Bump Node Minimum to 22, Add Node 24 to CI
Node 20 passed its maintenance EOL in April 2026 — it no longer receives security patches. Our engines field still declares `>=20`, our CI still tests against it, and our docs still advertise it. Meanwhile Node 22 is current LTS (maintained until April 2027) and Node 24 is Current (LTS in October 2026). We should stop validating against a dead version and start validating against the version our users will be on next.
verdict PASSscore 22 / 22findings 4 (1 risk · 0 debt · 3 obs)duration 2h 17mrejection cycles 0shipped May 15, 2026
Pipeline timeline
Intent to proven code in 2h 17m across Think, Plan, Build, and Verify.
Think8m
Plan10m
Build5m
Verify6m
Assertion ledger
22 claims, each independently verified. Showing 8 — show all →
| ID | Says | Matcher | |
|---|---|---|---|
| A001 | Root package requires Node 22 or higher | verified | ok |
| A002 | CLI package requires Node 22 or higher | verified | ok |
| A003 | Website package requires Node 22 or higher | verified | ok |
| A004 | CLI builds against Node 22 as the syntax floor | verified | ok |
| A005 | CI tests against Node 22 and Node 24 | verified | ok |
| A006 | CI no longer tests against the end-of-life Node 20 | verified | ok |
| A007 | Coverage uploads from the lowest supported Node version | verified | ok |
| A008 | Coverage upload step name reflects Node 22 | verified | ok |
Findings 4 total
risk→ closed
Branch is 4 commits behind main — PR diff includes deletion of fix-gantt-bar-distortion plan artifacts (scope.md, spec.md, contract.yaml, plan.md) that were committed to main after the branch point. Rebase before merge.
obs→ closed
Dynamic stat markers (ana:dynamic) updated as prebuild side effect — pipeline.mdx, reading-a-proof.mdx, using-ana-learn.mdx, verifying-changes.mdx, start.mdx, troubleshooting.mdx all have updated proof counts (90->103, 19->21 rejections). These are correct but outside the spec's file_changes list.
obs→ closed
Contract A021 value may be stale — says 2297 tests but this is a snapshot. If main gains tests before merge, the assertion value won't match. The test count is correct for the current branch.
obs→ closed
Lint warning (pre-existing): unused eslint-disable directive for no-control-regex. Not introduced by this build.
Integrity seal
scopesha256:fe24ab56399d7...
contractsha256:c879061356e93...
plansha256:667cf38d2ddcb...
specsha256:3b875268c027f...
build-reportsha256:ed9e117bf3f71...
build-datasha256:cad679b5f1db3...
verify-reportsha256:d0b5129bb7b29...
verify-datasha256:a987ff740795b...
audit cmd$ ana proof audit bump-node-minimum-22 → all hashes match