From b6f776ca2478d956927ca8a877bb78fa944b65a3 Mon Sep 17 00:00:00 2001 From: LongYinan Date: Tue, 20 Feb 2024 06:14:07 +0000 Subject: [PATCH] chore: bump up undici version to v6.6.1 [SECURITY] (#5828) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [undici](https://undici.nodejs.org) ([source](https://togithub.com/nodejs/undici)) | [`6.0.1` -> `6.6.1`](https://renovatebot.com/diffs/npm/undici/6.0.1/6.6.1) | [![age](https://developer.mend.io/api/mc/badges/age/npm/undici/6.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/undici/6.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/undici/6.0.1/6.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/undici/6.0.1/6.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2024-24750](https://togithub.com/nodejs/undici/security/advisories/GHSA-9f24-jqhm-jfcw) ### Impact Calling `fetch(url)` and not consuming the incoming body ((or consuming it very slowing) will lead to a memory leak. ### Patches Patched in v6.6.1 ### Workarounds Make sure to always consume the incoming body. #### [CVE-2024-24758](https://togithub.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3) ### Impact Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Proxy-Authorization` headers. ### Patches This is patched in v5.28.3 and v6.6.1 ### Workarounds There are no known workarounds. ### References - https://fetch.spec.whatwg.org/#authentication-entries - https://github.com/nodejs/undici/security/advisories/GHSA-wqq4-5wpv-mx2g --- ### Release Notes
nodejs/undici (undici) ### [`v6.6.1`](https://togithub.com/nodejs/undici/releases/tag/v6.6.1) [Compare Source](https://togithub.com/nodejs/undici/compare/v6.6.0...v6.6.1) #### ⚠️ Security Release ⚠️ Details on the vulnerabilities fixed will be shared in the next couple of days. #### What's Changed - fix: flaky debug test by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2687](https://togithub.com/nodejs/undici/pull/2687) - build(deps): bump github/codeql-action from 3.22.12 to 3.23.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2688](https://togithub.com/nodejs/undici/pull/2688) - build(deps): bump actions/dependency-review-action from 3.1.0 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2689](https://togithub.com/nodejs/undici/pull/2689) - fix: ci pipeline warnings by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2685](https://togithub.com/nodejs/undici/pull/2685) - perf: optimize Iterator by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2692](https://togithub.com/nodejs/undici/pull/2692) **Full Changelog**: https://github.com/nodejs/undici/compare/v6.6.0...v6.6.1 ### [`v6.6.0`](https://togithub.com/nodejs/undici/releases/tag/v6.6.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v6.5.0...v6.6.0) #### What's Changed - add webSocket example by [@​mertcanaltin](https://togithub.com/mertcanaltin) in [https://github.com/nodejs/undici/pull/2626](https://togithub.com/nodejs/undici/pull/2626) - chore: remove atomic-sleep as dev dependency by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2648](https://togithub.com/nodejs/undici/pull/2648) - chore: remove semver as dev dependency by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2646](https://togithub.com/nodejs/undici/pull/2646) - chore: remove table as dev dependency by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2649](https://togithub.com/nodejs/undici/pull/2649) - chore: remove delay as dev dependency by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2647](https://togithub.com/nodejs/undici/pull/2647) - chore: reduce noise in test-logs test/issue-2349.js by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2655](https://togithub.com/nodejs/undici/pull/2655) - chore: fix faketimer warning in test/request-timeout.js by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2656](https://togithub.com/nodejs/undici/pull/2656) - chore: reduce noise in test logs test/client-node-max-header-size.js by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2654](https://togithub.com/nodejs/undici/pull/2654) - refactor: use fromInnerResponse by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2635](https://togithub.com/nodejs/undici/pull/2635) - fix: support deflate raw responses by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2650](https://togithub.com/nodejs/undici/pull/2650) - Support building for externally shared js builtins by [@​mochaaP](https://togithub.com/mochaaP) in [https://github.com/nodejs/undici/pull/2643](https://togithub.com/nodejs/undici/pull/2643) - fix: typo clampAndCoarsenConnectionTimingInfo by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2653](https://togithub.com/nodejs/undici/pull/2653) - chore: use 'node:'-prefix for requiring node core modules by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2662](https://togithub.com/nodejs/undici/pull/2662) - build(deps-dev): bump husky from 8.0.3 to 9.0.7 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2667](https://togithub.com/nodejs/undici/pull/2667) - build(deps-dev): bump cronometro from 1.2.0 to 2.0.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2668](https://togithub.com/nodejs/undici/pull/2668) - remove timers/promises import by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2665](https://togithub.com/nodejs/undici/pull/2665) - chore: fix various codesmells by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2669](https://togithub.com/nodejs/undici/pull/2669) - chore: remove this alias in agent.js by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2671](https://togithub.com/nodejs/undici/pull/2671) - chore: use optional chaining by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2666](https://togithub.com/nodejs/undici/pull/2666) - chore: small perf improvements by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2661](https://togithub.com/nodejs/undici/pull/2661) - implement spec changes from a while ago by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2676](https://togithub.com/nodejs/undici/pull/2676) - websocket: fix close when no closing code is received by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2680](https://togithub.com/nodejs/undici/pull/2680) - fix: make ci less flaky by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2684](https://togithub.com/nodejs/undici/pull/2684) #### New Contributors - [@​mochaaP](https://togithub.com/mochaaP) made their first contribution in [https://github.com/nodejs/undici/pull/2643](https://togithub.com/nodejs/undici/pull/2643) **Full Changelog**: https://github.com/nodejs/undici/compare/v6.5.0...v6.6.0 ### [`v6.5.0`](https://togithub.com/nodejs/undici/releases/tag/v6.5.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v6.4.0...v6.5.0) #### What's Changed - build(deps-dev): bump jsdom from 23.2.0 to 24.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2632](https://togithub.com/nodejs/undici/pull/2632) - feat: Implement EventSource by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2608](https://togithub.com/nodejs/undici/pull/2608) - fix: readable body by [@​ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2642](https://togithub.com/nodejs/undici/pull/2642) **Full Changelog**: https://github.com/nodejs/undici/compare/v6.4.0...v6.5.0 ### [`v6.4.0`](https://togithub.com/nodejs/undici/releases/tag/v6.4.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v6.3.0...v6.4.0) ##### What's Changed - refactor: version cleanup by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2605](https://togithub.com/nodejs/undici/pull/2605) - cacheStorage: separate matchAll logic by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2599](https://togithub.com/nodejs/undici/pull/2599) - cleanup index by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2598](https://togithub.com/nodejs/undici/pull/2598) - feat: port `balanced-pool`, `ca-fingerprint`, `client-abort` tests to `node:test` by [@​sosukesuzuki](https://togithub.com/sosukesuzuki) in [https://github.com/nodejs/undici/pull/2584](https://togithub.com/nodejs/undici/pull/2584) - ci: unpin nodejs workflow version by [@​dominykas](https://togithub.com/dominykas) in [https://github.com/nodejs/undici/pull/2434](https://togithub.com/nodejs/undici/pull/2434) - test([#​2600](https://togithub.com/nodejs/undici/issues/2600)): Flaky debug test by [@​metcoder95](https://togithub.com/metcoder95) in [https://github.com/nodejs/undici/pull/2607](https://togithub.com/nodejs/undici/pull/2607) - fix: h2 hang issue with empty body by [@​timursevimli](https://togithub.com/timursevimli) in [https://github.com/nodejs/undici/pull/2601](https://togithub.com/nodejs/undici/pull/2601) - Fix tests for Node.js v21 by [@​sosukesuzuki](https://togithub.com/sosukesuzuki) in [https://github.com/nodejs/undici/pull/2609](https://togithub.com/nodejs/undici/pull/2609) - perf(cache): avoid Request and Response initialization by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2610](https://togithub.com/nodejs/undici/pull/2610) - Add more libraries to benchmarks by [@​mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2614](https://togithub.com/nodejs/undici/pull/2614) - feat: port `client-connect`, `client-dispatch`, `client-errors` test to `node:test` by [@​sosukesuzuki](https://togithub.com/sosukesuzuki) in [https://github.com/nodejs/undici/pull/2591](https://togithub.com/nodejs/undici/pull/2591) - exit with 1 if WPT runner has unexpected errors by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2621](https://togithub.com/nodejs/undici/pull/2621) - Fix tests for Node.js v20.11.0 by [@​mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2618](https://togithub.com/nodejs/undici/pull/2618) - fix(mock-agent): split set-cookie by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2619](https://togithub.com/nodejs/undici/pull/2619) - feat: implement throwOnMaxRedirect option for RedirectHandler by [@​mertcanaltin](https://togithub.com/mertcanaltin) in [https://github.com/nodejs/undici/pull/2563](https://togithub.com/nodejs/undici/pull/2563) - test: fix flaky debug test by [@​metcoder95](https://togithub.com/metcoder95) in [https://github.com/nodejs/undici/pull/2613](https://togithub.com/nodejs/undici/pull/2613) - fix: hide statusOutput if empty in handleRunnerCompletion by [@​Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2624](https://togithub.com/nodejs/undici/pull/2624) - docs: Fix typo in Debug.md by [@​Skn0tt](https://togithub.com/Skn0tt) in [https://github.com/nodejs/undici/pull/2625](https://togithub.com/nodejs/undici/pull/2625) - fix(cache): set AbortSignal by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2612](https://togithub.com/nodejs/undici/pull/2612) - Use correct http Agent for node-fetch, axios, got and request by [@​mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2629](https://togithub.com/nodejs/undici/pull/2629) ##### New Contributors - [@​timursevimli](https://togithub.com/timursevimli) made their first contribution in [https://github.com/nodejs/undici/pull/2601](https://togithub.com/nodejs/undici/pull/2601) - [@​mertcanaltin](https://togithub.com/mertcanaltin) made their first contribution in [https://github.com/nodejs/undici/pull/2563](https://togithub.com/nodejs/undici/pull/2563) - [@​Skn0tt](https://togithub.com/Skn0tt) made their first contribution in [https://github.com/nodejs/undici/pull/2625](https://togithub.com/nodejs/undici/pull/2625) **Full Changelog**: https://github.com/nodejs/undici/compare/v6.3.0...v6.4.0 ### [`v6.3.0`](https://togithub.com/nodejs/undici/releases/tag/v6.3.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v6.2.1...v6.3.0) #### What's Changed - Clear all timeout on destroy and close by [@​mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2535](https://togithub.com/nodejs/undici/pull/2535) - ConnectOptions should include 'origin' field by [@​dvoytenko](https://togithub.com/dvoytenko) in [https://github.com/nodejs/undici/pull/2532](https://togithub.com/nodejs/undici/pull/2532) - perf: avoid toLowerCase call by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2537](https://togithub.com/nodejs/undici/pull/2537) - revert [`a1a8136`](https://togithub.com/nodejs/undici/commit/a1a8136) by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2539](https://togithub.com/nodejs/undici/pull/2539) - docs: add Util to sidebar by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2529](https://togithub.com/nodejs/undici/pull/2529) - fix: call explicitly unregister by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2534](https://togithub.com/nodejs/undici/pull/2534) - fix: check the content-type of invalid formData by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2541](https://togithub.com/nodejs/undici/pull/2541) - Add request examples. by [@​autopulated](https://togithub.com/autopulated) in [https://github.com/nodejs/undici/pull/2380](https://togithub.com/nodejs/undici/pull/2380) - fix(HTTP/2): handle consumption of aborted request by [@​metcoder95](https://togithub.com/metcoder95) in [https://github.com/nodejs/undici/pull/2387](https://togithub.com/nodejs/undici/pull/2387) - chore: update tst test by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2538](https://togithub.com/nodejs/undici/pull/2538) - fix(fetch): do not abort fetch on redirect by [@​angelyan](https://togithub.com/angelyan) in [https://github.com/nodejs/undici/pull/2545](https://togithub.com/nodejs/undici/pull/2545) - drop verifyVersion in scripts by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2549](https://togithub.com/nodejs/undici/pull/2549) - types: remove unused Client and Pool types by [@​RafaelGSS](https://togithub.com/RafaelGSS) in [https://github.com/nodejs/undici/pull/2557](https://togithub.com/nodejs/undici/pull/2557) - lib: fix Host header when CONNECT ProxyAgent by [@​RafaelGSS](https://togithub.com/RafaelGSS) in [https://github.com/nodejs/undici/pull/2556](https://togithub.com/nodejs/undici/pull/2556) - feat: port cookies tests to node runner by [@​pmarchini](https://togithub.com/pmarchini) in [https://github.com/nodejs/undici/pull/2547](https://togithub.com/nodejs/undici/pull/2547) - feat: port webidl tests to node test runner by [@​ilteoood](https://togithub.com/ilteoood) in [https://github.com/nodejs/undici/pull/2554](https://togithub.com/nodejs/undici/pull/2554) - perf: Improve percentDecode by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2562](https://togithub.com/nodejs/undici/pull/2562) - Fix parseHashWithOptions regex by [@​flapenna](https://togithub.com/flapenna) in [https://github.com/nodejs/undici/pull/2561](https://togithub.com/nodejs/undici/pull/2561) - feat: port diagnostic-channel tests to node test runner by [@​ilteoood](https://togithub.com/ilteoood) in [https://github.com/nodejs/undici/pull/2559](https://togithub.com/nodejs/undici/pull/2559) - feat: port websocket tests to node test runner by [@​ilteoood](https://togithub.com/ilteoood) in [https://github.com/nodejs/undici/pull/2553](https://togithub.com/nodejs/undici/pull/2553) - build(deps-dev): bump tsd from 0.29.0 to 0.30.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2551](https://togithub.com/nodejs/undici/pull/2551) - build(deps): bump actions/setup-node from 4.0.0 to 4.0.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2572](https://togithub.com/nodejs/undici/pull/2572) - build(deps): bump github/codeql-action from 2.22.5 to 3.22.12 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2574](https://togithub.com/nodejs/undici/pull/2574) - Update `@matteo.collina/tspl` to 0.1.1 by [@​sosukesuzuki](https://togithub.com/sosukesuzuki) in [https://github.com/nodejs/undici/pull/2576](https://togithub.com/nodejs/undici/pull/2576) - mark wpt as failing by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2581](https://togithub.com/nodejs/undici/pull/2581) - feat: port `abort-controller.js` tests to `node:test` runner by [@​sosukesuzuki](https://togithub.com/sosukesuzuki) in [https://github.com/nodejs/undici/pull/2564](https://togithub.com/nodejs/undici/pull/2564) - fix data url test by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2580](https://togithub.com/nodejs/undici/pull/2580) - feat: port `async_hooks.js` tests to `node:test` runner by [@​sosukesuzuki](https://togithub.com/sosukesuzuki) in [https://github.com/nodejs/undici/pull/2568](https://togithub.com/nodejs/undici/pull/2568) - feat: port `agent.js` tests to `node:test` runner by [@​sosukesuzuki](https://togithub.com/sosukesuzuki) in [https://github.com/nodejs/undici/pull/2566](https://togithub.com/nodejs/undici/pull/2566) - feat: port `abort-event-emitter.js` tests to `node:test` runnner by [@​sosukesuzuki](https://togithub.com/sosukesuzuki) in [https://github.com/nodejs/undici/pull/2565](https://togithub.com/nodejs/undici/pull/2565) - feat: port first half of fetch tests to node test runner by [@​anurag-roy](https://togithub.com/anurag-roy) in [https://github.com/nodejs/undici/pull/2569](https://togithub.com/nodejs/undici/pull/2569) - perf: bypass method validation by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2583](https://togithub.com/nodejs/undici/pull/2583) - fetch: warn when using patch method by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2577](https://togithub.com/nodejs/undici/pull/2577) - feat: port `autoselectfamily.js` tests to `node:test` runner by [@​sosukesuzuki](https://togithub.com/sosukesuzuki) in [https://github.com/nodejs/undici/pull/2570](https://togithub.com/nodejs/undici/pull/2570) - feat: port remaining fetch tests to node test runner by [@​anurag-roy](https://togithub.com/anurag-roy) in [https://github.com/nodejs/undici/pull/2587](https://togithub.com/nodejs/undici/pull/2587) - fix: use isArrayBuffer instead of isAnyArrayBuffer by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2586](https://togithub.com/nodejs/undici/pull/2586) - Feat/migrate tests to node runner by [@​pmarchini](https://togithub.com/pmarchini) in [https://github.com/nodejs/undici/pull/2593](https://togithub.com/nodejs/undici/pull/2593) - abort request with reason if one is provided by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2592](https://togithub.com/nodejs/undici/pull/2592) - feat: port tst test to node test runner by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2595](https://togithub.com/nodejs/undici/pull/2595) - feat([#​2191](https://togithub.com/nodejs/undici/issues/2191)): Add support for `NODE_DEBUG` by [@​metcoder95](https://togithub.com/metcoder95) in [https://github.com/nodejs/undici/pull/2585](https://togithub.com/nodejs/undici/pull/2585) - cacheStorage: fix bugs make wpts pass by [@​KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2596](https://togithub.com/nodejs/undici/pull/2596) - fix: non-object error in abort throws bad error by [@​atlowChemi](https://togithub.com/atlowChemi) in [https://github.com/nodejs/undici/pull/2597](https://togithub.com/nodejs/undici/pull/2597) - fix: add test helper for closing server as promise by [@​sosukesuzuki](https://togithub.com/sosukesuzuki) in [https://github.com/nodejs/undici/pull/2604](https://togithub.com/nodejs/undici/pull/2604) #### New Contributors - [@​dvoytenko](https://togithub.com/dvoytenko) made their first contribution in [https://github.com/nodejs/undici/pull/2532](https://togithub.com/nodejs/undici/pull/2532) - [@​autopulated](https://togithub.com/autopulated) made their first contribution in [https://github.com/nodejs/undici/pull/2380](https://togithub.com/nodejs/undici/pull/2380) - [@​angelyan](https://togithub.com/angelyan) made their first contribution in [https://github.com/nodejs/undici/pull/2545](https://togithub.com/nodejs/undici/pull/2545) - [@​pmarchini](https://togithub.com/pmarchini) made their first contribution in [https://github.com/nodejs/undici/pull/2547](https://togithub.com/nodejs/undici/pull/2547) - [@​ilteoood](https://togithub.com/ilteoood) made their first contribution in [https://github.com/nodejs/undici/pull/2554](https://togithub.com/nodejs/undici/pull/2554) - [@​flapenna](https://togithub.com/flapenna) made their first contribution in [https://github.com/nodejs/undici/pull/2561](https://togithub.com/nodejs/undici/pull/2561) - [@​sosukesuzuki](https://togithub.com/sosukesuzuki) made their first contribution in [https://github.com/nodejs/undici/pull/2576](https://togithub.com/nodejs/undici/pull/2576) - [@​anurag-roy](https://togithub.com/anurag-roy) made their first contribution in [https://github.com/nodejs/undici/pull/2569](https://togithub.com/nodejs/undici/pull/2569) **Full Changelog**: https://github.com/nodejs/undici/compare/v6.2.1...v6.3.0 ### [`v6.2.1`](https://togithub.com/nodejs/undici/releases/tag/v6.2.1) [Compare Source](https://togithub.com/nodejs/undici/compare/v6.2.0...v6.2.1) ##### What's Changed - perf: use tree by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2528](https://togithub.com/nodejs/undici/pull/2528) - chore: reduce dependencies by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2533](https://togithub.com/nodejs/undici/pull/2533) - Remove timers in agent.js by [@​mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2536](https://togithub.com/nodejs/undici/pull/2536) **Full Changelog**: https://github.com/nodejs/undici/compare/v6.2.0...v6.2.1 ### [`v6.2.0`](https://togithub.com/nodejs/undici/releases/tag/v6.2.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v6.1.0...v6.2.0) #### What's Changed - Remove FinalizationRegistry from Agent by [@​mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2530](https://togithub.com/nodejs/undici/pull/2530) **Full Changelog**: https://github.com/nodejs/undici/compare/v6.1.0...v6.2.0 ### [`v6.1.0`](https://togithub.com/nodejs/undici/releases/tag/v6.1.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v6.0.1...v6.1.0) #### What's Changed - fix: more sensible stack trace from dump error by [@​ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2503](https://togithub.com/nodejs/undici/pull/2503) - refactor: remove some node compat by [@​ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2502](https://togithub.com/nodejs/undici/pull/2502) - refactor: version cleanup by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2507](https://togithub.com/nodejs/undici/pull/2507) - perf(fetch): Improve fetch of detaurl by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2479](https://togithub.com/nodejs/undici/pull/2479) - feat: expose parseHeader by [@​ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2511](https://togithub.com/nodejs/undici/pull/2511) - perf(fetch): optimize call `dispatch` by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2493](https://togithub.com/nodejs/undici/pull/2493) - perf(util/parseHeaders): If the header name is buffer by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2501](https://togithub.com/nodejs/undici/pull/2501) - perf: twice faster method check by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2495](https://togithub.com/nodejs/undici/pull/2495) - refactor: remove Error.captureStackTrace by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2509](https://togithub.com/nodejs/undici/pull/2509) - perf: Improve processHeader by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2513](https://togithub.com/nodejs/undici/pull/2513) - perf: reduce `String#toLowerCase` call by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2516](https://togithub.com/nodejs/undici/pull/2516) - perf: optimize consumeEnd by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2510](https://togithub.com/nodejs/undici/pull/2510) - perf: reduce tst built time by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2517](https://togithub.com/nodejs/undici/pull/2517) - feat: allow customization of build environment by [@​khardix](https://togithub.com/khardix) in [https://github.com/nodejs/undici/pull/2403](https://togithub.com/nodejs/undici/pull/2403) - fix: clear cache by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2519](https://togithub.com/nodejs/undici/pull/2519) - feat: Add resource timing entries for connection, request and response by [@​ToshB](https://togithub.com/ToshB) in [https://github.com/nodejs/undici/pull/2481](https://togithub.com/nodejs/undici/pull/2481) - Call fg.unregister() after a dispatcher is done, adds UNDICI_NO_FG to… by [@​mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2527](https://togithub.com/nodejs/undici/pull/2527) - feat: expose headerNameToString by [@​tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2525](https://togithub.com/nodejs/undici/pull/2525) #### New Contributors - [@​khardix](https://togithub.com/khardix) made their first contribution in [https://github.com/nodejs/undici/pull/2403](https://togithub.com/nodejs/undici/pull/2403) **Full Changelog**: https://github.com/nodejs/undici/compare/v6.0.1...v6.1.0
--- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/toeverything/AFFiNE). --- yarn.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/yarn.lock b/yarn.lock index ccc5b113d744..bc428201fb93 100644 --- a/yarn.lock +++ b/yarn.lock @@ -33998,20 +33998,20 @@ __metadata: linkType: hard "undici@npm:^5.22.1": - version: 5.28.0 - resolution: "undici@npm:5.28.0" + version: 5.28.3 + resolution: "undici@npm:5.28.3" dependencies: "@fastify/busboy": "npm:^2.0.0" - checksum: 10/70afe17996fbb84a4febbda78b30ce627fc6db585afe0c5191426d277ff4162f62ae36ddbc252b8aaba5cc1fd4e09bc6db8a919ff59adb10008fb3882492a171 + checksum: 10/779856ce14ba6907c0759df8e4babd61608b1f502569d44de7dd1d014afb7c67a0a2997b4f706e0daff8a55d87ee2f25b830b195fc0202cb6fbd25abe2d941eb languageName: node linkType: hard "undici@npm:^6.0.0": - version: 6.0.1 - resolution: "undici@npm:6.0.1" + version: 6.6.2 + resolution: "undici@npm:6.6.2" dependencies: "@fastify/busboy": "npm:^2.0.0" - checksum: 10/48d7f3c9aa9e1ca3fb2488c8aa25838e9163d3a7f1e41d695ed110006abc26648cf97c15d76abfd896fe16128e34136c8a7e0723e0583451ed9f34aaa37513ad + checksum: 10/e08ac9c279d4e4ee1249d30e6e0671f008e156d8ef224bbe3329ef5c5e10197a9e9dbf87c14e44deaffe2802c10bee66c8687d60ff07179b2e18cd5ef454b5c6 languageName: node linkType: hard