Drop node 18 and 20. Add 24

.github/workflows/lint.yml

@@ -14,7 +14,7 @@ jobs:
           persist-credentials: false
       - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
-          node-version: 20
+          node-version: 22
       - name: Check that package-lock.json is valid JSON
         run: jq empty package-lock.json
       - name: Install npm packages

.github/workflows/test.yml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        version: [18, 20]
+        version: [22, 24]
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
@@ -29,9 +29,13 @@ jobs:
         working-directory: e2e/js
       - run: npx jest
         working-directory: e2e/js
+        env:
+          NODE_OPTIONS: --experimental-vm-modules
       - run: npm ci
         working-directory: e2e/ts
       - run: npm link '@maxmind/minfraud-api-node'
         working-directory: e2e/ts
       - run: npx jest
         working-directory: e2e/ts
+        env:
+          NODE_OPTIONS: --experimental-vm-modules

CHANGELOG.md

@@ -1,9 +1,12 @@
 CHANGELOG
 =========
 
-8.4.0
+9.0.0
 ------------------
 
+* **Breaking** Dropped support for Node.js 18 and 20. The minimum supported version is
+  now 22.
+* **Breaking** Dropped commonjs support. The package is now only available as an ES module.
 * Added the input `/device/tracking_token`. This is the token generated by
   the [Device Tracking Add-on](https://dev.maxmind.com/minfraud/track-devices)
   for explicit device linking. You may provide this by providing

CLAUDE.md

@@ -14,7 +14,7 @@ The library is server-side only and provides strongly-typed request/response mod
 
 **Key Technologies:**
 - TypeScript with strict type checking
-- Node.js 18+ (targets active LTS versions)
+- Node.js 22+ (targets active LTS versions)
 - Uses Node.js built-in `fetch` for HTTP requests
 - Jest for testing
 - ESLint + Prettier for code quality
@@ -375,9 +375,9 @@ npm run build
 Note: Precious is already set up and handles code formatting and linting. Use `precious tidy -g` to automatically fix issues, and `precious lint -g` to check for remaining problems.
 
 ### Version Requirements
-- **Node.js 18+** required (targets active LTS: 18, 20, 22)
+- **Node.js 22+** required (targets active LTS: 22, 24)
 - Uses Node.js built-in `fetch` (no external HTTP libraries)
-- TypeScript 5.x
+- TypeScript 6.x
 
 ## Cross-Language Consistency
 

README.md

@@ -10,7 +10,7 @@ services](https://dev.maxmind.com/minfraud/).
 
 ## Requirements
 
-MaxMind has tested this API with Node.js versions 18 and 20. We aim to support
+MaxMind has tested this API with Node.js versions 22 and 24. We aim to support
 active or maintained LTS versions of Node.js.
 
 ## Installation
@@ -167,7 +167,6 @@ returned by the web API, we also return:
 ```js
 import { URL } from 'url'; // Used for `order.referrerUri
 import * as minFraud from '@maxmind/minfraud-api-node';
-// const minFraud = require('@maxmind/minfraud-api-node');
 
 // client is reusable
 const client = new minFraud.Client("1234", "LICENSEKEY");

e2e/js/index.spec.js

@@ -1,8 +1,7 @@
-/* eslint-disable @typescript-eslint/no-require-imports */
-const minFraud = require('@maxmind/minfraud-api-node');
+import * as minFraud from '@maxmind/minfraud-api-node';
 
 describe('client', () => {
-  it('exists', () => {
+  it('exists', async () => {
     expect(new minFraud.Transaction({
       device: new minFraud.Device({
         ipAddress: '1.1.1.1',