diff --git a/nodejs20.spec b/nodejs20.spec
index 1f18332..b264e1e 100644
--- a/nodejs20.spec
+++ b/nodejs20.spec
@@ -9,18 +9,12 @@
 %global nodejs_default_sitelib %{_prefix}/lib/node_modules
 %global nodejs_private_sitelib %{nodejs_default_sitelib}_%{nodejs_pkg_major}
 
-
 # Break circular dependencies
 %bcond bootstrap 0
 
-# 2024-05-21: Temporarily re-enable bundling to work around issues in Rawhide
-%if %{with bootstrap} || 0%{?nodejs_pkg_major} == 22
+# 2024-09-11: Re-enable bundling until a wasm sitelib is sorted out
 %bcond bundled_cjs_module_lexer 1
 %bcond bundled_undici 1
-%else
-%bcond bundled_cjs_module_lexer 0
-%bcond bundled_undici 0
-%endif
 
 %if 0%{?rhel} && 0%{?rhel} < 8
 %bcond_without bundled_zlib
@@ -35,11 +29,14 @@
 # bytecompiling files in the node_modules/ directory
 %global __python %{python3}
 
+# Disable OpenSSL engine support
+%bcond openssl_engine %[(0%{?fedora} && 0%{?fedora} < 41) || (0%{?rhel} && 0%{?rhel} < 10)]
+
 # == Master Relase ==
 # This is used by both the nodejs package and the npm subpackage that
 # has a separate version - the name is special so that rpmdev-bumpspec
 # will bump this rather than adding .1 to the end.
-%global baserelease %autorelease -e 0.riscv64
+%global baserelease %autorelease
 
 %{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
 
@@ -50,7 +47,7 @@
 # than a Fedora release lifecycle.
 %global nodejs_epoch 1
 %global nodejs_major 20
-%global nodejs_minor 15
+%global nodejs_minor 18
 %global nodejs_patch 0
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
 %global nodejs_soversion 115
@@ -78,7 +75,7 @@
 
 # c-ares - from deps/cares/include/ares_version.h
 # https://github.com/nodejs/node/pull/9332
-%global c_ares_version 1.28.1
+%global c_ares_version 1.33.1
 
 # llhttp - from deps/llhttp/include/llhttp.h
 %global llhttp_version 8.1.2
@@ -105,7 +102,7 @@
 # " this line just fixes syntax highlighting for vim that is confused by the above and continues literal
 
 # simdutf from deps/simdutf/simdutf.h
-%global simdutf_version 5.2.8
+%global simdutf_version 5.5.0
 
 # OpenSSL minimum version
 %global openssl11_minimum 1:1.1.1
@@ -118,7 +115,7 @@
 
 # npm - from deps/npm/package.json
 %global npm_epoch 1
-%global npm_version 10.7.0
+%global npm_version 10.8.2
 
 # In order to avoid needing to keep incrementing the release version for the
 # main package forever, we will just construct one for npm that is guaranteed
@@ -249,7 +246,7 @@ Requires: openssl11 >= %{openssl11_minimum}
 
 %if 0%{?fedora} >= 36
 BuildRequires: openssl >= %{openssl30_minimum}
-BuildRequires: openssl-devel-engine >= %{openssl30_minimum}
+BuildRequires: openssl-devel >= %{openssl30_minimum}
 %global openssl_fips_configure --openssl-is-fips
 %else
 Requires: openssl >= %{openssl11_minimum}
@@ -327,19 +324,19 @@ Provides: bundled(simdutf) = %{simdutf_version}
 
 # Upstream has added a new URL parser that has no option to build as a shared
 # library (19.7.0+)
-Provides: bundled(ada) = 2.7.8
+Provides: bundled(ada) = 2.9.0
 
 
 # undici and cjs-module-lexer ship with pre-built WASM binaries.
 %if %{with bundled_cjs_module_lexer}
-Provides: bundled(nodejs-cjs-module-lexer) = 1.2.2
+Provides: bundled(nodejs-cjs-module-lexer) = 1.4.1
 %else
 BuildRequires: nodejs-cjs-module-lexer
 Requires: nodejs-cjs-module-lexer
 %endif
 
 %if %{with bundled_undici}
-Provides: bundled(nodejs-undici) = 6.13.0
+Provides: bundled(nodejs-undici) = 6.19.8
 %else
 BuildRequires: nodejs-undici
 Requires: nodejs-undici
@@ -559,6 +556,7 @@ extra_cflags=(
     -DZLIB_CONST
     -O3
     -fno-ipa-icf
+    %{!?with_openssl_engine:-DOPENSSL_NO_ENGINE}
 )
 export CFLAGS="%{optflags} ${extra_cflags[*]}" CXXFLAGS="%{optflags} ${extra_cflags[*]}"
 export LDFLAGS="%{build_ldflags}"
diff --git a/packaging/nodejs.spec.j2 b/packaging/nodejs.spec.j2
index 09c649d..4781ddd 100644
--- a/packaging/nodejs.spec.j2
+++ b/packaging/nodejs.spec.j2
@@ -9,18 +9,12 @@
 %global nodejs_default_sitelib %{_prefix}/lib/node_modules
 %global nodejs_private_sitelib %{nodejs_default_sitelib}_%{nodejs_pkg_major}
 
-
 # Break circular dependencies
 %bcond bootstrap 0
 
-# 2024-05-21: Temporarily re-enable bundling to work around issues in Rawhide
-%if %{with bootstrap} || 0%{?nodejs_pkg_major} == 22
+# 2024-09-11: Re-enable bundling until a wasm sitelib is sorted out
 %bcond bundled_cjs_module_lexer 1
 %bcond bundled_undici 1
-%else
-%bcond bundled_cjs_module_lexer 0
-%bcond bundled_undici 0
-%endif
 
 %if 0%{?rhel} && 0%{?rhel} < 8
 %bcond_without bundled_zlib
@@ -35,6 +29,9 @@
 # bytecompiling files in the node_modules/ directory
 %global __python %{python3}
 
+# Disable OpenSSL engine support
+%bcond openssl_engine %[(0%{?fedora} && 0%{?fedora} < 41) || (0%{?rhel} && 0%{?rhel} < 10)]
+
 # == Master Relase ==
 # This is used by both the nodejs package and the npm subpackage that
 # has a separate version - the name is special so that rpmdev-bumpspec
@@ -571,6 +568,7 @@ extra_cflags=(
     -DZLIB_CONST
     -O3
     -fno-ipa-icf
+    %{!?with_openssl_engine:-DOPENSSL_NO_ENGINE}
 )
 export CFLAGS="%{optflags} ${extra_cflags[*]}" CXXFLAGS="%{optflags} ${extra_cflags[*]}"
 export LDFLAGS="%{build_ldflags}"
diff --git a/sources b/sources
index 809418b..88fb471 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (node-v20.15.0-stripped.tar.gz) = 265c3ad9ee137d7251022a9b6d5b5ad9d38121ab8373a7e7fbb85d4bd149606c3406476dfcc5914ab6f5dbda54a14773decf54e8a69fdd6b2be9dd07eeb330b6
+SHA512 (node-v20.18.0-stripped.tar.gz) = 48de075a76e632aa6bef900b48376245a20815b71c1198ee92e16c177a599c57d38d754a61dc459ed85f894d2f7430985afa957b2db5e4c441216d7a07d7e6f9
 SHA512 (icu4c-75_1-data-bin-b.zip) = ffec0355c5e0bd210aa7da6e91845979a5f5d893c7703dba4afccfbc80613b728689fbe91d0327542faaae718940f7eb0f842b3cc7c57dddeb22b15c5f79ba2a
 SHA512 (icu4c-75_1-data-bin-l.zip) = b4dbc0986c241e43d66a90c6cf723dd8fd66281416d7d28010c952a895e8f166d980f918754b191a1e2ab468484b7d2ba2d4f6308880ef7f8bc2eecbc94844b9