#429 - Update dependency undici to v5.28.4 - autoclosed - RabbitLabs/vylbot-app

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [undici](https://undici.nodejs.org) ([source](https://github.com/nodejs/undici)) | resolutions | minor | [`^6.0.0` -> `^5.27.2`](https://renovatebot.com/diffs/npm/undici/5.27.2/5.28.4) | --- ### Release Notes <details> <summary>nodejs/undici (undici)</summary> ### [`v5.28.4`](https://github.com/nodejs/undici/releases/tag/v5.28.4) [Compare Source](https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4) #### :warning: Security Release :warning: - Fixes https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7 CVE-2024-30260 - Fixes https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672 CVE-2024-30261 **Full Changelog**: https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4 ### [`v5.28.3`](https://github.com/nodejs/undici/releases/tag/v5.28.3) [Compare Source](https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3) #### ⚠️ Security Release ⚠️ Fixes: - [CVE-2024-24758 Proxy-Authorization header not cleared on cross-origin redirect in fetch](https://github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3) **Full Changelog**: https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3 ### [`v5.28.2`](https://github.com/nodejs/undici/releases/tag/v5.28.2) [Compare Source](https://github.com/nodejs/undici/compare/v5.28.1...v5.28.2) #### What's Changed - fix: remove optional chainning for compatible with Nodejs12 and below by [@bugb](https://github.com/bugb) in https://github.com/nodejs/undici/pull/2470 - fix: remove `node:` prefix by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2471 - perf: avoid Headers initialization by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2468 - fix: handle SharedArrayBuffer correctly by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2466 - fix: Add `null` type to `signal` in `RequestInit` by [@gebsh](https://github.com/gebsh) in https://github.com/nodejs/undici/pull/2455 - fix: correctly handle data URL with hashes. by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2475 - fix: check response for timinginfo allow flag by [@ToshB](https://github.com/ToshB) in https://github.com/nodejs/undici/pull/2477 - Make call to onBodySent conditional in RetryHandler by [@MzUgM](https://github.com/MzUgM) in https://github.com/nodejs/undici/pull/2478 - refactor: better integrity check by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2462 - fix: Added support for inline URL username:password proxy auth by [@matt-way](https://github.com/matt-way) in https://github.com/nodejs/undici/pull/2473 - build(deps-dev): bump jsdom from 22.1.0 to 23.0.0 by [@dependabot](https://github.com/dependabot) in https://github.com/nodejs/undici/pull/2472 - build(deps-dev): bump sinon from 16.1.3 to 17.0.1 by [@dependabot](https://github.com/dependabot) in https://github.com/nodejs/undici/pull/2405 - build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1 by [@dependabot](https://github.com/dependabot) in https://github.com/nodejs/undici/pull/2396 - build(deps): bump actions/setup-node from 3.8.1 to 4.0.0 by [@dependabot](https://github.com/dependabot) in https://github.com/nodejs/undici/pull/2395 - build(deps): bump step-security/harden-runner from 2.5.0 to 2.6.0 by [@dependabot](https://github.com/dependabot) in https://github.com/nodejs/undici/pull/2392 - build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 by [@dependabot](https://github.com/dependabot) in https://github.com/nodejs/undici/pull/2389 - build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by [@dependabot](https://github.com/dependabot) in https://github.com/nodejs/undici/pull/2302 #### New Contributors - [@bugb](https://github.com/bugb) made their first contribution in https://github.com/nodejs/undici/pull/2470 - [@gebsh](https://github.com/gebsh) made their first contribution in https://github.com/nodejs/undici/pull/2455 - [@ToshB](https://github.com/ToshB) made their first contribution in https://github.com/nodejs/undici/pull/2477 - [@MzUgM](https://github.com/MzUgM) made their first contribution in https://github.com/nodejs/undici/pull/2478 - [@matt-way](https://github.com/matt-way) made their first contribution in https://github.com/nodejs/undici/pull/2473 **Full Changelog**: https://github.com/nodejs/undici/compare/v5.28.1...v5.28.2 ### [`v5.28.1`](https://github.com/nodejs/undici/releases/tag/v5.28.1) [Compare Source](https://github.com/nodejs/undici/compare/v5.28.0...v5.28.1) #### What's Changed - perf: Improve `normalizeMethod` by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2456 - fix: dispatch error handling by [@ronag](https://github.com/ronag) in https://github.com/nodejs/undici/pull/2459 - perf(request): optimize if headers are given by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2454 **Full Changelog**: https://github.com/nodejs/undici/compare/v5.28.0...v5.28.1 ### [`v5.28.0`](https://github.com/nodejs/undici/releases/tag/v5.28.0) [Compare Source](https://github.com/nodejs/undici/compare/v5.27.2...v5.28.0) #### What's Changed - fix(parseHeaders): util.parseHeaders handle correctly array of buffer… by [@mdoria12](https://github.com/mdoria12) in https://github.com/nodejs/undici/pull/2398 - docs: add license to undici-types by [@dancastillo](https://github.com/dancastillo) in https://github.com/nodejs/undici/pull/2401 - perf: optimize Readable.dump by [@ronag](https://github.com/ronag) in https://github.com/nodejs/undici/pull/2402 - perf(headers): Improve Headers by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2397 - test: re-enable conditional WPT Report for websockets by [@panva](https://github.com/panva) in https://github.com/nodejs/undici/pull/2407 - fix: delay abort on 'close' by [@ronag](https://github.com/ronag) in https://github.com/nodejs/undici/pull/2408 - refactor: use `substring` instead of `substr` by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2411 - add additional http2 test with fetch by [@KhafraDev](https://github.com/KhafraDev) in https://github.com/nodejs/undici/pull/2419 - fix: HTTPToken check by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2410 - perf: optimize HeadersList.get by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2420 - properly handle pseudo-headers in fetch by [@KhafraDev](https://github.com/KhafraDev) in https://github.com/nodejs/undici/pull/2422 - perf(headers): if the guard is immutable by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2424 - fix(mock-agent): send stream body by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2425 - build(deps): bump github/codeql-action from 2.21.5 to 2.22.5 by [@dependabot](https://github.com/dependabot) in https://github.com/nodejs/undici/pull/2394 - feat([#2264](https://github.com/nodejs/undici/issues/2264)): Expose Retry Handler by [@metcoder95](https://github.com/metcoder95) in https://github.com/nodejs/undici/pull/2281 - fix: implement `Headers#set` correctly by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2432 - fix: implement `Headers#delete` correctly by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2430 - test: update websocket wpt availability by [@panva](https://github.com/panva) in https://github.com/nodejs/undici/pull/2437 - fix: type comment position by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2443 - fix: `onHeaders` type declaration by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2444 - remove http2 status pseudo header from headers by [@KhafraDev](https://github.com/KhafraDev) in https://github.com/nodejs/undici/pull/2438 - docs: Clarify `path` matching in `intercept()` by [@oliversalzburg](https://github.com/oliversalzburg) in https://github.com/nodejs/undici/pull/2426 - fix: set-cookie clone by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2446 - docs: fix typo in maxConcurrentStreams by [@tniessen](https://github.com/tniessen) in https://github.com/nodejs/undici/pull/2450 - refactor: remove leftovers by [@metcoder95](https://github.com/metcoder95) in https://github.com/nodejs/undici/pull/2451 - refactor: add missing new operator by [@tsctx](https://github.com/tsctx) in https://github.com/nodejs/undici/pull/2452 #### New Contributors - [@mdoria12](https://github.com/mdoria12) made their first contribution in https://github.com/nodejs/undici/pull/2398 - [@tsctx](https://github.com/tsctx) made their first contribution in https://github.com/nodejs/undici/pull/2397 - [@oliversalzburg](https://github.com/oliversalzburg) made their first contribution in https://github.com/nodejs/undici/pull/2426 **Full Changelog**: https://github.com/nodejs/undici/compare/v5.27.2...v5.28.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

RenovateBot added 1 commit

2024-04-29 00:03:13 +01:00