ESET started scanning SSL certificate chains for nodejs, which is a good feature. If you're using node without a full chain then it will block the requests. Unfortunately, they did so without warning, which broke our GitHub Actions Runner and our dev machines.

ESET deployed the change silently, breaking nodejs implementations and leaving people scrabbling around trying to add node to the SSL scan exception list.

Is it reasonable to expect some warning before a change like this?

I might be forced to choose a replacement. What's your goto brand of antivirus/botnet detection for server and workstation with centralised cloud management?

This was a headache I could have done without. Parts of Expo are affected by this as well.

ESET was actually the first thing I suspected, but the feature was hidden so far back that I missed it in earlier disable-all tests.