === 'module' || typeFromPjson === 'commonjs' || !typeFromPjson) {
+      format = typeFromPjson;
+    }
   }
-
-  module._compile(content, filename, format);
+  const { source, format: loadedFormat } = loadSource(module, filename, format);
+  // Function require shouldn't be used in ES modules when require(esm) is disabled.
+  if (loadedFormat === 'module' && !getOptionValue('--experimental-require-module')) {
+    const err = getRequireESMError(module, pkg, source, filename);
+    throw err;
+  }
+  module._compile(source, filename, loadedFormat);
 };
 
 /**

From eb842048b28edd6c63b30139c15a8c909799b810 Mon Sep 17 00:00:00 2001
From: Joyee Cheung <joyeec9h3@gmail.com>
Date: Tue, 18 Feb 2025 22:31:55 +0100
Subject: [PATCH 124/138] src: do not format single string argument for
 THROW_ERR_*

If the macros are used as ERR_*(isolate, message) or
THROW_ERR_*(isolate, message) with a single string argument, do run
formatter on the message, and allow the caller to pass in a message
directly with characters that would otherwise need escaping if used
as format string unconditionally.

PR-URL: https://github.com/nodejs/node/pull/57126
Backport-PR-URL: https://github.com/nodejs/node/pull/59504
Refs: https://github.com/fisker/prettier-issue-17139
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Refs: https://github.com/nodejs/node/issues/52697
---
 src/node_errors.h | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/node_errors.h b/src/node_errors.h
index d5e2f86f516bbb..23fd33d255e715 100644
--- a/src/node_errors.h
+++ b/src/node_errors.h
@@ -105,11 +105,21 @@ void OOMErrorHandler(const char* location, const v8::OOMDetails& details);
   V(ERR_WORKER_INIT_FAILED, Error)                                             \
   V(ERR_PROTO_ACCESS, Error)
 
+// If the macros are used as ERR_*(isolate, message) or
+// THROW_ERR_*(isolate, message) with a single string argument, do run
+// formatter on the message, and allow the caller to pass in a message
+// directly with characters that would otherwise need escaping if used
+// as format string unconditionally.
 #define V(code, type)                                                          \
   template <typename... Args>                                                  \
   inline v8::Local<v8::Object> code(                                           \
       v8::Isolate* isolate, const char* format, Args&&... args) {              \
-    std::string message = SPrintF(format, std::forward<Args>(args)...);        \
+    std::string message;                                                       \
+    if (sizeof...(Args) == 0) {                                                \
+      message = format;                                                        \
+    } else {                                                                   \
+      message = SPrintF(format, std::forward<Args>(args)...);                  \
+    }                                                                          \
     v8::Local<v8::String> js_code = OneByteString(isolate, #code);             \
     v8::Local<v8::String> js_msg =                                             \
         v8::String::NewFromUtf8(isolate,                                       \

From ba7f8a0353e12747f17a41665a0bb6cc08b27455 Mon Sep 17 00:00:00 2001
From: Joyee Cheung <joyeec9h3@gmail.com>
Date: Mon, 17 Feb 2025 19:44:50 +0100
Subject: [PATCH 125/138] module: improve error message from asynchronicity in
 require(esm)

- Improve the error message that shows up when there is a race
  from doing require(esm) and import(esm) at the same time.
- Improve error message of ERR_REQUIRE_ASYNC_MODULE by showing
  parent and target file names, if available.

Drive-by: split the require(tla) tests since we are modifying
the tests already.

PR-URL: https://github.com/nodejs/node/pull/57126
Backport-PR-URL: https://github.com/nodejs/node/pull/59504
Refs: https://github.com/fisker/prettier-issue-17139
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Refs: https://github.com/nodejs/node/issues/52697
---
 lib/internal/errors.js                        | 15 ++++-
 lib/internal/modules/esm/loader.js            | 25 ++++++--
 lib/internal/modules/esm/module_job.js        |  9 ++-
 src/module_wrap.cc                            |  4 +-
 src/node_errors.h                             | 26 ++++++--
 test/common/index.js                          | 12 ++++
 .../test-require-module-tla-execution.js      | 26 ++++++++
 .../test-require-module-tla-nested.js         | 15 +++++
 ...test-require-module-tla-print-execution.js | 29 +++++++++
 .../test-require-module-tla-rejected.js       | 15 +++++
 .../test-require-module-tla-resolved.js       | 15 +++++
 .../test-require-module-tla-unresolved.js     | 15 +++++
 test/es-module/test-require-module-tla.js     | 63 -------------------
 13 files changed, 190 insertions(+), 79 deletions(-)
 create mode 100644 test/es-module/test-require-module-tla-execution.js
 create mode 100644 test/es-module/test-require-module-tla-nested.js
 create mode 100644 test/es-module/test-require-module-tla-print-execution.js
 create mode 100644 test/es-module/test-require-module-tla-rejected.js
 create mode 100644 test/es-module/test-require-module-tla-resolved.js
 create mode 100644 test/es-module/test-require-module-tla-unresolved.js
 delete mode 100644 test/es-module/test-require-module-tla.js

diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index 262f99eb3cefba..9d6c5ca9bb8fdd 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -1692,9 +1692,18 @@ E('ERR_PARSE_ARGS_UNKNOWN_OPTION', (option, allowPositionals) => {
 E('ERR_PERFORMANCE_INVALID_TIMESTAMP',
   '%d is not a valid timestamp', TypeError);
 E('ERR_PERFORMANCE_MEASURE_INVALID_OPTIONS', '%s', TypeError);
-E('ERR_REQUIRE_ASYNC_MODULE', 'require() cannot be used on an ESM ' +
-  'graph with top-level await. Use import() instead. To see where the' +
-  ' top-level await comes from, use --experimental-print-required-tla.', Error);
+E('ERR_REQUIRE_ASYNC_MODULE', function(filename, parentFilename) {
+  let message = 'require() cannot be used on an ESM ' +
+    'graph with top-level await. Use import() instead. To see where the' +
+    ' top-level await comes from, use --experimental-print-required-tla.';
+  if (parentFilename) {
+    message += `\n  From ${parentFilename} `;
+  }
+  if (filename) {
+    message += `\n  Requiring ${filename} `;
+  }
+  return message;
+}, Error);
 E('ERR_REQUIRE_CYCLE_MODULE', '%s', Error);
 E('ERR_REQUIRE_ESM',
   function(filename, hasEsmSyntax, parentPath = null, packageJsonPath = null) {
diff --git a/lib/internal/modules/esm/loader.js b/lib/internal/modules/esm/loader.js
index d9b2c75dd978d0..f026271c4759ba 100644
--- a/lib/internal/modules/esm/loader.js
+++ b/lib/internal/modules/esm/loader.js
@@ -295,20 +295,37 @@ class ModuleLoader {
     //    TODO(joyeecheung): ensure that imported synchronous graphs are evaluated
     //    synchronously so that any previously imported synchronous graph is already
     //    evaluated at this point.
+    // TODO(joyeecheung): add something similar to CJS loader's requireStack to help
+    // debugging the the problematic links in the graph for import.
     if (job !== undefined) {
       mod[kRequiredModuleSymbol] = job.module;
+      const parentFilename = urlToFilename(parent?.filename);
+      // TODO(node:55782): this race may stop to happen when the ESM resolution and loading become synchronous.
+      if (!job.module) {
+        let message = `Cannot require() ES Module ${filename} because it is not yet fully loaded. `;
+        message += 'This may be caused by a race condition if the module is simultaneously dynamically ';
+        message += 'import()-ed via Promise.all(). Try await-ing the import() sequentially in a loop instead.';
+        if (parentFilename) {
+          message += ` (from ${parentFilename})`;
+        }
+        assert(job.module, message);
+      }
       if (job.module.async) {
-        throw new ERR_REQUIRE_ASYNC_MODULE();
+        throw new ERR_REQUIRE_ASYNC_MODULE(filename, parentFilename);
       }
+      // job.module may be undefined if it's asynchronously loaded. Which means
+      // there is likely a cycle.
       if (job.module.getStatus() !== kEvaluated) {
-        const parentFilename = urlToFilename(parent?.filename);
         let message = `Cannot require() ES Module ${filename} in a cycle.`;
         if (parentFilename) {
           message += ` (from ${parentFilename})`;
         }
+        message += 'A cycle involving require(esm) is disallowed to maintain ';
+        message += 'invariants madated by the ECMAScript specification';
+        message += 'Try making at least part of the dependency in the graph lazily loaded.';
         throw new ERR_REQUIRE_CYCLE_MODULE(message);
       }
-      return { wrap: job.module, namespace: job.module.getNamespaceSync() };
+      return { wrap: job.module, namespace: job.module.getNamespaceSync(filename, parentFilename) };
     }
     // TODO(joyeecheung): refactor this so that we pre-parse in C++ and hit the
     // cache here, or use a carrier object to carry the compiled module script
@@ -320,7 +337,7 @@ class ModuleLoader {
     job = new ModuleJobSync(this, url, kEmptyObject, wrap, isMain, inspectBrk);
     this.loadCache.set(url, kImplicitAssertType, job);
     mod[kRequiredModuleSymbol] = job.module;
-    return { wrap: job.module, namespace: job.runSync().namespace };
+    return { wrap: job.module, namespace: job.runSync(parent).namespace };
   }
 
   /**
diff --git a/lib/internal/modules/esm/module_job.js b/lib/internal/modules/esm/module_job.js
index 0c8f031080a314..a9dd372fe2f498 100644
--- a/lib/internal/modules/esm/module_job.js
+++ b/lib/internal/modules/esm/module_job.js
@@ -31,6 +31,7 @@ const assert = require('internal/assert');
 const resolvedPromise = PromiseResolve();
 const {
   setHasStartedUserESMExecution,
+  urlToFilename,
 } = require('internal/modules/helpers');
 const { getOptionValue } = require('internal/options');
 const noop = FunctionPrototype;
@@ -371,7 +372,7 @@ class ModuleJobSync extends ModuleJobBase {
                 `Status = ${status}`);
   }
 
-  runSync() {
+  runSync(parent) {
     // TODO(joyeecheung): add the error decoration logic from the async instantiate.
     this.module.async = this.module.instantiateSync();
     // If --experimental-print-required-tla is true, proceeds to evaluation even
@@ -380,11 +381,13 @@ class ModuleJobSync extends ModuleJobBase {
     // TODO(joyeecheung): track the asynchroniticy using v8::Module::HasTopLevelAwait()
     // and we'll be able to throw right after compilation of the modules, using acron
     // to find and print the TLA.
+    const parentFilename = urlToFilename(parent?.filename);
+    const filename = urlToFilename(this.url);
     if (this.module.async && !getOptionValue('--experimental-print-required-tla')) {
-      throw new ERR_REQUIRE_ASYNC_MODULE();
+      throw new ERR_REQUIRE_ASYNC_MODULE(filename, parentFilename);
     }
     setHasStartedUserESMExecution();
-    const namespace = this.module.evaluateSync();
+    const namespace = this.module.evaluateSync(filename, parentFilename);
     return { __proto__: null, module: this.module, namespace };
   }
 }
diff --git a/src/module_wrap.cc b/src/module_wrap.cc
index a3362e0bafcb11..21aaea106d8d28 100644
--- a/src/module_wrap.cc
+++ b/src/module_wrap.cc
@@ -648,7 +648,7 @@ void ModuleWrap::EvaluateSync(const FunctionCallbackInfo<Value>& args) {
         FPrintF(stderr, "%s\n", reason);
       }
     }
-    THROW_ERR_REQUIRE_ASYNC_MODULE(env);
+    THROW_ERR_REQUIRE_ASYNC_MODULE(env, args[0], args[1]);
     return;
   }
 
@@ -678,7 +678,7 @@ void ModuleWrap::GetNamespaceSync(const FunctionCallbackInfo<Value>& args) {
   }
 
   if (module->IsGraphAsync()) {
-    return THROW_ERR_REQUIRE_ASYNC_MODULE(realm->env());
+    return THROW_ERR_REQUIRE_ASYNC_MODULE(realm->env(), args[0], args[1]);
   }
   Local<Value> result = module->GetModuleNamespace();
   args.GetReturnValue().Set(result);
diff --git a/src/node_errors.h b/src/node_errors.h
index 23fd33d255e715..7cacf416b6e624 100644
--- a/src/node_errors.h
+++ b/src/node_errors.h
@@ -208,10 +208,6 @@ ERRORS_WITH_CODE(V)
     "creating Workers")                                                        \
   V(ERR_NON_CONTEXT_AWARE_DISABLED,                                            \
     "Loading non context-aware native addons has been disabled")               \
-  V(ERR_REQUIRE_ASYNC_MODULE,                                                  \
-    "require() cannot be used on an ESM graph with top-level await. Use "      \
-    "import() instead. To see where the top-level await comes from, use "      \
-    "--experimental-print-required-tla.")                                      \
   V(ERR_SCRIPT_EXECUTION_INTERRUPTED,                                          \
     "Script execution was interrupted by `SIGINT`")                            \
   V(ERR_TLS_PSK_SET_IDENTIY_HINT_FAILED, "Failed to set PSK identity hint")    \
@@ -241,6 +237,28 @@ inline void THROW_ERR_SCRIPT_EXECUTION_TIMEOUT(Environment* env,
   THROW_ERR_SCRIPT_EXECUTION_TIMEOUT(env, message.str().c_str());
 }
 
+inline void THROW_ERR_REQUIRE_ASYNC_MODULE(
+    Environment* env,
+    v8::Local<v8::Value> filename,
+    v8::Local<v8::Value> parent_filename) {
+  static constexpr const char* prefix =
+      "require() cannot be used on an ESM graph with top-level await. Use "
+      "import() instead. To see where the top-level await comes from, use "
+      "--experimental-print-required-tla.";
+  std::string message = prefix;
+  if (!parent_filename.IsEmpty() && parent_filename->IsString()) {
+    Utf8Value utf8(env->isolate(), parent_filename);
+    message += "\n  From ";
+    message += utf8.out();
+  }
+  if (!filename.IsEmpty() && filename->IsString()) {
+    Utf8Value utf8(env->isolate(), filename);
+    message += "\n  Requiring ";
+    message += +utf8.out();
+  }
+  THROW_ERR_REQUIRE_ASYNC_MODULE(env, message.c_str());
+}
+
 inline v8::Local<v8::Object> ERR_BUFFER_TOO_LARGE(v8::Isolate* isolate) {
   char message[128];
   snprintf(message, sizeof(message),
diff --git a/test/common/index.js b/test/common/index.js
index 9733f8746baa0e..e860da53a6cd4b 100644
--- a/test/common/index.js
+++ b/test/common/index.js
@@ -937,6 +937,17 @@ function expectRequiredModule(mod, expectation, checkESModule = true) {
   assert.deepStrictEqual(clone, { ...expectation });
 }
 
+function expectRequiredTLAError(err) {
+  const message = /require\(\) cannot be used on an ESM graph with top-level await/;
+  if (typeof err === 'string') {
+    assert.match(err, /ERR_REQUIRE_ASYNC_MODULE/);
+    assert.match(err, message);
+  } else {
+    assert.strictEqual(err.code, 'ERR_REQUIRE_ASYNC_MODULE');
+    assert.match(err.message, message);
+  }
+}
+
 const common = {
   allowGlobals,
   buildType,
@@ -946,6 +957,7 @@ const common = {
   defaultAutoSelectFamilyAttemptTimeout,
   expectsError,
   expectRequiredModule,
+  expectRequiredTLAError,
   expectWarning,
   getArrayBufferViews,
   getBufferSources,
diff --git a/test/es-module/test-require-module-tla-execution.js b/test/es-module/test-require-module-tla-execution.js
new file mode 100644
index 00000000000000..bdd222d1f8fa0b
--- /dev/null
+++ b/test/es-module/test-require-module-tla-execution.js
@@ -0,0 +1,26 @@
+'use strict';
+
+// Tests that require(esm) with top-level-await throws before execution starts
+// if --experimental-print-required-tla is not enabled.
+
+const common = require('../common');
+const assert = require('assert');
+const { spawnSyncAndExit } = require('../common/child_process');
+const fixtures = require('../common/fixtures');
+
+{
+  spawnSyncAndExit(process.execPath, [
+    fixtures.path('es-modules/tla/require-execution.js'),
+  ], {
+    signal: null,
+    status: 1,
+    stderr(output) {
+      assert.doesNotMatch(output, /I am executed/);
+      common.expectRequiredTLAError(output);
+      assert.match(output, /From .*require-execution\.js/);
+      assert.match(output, /Requiring .*execution\.mjs/);
+      return true;
+    },
+    stdout: ''
+  });
+}
diff --git a/test/es-module/test-require-module-tla-nested.js b/test/es-module/test-require-module-tla-nested.js
new file mode 100644
index 00000000000000..583cd7cd0c95db
--- /dev/null
+++ b/test/es-module/test-require-module-tla-nested.js
@@ -0,0 +1,15 @@
+'use strict';
+
+// Tests that require(esm) throws for top-level-await in inner graphs.
+
+const common = require('../common');
+const assert = require('assert');
+
+assert.throws(() => {
+  require('../fixtures/es-modules/tla/parent.mjs');
+}, (err) => {
+  common.expectRequiredTLAError(err);
+  assert.match(err.message, /From .*test-require-module-tla-nested\.js/);
+  assert.match(err.message, /Requiring .*parent\.mjs/);
+  return true;
+});
diff --git a/test/es-module/test-require-module-tla-print-execution.js b/test/es-module/test-require-module-tla-print-execution.js
new file mode 100644
index 00000000000000..40992ae32e0905
--- /dev/null
+++ b/test/es-module/test-require-module-tla-print-execution.js
@@ -0,0 +1,29 @@
+'use strict';
+
+// Tests that require(esm) with top-level-await throws after execution
+// if --experimental-print-required-tla is enabled.
+
+const common = require('../common');
+const assert = require('assert');
+const { spawnSyncAndExit } = require('../common/child_process');
+const fixtures = require('../common/fixtures');
+
+{
+  spawnSyncAndExit(process.execPath, [
+    '--experimental-print-required-tla',
+    fixtures.path('es-modules/tla/require-execution.js'),
+  ], {
+    signal: null,
+    status: 1,
+    stderr(output) {
+      assert.match(output, /I am executed/);
+      common.expectRequiredTLAError(output);
+      assert.match(output, /Error: unexpected top-level await at.*execution\.mjs:3/);
+      assert.match(output, /await Promise\.resolve\('hi'\)/);
+      assert.match(output, /From .*require-execution\.js/);
+      assert.match(output, /Requiring .*execution\.mjs/);
+      return true;
+    },
+    stdout: ''
+  });
+}
diff --git a/test/es-module/test-require-module-tla-rejected.js b/test/es-module/test-require-module-tla-rejected.js
new file mode 100644
index 00000000000000..0c1f8de2c307f6
--- /dev/null
+++ b/test/es-module/test-require-module-tla-rejected.js
@@ -0,0 +1,15 @@
+'use strict';
+
+// Tests that require(esm) throws for rejected top-level await.
+
+const common = require('../common');
+const assert = require('assert');
+
+assert.throws(() => {
+  require('../fixtures/es-modules/tla/rejected.mjs');
+}, (err) => {
+  common.expectRequiredTLAError(err);
+  assert.match(err.message, /From .*test-require-module-tla-rejected\.js/);
+  assert.match(err.message, /Requiring .*rejected\.mjs/);
+  return true;
+});
diff --git a/test/es-module/test-require-module-tla-resolved.js b/test/es-module/test-require-module-tla-resolved.js
new file mode 100644
index 00000000000000..f35bb68b7dc180
--- /dev/null
+++ b/test/es-module/test-require-module-tla-resolved.js
@@ -0,0 +1,15 @@
+'use strict';
+
+// Tests that require(esm) throws for resolved top-level-await.
+
+const common = require('../common');
+const assert = require('assert');
+
+assert.throws(() => {
+  require('../fixtures/es-modules/tla/resolved.mjs');
+}, (err) => {
+  common.expectRequiredTLAError(err);
+  assert.match(err.message, /From .*test-require-module-tla-resolved\.js/);
+  assert.match(err.message, /Requiring .*resolved\.mjs/);
+  return true;
+});
diff --git a/test/es-module/test-require-module-tla-unresolved.js b/test/es-module/test-require-module-tla-unresolved.js
new file mode 100644
index 00000000000000..35cf12c446129b
--- /dev/null
+++ b/test/es-module/test-require-module-tla-unresolved.js
@@ -0,0 +1,15 @@
+'use strict';
+
+// Tests that require(esm) throws for unresolved top-level-await.
+
+const common = require('../common');
+const assert = require('assert');
+
+assert.throws(() => {
+  require('../fixtures/es-modules/tla/unresolved.mjs');
+}, (err) => {
+  common.expectRequiredTLAError(err);
+  assert.match(err.message, /From .*test-require-module-tla-unresolved\.js/);
+  assert.match(err.message, /Requiring .*unresolved\.mjs/);
+  return true;
+});
diff --git a/test/es-module/test-require-module-tla.js b/test/es-module/test-require-module-tla.js
deleted file mode 100644
index 9b38b1cab3fcb5..00000000000000
--- a/test/es-module/test-require-module-tla.js
+++ /dev/null
@@ -1,63 +0,0 @@
-// Flags: --experimental-require-module
-'use strict';
-
-require('../common');
-const assert = require('assert');
-const { spawnSyncAndExit } = require('../common/child_process');
-const fixtures = require('../common/fixtures');
-
-const message = /require\(\) cannot be used on an ESM graph with top-level await/;
-const code = 'ERR_REQUIRE_ASYNC_MODULE';
-
-assert.throws(() => {
-  require('../fixtures/es-modules/tla/rejected.mjs');
-}, { message, code });
-
-assert.throws(() => {
-  require('../fixtures/es-modules/tla/unresolved.mjs');
-}, { message, code });
-
-
-assert.throws(() => {
-  require('../fixtures/es-modules/tla/resolved.mjs');
-}, { message, code });
-
-// Test TLA in inner graphs.
-assert.throws(() => {
-  require('../fixtures/es-modules/tla/parent.mjs');
-}, { message, code });
-
-{
-  spawnSyncAndExit(process.execPath, [
-    '--experimental-require-module',
-    fixtures.path('es-modules/tla/require-execution.js'),
-  ], {
-    signal: null,
-    status: 1,
-    stderr(output) {
-      assert.doesNotMatch(output, /I am executed/);
-      assert.match(output, message);
-      return true;
-    },
-    stdout: ''
-  });
-}
-
-{
-  spawnSyncAndExit(process.execPath, [
-    '--experimental-require-module',
-    '--experimental-print-required-tla',
-    fixtures.path('es-modules/tla/require-execution.js'),
-  ], {
-    signal: null,
-    status: 1,
-    stderr(output) {
-      assert.match(output, /I am executed/);
-      assert.match(output, /Error: unexpected top-level await at.*execution\.mjs:3/);
-      assert.match(output, /await Promise\.resolve\('hi'\)/);
-      assert.match(output, message);
-      return true;
-    },
-    stdout: ''
-  });
-}

From 939ecf89067558e09593ba9eb0077f19d767d734 Mon Sep 17 00:00:00 2001
From: Joyee Cheung <joyeec9h3@gmail.com>
Date: Tue, 4 Mar 2025 08:34:34 +0100
Subject: [PATCH 126/138] module: handle cached linked async jobs in
 require(esm)

This handles two cases caused by using Promise.all() with
multiple dynamic import() that can make an asynchronously
linked module job that has finished/failed linking but
has not yet started actual evaluation appear in the load
cache when another require request is in turn to handle
it.

- When the cached async job has finished linking but has not
  started its evaluation because the async run() task would be
  later in line, start the evaluation from require() with
  runSync().
- When the cached async job have already encountered a linking
  error that gets wrapped into a rejection, but is still later
  in line to throw on it, just unwrap and throw the linking error
  from require().

PR-URL: https://github.com/nodejs/node/pull/57187
Backport-PR-URL: https://github.com/nodejs/node/pull/59504
Fixes: https://github.com/nodejs/node/issues/57172
Refs: https://github.com/shufo/prettier-plugin-blade/issues/311
Refs: https://github.com/fisker/prettier-plugin-blade-311
Refs: https://github.com/mochajs/mocha/issues/5290
Refs: https://github.com/JoshuaKGoldberg/repros/tree/mocha-missing-module-cyclic
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Refs: https://github.com/nodejs/node/issues/52697
---
 lib/internal/modules/esm/loader.js     | 85 ++++++++++++++++++++------
 lib/internal/modules/esm/module_job.js | 10 +--
 src/module_wrap.cc                     | 71 ++++++++++++++-------
 3 files changed, 118 insertions(+), 48 deletions(-)

diff --git a/lib/internal/modules/esm/loader.js b/lib/internal/modules/esm/loader.js
index f026271c4759ba..90c71214c82733 100644
--- a/lib/internal/modules/esm/loader.js
+++ b/lib/internal/modules/esm/loader.js
@@ -36,12 +36,22 @@ const {
   getDefaultConditions,
 } = require('internal/modules/esm/utils');
 const { kImplicitAssertType } = require('internal/modules/esm/assert');
-const { ModuleWrap, kEvaluating, kEvaluated } = internalBinding('module_wrap');
+const {
+  ModuleWrap,
+  kEvaluated,
+  kEvaluating,
+  kInstantiated,
+  throwIfPromiseRejected,
+} = internalBinding('module_wrap');
 const {
   urlToFilename,
 } = require('internal/modules/helpers');
 let defaultResolve, defaultLoad, defaultLoadSync, importMetaInitializer;
 
+let debug = require('internal/util/debuglog').debuglog('esm', (fn) => {
+  debug = fn;
+});
+
 /**
  * @typedef {import('./hooks.js').HooksProxy} HooksProxy
  * @typedef {import('./module_job.js').ModuleJobBase} ModuleJobBase
@@ -75,6 +85,23 @@ function getTranslators() {
   return translators;
 }
 
+/**
+ * Generate message about potential race condition caused by requiring a cached module that has started
+ * async linking.
+ * @param {string} filename Filename of the module being required.
+ * @param {string|undefined} parentFilename Filename of the module calling require().
+ * @returns {string} Error message.
+ */
+function getRaceMessage(filename, parentFilename) {
+  let raceMessage = `Cannot require() ES Module ${filename} because it is not yet fully loaded. `;
+  raceMessage += 'This may be caused by a race condition if the module is simultaneously dynamically ';
+  raceMessage += 'import()-ed via Promise.all(). Try await-ing the import() sequentially in a loop instead.';
+  if (parentFilename) {
+    raceMessage += ` (from ${parentFilename})`;
+  }
+  return raceMessage;
+}
+
 /**
  * @type {HooksProxy}
  * Multiple loader instances exist for various, specific reasons (see code comments at site).
@@ -297,35 +324,53 @@ class ModuleLoader {
     //    evaluated at this point.
     // TODO(joyeecheung): add something similar to CJS loader's requireStack to help
     // debugging the the problematic links in the graph for import.
+    debug('importSyncForRequire', parent?.filename, '->', filename, job);
     if (job !== undefined) {
       mod[kRequiredModuleSymbol] = job.module;
       const parentFilename = urlToFilename(parent?.filename);
       // TODO(node:55782): this race may stop to happen when the ESM resolution and loading become synchronous.
       if (!job.module) {
-        let message = `Cannot require() ES Module ${filename} because it is not yet fully loaded. `;
-        message += 'This may be caused by a race condition if the module is simultaneously dynamically ';
-        message += 'import()-ed via Promise.all(). Try await-ing the import() sequentially in a loop instead.';
-        if (parentFilename) {
-          message += ` (from ${parentFilename})`;
-        }
-        assert(job.module, message);
+        assert.fail(getRaceMessage(filename, parentFilename));
       }
       if (job.module.async) {
         throw new ERR_REQUIRE_ASYNC_MODULE(filename, parentFilename);
       }
-      // job.module may be undefined if it's asynchronously loaded. Which means
-      // there is likely a cycle.
-      if (job.module.getStatus() !== kEvaluated) {
-        let message = `Cannot require() ES Module ${filename} in a cycle.`;
-        if (parentFilename) {
-          message += ` (from ${parentFilename})`;
-        }
-        message += 'A cycle involving require(esm) is disallowed to maintain ';
-        message += 'invariants madated by the ECMAScript specification';
-        message += 'Try making at least part of the dependency in the graph lazily loaded.';
-        throw new ERR_REQUIRE_CYCLE_MODULE(message);
+      const status = job.module.getStatus();
+      debug('Module status', filename, status);
+      if (status === kEvaluated) {
+        return { wrap: job.module, namespace: job.module.getNamespaceSync(filename, parentFilename) };
+      } else if (status === kInstantiated) {
+        // When it's an async job cached by another import request,
+        // which has finished linking but has not started its
+        // evaluation because the async run() task would be later
+        // in line. Then start the evaluation now with runSync(), which
+        // is guaranteed to finish by the time the other run() get to it,
+        // and the other task would just get the cached evaluation results,
+        // similar to what would happen when both are async.
+        mod[kRequiredModuleSymbol] = job.module;
+        const { namespace } = job.runSync(parent);
+        return { wrap: job.module, namespace: namespace || job.module.getNamespace() };
       }
-      return { wrap: job.module, namespace: job.module.getNamespaceSync(filename, parentFilename) };
+      // When the cached async job have already encountered a linking
+      // error that gets wrapped into a rejection, but is still later
+      // in line to throw on it, just unwrap and throw the linking error
+      // from require().
+      if (job.instantiated) {
+        throwIfPromiseRejected(job.instantiated);
+      }
+      if (status !== kEvaluating) {
+        assert.fail(`Unexpected module status ${status}. ` +
+                    getRaceMessage(filename, parentFilename));
+      }
+      let message = `Cannot require() ES Module ${filename} in a cycle.`;
+      if (parentFilename) {
+        message += ` (from ${parentFilename})`;
+      }
+      message += 'A cycle involving require(esm) is disallowed to maintain ';
+      message += 'invariants madated by the ECMAScript specification';
+      message += 'Try making at least part of the dependency in the graph lazily loaded.';
+      throw new ERR_REQUIRE_CYCLE_MODULE(message);
+
     }
     // TODO(joyeecheung): refactor this so that we pre-parse in C++ and hit the
     // cache here, or use a carrier object to carry the compiled module script
diff --git a/lib/internal/modules/esm/module_job.js b/lib/internal/modules/esm/module_job.js
index a9dd372fe2f498..31da9693c349d9 100644
--- a/lib/internal/modules/esm/module_job.js
+++ b/lib/internal/modules/esm/module_job.js
@@ -240,7 +240,7 @@ class ModuleJob extends ModuleJobBase {
     }
   }
 
-  runSync() {
+  runSync(parent) {
     assert(this.module instanceof ModuleWrap);
     if (this.instantiated !== undefined) {
       return { __proto__: null, module: this.module };
@@ -248,11 +248,11 @@ class ModuleJob extends ModuleJobBase {
 
     this.module.instantiate();
     this.instantiated = PromiseResolve();
-    const timeout = -1;
-    const breakOnSigint = false;
     setHasStartedUserESMExecution();
-    this.module.evaluate(timeout, breakOnSigint);
-    return { __proto__: null, module: this.module };
+    const filename = urlToFilename(this.url);
+    const parentFilename = urlToFilename(parent?.filename);
+    const namespace = this.module.evaluateSync(filename, parentFilename);
+    return { __proto__: null, module: this.module, namespace };
   }
 
   async run() {
diff --git a/src/module_wrap.cc b/src/module_wrap.cc
index 21aaea106d8d28..c8594dc9b196fc 100644
--- a/src/module_wrap.cc
+++ b/src/module_wrap.cc
@@ -24,6 +24,7 @@ using v8::Array;
 using v8::ArrayBufferView;
 using v8::Context;
 using v8::EscapableHandleScope;
+using v8::Exception;
 using v8::FixedArray;
 using v8::Function;
 using v8::FunctionCallbackInfo;
@@ -32,15 +33,22 @@ using v8::HandleScope;
 using v8::Int32;
 using v8::Integer;
 using v8::Isolate;
+using v8::JustVoid;
 using v8::Local;
+using v8::Maybe;
 using v8::MaybeLocal;
+using v8::Message;
 using v8::MicrotaskQueue;
 using v8::Module;
 using v8::ModuleRequest;
+using v8::Name;
+using v8::Nothing;
+using v8::Null;
 using v8::Object;
 using v8::ObjectTemplate;
 using v8::PrimitiveArray;
 using v8::Promise;
+using v8::PromiseRejectEvent;
 using v8::ScriptCompiler;
 using v8::ScriptOrigin;
 using v8::String;
@@ -584,6 +592,43 @@ void ModuleWrap::InstantiateSync(const FunctionCallbackInfo<Value>& args) {
   args.GetReturnValue().Set(module->IsGraphAsync());
 }
 
+Maybe<void> ThrowIfPromiseRejected(Realm* realm, Local<Promise> promise) {
+  Isolate* isolate = realm->isolate();
+  Local<Context> context = realm->context();
+  if (promise->State() != Promise::PromiseState::kRejected) {
+    return JustVoid();
+  }
+  // The rejected promise is created by V8, so we don't get a chance to mark
+  // it as resolved before the rejection happens from evaluation. But we can
+  // tell the promise rejection callback to treat it as a promise rejected
+  // before handler was added which would remove it from the unhandled
+  // rejection handling, since we are converting it into an error and throw
+  // from here directly.
+  Local<Value> type =
+      Integer::New(isolate,
+                   static_cast<int32_t>(
+                       PromiseRejectEvent::kPromiseHandlerAddedAfterReject));
+  Local<Value> args[] = {type, promise, Undefined(isolate)};
+  if (realm->promise_reject_callback()
+          ->Call(context, Undefined(isolate), arraysize(args), args)
+          .IsEmpty()) {
+    return Nothing<void>();
+  }
+  Local<Value> exception = promise->Result();
+  Local<Message> message = Exception::CreateMessage(isolate, exception);
+  AppendExceptionLine(
+      realm->env(), exception, message, ErrorHandlingMode::MODULE_ERROR);
+  isolate->ThrowException(exception);
+  return Nothing<void>();
+}
+
+void ThrowIfPromiseRejected(const FunctionCallbackInfo<Value>& args) {
+  if (!args[0]->IsPromise()) {
+    return;
+  }
+  ThrowIfPromiseRejected(Realm::GetCurrent(args), args[0].As<Promise>());
+}
+
 void ModuleWrap::EvaluateSync(const FunctionCallbackInfo<Value>& args) {
   Realm* realm = Realm::GetCurrent(args);
   Isolate* isolate = args.GetIsolate();
@@ -608,29 +653,7 @@ void ModuleWrap::EvaluateSync(const FunctionCallbackInfo<Value>& args) {
 
   CHECK(result->IsPromise());
   Local<Promise> promise = result.As<Promise>();
-  if (promise->State() == Promise::PromiseState::kRejected) {
-    // The rejected promise is created by V8, so we don't get a chance to mark
-    // it as resolved before the rejection happens from evaluation. But we can
-    // tell the promise rejection callback to treat it as a promise rejected
-    // before handler was added which would remove it from the unhandled
-    // rejection handling, since we are converting it into an error and throw
-    // from here directly.
-    Local<Value> type = v8::Integer::New(
-        isolate,
-        static_cast<int32_t>(
-            v8::PromiseRejectEvent::kPromiseHandlerAddedAfterReject));
-    Local<Value> args[] = {type, promise, Undefined(isolate)};
-    if (env->promise_reject_callback()
-            ->Call(context, Undefined(isolate), arraysize(args), args)
-            .IsEmpty()) {
-      return;
-    }
-    Local<Value> exception = promise->Result();
-    Local<v8::Message> message =
-        v8::Exception::CreateMessage(isolate, exception);
-    AppendExceptionLine(
-        env, exception, message, ErrorHandlingMode::MODULE_ERROR);
-    isolate->ThrowException(exception);
+  if (ThrowIfPromiseRejected(realm, promise).IsNothing()) {
     return;
   }
 
@@ -1083,6 +1106,7 @@ void ModuleWrap::CreatePerIsolateProperties(IsolateData* isolate_data,
             target,
             "createRequiredModuleFacade",
             CreateRequiredModuleFacade);
+  SetMethod(isolate, target, "throwIfPromiseRejected", ThrowIfPromiseRejected);
 }
 
 void ModuleWrap::CreatePerContextProperties(Local<Object> target,
@@ -1127,6 +1151,7 @@ void ModuleWrap::RegisterExternalReferences(
 
   registry->Register(SetImportModuleDynamicallyCallback);
   registry->Register(SetInitializeImportMetaObjectCallback);
+  registry->Register(ThrowIfPromiseRejected);
 }
 }  // namespace loader
 }  // namespace node

From badba50d30cd5dc6bc63af13f302a0585cba708e Mon Sep 17 00:00:00 2001
From: haykam821 <24855774+haykam821@users.noreply.github.com>
Date: Wed, 9 Apr 2025 07:47:58 -0400
Subject: [PATCH 127/138] module: fix incorrect formatting in require(esm)
 cycle error message

Fixes: https://github.com/nodejs/node/issues/57451
PR-URL: https://github.com/nodejs/node/pull/57453
Backport-PR-URL: https://github.com/nodejs/node/pull/59504
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Jake Yuesong Li <jake.yuesong@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Refs: https://github.com/nodejs/node/issues/52697
---
 lib/internal/modules/esm/loader.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/internal/modules/esm/loader.js b/lib/internal/modules/esm/loader.js
index 90c71214c82733..db7e83fe83d359 100644
--- a/lib/internal/modules/esm/loader.js
+++ b/lib/internal/modules/esm/loader.js
@@ -366,8 +366,8 @@ class ModuleLoader {
       if (parentFilename) {
         message += ` (from ${parentFilename})`;
       }
-      message += 'A cycle involving require(esm) is disallowed to maintain ';
-      message += 'invariants madated by the ECMAScript specification';
+      message += ' A cycle involving require(esm) is not allowed to maintain ';
+      message += 'invariants mandated by the ECMAScript specification. ';
       message += 'Try making at least part of the dependency in the graph lazily loaded.';
       throw new ERR_REQUIRE_CYCLE_MODULE(message);
 

From 6e02db1b124322c7365668b5191673cf6f2d2320 Mon Sep 17 00:00:00 2001
From: Joyee Cheung <joyeec9h3@gmail.com>
Date: Thu, 8 May 2025 22:10:32 +0200
Subject: [PATCH 128/138] module: handle instantiated async module jobs in
 require(esm)

When require(esm) encounters a cached module job that is instantiated
but not yet evaluated, run the evaluation. This catches an edge case
previously missed in https://github.com/nodejs/node/pull/57187.

PR-URL: https://github.com/nodejs/node/pull/58067
Backport-PR-URL: https://github.com/nodejs/node/pull/59504
Fixes: https://github.com/nodejs/node/issues/58061
Reviewed-By: Jacob Smith <jacob@frende.me>
Refs: https://github.com/nodejs/node/issues/52697
---
 lib/internal/modules/esm/loader.js            |  2 +-
 lib/internal/modules/esm/module_job.js        | 44 ++++++++++++++-----
 src/debug_utils.h                             |  1 +
 src/module_wrap.cc                            | 12 +++++
 src/module_wrap.h                             |  1 +
 .../test-require-module-instantiated.mjs      |  4 ++
 .../require-module-instantiated/a.mjs         |  2 +
 .../require-module-instantiated/b.cjs         |  1 +
 .../require-module-instantiated/c.mjs         |  3 ++
 9 files changed, 58 insertions(+), 12 deletions(-)
 create mode 100644 test/es-module/test-require-module-instantiated.mjs
 create mode 100644 test/fixtures/es-modules/require-module-instantiated/a.mjs
 create mode 100644 test/fixtures/es-modules/require-module-instantiated/b.cjs
 create mode 100644 test/fixtures/es-modules/require-module-instantiated/c.mjs

diff --git a/lib/internal/modules/esm/loader.js b/lib/internal/modules/esm/loader.js
index db7e83fe83d359..6357d174fcd989 100644
--- a/lib/internal/modules/esm/loader.js
+++ b/lib/internal/modules/esm/loader.js
@@ -336,7 +336,7 @@ class ModuleLoader {
         throw new ERR_REQUIRE_ASYNC_MODULE(filename, parentFilename);
       }
       const status = job.module.getStatus();
-      debug('Module status', filename, status);
+      debug('Module status', job, status);
       if (status === kEvaluated) {
         return { wrap: job.module, namespace: job.module.getNamespaceSync(filename, parentFilename) };
       } else if (status === kInstantiated) {
diff --git a/lib/internal/modules/esm/module_job.js b/lib/internal/modules/esm/module_job.js
index 31da9693c349d9..e92ffd637261ef 100644
--- a/lib/internal/modules/esm/module_job.js
+++ b/lib/internal/modules/esm/module_job.js
@@ -21,8 +21,13 @@ let debug = require('internal/util/debuglog').debuglog('esm', (fn) => {
   debug = fn;
 });
 
-const { ModuleWrap, kInstantiated } = internalBinding('module_wrap');
-
+const {
+  ModuleWrap,
+  kErrored,
+  kEvaluated,
+  kInstantiated,
+  kUninstantiated,
+} = internalBinding('module_wrap');
 const { decorateErrorStack, kEmptyObject } = require('internal/util');
 const {
   getSourceMapsEnabled,
@@ -242,17 +247,34 @@ class ModuleJob extends ModuleJobBase {
 
   runSync(parent) {
     assert(this.module instanceof ModuleWrap);
-    if (this.instantiated !== undefined) {
-      return { __proto__: null, module: this.module };
+    let status = this.module.getStatus();
+
+    debug('ModuleJob.runSync', this.module);
+    // FIXME(joyeecheung): this cannot fully handle < kInstantiated. Make the linking
+    // fully synchronous instead.
+    if (status === kUninstantiated) {
+      this.module.async = this.module.instantiateSync();
+      status = this.module.getStatus();
     }
+    if (status === kInstantiated || status === kErrored) {
+      const filename = urlToFilename(this.url);
+      const parentFilename = urlToFilename(parent?.filename);
+      this.module.async ??= this.module.isGraphAsync();
 
-    this.module.instantiate();
-    this.instantiated = PromiseResolve();
-    setHasStartedUserESMExecution();
-    const filename = urlToFilename(this.url);
-    const parentFilename = urlToFilename(parent?.filename);
-    const namespace = this.module.evaluateSync(filename, parentFilename);
-    return { __proto__: null, module: this.module, namespace };
+      if (this.module.async && !getOptionValue('--experimental-print-required-tla')) {
+        throw new ERR_REQUIRE_ASYNC_MODULE(filename, parentFilename);
+      }
+      if (status === kInstantiated) {
+        setHasStartedUserESMExecution();
+        const namespace = this.module.evaluateSync(filename, parentFilename);
+        return { __proto__: null, module: this.module, namespace };
+      }
+      throw this.module.getError();
+
+    } else if (status === kEvaluated) {
+      return { __proto__: null, module: this.module, namespace: this.module.getNamespaceSync() };
+    }
+    assert.fail(`Unexpected module status ${status}.`);
   }
 
   async run() {
diff --git a/src/debug_utils.h b/src/debug_utils.h
index d00e2d1ca9ac4b..95431ac83960f9 100644
--- a/src/debug_utils.h
+++ b/src/debug_utils.h
@@ -51,6 +51,7 @@ void NODE_EXTERN_PRIVATE FWrite(FILE* file, const std::string& str);
   V(NGTCP2_DEBUG)                                                              \
   V(SEA)                                                                       \
   V(WASI)                                                                      \
+  V(MODULE)                                                                    \
   V(MKSNAPSHOT)                                                                \
   V(SNAPSHOT_SERDES)                                                           \
   V(PERMISSION_MODEL)
diff --git a/src/module_wrap.cc b/src/module_wrap.cc
index c8594dc9b196fc..d4a9f8f00acfda 100644
--- a/src/module_wrap.cc
+++ b/src/module_wrap.cc
@@ -743,6 +743,16 @@ void ModuleWrap::GetStatus(const FunctionCallbackInfo<Value>& args) {
   args.GetReturnValue().Set(module->GetStatus());
 }
 
+void ModuleWrap::IsGraphAsync(const FunctionCallbackInfo<Value>& args) {
+  Isolate* isolate = args.GetIsolate();
+  ModuleWrap* obj;
+  ASSIGN_OR_RETURN_UNWRAP(&obj, args.This());
+
+  Local<Module> module = obj->module_.Get(isolate);
+
+  args.GetReturnValue().Set(module->IsGraphAsync());
+}
+
 void ModuleWrap::GetError(const FunctionCallbackInfo<Value>& args) {
   Isolate* isolate = args.GetIsolate();
   ModuleWrap* obj;
@@ -1090,6 +1100,7 @@ void ModuleWrap::CreatePerIsolateProperties(IsolateData* isolate_data,
       isolate, tpl, "createCachedData", CreateCachedData);
   SetProtoMethodNoSideEffect(isolate, tpl, "getNamespace", GetNamespace);
   SetProtoMethodNoSideEffect(isolate, tpl, "getStatus", GetStatus);
+  SetProtoMethodNoSideEffect(isolate, tpl, "isGraphAsync", IsGraphAsync);
   SetProtoMethodNoSideEffect(isolate, tpl, "getError", GetError);
   SetConstructorFunction(isolate, target, "ModuleWrap", tpl);
   isolate_data->set_module_wrap_constructor_template(tpl);
@@ -1146,6 +1157,7 @@ void ModuleWrap::RegisterExternalReferences(
   registry->Register(GetNamespace);
   registry->Register(GetStatus);
   registry->Register(GetError);
+  registry->Register(IsGraphAsync);
 
   registry->Register(CreateRequiredModuleFacade);
 
diff --git a/src/module_wrap.h b/src/module_wrap.h
index 51b127209af695..860495d8db6900 100644
--- a/src/module_wrap.h
+++ b/src/module_wrap.h
@@ -110,6 +110,7 @@ class ModuleWrap : public BaseObject {
   static void Instantiate(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void Evaluate(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void GetNamespace(const v8::FunctionCallbackInfo<v8::Value>& args);
+  static void IsGraphAsync(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void GetStatus(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void GetError(const v8::FunctionCallbackInfo<v8::Value>& args);
 
diff --git a/test/es-module/test-require-module-instantiated.mjs b/test/es-module/test-require-module-instantiated.mjs
new file mode 100644
index 00000000000000..9dd50f31d36fd4
--- /dev/null
+++ b/test/es-module/test-require-module-instantiated.mjs
@@ -0,0 +1,4 @@
+import '../common/index.mjs';
+import assert from 'node:assert';
+import { b, c } from '../fixtures/es-modules/require-module-instantiated/a.mjs';
+assert.strictEqual(b, c);
diff --git a/test/fixtures/es-modules/require-module-instantiated/a.mjs b/test/fixtures/es-modules/require-module-instantiated/a.mjs
new file mode 100644
index 00000000000000..2918d41462152f
--- /dev/null
+++ b/test/fixtures/es-modules/require-module-instantiated/a.mjs
@@ -0,0 +1,2 @@
+export { default as b } from './b.cjs';
+export { default as c } from './c.mjs';
diff --git a/test/fixtures/es-modules/require-module-instantiated/b.cjs b/test/fixtures/es-modules/require-module-instantiated/b.cjs
new file mode 100644
index 00000000000000..1e23a5d46d2ad2
--- /dev/null
+++ b/test/fixtures/es-modules/require-module-instantiated/b.cjs
@@ -0,0 +1 @@
+module.exports = require('./c.mjs');
diff --git a/test/fixtures/es-modules/require-module-instantiated/c.mjs b/test/fixtures/es-modules/require-module-instantiated/c.mjs
new file mode 100644
index 00000000000000..a5b4faccf9a4fd
--- /dev/null
+++ b/test/fixtures/es-modules/require-module-instantiated/c.mjs
@@ -0,0 +1,3 @@
+const foo = 1;
+export default foo;
+export { foo as 'module.exports' };

From ed43b696891e54d85fa25f618de86e7de5566236 Mon Sep 17 00:00:00 2001
From: Carlos Espa <43477095+Ceres6@users.noreply.github.com>
Date: Fri, 16 May 2025 08:39:28 +0200
Subject: [PATCH 129/138] module: clarify cjs global-like error on
 ModuleJobSync

PR-URL: https://github.com/nodejs/node/pull/56491
Backport-PR-URL: https://github.com/nodejs/node/pull/59504
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Jacob Smith <jacob@frende.me>
Refs: https://github.com/nodejs/node/issues/52697
---
 lib/internal/modules/esm/module_job.js        | 62 ++++++++++++-------
 .../test-require-module-error-catching.js     |  2 +-
 2 files changed, 40 insertions(+), 24 deletions(-)

diff --git a/lib/internal/modules/esm/module_job.js b/lib/internal/modules/esm/module_job.js
index e92ffd637261ef..13d383e436edfb 100644
--- a/lib/internal/modules/esm/module_job.js
+++ b/lib/internal/modules/esm/module_job.js
@@ -58,6 +58,37 @@ const isCommonJSGlobalLikeNotDefinedError = (errorMessage) =>
     (globalLike) => errorMessage === `${globalLike} is not defined`,
   );
 
+
+/**
+ *
+ * @param {Error} e
+ * @param {string} url
+ * @returns {void}
+ */
+const explainCommonJSGlobalLikeNotDefinedError = (e, url) => {
+  if (e?.name === 'ReferenceError' &&
+      isCommonJSGlobalLikeNotDefinedError(e.message)) {
+    e.message += ' in ES module scope';
+
+    if (StringPrototypeStartsWith(e.message, 'require ')) {
+      e.message += ', you can use import instead';
+    }
+
+    const packageConfig =
+      StringPrototypeStartsWith(url, 'file://') &&
+        RegExpPrototypeExec(/\.js(\?[^#]*)?(#.*)?$/, url) !== null &&
+        require('internal/modules/esm/resolve')
+          .getPackageScopeConfig(url);
+    if (packageConfig.type === 'module') {
+      e.message +=
+        '\nThis file is being treated as an ES module because it has a ' +
+        `'.js' file extension and '${packageConfig.pjsonPath}' contains ` +
+        '"type": "module". To treat it as a CommonJS script, rename it ' +
+        'to use the \'.cjs\' file extension.';
+    }
+  }
+};
+
 class ModuleJobBase {
   constructor(url, importAttributes, isMain, inspectBrk) {
     this.importAttributes = importAttributes;
@@ -285,27 +316,7 @@ class ModuleJob extends ModuleJobBase {
     try {
       await this.module.evaluate(timeout, breakOnSigint);
     } catch (e) {
-      if (e?.name === 'ReferenceError' &&
-          isCommonJSGlobalLikeNotDefinedError(e.message)) {
-        e.message += ' in ES module scope';
-
-        if (StringPrototypeStartsWith(e.message, 'require ')) {
-          e.message += ', you can use import instead';
-        }
-
-        const packageConfig =
-          StringPrototypeStartsWith(this.module.url, 'file://') &&
-            RegExpPrototypeExec(/\.js(\?[^#]*)?(#.*)?$/, this.module.url) !== null &&
-            require('internal/modules/esm/resolve')
-              .getPackageScopeConfig(this.module.url);
-        if (packageConfig.type === 'module') {
-          e.message +=
-            '\nThis file is being treated as an ES module because it has a ' +
-            `'.js' file extension and '${packageConfig.pjsonPath}' contains ` +
-            '"type": "module". To treat it as a CommonJS script, rename it ' +
-            'to use the \'.cjs\' file extension.';
-        }
-      }
+      explainCommonJSGlobalLikeNotDefinedError(e, this.module.url);
       throw e;
     }
     return { __proto__: null, module: this.module };
@@ -409,8 +420,13 @@ class ModuleJobSync extends ModuleJobBase {
       throw new ERR_REQUIRE_ASYNC_MODULE(filename, parentFilename);
     }
     setHasStartedUserESMExecution();
-    const namespace = this.module.evaluateSync(filename, parentFilename);
-    return { __proto__: null, module: this.module, namespace };
+    try {
+      const namespace = this.module.evaluateSync(filename, parentFilename);
+      return { __proto__: null, module: this.module, namespace };
+    } catch (e) {
+      explainCommonJSGlobalLikeNotDefinedError(e, this.module.url);
+      throw e;
+    }
   }
 }
 
diff --git a/test/es-module/test-require-module-error-catching.js b/test/es-module/test-require-module-error-catching.js
index c314513d9bbf04..5400564b3182c6 100644
--- a/test/es-module/test-require-module-error-catching.js
+++ b/test/es-module/test-require-module-error-catching.js
@@ -17,5 +17,5 @@ assert.throws(() => {
   require('../fixtures/es-modules/reference-error-esm.js');
 }, {
   name: 'ReferenceError',
-  message: 'exports is not defined'
+  message: 'exports is not defined in ES module scope'
 });

From 253118542334b404a1896b5d7486c20cb43592db Mon Sep 17 00:00:00 2001
From: Joyee Cheung <joyeec9h3@gmail.com>
Date: Wed, 11 Jun 2025 11:33:16 +0200
Subject: [PATCH 130/138] module: allow cycles in require() in the CJS handling
 in ESM loader

When --import is used, the ESM loader is used to handle even pure
CJS entry points, and it can run into CJS module facades in the
evaluating state when the parent CJS module is being evaluated.
In this case it should be allowed, since the ESM <-> CJS cycles
that are meant to be disallowed (for the time being) should
already be detected before evaluation and wouldn't get here,
and CJS <-> CJS cycles are fine.

PR-URL: https://github.com/nodejs/node/pull/58598
Backport-PR-URL: https://github.com/nodejs/node/pull/59504
Fixes: https://github.com/nodejs/node/issues/58515
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ethan Arrowood <ethan@arrowood.dev>
Refs: https://github.com/nodejs/node/issues/52697
---
 lib/internal/modules/esm/module_job.js        | 11 ++++++++--
 src/module_wrap.cc                            |  3 +--
 .../test-import-preload-require-cycle.js      | 20 +++++++++++++++++++
 test/fixtures/import-require-cycle/a.js       |  1 +
 test/fixtures/import-require-cycle/b.js       |  1 +
 test/fixtures/import-require-cycle/c.js       |  3 +++
 .../fixtures/import-require-cycle/preload.mjs | 10 ++++++++++
 7 files changed, 45 insertions(+), 4 deletions(-)
 create mode 100644 test/es-module/test-import-preload-require-cycle.js
 create mode 100644 test/fixtures/import-require-cycle/a.js
 create mode 100644 test/fixtures/import-require-cycle/b.js
 create mode 100644 test/fixtures/import-require-cycle/c.js
 create mode 100644 test/fixtures/import-require-cycle/preload.mjs

diff --git a/lib/internal/modules/esm/module_job.js b/lib/internal/modules/esm/module_job.js
index 13d383e436edfb..0ece92157fe1f3 100644
--- a/lib/internal/modules/esm/module_job.js
+++ b/lib/internal/modules/esm/module_job.js
@@ -25,6 +25,7 @@ const {
   ModuleWrap,
   kErrored,
   kEvaluated,
+  kEvaluating,
   kInstantiated,
   kUninstantiated,
 } = internalBinding('module_wrap');
@@ -301,8 +302,14 @@ class ModuleJob extends ModuleJobBase {
         return { __proto__: null, module: this.module, namespace };
       }
       throw this.module.getError();
-
-    } else if (status === kEvaluated) {
+    } else if (status === kEvaluating || status === kEvaluated) {
+      // kEvaluating can show up when this is being used to deal with CJS <-> CJS cycles.
+      // Allow it for now, since we only need to ban ESM <-> CJS cycles which would be
+      // detected earlier during the linking phase, though the CJS handling in the ESM
+      // loader won't be able to emit warnings on pending circular exports like what
+      // the CJS loader does.
+      // TODO(joyeecheung): remove the re-invented require() in the ESM loader and
+      // always handle CJS using the CJS loader to eliminate the quirks.
       return { __proto__: null, module: this.module, namespace: this.module.getNamespaceSync() };
     }
     assert.fail(`Unexpected module status ${status}.`);
diff --git a/src/module_wrap.cc b/src/module_wrap.cc
index d4a9f8f00acfda..355b387e1b7b7a 100644
--- a/src/module_wrap.cc
+++ b/src/module_wrap.cc
@@ -693,11 +693,10 @@ void ModuleWrap::GetNamespaceSync(const FunctionCallbackInfo<Value>& args) {
       return realm->env()->ThrowError(
           "Cannot get namespace, module has not been instantiated");
     case v8::Module::Status::kInstantiated:
+    case v8::Module::Status::kEvaluating:
     case v8::Module::Status::kEvaluated:
     case v8::Module::Status::kErrored:
       break;
-    case v8::Module::Status::kEvaluating:
-      UNREACHABLE();
   }
 
   if (module->IsGraphAsync()) {
diff --git a/test/es-module/test-import-preload-require-cycle.js b/test/es-module/test-import-preload-require-cycle.js
new file mode 100644
index 00000000000000..c47b64ba584802
--- /dev/null
+++ b/test/es-module/test-import-preload-require-cycle.js
@@ -0,0 +1,20 @@
+'use strict';
+
+// This tests that --import preload does not break CJS entry points that contains
+// require cycles.
+
+require('../common');
+const fixtures = require('../common/fixtures');
+const { spawnSyncAndAssert } = require('../common/child_process');
+
+spawnSyncAndAssert(
+  process.execPath,
+  [
+    '--import',
+    fixtures.fileURL('import-require-cycle/preload.mjs'),
+    fixtures.path('import-require-cycle/c.js'),
+  ],
+  {
+    stdout: /cycle equality true/,
+  }
+);
diff --git a/test/fixtures/import-require-cycle/a.js b/test/fixtures/import-require-cycle/a.js
new file mode 100644
index 00000000000000..595a5085cf5ff9
--- /dev/null
+++ b/test/fixtures/import-require-cycle/a.js
@@ -0,0 +1 @@
+module.exports.b = require('./b.js');
diff --git a/test/fixtures/import-require-cycle/b.js b/test/fixtures/import-require-cycle/b.js
new file mode 100644
index 00000000000000..869be257319c1c
--- /dev/null
+++ b/test/fixtures/import-require-cycle/b.js
@@ -0,0 +1 @@
+module.exports.a = require('./a.js');
diff --git a/test/fixtures/import-require-cycle/c.js b/test/fixtures/import-require-cycle/c.js
new file mode 100644
index 00000000000000..39099ad76074b3
--- /dev/null
+++ b/test/fixtures/import-require-cycle/c.js
@@ -0,0 +1,3 @@
+const obj = require('./b.js');
+
+console.log('cycle equality', obj.a.b === obj);
diff --git a/test/fixtures/import-require-cycle/preload.mjs b/test/fixtures/import-require-cycle/preload.mjs
new file mode 100644
index 00000000000000..83690b86feafb3
--- /dev/null
+++ b/test/fixtures/import-require-cycle/preload.mjs
@@ -0,0 +1,10 @@
+import * as mod from "module";
+
+// This API is not available on v20.x. We are just checking that a
+// using a --import preload to force the ESM loader to load CJS
+// still handles CJS <-> CJS cycles just fine.
+// mod.registerHooks({
+//   load(url, context, nextLoad) {
+//     return nextLoad(url, context);
+//   },
+// });

From fad773cedea5947704dbad0d8d8fcddce95ffd20 Mon Sep 17 00:00:00 2001
From: Joyee Cheung <joyeec9h3@gmail.com>
Date: Wed, 9 Jul 2025 18:39:29 +0200
Subject: [PATCH 131/138] module: throw error when re-runing errored module
 jobs

Re-evaluating an errored ESM should lead to rejecting
the rejection again - this is also the case when importing
it twice. In the case of retrying with
require after import, just throw the cached error.

Drive-by: add some debug logs.
PR-URL: https://github.com/nodejs/node/pull/58957
Backport-PR-URL: https://github.com/nodejs/node/pull/59504
Fixes: https://github.com/nodejs/node/issues/58945
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Refs: https://github.com/nodejs/node/issues/52697
---
 lib/internal/modules/esm/loader.js              |  4 ++++
 lib/internal/modules/esm/module_job.js          | 10 ++++++++--
 .../test-import-module-retry-require-errored.js | 17 +++++++++++++++++
 ...est-require-module-retry-import-errored-2.js | 16 ++++++++++++++++
 4 files changed, 45 insertions(+), 2 deletions(-)
 create mode 100644 test/es-module/test-import-module-retry-require-errored.js
 create mode 100644 test/es-module/test-require-module-retry-import-errored-2.js

diff --git a/lib/internal/modules/esm/loader.js b/lib/internal/modules/esm/loader.js
index 6357d174fcd989..e85f4b3acc3be1 100644
--- a/lib/internal/modules/esm/loader.js
+++ b/lib/internal/modules/esm/loader.js
@@ -41,6 +41,7 @@ const {
   kEvaluated,
   kEvaluating,
   kInstantiated,
+  kErrored,
   throwIfPromiseRejected,
 } = internalBinding('module_wrap');
 const {
@@ -350,6 +351,9 @@ class ModuleLoader {
         mod[kRequiredModuleSymbol] = job.module;
         const { namespace } = job.runSync(parent);
         return { wrap: job.module, namespace: namespace || job.module.getNamespace() };
+      } else if (status === kErrored) {
+        // If the module was previously imported and errored, throw the error.
+        throw job.module.getError();
       }
       // When the cached async job have already encountered a linking
       // error that gets wrapped into a rejection, but is still later
diff --git a/lib/internal/modules/esm/module_job.js b/lib/internal/modules/esm/module_job.js
index 0ece92157fe1f3..3b68647e455d20 100644
--- a/lib/internal/modules/esm/module_job.js
+++ b/lib/internal/modules/esm/module_job.js
@@ -281,7 +281,7 @@ class ModuleJob extends ModuleJobBase {
     assert(this.module instanceof ModuleWrap);
     let status = this.module.getStatus();
 
-    debug('ModuleJob.runSync', this.module);
+    debug('ModuleJob.runSync()', status, this.module);
     // FIXME(joyeecheung): this cannot fully handle < kInstantiated. Make the linking
     // fully synchronous instead.
     if (status === kUninstantiated) {
@@ -316,6 +316,7 @@ class ModuleJob extends ModuleJobBase {
   }
 
   async run() {
+    debug('ModuleJob.run()', this.module);
     await this.instantiate();
     const timeout = -1;
     const breakOnSigint = false;
@@ -392,7 +393,11 @@ class ModuleJobSync extends ModuleJobBase {
   async run() {
     // This path is hit by a require'd module that is imported again.
     const status = this.module.getStatus();
-    if (status > kInstantiated) {
+    debug('ModuleJobSync.run()', status, this.module);
+    // If the module was previously required and errored, reject from import() again.
+    if (status === kErrored) {
+      throw this.module.getError();
+    } else if (status > kInstantiated) {
       if (this.evaluationPromise) {
         await this.evaluationPromise;
       }
@@ -413,6 +418,7 @@ class ModuleJobSync extends ModuleJobBase {
   }
 
   runSync(parent) {
+    debug('ModuleJobSync.runSync()', this.module);
     // TODO(joyeecheung): add the error decoration logic from the async instantiate.
     this.module.async = this.module.instantiateSync();
     // If --experimental-print-required-tla is true, proceeds to evaluation even
diff --git a/test/es-module/test-import-module-retry-require-errored.js b/test/es-module/test-import-module-retry-require-errored.js
new file mode 100644
index 00000000000000..79afa20aa70cb5
--- /dev/null
+++ b/test/es-module/test-import-module-retry-require-errored.js
@@ -0,0 +1,17 @@
+// This tests that after failing to import an ESM that rejects,
+// retrying with require() still throws.
+
+'use strict';
+const common = require('../common');
+const assert = require('assert');
+
+(async () => {
+  await assert.rejects(import('../fixtures/es-modules/throw-error.mjs'), {
+    message: 'test',
+  });
+  assert.throws(() => {
+    require('../fixtures/es-modules/throw-error.mjs');
+  }, {
+    message: 'test',
+  });
+})().catch(common.mustNotCall());
diff --git a/test/es-module/test-require-module-retry-import-errored-2.js b/test/es-module/test-require-module-retry-import-errored-2.js
new file mode 100644
index 00000000000000..3504d9932c61af
--- /dev/null
+++ b/test/es-module/test-require-module-retry-import-errored-2.js
@@ -0,0 +1,16 @@
+// This tests that after failing to require an ESM that throws,
+// retrying with import() still rejects.
+
+'use strict';
+const common = require('../common');
+const assert = require('assert');
+
+assert.throws(() => {
+  require('../fixtures/es-modules/throw-error.mjs');
+}, {
+  message: 'test',
+});
+
+assert.rejects(import('../fixtures/es-modules/throw-error.mjs'), {
+  message: 'test',
+}).catch(common.mustNotCall());

From 068c439552dfe72cf531d5b70cb2f985a9b116c8 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Sat, 5 Jul 2025 11:34:24 +0200
Subject: [PATCH 132/138] crypto: fix SHAKE128/256 breaking change introduced
 with OpenSSL 3.4
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Reverts: https://github.com/nodejs/node/pull/56160
Fixes: https://github.com/nodejs/node/issues/56159
Fixes: https://github.com/nodejs/node/issues/58913
Refs: https://github.com/nodejs/node/pull/58121
PR-URL: https://github.com/nodejs/node/pull/58942
Backport-PR-URL: https://github.com/nodejs/node/pull/58961
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
---
 doc/api/deprecations.md                       | 33 +++++++++++++++++++
 lib/internal/crypto/hash.js                   | 31 +++++++++++++++++
 lib/internal/util.js                          |  6 ++--
 src/crypto/crypto_hash.cc                     | 14 +++++++-
 .../test-crypto-default-shake-lengths.js      | 18 ++++++++++
 test/parallel/test-crypto-hash.js             | 29 ++++++++--------
 test/parallel/test-crypto-oneshot-hash.js     |  3 --
 7 files changed, 112 insertions(+), 22 deletions(-)
 create mode 100644 test/parallel/test-crypto-default-shake-lengths.js

diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index f76628f37b3a15..ab261064c0d7f1 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -3589,6 +3589,39 @@ Type: Documentation-only
 Passing non-supported argument types is deprecated and, instead of returning `false`,
 will throw an error in a future version.
 
+<!-- md-lint skip-deprecation DEP0188 -->
+
+<!-- md-lint skip-deprecation DEP0189 -->
+
+<!-- md-lint skip-deprecation DEP0190 -->
+
+<!-- md-lint skip-deprecation DEP0191 -->
+
+<!-- md-lint skip-deprecation DEP0192 -->
+
+<!-- md-lint skip-deprecation DEP0193 -->
+
+<!-- md-lint skip-deprecation DEP0194 -->
+
+<!-- md-lint skip-deprecation DEP0195 -->
+
+<!-- md-lint skip-deprecation DEP0196 -->
+
+<!-- md-lint skip-deprecation DEP0197 -->
+
+### DEP0198: Creating SHAKE-128 and SHAKE-256 digests without an explicit `options.outputLength`
+
+<!-- YAML
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/58942
+    description: Documentation-only deprecation with support for `--pending-deprecation`.
+-->
+
+Type: Documentation-only (supports [`--pending-deprecation`][])
+
+Creating SHAKE-128 and SHAKE-256 digests without an explicit `options.outputLength` is deprecated.
+
 [NIST SP 800-38D]: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf
 [RFC 6066]: https://tools.ietf.org/html/rfc6066#section-3
 [RFC 8247 Section 2.4]: https://www.rfc-editor.org/rfc/rfc8247#section-2.4
diff --git a/lib/internal/crypto/hash.js b/lib/internal/crypto/hash.js
index fda2017fa0cc95..f5b89cd9ac3040 100644
--- a/lib/internal/crypto/hash.js
+++ b/lib/internal/crypto/hash.js
@@ -3,6 +3,7 @@
 const {
   ObjectSetPrototypeOf,
   ReflectApply,
+  StringPrototypeReplace,
   StringPrototypeToLowerCase,
   Symbol,
 } = primordials;
@@ -33,6 +34,8 @@ const {
   lazyDOMException,
   normalizeEncoding,
   encodingsMap,
+  isPendingDeprecation,
+  getDeprecationWarningEmitter,
 } = require('internal/util');
 
 const {
@@ -63,6 +66,25 @@ const LazyTransform = require('internal/streams/lazy_transform');
 const kState = Symbol('kState');
 const kFinalized = Symbol('kFinalized');
 
+/**
+ * @param {string} name
+ */
+function normalizeAlgorithm(name) {
+  return StringPrototypeReplace(StringPrototypeToLowerCase(name), '-', '');
+}
+
+const maybeEmitDeprecationWarning = getDeprecationWarningEmitter(
+  'DEP0198',
+  'Creating SHAKE128/256 digests without an explicit options.outputLength is deprecated.',
+  undefined,
+  false,
+  (algorithm) => {
+    if (!isPendingDeprecation()) return false;
+    const normalized = normalizeAlgorithm(algorithm);
+    return normalized === 'shake128' || normalized === 'shake256';
+  },
+);
+
 function Hash(algorithm, options) {
   if (!new.target)
     return new Hash(algorithm, options);
@@ -80,6 +102,9 @@ function Hash(algorithm, options) {
   this[kState] = {
     [kFinalized]: false,
   };
+  if (!isCopy && xofLen === undefined) {
+    maybeEmitDeprecationWarning(algorithm);
+  }
   ReflectApply(LazyTransform, this, [options]);
 }
 
@@ -213,6 +238,12 @@ function hash(algorithm, input, outputEncoding = 'hex') {
       }
     }
   }
+  // TODO: ideally we have to ship https://github.com/nodejs/node/pull/58121 so
+  // that a proper DEP0198 deprecation can be done here as well.
+  const normalizedAlgorithm = normalizeAlgorithm(algorithm);
+  if (normalizedAlgorithm === 'shake128' || normalizedAlgorithm === 'shake256') {
+    return new Hash(algorithm).update(input).digest(normalized);
+  }
   return oneShotDigest(algorithm, getCachedHashId(algorithm), getHashCache(),
                        input, normalized, encodingsMap[normalized]);
 }
diff --git a/lib/internal/util.js b/lib/internal/util.js
index 0c34a5ea4e564b..bcc8bdd58da3e4 100644
--- a/lib/internal/util.js
+++ b/lib/internal/util.js
@@ -104,8 +104,8 @@ function getDeprecationWarningEmitter(
   shouldEmitWarning = () => true,
 ) {
   let warned = false;
-  return function() {
-    if (!warned && shouldEmitWarning()) {
+  return function(arg) {
+    if (!warned && shouldEmitWarning(arg)) {
       warned = true;
       if (code !== undefined) {
         if (!codesWarned.has(code)) {
@@ -994,4 +994,6 @@ module.exports = {
   setOwnProperty,
   pendingDeprecate,
   WeakReference,
+  isPendingDeprecation,
+  getDeprecationWarningEmitter,
 };
diff --git a/src/crypto/crypto_hash.cc b/src/crypto/crypto_hash.cc
index da301e433159f8..aa02ff763261ce 100644
--- a/src/crypto/crypto_hash.cc
+++ b/src/crypto/crypto_hash.cc
@@ -341,10 +341,22 @@ bool Hash::HashInit(const EVP_MD* md, Maybe<unsigned int> xof_md_len) {
   }
 
   md_len_ = EVP_MD_size(md);
+  bool is_xof = (EVP_MD_flags(md) & EVP_MD_FLAG_XOF) != 0;
+  if (is_xof && !xof_md_len.IsJust() && md_len_ == 0) {
+    const char* name = OBJ_nid2sn(EVP_MD_type(md));
+    if (name != nullptr) {
+      if (strcmp(name, "SHAKE128") == 0) {
+        md_len_ = 16;
+      } else if (strcmp(name, "SHAKE256") == 0) {
+        md_len_ = 32;
+      }
+    }
+  }
+
   if (xof_md_len.IsJust() && xof_md_len.FromJust() != md_len_) {
     // This is a little hack to cause createHash to fail when an incorrect
     // hashSize option was passed for a non-XOF hash function.
-    if ((EVP_MD_flags(md) & EVP_MD_FLAG_XOF) == 0) {
+    if (!is_xof) {
       EVPerr(EVP_F_EVP_DIGESTFINALXOF, EVP_R_NOT_XOF_OR_INVALID_LENGTH);
       return false;
     }
diff --git a/test/parallel/test-crypto-default-shake-lengths.js b/test/parallel/test-crypto-default-shake-lengths.js
new file mode 100644
index 00000000000000..1e558814ca0e4a
--- /dev/null
+++ b/test/parallel/test-crypto-default-shake-lengths.js
@@ -0,0 +1,18 @@
+// Flags: --pending-deprecation
+'use strict';
+
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const { createHash } = require('crypto');
+
+common.expectWarning({
+  DeprecationWarning: {
+    DEP0198: 'Creating SHAKE128/256 digests without an explicit options.outputLength is deprecated.',
+  }
+});
+
+{
+  createHash('shake128').update('test').digest();
+}
diff --git a/test/parallel/test-crypto-hash.js b/test/parallel/test-crypto-hash.js
index 8a946ac55adb00..af2146982c7a3b 100644
--- a/test/parallel/test-crypto-hash.js
+++ b/test/parallel/test-crypto-hash.js
@@ -7,7 +7,6 @@ const assert = require('assert');
 const crypto = require('crypto');
 const fs = require('fs');
 
-const { hasOpenSSL } = common;
 const fixtures = require('../common/fixtures');
 
 let cryptoType;
@@ -183,21 +182,19 @@ assert.throws(
 
 // Test XOF hash functions and the outputLength option.
 {
-  // Default outputLengths. Since OpenSSL 3.4 an outputLength is mandatory
-  if (!hasOpenSSL(3, 4)) {
-    assert.strictEqual(crypto.createHash('shake128').digest('hex'),
-                       '7f9c2ba4e88f827d616045507605853e');
-    assert.strictEqual(crypto.createHash('shake128', null).digest('hex'),
-                       '7f9c2ba4e88f827d616045507605853e');
-    assert.strictEqual(crypto.createHash('shake256').digest('hex'),
-                       '46b9dd2b0ba88d13233b3feb743eeb24' +
-                       '3fcd52ea62b81b82b50c27646ed5762f');
-    assert.strictEqual(crypto.createHash('shake256', { outputLength: 0 })
-                             .copy()  // Default outputLength.
-                             .digest('hex'),
-                       '46b9dd2b0ba88d13233b3feb743eeb24' +
-                       '3fcd52ea62b81b82b50c27646ed5762f');
-  }
+  // Default outputLengths.
+  assert.strictEqual(crypto.createHash('shake128').digest('hex'),
+                     '7f9c2ba4e88f827d616045507605853e');
+  assert.strictEqual(crypto.createHash('shake128', null).digest('hex'),
+                     '7f9c2ba4e88f827d616045507605853e');
+  assert.strictEqual(crypto.createHash('shake256').digest('hex'),
+                     '46b9dd2b0ba88d13233b3feb743eeb24' +
+                     '3fcd52ea62b81b82b50c27646ed5762f');
+  assert.strictEqual(crypto.createHash('shake256', { outputLength: 0 })
+                           .copy()  // Default outputLength.
+                           .digest('hex'),
+                     '46b9dd2b0ba88d13233b3feb743eeb24' +
+                     '3fcd52ea62b81b82b50c27646ed5762f');
 
   // Short outputLengths.
   assert.strictEqual(crypto.createHash('shake128', { outputLength: 0 })
diff --git a/test/parallel/test-crypto-oneshot-hash.js b/test/parallel/test-crypto-oneshot-hash.js
index 69051c43d9e882..56b4c04a65a1c1 100644
--- a/test/parallel/test-crypto-oneshot-hash.js
+++ b/test/parallel/test-crypto-oneshot-hash.js
@@ -31,9 +31,6 @@ const methods = crypto.getHashes();
 const input = fs.readFileSync(fixtures.path('utf8_test_text.txt'));
 
 for (const method of methods) {
-  // Skip failing tests on OpenSSL 3.4.0
-  if (method.startsWith('shake') && common.hasOpenSSL(3, 4))
-    continue;
   for (const outputEncoding of ['buffer', 'hex', 'base64', undefined]) {
     const oldDigest = crypto.createHash(method).update(input).digest(outputEncoding || 'hex');
     const digestFromBuffer = crypto.hash(method, input, outputEncoding);

From 69c43bdfccd7358e41780b17d7b3dbd5b775ad4f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C3=ABl=20Zasso?= <targos@protonmail.com>
Date: Sat, 30 Aug 2025 11:47:38 +0200
Subject: [PATCH 133/138] test: fix internet/test-dns

The `nodejs.org` domain has now two TXT records.
Do not verify the exact number of records returned (only their shape),
and check that one of them is the SPF.

PR-URL: https://github.com/nodejs/node/pull/59660
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
---
 test/internet/test-dns.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/test/internet/test-dns.js b/test/internet/test-dns.js
index abf94314b1b266..0b485e6daa36e2 100644
--- a/test/internet/test-dns.js
+++ b/test/internet/test-dns.js
@@ -482,9 +482,9 @@ TEST(function test_resolveCname_failure(done) {
 
 TEST(async function test_resolveTxt(done) {
   function validateResult(result) {
-    assert.ok(Array.isArray(result[0]));
-    assert.strictEqual(result.length, 1);
-    assert(result[0][0].startsWith('v=spf1'));
+    assert.ok(result.length > 0);
+    assert.ok(result.every((elem) => Array.isArray(elem) && elem.length === 1));
+    assert.ok(result.some((elem) => elem[0].startsWith('v=spf1')));
   }
 
   validateResult(await dnsPromises.resolveTxt(addresses.TXT_HOST));

From ea204034678b4b534f7f7ae0bce99e98c5926b89 Mon Sep 17 00:00:00 2001
From: Antoine du Hamel <duhamelantoine1995@gmail.com>
Date: Tue, 13 May 2025 01:29:17 +0200
Subject: [PATCH 134/138] build: fix uvwasi pkgname

PR-URL: https://github.com/nodejs/node/pull/58270
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 configure.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.py b/configure.py
index c84f6ff7385db1..3522f175b6c413 100755
--- a/configure.py
+++ b/configure.py
@@ -2161,7 +2161,7 @@ def make_bin_override():
 configure_library('nghttp2', output, pkgname='libnghttp2')
 configure_library('nghttp3', output, pkgname='libnghttp3')
 configure_library('ngtcp2', output, pkgname='libngtcp2')
-configure_library('uvwasi', output, pkgname='libuvwasi')
+configure_library('uvwasi', output)
 configure_v8(output)
 configure_openssl(output)
 configure_intl(output)

From cdf985071f8a6362bab0762af34b267fe4c670f7 Mon Sep 17 00:00:00 2001
From: Chengzhong Wu <legendecas@gmail.com>
Date: Tue, 17 Dec 2024 23:12:00 +0000
Subject: [PATCH 135/138] lib: suppress source map lookup exceptions

When the source map data are invalid json strings, skip construct
`SourceMap` on it. Additionally, suppress exceptions on source map
lookups and fix test runners crash on invalid source maps.

PR-URL: https://github.com/nodejs/node/pull/56299
Backport-PR-URL: https://github.com/nodejs/node/pull/59653
Refs: https://github.com/nodejs/node/issues/56296
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Xuguang Mei <meixuguang@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com>
---
 .../parallel/test-runner-source-maps-invalid-json.js | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 test/parallel/test-runner-source-maps-invalid-json.js

diff --git a/test/parallel/test-runner-source-maps-invalid-json.js b/test/parallel/test-runner-source-maps-invalid-json.js
new file mode 100644
index 00000000000000..508e2d432117f7
--- /dev/null
+++ b/test/parallel/test-runner-source-maps-invalid-json.js
@@ -0,0 +1,12 @@
+// Flags: --enable-source-maps
+'use strict';
+
+require('../common');
+const test = require('node:test');
+
+// Verify that test runner can handle invalid source maps.
+
+test('ok', () => {});
+
+// eslint-disable-next-line @stylistic/js/spaced-comment
+//# sourceMappingURL=data:application/json;base64,-1

From 2f333b6c5183989ca255b6341bc68551a93aeee6 Mon Sep 17 00:00:00 2001
From: Chengzhong Wu <legendecas@gmail.com>
Date: Tue, 17 Dec 2024 23:38:54 +0000
Subject: [PATCH 136/138] lib: optimize `prepareStackTrace` on builtin frames

Only invalidates source map lookup cache when a new source map is found.
This improves when user codes interleave with builtin functions, like
`array.map`.

PR-URL: https://github.com/nodejs/node/pull/56299
Backport-PR-URL: https://github.com/nodejs/node/pull/59653
Refs: https://github.com/nodejs/node/issues/56296
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Xuguang Mei <meixuguang@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com>
---
 benchmark/fixtures/simple-error-stack.js      | 21 ++++-----
 benchmark/fixtures/simple-error-stack.ts      | 12 +++---
 .../source_map/prepare_stack_trace.js         | 10 ++++-
 lib/internal/source_map/source_map_cache.js   | 43 +++++++++++++------
 4 files changed, 56 insertions(+), 30 deletions(-)

diff --git a/benchmark/fixtures/simple-error-stack.js b/benchmark/fixtures/simple-error-stack.js
index 0057807795b072..74aae191800778 100644
--- a/benchmark/fixtures/simple-error-stack.js
+++ b/benchmark/fixtures/simple-error-stack.js
@@ -1,15 +1,16 @@
 'use strict';
-exports.__esModule = true;
-exports.simpleErrorStack = void 0;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.simpleErrorStack = simpleErrorStack;
 // Compile with `tsc --inlineSourceMap benchmark/fixtures/simple-error-stack.ts`.
 var lorem = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.';
 function simpleErrorStack() {
-    try {
-        lorem.BANG();
-    }
-    catch (e) {
-        return e.stack;
-    }
+    [1].map(function () {
+        try {
+            lorem.BANG();
+        }
+        catch (e) {
+            return e.stack;
+        }
+    });
 }
-exports.simpleErrorStack = simpleErrorStack;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2ltcGxlLWVycm9yLXN0YWNrLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsic2ltcGxlLWVycm9yLXN0YWNrLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLFlBQVksQ0FBQzs7O0FBRWIsaUZBQWlGO0FBRWpGLElBQU0sS0FBSyxHQUFHLCtiQUErYixDQUFDO0FBRTljLFNBQVMsZ0JBQWdCO0lBQ3ZCLElBQUk7UUFDRCxLQUFhLENBQUMsSUFBSSxFQUFFLENBQUM7S0FDdkI7SUFBQyxPQUFPLENBQUMsRUFBRTtRQUNWLE9BQU8sQ0FBQyxDQUFDLEtBQUssQ0FBQztLQUNoQjtBQUNILENBQUM7QUFHQyw0Q0FBZ0IifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2ltcGxlLWVycm9yLXN0YWNrLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsic2ltcGxlLWVycm9yLXN0YWNrLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLFlBQVksQ0FBQzs7QUFpQlgsNENBQWdCO0FBZmxCLGlGQUFpRjtBQUVqRixJQUFNLEtBQUssR0FBRywrYkFBK2IsQ0FBQztBQUU5YyxTQUFTLGdCQUFnQjtJQUN2QixDQUFDLENBQUMsQ0FBQyxDQUFDLEdBQUcsQ0FBQztRQUNOLElBQUksQ0FBQztZQUNGLEtBQWEsQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUN4QixDQUFDO1FBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztZQUNYLE9BQU8sQ0FBQyxDQUFDLEtBQUssQ0FBQztRQUNqQixDQUFDO0lBQ0gsQ0FBQyxDQUFDLENBQUE7QUFDSixDQUFDIn0=
\ No newline at end of file
diff --git a/benchmark/fixtures/simple-error-stack.ts b/benchmark/fixtures/simple-error-stack.ts
index 58034e92f24b98..1335df3478b99b 100644
--- a/benchmark/fixtures/simple-error-stack.ts
+++ b/benchmark/fixtures/simple-error-stack.ts
@@ -5,11 +5,13 @@
 const lorem = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.';
 
 function simpleErrorStack() {
-  try {
-    (lorem as any).BANG();
-  } catch (e) {
-    return e.stack;
-  }
+  [1].map(() => {
+    try {
+      (lorem as any).BANG();
+    } catch (e) {
+      return e.stack;
+    }
+  })
 }
 
 export {
diff --git a/lib/internal/source_map/prepare_stack_trace.js b/lib/internal/source_map/prepare_stack_trace.js
index f06ea6380ceee4..ad065c6cac28c1 100644
--- a/lib/internal/source_map/prepare_stack_trace.js
+++ b/lib/internal/source_map/prepare_stack_trace.js
@@ -53,9 +53,15 @@ function prepareStackTraceWithSourceMaps(error, trace) {
       const sm = fileName === lastFileName ?
         lastSourceMap :
         findSourceMap(fileName);
-      lastSourceMap = sm;
-      lastFileName = fileName;
+      // Only when a source map is found, cache it for the next iteration.
+      // This is a performance optimization to avoid interleaving with JS builtin function
+      // invalidating the cache.
+      // - at myFunc (file:///path/to/file.js:1:2)
+      // - at Array.map (<anonymous>)
+      // - at myFunc (file:///path/to/file.js:3:4)
       if (sm) {
+        lastSourceMap = sm;
+        lastFileName = fileName;
         return `${kStackLineAt}${serializeJSStackFrame(sm, callSite, trace[i + 1])}`;
       }
     } catch (err) {
diff --git a/lib/internal/source_map/source_map_cache.js b/lib/internal/source_map/source_map_cache.js
index 9defc32da8e1e6..c50a44464a2be8 100644
--- a/lib/internal/source_map/source_map_cache.js
+++ b/lib/internal/source_map/source_map_cache.js
@@ -157,6 +157,9 @@ function maybeCacheSourceMap(filename, content, moduleInstance, isGeneratedSourc
   }
 
   const data = dataFromUrl(filename, sourceMapURL);
+  // `data` could be null if the source map is invalid.
+  // In this case, create a cache entry with null data with source url for test coverage.
+
   const entry = {
     __proto__: null,
     lineLengths: lineLengths(content),
@@ -279,6 +282,8 @@ function sourceMapFromDataUrl(sourceURL, url) {
       const parsedData = JSONParse(decodedData);
       return sourcesToAbsolute(sourceURL, parsedData);
     } catch (err) {
+      // TODO(legendecas): warn about invalid source map JSON string.
+      // But it could be verbose.
       debug(err);
       return null;
     }
@@ -333,26 +338,38 @@ function sourceMapCacheToObject() {
 
 /**
  * Find a source map for a given actual source URL or path.
+ *
+ * This function may be invoked from user code or test runner, this must not throw
+ * any exceptions.
  * @param {string} sourceURL - actual source URL or path
  * @returns {import('internal/source_map/source_map').SourceMap | undefined} a source map or undefined if not found
  */
 function findSourceMap(sourceURL) {
-  if (RegExpPrototypeExec(kLeadingProtocol, sourceURL) === null) {
-    sourceURL = pathToFileURL(sourceURL).href;
-  }
-  if (!SourceMap) {
-    SourceMap = require('internal/source_map/source_map').SourceMap;
-  }
-  const entry = getModuleSourceMapCache().get(sourceURL) ?? generatedSourceMapCache.get(sourceURL);
-  if (entry === undefined) {
+  if (typeof sourceURL !== 'string') {
     return undefined;
   }
-  let sourceMap = entry.sourceMap;
-  if (sourceMap === undefined) {
-    sourceMap = new SourceMap(entry.data, { lineLengths: entry.lineLengths });
-    entry.sourceMap = sourceMap;
+
+  SourceMap ??= require('internal/source_map/source_map').SourceMap;
+  try {
+    if (RegExpPrototypeExec(kLeadingProtocol, sourceURL) === null) {
+      // If the sourceURL is an invalid path, this will throw an error.
+      sourceURL = pathToFileURL(sourceURL).href;
+    }
+    const entry = getModuleSourceMapCache().get(sourceURL) ?? generatedSourceMapCache.get(sourceURL);
+    if (entry?.data == null) {
+      return undefined;
+    }
+
+    let sourceMap = entry.sourceMap;
+    if (sourceMap === undefined) {
+      sourceMap = new SourceMap(entry.data, { lineLengths: entry.lineLengths });
+      entry.sourceMap = sourceMap;
+    }
+    return sourceMap;
+  } catch (err) {
+    debug(err);
+    return undefined;
   }
-  return sourceMap;
 }
 
 module.exports = {

From 5e97719860e16169ce19afa151179be2d3b6dcac Mon Sep 17 00:00:00 2001
From: Marco Ippolito <marcoippolito54@gmail.com>
Date: Wed, 3 Sep 2025 11:52:07 +0200
Subject: [PATCH 137/138] test: skip test-http-imports on macos

PR-URL: https://github.com/nodejs/node/pull/59745
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com>
---
 test/es-module/es-module.status | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/test/es-module/es-module.status b/test/es-module/es-module.status
index 58a422dc152258..36d4b4d6a1c6fb 100644
--- a/test/es-module/es-module.status
+++ b/test/es-module/es-module.status
@@ -13,3 +13,7 @@ test-esm-loader-http-imports: PASS,FLAKY
 [$arch==arm || $arch==arm64]
 # https://github.com/nodejs/node/issues/47297
 test-wasm-web-api: SKIP
+
+[$system==macos]
+# https://github.com/nodejs/node/pull/59551#issuecomment-3248510249
+test-http-imports: SKIP

From 36ee08d5d956a710d101b30ccff332b5ef9e1201 Mon Sep 17 00:00:00 2001
From: Marco Ippolito <marcoippolito54@gmail.com>
Date: Wed, 20 Aug 2025 14:42:06 +0200
Subject: [PATCH 138/138] 2025-09-03, Version 20.19.5 'Iron' (LTS)

Notable changes:

doc:
  * add JonasBa to collaborators (Jonas Badalic) https://github.com/nodejs/node/pull/58355
  * add puskin to collaborators (Giovanni Bucci) https://github.com/nodejs/node/pull/58308
  * add Filip Skokan to TSC (Rafael Gonzaga) https://github.com/nodejs/node/pull/58499
  * add geeksilva97 to collaborators (Edy Silva) https://github.com/nodejs/node/pull/57241

PR-URL: https://github.com/nodejs/node/pull/59551
---
 CHANGELOG.md                    |   3 +-
 doc/api/deprecations.md         |   2 +-
 doc/changelogs/CHANGELOG_V20.md | 152 ++++++++++++++++++++++++++++++++
 src/node_version.h              |   2 +-
 4 files changed, 156 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b19299d2e5692b..a561912c77dad7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -35,7 +35,8 @@ release.
 </tr>
 <tr>
   <td valign="top">
-<b><a href="doc/changelogs/CHANGELOG_V20.md#20.19.4">20.19.4</a></b><br/>
+<b><a href="doc/changelogs/CHANGELOG_V20.md#20.19.5">20.19.5</a></b><br/>
+<a href="doc/changelogs/CHANGELOG_V20.md#20.19.4">20.19.4</a><br/>
 <a href="doc/changelogs/CHANGELOG_V20.md#20.19.3">20.19.3</a><br/>
 <a href="doc/changelogs/CHANGELOG_V20.md#20.19.2">20.19.2</a><br/>
 <a href="doc/changelogs/CHANGELOG_V20.md#20.19.1">20.19.1</a><br/>
diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index ab261064c0d7f1..a22e86fdc5ef08 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -3613,7 +3613,7 @@ will throw an error in a future version.
 
 <!-- YAML
 changes:
-  - version: REPLACEME
+  - version: v20.19.5
     pr-url: https://github.com/nodejs/node/pull/58942
     description: Documentation-only deprecation with support for `--pending-deprecation`.
 -->
diff --git a/doc/changelogs/CHANGELOG_V20.md b/doc/changelogs/CHANGELOG_V20.md
index 96eb7e54301344..33c7c3dbe19406 100644
--- a/doc/changelogs/CHANGELOG_V20.md
+++ b/doc/changelogs/CHANGELOG_V20.md
@@ -9,6 +9,7 @@
 </tr>
 <tr>
 <td>
+<a href="#20.19.5">20.19.5</a><br/>
 <a href="#20.19.4">20.19.4</a><br/>
 <a href="#20.19.3">20.19.3</a><br/>
 <a href="#20.19.2">20.19.2</a><br/>
@@ -73,6 +74,157 @@
   * [io.js](CHANGELOG_IOJS.md)
   * [Archive](CHANGELOG_ARCHIVE.md)
 
+<a id="20.19.5"></a>
+
+## 2025-09-03, Version 20.19.5 'Iron' (LTS), @marco-ippolito
+
+### Notable Changes
+
+* \[[`f5b293ad48`](https://github.com/nodejs/node/commit/f5b293ad48)] - **doc**: add JonasBa to collaborators (Jonas Badalic) [#58355](https://github.com/nodejs/node/pull/58355)
+* \[[`4e6ae787c6`](https://github.com/nodejs/node/commit/4e6ae787c6)] - **doc**: add puskin to collaborators (Giovanni Bucci) [#58308](https://github.com/nodejs/node/pull/58308)
+* \[[`d06db658fc`](https://github.com/nodejs/node/commit/d06db658fc)] - **doc**: add Filip Skokan to TSC (Rafael Gonzaga) [#58499](https://github.com/nodejs/node/pull/58499)
+* \[[`3c6206cac9`](https://github.com/nodejs/node/commit/3c6206cac9)] - **doc**: add @geeksilva97 to collaborators (Edy Silva) [#57241](https://github.com/nodejs/node/pull/57241)
+
+### Commits
+
+* \[[`ea20403467`](https://github.com/nodejs/node/commit/ea20403467)] - **build**: fix uvwasi pkgname (Antoine du Hamel) [#58270](https://github.com/nodejs/node/pull/58270)
+* \[[`c647aa4b30`](https://github.com/nodejs/node/commit/c647aa4b30)] - **build**: fix pointer compression builds (Joyee Cheung) [#58171](https://github.com/nodejs/node/pull/58171)
+* \[[`d2c5e609ae`](https://github.com/nodejs/node/commit/d2c5e609ae)] - **build**: disable v8\_enable\_pointer\_compression\_shared\_cage on non-64bit (Shelley Vohr) [#58867](https://github.com/nodejs/node/pull/58867)
+* \[[`84d5c4d244`](https://github.com/nodejs/node/commit/84d5c4d244)] - **build**: search for libnode.so in multiple places (Jan Staněk) [#58213](https://github.com/nodejs/node/pull/58213)
+* \[[`068c439552`](https://github.com/nodejs/node/commit/068c439552)] - **crypto**: fix SHAKE128/256 breaking change introduced with OpenSSL 3.4 (Filip Skokan) [#58942](https://github.com/nodejs/node/pull/58942)
+* \[[`edff105c34`](https://github.com/nodejs/node/commit/edff105c34)] - **debugger**: fix behavior of plain object exec in debugger repl (Dario Piotrowicz) [#57498](https://github.com/nodejs/node/pull/57498)
+* \[[`0473e35b7f`](https://github.com/nodejs/node/commit/0473e35b7f)] - **deps**: update zlib to 1.3.1-470d3a2 (Node.js GitHub Bot) [#58628](https://github.com/nodejs/node/pull/58628)
+* \[[`1218dbbea5`](https://github.com/nodejs/node/commit/1218dbbea5)] - **deps**: update zlib to 1.3.0.1-motley-780819f (Node.js GitHub Bot) [#57768](https://github.com/nodejs/node/pull/57768)
+* \[[`0e3cd9ec00`](https://github.com/nodejs/node/commit/0e3cd9ec00)] - **deps**: update zlib to 1.3.0.1-motley-788cb3c (Node.js GitHub Bot) [#56655](https://github.com/nodejs/node/pull/56655)
+* \[[`a194dd9bd4`](https://github.com/nodejs/node/commit/a194dd9bd4)] - **deps**: update archs files for openssl-3.0.16 (Node.js GitHub Bot) [#57335](https://github.com/nodejs/node/pull/57335)
+* \[[`cc9b79ca70`](https://github.com/nodejs/node/commit/cc9b79ca70)] - **deps**: upgrade openssl sources to quictls/openssl-3.0.16 (Node.js GitHub Bot) [#57335](https://github.com/nodejs/node/pull/57335)
+* \[[`82c46d5358`](https://github.com/nodejs/node/commit/82c46d5358)] - **deps**: update cjs-module-lexer to 2.1.0 (Node.js GitHub Bot) [#57180](https://github.com/nodejs/node/pull/57180)
+* \[[`43e3f9b26b`](https://github.com/nodejs/node/commit/43e3f9b26b)] - **deps**: update cjs-module-lexer to 2.0.0 (Michael Dawson) [#56855](https://github.com/nodejs/node/pull/56855)
+* \[[`91282ff16b`](https://github.com/nodejs/node/commit/91282ff16b)] - **deps**: update corepack to 0.33.0 (Node.js GitHub Bot) [#58566](https://github.com/nodejs/node/pull/58566)
+* \[[`b76bca6f38`](https://github.com/nodejs/node/commit/b76bca6f38)] - **deps**: update acorn to 8.15.0 (Node.js GitHub Bot) [#58711](https://github.com/nodejs/node/pull/58711)
+* \[[`ae11481011`](https://github.com/nodejs/node/commit/ae11481011)] - **deps**: update acorn to 8.14.1 (Node.js GitHub Bot) [#57382](https://github.com/nodejs/node/pull/57382)
+* \[[`142d701201`](https://github.com/nodejs/node/commit/142d701201)] - **deps**: update minimatch to 10.0.3 (Node.js GitHub Bot) [#58712](https://github.com/nodejs/node/pull/58712)
+* \[[`fee082d684`](https://github.com/nodejs/node/commit/fee082d684)] - **deps**: update llhttp to 9.3.0 (Fedor Indutny) [#58144](https://github.com/nodejs/node/pull/58144)
+* \[[`c06f6f3f05`](https://github.com/nodejs/node/commit/c06f6f3f05)] - **dns**: remove redundant code using common variable (Deokjin Kim) [#57386](https://github.com/nodejs/node/pull/57386)
+* \[[`cded8e7e77`](https://github.com/nodejs/node/commit/cded8e7e77)] - **dns**: fix parse memory leaky (theanarkh) [#58973](https://github.com/nodejs/node/pull/58973)
+* \[[`182ae67233`](https://github.com/nodejs/node/commit/182ae67233)] - **dns**: fix dns query cache implementation (Ethan Arrowood) [#58404](https://github.com/nodejs/node/pull/58404)
+* \[[`621b66a297`](https://github.com/nodejs/node/commit/621b66a297)] - **doc**: add review guidelines for collaborator nominations (Antoine du Hamel) [#57449](https://github.com/nodejs/node/pull/57449)
+* \[[`b1009b5b72`](https://github.com/nodejs/node/commit/b1009b5b72)] - **doc**: explicit mention arbitrary code execution as a vuln (Rafael Gonzaga) [#57426](https://github.com/nodejs/node/pull/57426)
+* \[[`f5b293ad48`](https://github.com/nodejs/node/commit/f5b293ad48)] - **doc**: add JonasBa to collaborators (Jonas Badalic) [#58355](https://github.com/nodejs/node/pull/58355)
+* \[[`4e6ae787c6`](https://github.com/nodejs/node/commit/4e6ae787c6)] - **doc**: add puskin to collaborators (Giovanni Bucci) [#58308](https://github.com/nodejs/node/pull/58308)
+* \[[`530473f479`](https://github.com/nodejs/node/commit/530473f479)] - **doc**: add ovflowd back to core collaborators (Claudio W.) [#58911](https://github.com/nodejs/node/pull/58911)
+* \[[`38e8bbc131`](https://github.com/nodejs/node/commit/38e8bbc131)] - **doc**: add info on how project manages social media (Michael Dawson) [#57318](https://github.com/nodejs/node/pull/57318)
+* \[[`d06bb4dcc2`](https://github.com/nodejs/node/commit/d06bb4dcc2)] - **doc**: ping nodejs/tsc for each security pull request (Rafael Gonzaga) [#57309](https://github.com/nodejs/node/pull/57309)
+* \[[`d06db658fc`](https://github.com/nodejs/node/commit/d06db658fc)] - **doc**: add Filip Skokan to TSC (Rafael Gonzaga) [#58499](https://github.com/nodejs/node/pull/58499)
+* \[[`8c3bc156ed`](https://github.com/nodejs/node/commit/8c3bc156ed)] - **doc**: clarify `path.isAbsolute` is not path traversal mitigation (Eric Fortis) [#57073](https://github.com/nodejs/node/pull/57073)
+* \[[`e688410bda`](https://github.com/nodejs/node/commit/e688410bda)] - **doc**: fix rendering of DEP0174 description (David Sanders) [#56835](https://github.com/nodejs/node/pull/56835)
+* \[[`e6a0c6a0fa`](https://github.com/nodejs/node/commit/e6a0c6a0fa)] - **doc**: add missing assert return types (Colin Ihrig) [#57219](https://github.com/nodejs/node/pull/57219)
+* \[[`026b3cab6a`](https://github.com/nodejs/node/commit/026b3cab6a)] - **doc**: add 1ilsang to triage team (1ilsang) [#57183](https://github.com/nodejs/node/pull/57183)
+* \[[`3c6206cac9`](https://github.com/nodejs/node/commit/3c6206cac9)] - **doc**: add @geeksilva97 to collaborators (Edy Silva) [#57241](https://github.com/nodejs/node/pull/57241)
+* \[[`ef3a4675c7`](https://github.com/nodejs/node/commit/ef3a4675c7)] - **doc**: fix web.libera.chat link in pull-requests.md (Samuel Bronson) [#57076](https://github.com/nodejs/node/pull/57076)
+* \[[`1db42b76f7`](https://github.com/nodejs/node/commit/1db42b76f7)] - **doc**: remove buffered flag from performance hooks examples (Pavel Romanov) [#52607](https://github.com/nodejs/node/pull/52607)
+* \[[`b73a1356ce`](https://github.com/nodejs/node/commit/b73a1356ce)] - **doc**: add `module namespace object` links (Dario Piotrowicz) [#57093](https://github.com/nodejs/node/pull/57093)
+* \[[`09368db20f`](https://github.com/nodejs/node/commit/09368db20f)] - **doc**: disambiguate pseudo-code statement (Dario Piotrowicz) [#57092](https://github.com/nodejs/node/pull/57092)
+* \[[`2c3dc569a1`](https://github.com/nodejs/node/commit/2c3dc569a1)] - **doc**: fix wrong articles used to address modules (Dario Piotrowicz) [#57090](https://github.com/nodejs/node/pull/57090)
+* \[[`cd8259cb4e`](https://github.com/nodejs/node/commit/cd8259cb4e)] - **doc**: `modules.md`: fix `distance` definition (Alexander “weej” Jones) [#57046](https://github.com/nodejs/node/pull/57046)
+* \[[`7b0ea9ab2d`](https://github.com/nodejs/node/commit/7b0ea9ab2d)] - **doc**: fix wrong verb form (Dario Piotrowicz) [#57091](https://github.com/nodejs/node/pull/57091)
+* \[[`14fcfc242b`](https://github.com/nodejs/node/commit/14fcfc242b)] - **doc**: add a note about `require('../common')` in testing documentation (Aditi) [#56953](https://github.com/nodejs/node/pull/56953)
+* \[[`bc7d18b6ea`](https://github.com/nodejs/node/commit/bc7d18b6ea)] - **doc**: recommend writing tests in new files and including comments (Joyee Cheung) [#57028](https://github.com/nodejs/node/pull/57028)
+* \[[`acd4d7f269`](https://github.com/nodejs/node/commit/acd4d7f269)] - **doc**: improve documentation on argument validation (Aditi) [#56954](https://github.com/nodejs/node/pull/56954)
+* \[[`4cd6b3ca73`](https://github.com/nodejs/node/commit/4cd6b3ca73)] - **doc**: buffer: fix typo on `Buffer.copyBytesFrom(` `offset` option (tpoisseau) [#57015](https://github.com/nodejs/node/pull/57015)
+* \[[`01220607f2`](https://github.com/nodejs/node/commit/01220607f2)] - **doc**: update cleanup to trust on vuln db automation (Rafael Gonzaga) [#57004](https://github.com/nodejs/node/pull/57004)
+* \[[`77a0505a32`](https://github.com/nodejs/node/commit/77a0505a32)] - **doc**: update post sec release process (Rafael Gonzaga) [#56907](https://github.com/nodejs/node/pull/56907)
+* \[[`77dbcfce5f`](https://github.com/nodejs/node/commit/77dbcfce5f)] - **doc**: add section about using npx with permission model (Rafael Gonzaga) [#56539](https://github.com/nodejs/node/pull/56539)
+* \[[`73e51407b7`](https://github.com/nodejs/node/commit/73e51407b7)] - **doc**: remove RedYetiDev from triagers team (Aviv Keller) [#55947](https://github.com/nodejs/node/pull/55947)
+* \[[`9a36cbb792`](https://github.com/nodejs/node/commit/9a36cbb792)] - **doc**: fix relative path mention in --allow-fs (Rafael Gonzaga) [#55791](https://github.com/nodejs/node/pull/55791)
+* \[[`04d9c5baeb`](https://github.com/nodejs/node/commit/04d9c5baeb)] - **doc**: add scroll margin to links (Roman Reiss) [#58982](https://github.com/nodejs/node/pull/58982)
+* \[[`959a67f6ff`](https://github.com/nodejs/node/commit/959a67f6ff)] - **doc**: make Stability labels not sticky in Stability index (Livia Medeiros) [#58291](https://github.com/nodejs/node/pull/58291)
+* \[[`8757a5532f`](https://github.com/nodejs/node/commit/8757a5532f)] - **doc**: update release key for aduh95 (Antoine du Hamel) [#58877](https://github.com/nodejs/node/pull/58877)
+* \[[`6fa0626327`](https://github.com/nodejs/node/commit/6fa0626327)] - **doc,src,test**: fix typos (Noritaka Kobayashi) [#58477](https://github.com/nodejs/node/pull/58477)
+* \[[`9991788e4a`](https://github.com/nodejs/node/commit/9991788e4a)] - **http**: coerce content-length to number (Marco Ippolito) [#57458](https://github.com/nodejs/node/pull/57458)
+* \[[`ff5cf8a428`](https://github.com/nodejs/node/commit/ff5cf8a428)] - **http2**: fix check for `frame->hd.type` (hanguanqiang) [#57644](https://github.com/nodejs/node/pull/57644)
+* \[[`2f333b6c51`](https://github.com/nodejs/node/commit/2f333b6c51)] - **lib**: optimize `prepareStackTrace` on builtin frames (Chengzhong Wu) [#56299](https://github.com/nodejs/node/pull/56299)
+* \[[`cdf985071f`](https://github.com/nodejs/node/commit/cdf985071f)] - **lib**: suppress source map lookup exceptions (Chengzhong Wu) [#56299](https://github.com/nodejs/node/pull/56299)
+* \[[`faa08b14ed`](https://github.com/nodejs/node/commit/faa08b14ed)] - **lib**: fixup incorrect argument order in assertEncoding (James M Snell) [#57177](https://github.com/nodejs/node/pull/57177)
+* \[[`a683cd1232`](https://github.com/nodejs/node/commit/a683cd1232)] - **meta**: add IlyasShabi to collaborators (Ilyas Shabi) [#58916](https://github.com/nodejs/node/pull/58916)
+* \[[`b145bb28aa`](https://github.com/nodejs/node/commit/b145bb28aa)] - **meta**: bump codecov/codecov-action from 5.4.2 to 5.4.3 (dependabot\[bot]) [#58551](https://github.com/nodejs/node/pull/58551)
+* \[[`2c59789001`](https://github.com/nodejs/node/commit/2c59789001)] - **meta**: bump ossf/scorecard-action from 2.4.1 to 2.4.2 (dependabot\[bot]) [#58550](https://github.com/nodejs/node/pull/58550)
+* \[[`4095337e96`](https://github.com/nodejs/node/commit/4095337e96)] - **meta**: bump rtCamp/action-slack-notify from 2.3.2 to 2.3.3 (dependabot\[bot]) [#58108](https://github.com/nodejs/node/pull/58108)
+* \[[`631fed8e39`](https://github.com/nodejs/node/commit/631fed8e39)] - **meta**: move one or more collaborators to emeritus (Node.js GitHub Bot) [#58456](https://github.com/nodejs/node/pull/58456)
+* \[[`7d2f7180b6`](https://github.com/nodejs/node/commit/7d2f7180b6)] - **meta**: bump codecov/codecov-action from 5.4.0 to 5.4.2 (dependabot\[bot]) [#58110](https://github.com/nodejs/node/pull/58110)
+* \[[`1558551ea5`](https://github.com/nodejs/node/commit/1558551ea5)] - **meta**: bump actions/download-artifact from 4.2.1 to 4.3.0 (dependabot\[bot]) [#58106](https://github.com/nodejs/node/pull/58106)
+* \[[`e1f12fe737`](https://github.com/nodejs/node/commit/e1f12fe737)] - **meta**: ignore mailmap changes in linux ci (Jonas Badalic) [#58356](https://github.com/nodejs/node/pull/58356)
+* \[[`1b78eb1313`](https://github.com/nodejs/node/commit/1b78eb1313)] - **meta**: bump actions/setup-node from 4.3.0 to 4.4.0 (dependabot\[bot]) [#58111](https://github.com/nodejs/node/pull/58111)
+* \[[`2b8449c39a`](https://github.com/nodejs/node/commit/2b8449c39a)] - **meta**: bump actions/setup-python from 5.5.0 to 5.6.0 (dependabot\[bot]) [#58107](https://github.com/nodejs/node/pull/58107)
+* \[[`833b70bbc5`](https://github.com/nodejs/node/commit/833b70bbc5)] - **meta**: allow penetration testing on live system with prior authorization (Matteo Collina) [#57966](https://github.com/nodejs/node/pull/57966)
+* \[[`c6a88561f5`](https://github.com/nodejs/node/commit/c6a88561f5)] - **meta**: bump actions/setup-python from 5.4.0 to 5.5.0 (dependabot\[bot]) [#57718](https://github.com/nodejs/node/pull/57718)
+* \[[`9046ef4fb3`](https://github.com/nodejs/node/commit/9046ef4fb3)] - **meta**: bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (dependabot\[bot]) [#57717](https://github.com/nodejs/node/pull/57717)
+* \[[`46388a4e2a`](https://github.com/nodejs/node/commit/46388a4e2a)] - **meta**: bump actions/cache from 4.2.2 to 4.2.3 (dependabot\[bot]) [#57715](https://github.com/nodejs/node/pull/57715)
+* \[[`d3970685bd`](https://github.com/nodejs/node/commit/d3970685bd)] - **meta**: bump actions/setup-node from 4.2.0 to 4.3.0 (dependabot\[bot]) [#57714](https://github.com/nodejs/node/pull/57714)
+* \[[`47004ef37f`](https://github.com/nodejs/node/commit/47004ef37f)] - **meta**: bump actions/upload-artifact from 4.6.1 to 4.6.2 (dependabot\[bot]) [#57713](https://github.com/nodejs/node/pull/57713)
+* \[[`4abe83ec03`](https://github.com/nodejs/node/commit/4abe83ec03)] - **meta**: add some clarification to the nomination process (James M Snell) [#57503](https://github.com/nodejs/node/pull/57503)
+* \[[`45e9b88363`](https://github.com/nodejs/node/commit/45e9b88363)] - **meta**: remove collaborator self-nomination (Rich Trott) [#57537](https://github.com/nodejs/node/pull/57537)
+* \[[`d10949b7d8`](https://github.com/nodejs/node/commit/d10949b7d8)] - **meta**: edit collaborator nomination process (Antoine du Hamel) [#57483](https://github.com/nodejs/node/pull/57483)
+* \[[`704562fb7a`](https://github.com/nodejs/node/commit/704562fb7a)] - **meta**: move ovflowd to emeritus (Claudio W.) [#57443](https://github.com/nodejs/node/pull/57443)
+* \[[`3f981b8537`](https://github.com/nodejs/node/commit/3f981b8537)] - **meta**: bump codecov/codecov-action from 5.3.1 to 5.4.0 (dependabot\[bot]) [#57257](https://github.com/nodejs/node/pull/57257)
+* \[[`7e1ff7b332`](https://github.com/nodejs/node/commit/7e1ff7b332)] - **meta**: bump ossf/scorecard-action from 2.4.0 to 2.4.1 (dependabot\[bot]) [#57253](https://github.com/nodejs/node/pull/57253)
+* \[[`8d4ec412b9`](https://github.com/nodejs/node/commit/8d4ec412b9)] - **meta**: move RaisinTen back to collaborators, triagers and SEA champion (Darshan Sen) [#57292](https://github.com/nodejs/node/pull/57292)
+* \[[`cc2abb5d17`](https://github.com/nodejs/node/commit/cc2abb5d17)] - **meta**: bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (dependabot\[bot]) [#57259](https://github.com/nodejs/node/pull/57259)
+* \[[`4fad2b8758`](https://github.com/nodejs/node/commit/4fad2b8758)] - **meta**: bump actions/cache from 4.2.0 to 4.2.2 (dependabot\[bot]) [#57256](https://github.com/nodejs/node/pull/57256)
+* \[[`5f5bb8b986`](https://github.com/nodejs/node/commit/5f5bb8b986)] - **meta**: bump actions/upload-artifact from 4.6.0 to 4.6.1 (dependabot\[bot]) [#57255](https://github.com/nodejs/node/pull/57255)
+* \[[`e949359a56`](https://github.com/nodejs/node/commit/e949359a56)] - **meta**: bump `actions/setup-python` from 5.3.0 to 5.4.0 (dependabot\[bot]) [#56867](https://github.com/nodejs/node/pull/56867)
+* \[[`d3c5ad7510`](https://github.com/nodejs/node/commit/d3c5ad7510)] - **meta**: bump `peter-evans/create-pull-request` from 7.0.5 to 7.0.6 (dependabot\[bot]) [#56866](https://github.com/nodejs/node/pull/56866)
+* \[[`56decfe2d1`](https://github.com/nodejs/node/commit/56decfe2d1)] - **meta**: bump `codecov/codecov-action` from 5.0.7 to 5.3.1 (dependabot\[bot]) [#56864](https://github.com/nodejs/node/pull/56864)
+* \[[`52e518444d`](https://github.com/nodejs/node/commit/52e518444d)] - **meta**: bump `actions/cache` from 4.1.2 to 4.2.0 (dependabot\[bot]) [#56862](https://github.com/nodejs/node/pull/56862)
+* \[[`9cac93d9c3`](https://github.com/nodejs/node/commit/9cac93d9c3)] - **meta**: bump `actions/stale` from 9.0.0 to 9.1.0 (dependabot\[bot]) [#56860](https://github.com/nodejs/node/pull/56860)
+* \[[`ecf4252f7c`](https://github.com/nodejs/node/commit/ecf4252f7c)] - **meta**: update last name for jkrems (Jan Martin) [#57006](https://github.com/nodejs/node/pull/57006)
+* \[[`e8beaaaedf`](https://github.com/nodejs/node/commit/e8beaaaedf)] - **meta**: bump `actions/upload-artifact` from 4.4.3 to 4.6.0 (dependabot\[bot]) [#56861](https://github.com/nodejs/node/pull/56861)
+* \[[`5462c257f8`](https://github.com/nodejs/node/commit/5462c257f8)] - **meta**: bump `actions/setup-node` from 4.1.0 to 4.2.0 (dependabot\[bot]) [#56868](https://github.com/nodejs/node/pull/56868)
+* \[[`89c37891a0`](https://github.com/nodejs/node/commit/89c37891a0)] - **meta**: move one or more collaborators to emeritus (Node.js GitHub Bot) [#56889](https://github.com/nodejs/node/pull/56889)
+* \[[`2a0175c291`](https://github.com/nodejs/node/commit/2a0175c291)] - **meta**: add @nodejs/url as codeowner (Chengzhong Wu) [#56783](https://github.com/nodejs/node/pull/56783)
+* \[[`c12aae1e78`](https://github.com/nodejs/node/commit/c12aae1e78)] - **meta**: bump github/codeql-action from 3.28.18 to 3.29.2 (dependabot\[bot]) [#58922](https://github.com/nodejs/node/pull/58922)
+* \[[`4ef09990f1`](https://github.com/nodejs/node/commit/4ef09990f1)] - **meta**: bump github/codeql-action from 3.28.16 to 3.28.18 (dependabot\[bot]) [#58552](https://github.com/nodejs/node/pull/58552)
+* \[[`889654eb2c`](https://github.com/nodejs/node/commit/889654eb2c)] - **meta**: bump github/codeql-action from 3.28.11 to 3.28.16 (dependabot\[bot]) [#58112](https://github.com/nodejs/node/pull/58112)
+* \[[`091e5c1bb9`](https://github.com/nodejs/node/commit/091e5c1bb9)] - **meta**: bump github/codeql-action from 3.28.10 to 3.28.13 (dependabot\[bot]) [#57716](https://github.com/nodejs/node/pull/57716)
+* \[[`01415153de`](https://github.com/nodejs/node/commit/01415153de)] - **meta**: bump github/codeql-action from 3.28.8 to 3.28.10 (dependabot\[bot]) [#57254](https://github.com/nodejs/node/pull/57254)
+* \[[`72ea8aac34`](https://github.com/nodejs/node/commit/72ea8aac34)] - **meta**: bump `github/codeql-action` from 3.27.5 to 3.28.8 (dependabot\[bot]) [#56859](https://github.com/nodejs/node/pull/56859)
+* \[[`99a271e588`](https://github.com/nodejs/node/commit/99a271e588)] - **meta**: bump step-security/harden-runner from 2.12.0 to 2.12.2 (dependabot\[bot]) [#58923](https://github.com/nodejs/node/pull/58923)
+* \[[`b4c4c02490`](https://github.com/nodejs/node/commit/b4c4c02490)] - **meta**: bump step-security/harden-runner from 2.11.0 to 2.12.0 (dependabot\[bot]) [#58109](https://github.com/nodejs/node/pull/58109)
+* \[[`5361bb9157`](https://github.com/nodejs/node/commit/5361bb9157)] - **meta**: bump step-security/harden-runner from 2.10.4 to 2.11.0 (dependabot\[bot]) [#57258](https://github.com/nodejs/node/pull/57258)
+* \[[`28e33acf30`](https://github.com/nodejs/node/commit/28e33acf30)] - **meta**: bump `step-security/harden-runner` from 2.10.2 to 2.10.4 (dependabot\[bot]) [#56863](https://github.com/nodejs/node/pull/56863)
+* \[[`fad773cede`](https://github.com/nodejs/node/commit/fad773cede)] - **module**: throw error when re-runing errored module jobs (Joyee Cheung) [#58957](https://github.com/nodejs/node/pull/58957)
+* \[[`2531185423`](https://github.com/nodejs/node/commit/2531185423)] - **module**: allow cycles in require() in the CJS handling in ESM loader (Joyee Cheung) [#58598](https://github.com/nodejs/node/pull/58598)
+* \[[`ed43b69689`](https://github.com/nodejs/node/commit/ed43b69689)] - **module**: clarify cjs global-like error on ModuleJobSync (Carlos Espa) [#56491](https://github.com/nodejs/node/pull/56491)
+* \[[`6e02db1b12`](https://github.com/nodejs/node/commit/6e02db1b12)] - **module**: handle instantiated async module jobs in require(esm) (Joyee Cheung) [#58067](https://github.com/nodejs/node/pull/58067)
+* \[[`badba50d30`](https://github.com/nodejs/node/commit/badba50d30)] - **module**: fix incorrect formatting in require(esm) cycle error message (haykam821) [#57453](https://github.com/nodejs/node/pull/57453)
+* \[[`939ecf8906`](https://github.com/nodejs/node/commit/939ecf8906)] - **module**: handle cached linked async jobs in require(esm) (Joyee Cheung) [#57187](https://github.com/nodejs/node/pull/57187)
+* \[[`ba7f8a0353`](https://github.com/nodejs/node/commit/ba7f8a0353)] - **module**: improve error message from asynchronicity in require(esm) (Joyee Cheung) [#57126](https://github.com/nodejs/node/pull/57126)
+* \[[`c1e7fa2586`](https://github.com/nodejs/node/commit/c1e7fa2586)] - **module**: handle .mjs in .js handler in CommonJS (Joyee Cheung) [#55590](https://github.com/nodejs/node/pull/55590)
+* \[[`41f3dfd21b`](https://github.com/nodejs/node/commit/41f3dfd21b)] - **module**: fix require.resolve() crash on non-string paths (Aditi) [#56942](https://github.com/nodejs/node/pull/56942)
+* \[[`043dcdd628`](https://github.com/nodejs/node/commit/043dcdd628)] - **os**: fix GetInterfaceAddresses memory lieaky (theanarkh) [#58940](https://github.com/nodejs/node/pull/58940)
+* \[[`9b74e9bfd9`](https://github.com/nodejs/node/commit/9b74e9bfd9)] - **permission**: ignore internalModuleStat on module loading (Rafael Gonzaga) [#55797](https://github.com/nodejs/node/pull/55797)
+* \[[`611a147b45`](https://github.com/nodejs/node/commit/611a147b45)] - **readline**: fix unresolved promise on abortion (Daniel Venable) [#54030](https://github.com/nodejs/node/pull/54030)
+* \[[`f891ae3421`](https://github.com/nodejs/node/commit/f891ae3421)] - **repl**: avoid deprecated `require.extensions` in tab completion (baki gul) [#58653](https://github.com/nodejs/node/pull/58653)
+* \[[`7ba44290bf`](https://github.com/nodejs/node/commit/7ba44290bf)] - **repl**: fix tab completion not working with computer string properties (Dario Piotrowicz) [#58709](https://github.com/nodejs/node/pull/58709)
+* \[[`eb842048b2`](https://github.com/nodejs/node/commit/eb842048b2)] - **src**: do not format single string argument for THROW\_ERR\_\* (Joyee Cheung) [#57126](https://github.com/nodejs/node/pull/57126)
+* \[[`4f004937ec`](https://github.com/nodejs/node/commit/4f004937ec)] - **src**: fixup errorhandling more in various places (James M Snell) [#57852](https://github.com/nodejs/node/pull/57852)
+* \[[`5daa7fe2e2`](https://github.com/nodejs/node/commit/5daa7fe2e2)] - **src**: fix module buffer allocation (X-BW) [#57738](https://github.com/nodejs/node/pull/57738)
+* \[[`586b1be11b`](https://github.com/nodejs/node/commit/586b1be11b)] - **src**: fix build when using shared simdutf (Antoine du Hamel) [#58407](https://github.com/nodejs/node/pull/58407)
+* \[[`563e61f012`](https://github.com/nodejs/node/commit/563e61f012)] - **src**: fix possible dereference of null pointer (Eusgor) [#58459](https://github.com/nodejs/node/pull/58459)
+* \[[`cbec07ea0b`](https://github.com/nodejs/node/commit/cbec07ea0b)] - **src**: fix FIPS init error handling (Tobias Nießen) [#58379](https://github.com/nodejs/node/pull/58379)
+* \[[`80fb80e71b`](https://github.com/nodejs/node/commit/80fb80e71b)] - **src**: fix -Wunreachable-code in src/node\_api.cc (Shelley Vohr) [#58901](https://github.com/nodejs/node/pull/58901)
+* \[[`5e97719860`](https://github.com/nodejs/node/commit/5e97719860)] - **test**: skip test-http-imports on macos (Marco Ippolito) [#59745](https://github.com/nodejs/node/pull/59745)
+* \[[`69c43bdfcc`](https://github.com/nodejs/node/commit/69c43bdfcc)] - **test**: fix internet/test-dns (Michaël Zasso) [#59660](https://github.com/nodejs/node/pull/59660)
+* \[[`6fd58e0338`](https://github.com/nodejs/node/commit/6fd58e0338)] - **tools**: update coverage GitHub Actions to fixed version (Rich Trott) [#59512](https://github.com/nodejs/node/pull/59512)
+* \[[`eb7bbce73e`](https://github.com/nodejs/node/commit/eb7bbce73e)] - **tools**: disable failing coverage jobs (Antoine du Hamel) [#58770](https://github.com/nodejs/node/pull/58770)
+* \[[`65b1669936`](https://github.com/nodejs/node/commit/65b1669936)] - **util**: fix formatting of objects with built-in Symbol.toPrimitive (Shima Ryuhei) [#57832](https://github.com/nodejs/node/pull/57832)
+* \[[`8a29f13bec`](https://github.com/nodejs/node/commit/8a29f13bec)] - **util**: fix parseEnv incorrectly splitting multiple ‘=‘ in value (HEESEUNG) [#57421](https://github.com/nodejs/node/pull/57421)
+* \[[`077d5020c4`](https://github.com/nodejs/node/commit/077d5020c4)] - **v8**: fix missing callback in heap utils destroy (Ruben Bridgewater) [#58846](https://github.com/nodejs/node/pull/58846)
+* \[[`34ae9f8b18`](https://github.com/nodejs/node/commit/34ae9f8b18)] - **vm**: import call should return a promise in the current context (Chengzhong Wu) [#58309](https://github.com/nodejs/node/pull/58309)
+* \[[`0dd3a8d6d1`](https://github.com/nodejs/node/commit/0dd3a8d6d1)] - **win,build**: fix MSVS v17.14 compilation issue (StefanStojanovic) [#58902](https://github.com/nodejs/node/pull/58902)
+* \[[`1b83a2bd2d`](https://github.com/nodejs/node/commit/1b83a2bd2d)] - **zlib**: remove mentions of unexposed Z\_TREES constant (Jimmy Leung) [#58371](https://github.com/nodejs/node/pull/58371)
+* \[[`9dc9604502`](https://github.com/nodejs/node/commit/9dc9604502)] - **zlib**: fix pointer alignment (jhofstee) [#57727](https://github.com/nodejs/node/pull/57727)
+
 <a id="20.19.4"></a>
 
 ## 2025-07-15, Version 20.19.4 'Iron' (LTS), @RafaelGSS
diff --git a/src/node_version.h b/src/node_version.h
index c35453ee402402..abe163488f5ffc 100644
--- a/src/node_version.h
+++ b/src/node_version.h
@@ -29,7 +29,7 @@
 #define NODE_VERSION_IS_LTS 1
 #define NODE_VERSION_LTS_CODENAME "Iron"
 
-#define NODE_VERSION_IS_RELEASE 0
+#define NODE_VERSION_IS_RELEASE 1
 
 #ifndef NODE_STRINGIFY
 #define NODE_STRINGIFY(n) NODE_STRINGIFY_HELPER(n)