fix(deps): update dependency undici to v5 - abandoned

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
undici (source)	^4.16.0 -> ^5.0.0

---

Release Notes

nodejs/undici

v5.21.0

Compare Source

What's Changed

• workflow: add scorecard.yml by @​RafaelGSS in https://github.com/nodejs/undici/pull/1942
• ci: timeout CI jobs after 15 minutes by @​dominykas in https://github.com/nodejs/undici/pull/1946
• test(wpt): respect variants by @​panva in https://github.com/nodejs/undici/pull/1951
• fix: improve isFormDataLike compat by @​ronag in https://github.com/nodejs/undici/pull/1953
• fix: flaky fetch tests by @​KhafraDev in https://github.com/nodejs/undici/pull/1956
• test(wpt): include all testing files by @​KhafraDev in https://github.com/nodejs/undici/pull/1954
• fix: remove unneeded fetch tests by @​KhafraDev in https://github.com/nodejs/undici/pull/1960
• fix: use normal timers for delays < 1s by @​ronag in https://github.com/nodejs/undici/pull/1961
• perf: optimize happy path by @​anonrig in https://github.com/nodejs/undici/pull/1955
• fix: 🐛 add URL upstream variations in BalancedPool types by @​jimmy-guzman in https://github.com/nodejs/undici/pull/1966
• test(wpt): handle uncaught exceptions by @​KhafraDev in https://github.com/nodejs/undici/pull/1965
• Fix failing wpts by @​KhafraDev in https://github.com/nodejs/undici/pull/1967
• test(wpt): add results to an existing WPT Report by @​panva in https://github.com/nodejs/undici/pull/1944
• fix: strengthen isStream condition checking by @​debadree25 in https://github.com/nodejs/undici/pull/1969
• fix: implement basic policy container by @​KhafraDev in https://github.com/nodejs/undici/pull/1970
• TypeScript type fixes, for #​1949 by @​joshxyzhimself in https://github.com/nodejs/undici/pull/1968
• websocket: separate connection logic from websocket by @​KhafraDev in https://github.com/nodejs/undici/pull/1973
• README: h3 not showing ### as a header by @​hilleer in https://github.com/nodejs/undici/pull/1975
• wptrunner: expose gc by @​KhafraDev in https://github.com/nodejs/undici/pull/1974
• perf: cork socket before writing by @​ronag in https://github.com/nodejs/undici/pull/1982
• fix: fast timers and event loop lag by @​ronag in https://github.com/nodejs/undici/pull/1977
• fix: correctly calculate resource timing duration by @​amilajack in https://github.com/nodejs/undici/pull/1988
• wpt: update tests by @​KhafraDev in https://github.com/nodejs/undici/pull/1984
• fix: undici stream throwOnError by @​dancastillo in https://github.com/nodejs/undici/pull/1995
• fix: remove unnecessary WeakRef by @​ronag in https://github.com/nodejs/undici/pull/2000
• Fix: websocket.d.ts - error TS2304: Cannot find name 'MessagePort' by @​ZaBlazzingZephyrus in https://github.com/nodejs/undici/pull/1997
• feat: add abort signal to body.dump() by @​debadree25 in https://github.com/nodejs/undici/pull/1993
• fix(fetch): third party abortcontrollers throwing errors by @​KhafraDev in https://github.com/nodejs/undici/pull/2002
• Improve ProxyAgent example with autentication by @​egmen in https://github.com/nodejs/undici/pull/2004
• Add clientFactory option to ProxyAgent by @​andrewfecenko in https://github.com/nodejs/undici/pull/2003

New Contributors

• @​jimmy-guzman made their first contribution in https://github.com/nodejs/undici/pull/1966
• @​hilleer made their first contribution in https://github.com/nodejs/undici/pull/1975
• @​amilajack made their first contribution in https://github.com/nodejs/undici/pull/1988
• @​ZaBlazzingZephyrus made their first contribution in https://github.com/nodejs/undici/pull/1997
• @​egmen made their first contribution in https://github.com/nodejs/undici/pull/2004
• @​andrewfecenko made their first contribution in https://github.com/nodejs/undici/pull/2003

Full Changelog: nodejs/undici@v5.20.0...v5.21.0

v5.20.0

Compare Source

What's Changed

• perf: improve cookie parsing performance by @​KhafraDev in https://github.com/nodejs/undici/pull/1931
• fix: disable websocket wpts in ci :( by @​KhafraDev in https://github.com/nodejs/undici/pull/1932
• fix: Allow “undefined“ as value in headers by @​pan93412 in https://github.com/nodejs/undici/pull/1929
• feat: Support autoSelectFamily when connecting. by @​ShogunPanda in https://github.com/nodejs/undici/pull/1914
• fix: copy cookies when cloning haders by @​KhafraDev in https://github.com/nodejs/undici/pull/1936
• test: more logs in wpt runner by @​KhafraDev in https://github.com/nodejs/undici/pull/1933
• feat: change headersTimeout and bodyTimeout to 300s by @​kyrylkov in https://github.com/nodejs/undici/pull/1937

Full Changelog: nodejs/undici@v5.19.1...v5.20.0

v5.19.1

Compare Source

⚠️ Security Release ⚠️

• Regular Expression Denial of Service in Headers with CVE-2023-24807
• CRLF Injection in Nodejs ‘undici’ via host with CVE-2023-23936

This release is part of the Node.js security release train: https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/

v5.19.0

Compare Source

What's Changed

• fix(fetch): raise AbortSignal max event listeners by @​KhafraDev in https://github.com/nodejs/undici/pull/1910
• fix: content-disposition header parsing by @​climba03003 in https://github.com/nodejs/undici/pull/1911
• fix: remove test by @​KhafraDev in https://github.com/nodejs/undici/pull/1916
• feat: add Headers.prototype.getSetCookie by @​KhafraDev in https://github.com/nodejs/undici/pull/1915
• fix(headers): clone getSetCookie list & add getSetCookie type by @​KhafraDev in https://github.com/nodejs/undici/pull/1917
• doc(mock): update out-of-date reply documentation by @​p9f in https://github.com/nodejs/undici/pull/1913
• fix(types): add missing keepAlive params by @​SkeLLLa in https://github.com/nodejs/undici/pull/1918
• Make the fetch() abort test pass locally, on Linux and Mac, Node 18/19. by @​mcollina in https://github.com/nodejs/undici/pull/1927

New Contributors

• @​climba03003 made their first contribution in https://github.com/nodejs/undici/pull/1911
• @​p9f made their first contribution in https://github.com/nodejs/undici/pull/1913

Full Changelog: nodejs/undici@v5.18.0...v5.19.0

v5.18.0

Compare Source

What's Changed

• Add ability to set TCP keepalive by @​xconverge in https://github.com/nodejs/undici/pull/1904
• use faster timers by @​ronag in https://github.com/nodejs/undici/pull/1908
• fix: ensure header value is a string by @​ronag in https://github.com/nodejs/undici/pull/1899

Full Changelog: nodejs/undici@v5.17.1...v5.18.0

v5.17.1

Compare Source

What's Changed

• fix: bad buffer slice (nodejs/undici@d2be675)

Full Changelog: nodejs/undici@v5.17.0...v5.17.1

v5.17.0

Compare Source

What's Changed

• fix(wpts): Blob is a global getter in >=v19.x.x by @​KhafraDev in https://github.com/nodejs/undici/pull/1880
• doc: fix anchor links dispatcher.stream by @​RafaelGSS in https://github.com/nodejs/undici/pull/1881
• wpt: make runner more resilient by @​KhafraDev in https://github.com/nodejs/undici/pull/1884
• Make test pass in v19.x by @​mcollina in https://github.com/nodejs/undici/pull/1879
• Correct the type of DispatchOptions["headers"] by @​pan93412 in https://github.com/nodejs/undici/pull/1896
• perf(content-type parser): faster string collector by @​KhafraDev in https://github.com/nodejs/undici/pull/1894
• feat: expose content-type parser by @​KhafraDev in https://github.com/nodejs/undici/pull/1895
• fix(types): Update DispatchOptions type for missing "blocking" by @​xconverge in https://github.com/nodejs/undici/pull/1889
• fix(types): update error type definitions by @​rafaelcr in https://github.com/nodejs/undici/pull/1888
• fix: ensure connection header is a string by @​ronag in https://github.com/nodejs/undici/pull/1900
• fix: throw if invalid content-type header by @​ronag in https://github.com/nodejs/undici/pull/1901
• fix(fetch): use semicolon for Cookie header delimiter by @​KhafraDev in https://github.com/nodejs/undici/pull/1906
• Use FastBuffer by @​ronag in https://github.com/nodejs/undici/pull/1907

New Contributors

• @​pan93412 made their first contribution in https://github.com/nodejs/undici/pull/1896
• @​rafaelcr made their first contribution in https://github.com/nodejs/undici/pull/1888

Full Changelog: nodejs/undici@v5.16.0...v5.17.0

v5.16.0

Compare Source

What's Changed

• Add feature to specify custom headers for proxies by @​Sebmaster in https://github.com/nodejs/undici/pull/1877

New Contributors

• @​Sebmaster made their first contribution in https://github.com/nodejs/undici/pull/1877

Full Changelog: nodejs/undici@v5.15.2...v5.16.0

v5.15.2

Compare Source

v5.15.1

Compare Source

What's Changed

• fix(websocket): simplify typedarray copying by @​KhafraDev in https://github.com/nodejs/undici/pull/1854
• fix: wpts on node v18.13.0+ by @​KhafraDev in https://github.com/nodejs/undici/pull/1859
• perf: allow keep alive for HEAD requests by @​ronag in https://github.com/nodejs/undici/pull/1858
• fix: flaky abort test by @​KhafraDev in https://github.com/nodejs/undici/pull/1863

Full Changelog: nodejs/undici@v5.15.0...v5.15.1

v5.15.0

Compare Source

What's Changed

• [types] update ProxyAgent Options (timeout) by @​sosoba in https://github.com/nodejs/undici/pull/1801
• feat: implement websockets by @​KhafraDev in https://github.com/nodejs/undici/pull/1795
• feat(websocket): handle ping/pong frames & fix fragmented frames by @​KhafraDev in https://github.com/nodejs/undici/pull/1809
• docs: add basic fetch & company docs by @​KhafraDev in https://github.com/nodejs/undici/pull/1810
• make formdata body immutable and encode it only once by @​jimmywarting in https://github.com/nodejs/undici/pull/1814
• test: add regression test for #​1814 by @​KhafraDev in https://github.com/nodejs/undici/pull/1815
• feat(websocket): only consume necessary bytes by @​KhafraDev in https://github.com/nodejs/undici/pull/1812
• websocket: use Buffer.allocUnsafe by @​KhafraDev in https://github.com/nodejs/undici/pull/1817
• build(deps-dev): bump @​sinonjs/fake-timers from 9.1.2 to 10.0.2 by @​dependabot in https://github.com/nodejs/undici/pull/1819
• fix(websocket): deprecation warning & 64-bit unsigned int body length by @​KhafraDev in https://github.com/nodejs/undici/pull/1818
• Use nodejs.stream.destroyed symbol by @​ronag in https://github.com/nodejs/undici/pull/1816
• fetch: removal of redundant condition by @​debadree25 in https://github.com/nodejs/undici/pull/1821
• fix(request): request headers array by @​jd-carroll in https://github.com/nodejs/undici/pull/1807
• fix(websocket): validate payload length received by @​KhafraDev in https://github.com/nodejs/undici/pull/1822
• fix(websocket): run parser in loop, instead of recursively by @​KhafraDev in https://github.com/nodejs/undici/pull/1828
• fix(fetch): weaker refs by @​ronag in https://github.com/nodejs/undici/pull/1824
• websocket: add tests for opening handshake by @​KhafraDev in https://github.com/nodejs/undici/pull/1831
• websocket: add tests for constructor, close, and send by @​KhafraDev in https://github.com/nodejs/undici/pull/1832
• websocket: more test coverage by @​KhafraDev in https://github.com/nodejs/undici/pull/1833
• fix(WPTs): flaky abort test by @​KhafraDev in https://github.com/nodejs/undici/pull/1835
• wpt: add test by @​KhafraDev in https://github.com/nodejs/undici/pull/1836
• fix: don't send keep-alive if we want reset by @​ronag in https://github.com/nodejs/undici/pull/1846
• fetch: update body consume to match spec by @​KhafraDev in https://github.com/nodejs/undici/pull/1847
• feat: allow connection header in request by @​metcoder95 in https://github.com/nodejs/undici/pull/1829
• feat: add cookie parsing ability by @​KhafraDev in https://github.com/nodejs/undici/pull/1848
• fix(cookie): add docs & expose in node v16 by @​KhafraDev in https://github.com/nodejs/undici/pull/1849
• fix(cookies): work with global Headers by @​KhafraDev in https://github.com/nodejs/undici/pull/1850
• docs(Dispatcher): adjust documentation for reset flag by @​metcoder95 in https://github.com/nodejs/undici/pull/1852
• Fix broken interceptor test by @​mcollina in https://github.com/nodejs/undici/pull/1853

New Contributors

• @​sosoba made their first contribution in https://github.com/nodejs/undici/pull/1801
• @​debadree25 made their first contribution in https://github.com/nodejs/undici/pull/1821
• @​jd-carroll made their first contribution in https://github.com/nodejs/undici/pull/1807

Full Changelog: nodejs/undici@v5.14.0...v5.15.0

v5.14.0

Compare Source

What's Changed

• fetch: implement https://github.com/whatwg/fetch/pull/1544 by @​KhafraDev in https://github.com/nodejs/undici/pull/1780
• fix(fetch): set content-length header for FormData body by @​KhafraDev in https://github.com/nodejs/undici/pull/1785
• fix(fetch): parse multipart/form-data non-ASCII field names by @​repsac-by in https://github.com/nodejs/undici/pull/1786
• fix(fetch): connection is cancelled when redirecting by @​KhafraDev in https://github.com/nodejs/undici/pull/1787
• build(deps-dev): bump sinon from 14.0.2 to 15.0.0 by @​dependabot in https://github.com/nodejs/undici/pull/1788
• wpt: update response-static-error.any.js by @​KhafraDev in https://github.com/nodejs/undici/pull/1789
• fix: connect option types by @​Kaciras in https://github.com/nodejs/undici/pull/1790
• fix(fetch): send headers in the case that they were sent by @​KhafraDev in https://github.com/nodejs/undici/pull/1784
• fetch: prefer global over lazy loading by @​KhafraDev in https://github.com/nodejs/undici/pull/1793
• perf: reduce number of native calls from fetch.body by @​anonrig in https://github.com/nodejs/undici/pull/1792
• perf: improve isomorphic decode performance by @​anonrig in https://github.com/nodejs/undici/pull/1791
• More correct filereader event firing by @​KhafraDev in https://github.com/nodejs/undici/pull/1796
• build(deps-dev): bump tsd from 0.24.1 to 0.25.0 by @​dependabot in https://github.com/nodejs/undici/pull/1797
• feat(fetch): add in native File class support by @​KhafraDev in https://github.com/nodejs/undici/pull/1779
• perf: Keep weak reference to session for re-use by @​ronag in https://github.com/nodejs/undici/pull/1802

New Contributors

• @​Kaciras made their first contribution in https://github.com/nodejs/undici/pull/1790

Full Changelog: nodejs/undici@v5.13.0...v5.14.0

v5.13.0

Compare Source

What's Changed

• fix(wpt): move formdata tests to correct folder by @​KhafraDev in https://github.com/nodejs/undici/pull/1739
• fix(fetch): set Symbol.toStringTag properly on classes by @​KhafraDev in https://github.com/nodejs/undici/pull/1742
• fetch: implement isomorphic encoding by @​KhafraDev in https://github.com/nodejs/undici/pull/1741
• fetch: implement isomorphic decoding by @​KhafraDev in https://github.com/nodejs/undici/pull/1743
• fetch: update extractBody to better match spec by @​KhafraDev in https://github.com/nodejs/undici/pull/1745
• chore(docs/assets): compress image by @​Fdawgs in https://github.com/nodejs/undici/pull/1749
• feat: implement 8.2 Set request’s referrer policy on redirect by @​metcoder95 in https://github.com/nodejs/undici/pull/1717
• fetch: remove duplicate checks by @​KhafraDev in https://github.com/nodejs/undici/pull/1751
• webidl: small changes by @​KhafraDev in https://github.com/nodejs/undici/pull/1754
• webidl: add argumentLengthCheck guard by @​KhafraDev in https://github.com/nodejs/undici/pull/1755
• feat(MockInterceptor): allow async reply callbacks by @​KhafraDev in https://github.com/nodejs/undici/pull/1758
• Fix filereader types by @​KhafraDev in https://github.com/nodejs/undici/pull/1762
• types: Refine internal TS export/imports to be more robust by @​kibertoad in https://github.com/nodejs/undici/pull/1769
• fix: remove unnecessary toLowerCase by @​anonrig in https://github.com/nodejs/undici/pull/1771
• perf: simplify isValidHeaderName by @​anonrig in https://github.com/nodejs/undici/pull/1772
• fetch(HeadersList): s/has/contains by @​KhafraDev in https://github.com/nodejs/undici/pull/1775
• fix(fetch): match spec text by @​KhafraDev in https://github.com/nodejs/undici/pull/1777
• wpt: add gzip-body.any.js by @​KhafraDev in https://github.com/nodejs/undici/pull/1778
• feat: more informative error messages by @​benmccann in https://github.com/nodejs/undici/pull/1781
• perf(fetch): simplify url serializer by @​anonrig in https://github.com/nodejs/undici/pull/1774
• fix(fetch): remove unnecessary encode operation by @​anonrig in https://github.com/nodejs/undici/pull/1773
• chore(doc/fetch) update doc for fetch duplex (#​1760) by @​zizifn in https://github.com/nodejs/undici/pull/1765

New Contributors

• @​benmccann made their first contribution in https://github.com/nodejs/undici/pull/1781
• @​zizifn made their first contribution in https://github.com/nodejs/undici/pull/1765

Full Changelog: nodejs/undici@v5.12.0...v5.13.0

v5.12.0

Compare Source

This release includes significant improvements to fetch code coverage and spec compliance as well as a new option to limit response body size.

What's Changed

• feat(fetch): add Request{Init}.duplex and add WPTs by @​KhafraDev in https://github.com/nodejs/undici/pull/1681
• feat: add response WPTs by @​KhafraDev in https://github.com/nodejs/undici/pull/1684
• fix(wpt): broken test by @​KhafraDev in https://github.com/nodejs/undici/pull/1683
• feat: add in Header WPTs by @​KhafraDev in https://github.com/nodejs/undici/pull/1685
• feat(WPTs): add in idlharness.any.js test by @​KhafraDev in https://github.com/nodejs/undici/pull/1689
• feat: add all File WPTs by @​KhafraDev in https://github.com/nodejs/undici/pull/1687
• chore: fixed typos by @​TimShilov in https://github.com/nodejs/undici/pull/1695
• feat: implement spec-compliant body mixins by @​KhafraDev in https://github.com/nodejs/undici/pull/1694
• fix(fetch): use structuredClone in clone body steps by @​KhafraDev in https://github.com/nodejs/undici/pull/1697
• feat: add in fetch/api/basic WPTs by @​KhafraDev in https://github.com/nodejs/undici/pull/1698
• fix: allow cloned stream to be unref'd by @​KhafraDev in https://github.com/nodejs/undici/pull/1700
• feat: add stream-safe-creation.any.js WPT by @​KhafraDev in https://github.com/nodejs/undici/pull/1701
• feat: add minesniff WPTs by @​KhafraDev in https://github.com/nodejs/undici/pull/1702
• feat: make File's type more strict by @​KhafraDev in https://github.com/nodejs/undici/pull/1703
• fix(fetch): re-calculate iterator after each iteration by @​KhafraDev in https://github.com/nodejs/undici/pull/1706
• wpt: add scheme-blob.sub.any.js by @​KhafraDev in https://github.com/nodejs/undici/pull/1707
• wpt: add remaining fetch/api/basic tests by @​KhafraDev in https://github.com/nodejs/undici/pull/1708
• feat: add parameter to ProxyAgent options, which is type of authentication by @​oooshima in https://github.com/nodejs/undici/pull/1705
• feat: add support for localaddress by @​metcoder95 in https://github.com/nodejs/undici/pull/1659
• feat: add abort reason support by @​KhafraDev in https://github.com/nodejs/undici/pull/1686
• wpt: add remaining fetch/api tests by @​KhafraDev in https://github.com/nodejs/undici/pull/1712
• feat: implement FileReader by @​KhafraDev in https://github.com/nodejs/undici/pull/1690
• wpt: remove tests that now succeed after implementing FileReader by @​KhafraDev in https://github.com/nodejs/undici/pull/1713
• wpt: run tests in parallel (2.5x speed improvement) by @​KhafraDev in https://github.com/nodejs/undici/pull/1714
• wpt: add two tests by @​KhafraDev in https://github.com/nodejs/undici/pull/1719
• wpt: add FormData wpts by @​KhafraDev in https://github.com/nodejs/undici/pull/1722
• fetch: implement new spec changes by @​KhafraDev in https://github.com/nodejs/undici/pull/1721
• fix(fetch): set default param value for Response.json by @​KhafraDev in https://github.com/nodejs/undici/pull/1723
• fix(redirect): Ignore query config after redirection by @​IlyasShabi in https://github.com/nodejs/undici/pull/1724
• fix: accept close as message complete by @​ronag in https://github.com/nodejs/undici/pull/1726
• update llhttp to the latest version v8.1.0 by @​HassanBahati in https://github.com/nodejs/undici/pull/1718
• docs: change master to main for links in the nodejs org by @​RaisinTen in https://github.com/nodejs/undici/pull/1728
• wpt: update scheme-blob.sub.any.js by @​KhafraDev in https://github.com/nodejs/undici/pull/1731
• fix(fetch): remove terminated event listener on redirect by @​KhafraDev in https://github.com/nodejs/undici/pull/1715
• fetch: update spec by @​KhafraDev in https://github.com/nodejs/undici/pull/1732
• wpt: fail runner if expected failures don't fail by @​KhafraDev in https://github.com/nodejs/undici/pull/1736
• feat(Client): add max response size option by @​mateonunez in https://github.com/nodejs/undici/pull/1729

New Contributors

• @​TimShilov made their first contribution in https://github.com/nodejs/undici/pull/1695
• @​oooshima made their first contribution in https://github.com/nodejs/undici/pull/1705
• @​IlyasShabi made their first contribution in https://github.com/nodejs/undici/pull/1724
• @​HassanBahati made their first contribution in https://github.com/nodejs/undici/pull/1718

Full Changelog: nodejs/undici@v5.11.0...v5.12.0

v5.11.0

Compare Source

What's Changed

• feat: capture error stack traces by @​sidwebworks in https://github.com/nodejs/undici/pull/1619
• fix(fetch): hangs on a stream response with manual redirect by @​feugy in https://github.com/nodejs/undici/pull/1627
• fix(fetch): decode response body when Location is set on non-3xx response by @​GertSallaerts in https://github.com/nodejs/undici/pull/1628
• fix: circular dependencies in fetch by @​KhafraDev in https://github.com/nodejs/undici/pull/1630
• fix: Convert logical nullish assignment for backward compatibility by @​avanelli in https://github.com/nodejs/undici/pull/1625
• feat(fetch): allow setting base urls by @​KhafraDev in https://github.com/nodejs/undici/pull/1631
• feat: export some fetch utilities by @​KhafraDev in https://github.com/nodejs/undici/pull/1632
• build(deps-dev): bump jest from 28.1.3 to 29.0.2 by @​dependabot in https://github.com/nodejs/undici/pull/1635
• build(deps-dev): bump tsd from 0.22.0 to 0.23.0 by @​dependabot in https://github.com/nodejs/undici/pull/1637
• Extensible DispatchHandler by @​arontsang in https://github.com/nodejs/undici/pull/1338
• mock: use http.STATUS_CODES by @​KhafraDev in https://github.com/nodejs/undici/pull/1641
• fix(fetch): allow third-party FormData/Blob bodies by @​mrbbot in https://github.com/nodejs/undici/pull/1643
• fix(docs): MockPoolInterceptOptions.method is optional by @​KhafraDev in https://github.com/nodejs/undici/pull/1648
• docs: make examples uniform by @​Nicholaiii in https://github.com/nodejs/undici/pull/1647
• fix: Fix docs link name to PoolOptions by @​silverwind in https://github.com/nodejs/undici/pull/1651
• ci: re-enable testing in Node.js 12 by @​dominykas in https://github.com/nodejs/undici/pull/1646
• feat(fetch): better errors messages for body-mixin methods by @​KhafraDev in https://github.com/nodejs/undici/pull/1654
• build(deps-dev): bump tsd from 0.23.0 to 0.24.1 by @​dependabot in https://github.com/nodejs/undici/pull/1657
• types: remove old signature by @​KhafraDev in https://github.com/nodejs/undici/pull/1658
• feat: WPT runner by @​KhafraDev in https://github.com/nodejs/undici/pull/1662
• Flag interceptors as experimental by @​mcollina in https://github.com/nodejs/undici/pull/1667
• feat(WPTRunner): parse META tags by @​KhafraDev in https://github.com/nodejs/undici/pull/1664
• Passing correct host header to proxy in ProxyAgent by @​protometa in https://github.com/nodejs/undici/pull/1624
• feat: add support for multipart/form-data by @​cameron-robey in https://github.com/nodejs/undici/pull/1606
• feat(fetch#Request): Implements determineRequestReferrer by @​metcoder95 in https://github.com/nodejs/undici/pull/1236
• fix: multipart/form-data base64 parsing by @​repsac-by in https://github.com/nodejs/undici/pull/1668
• perf: add query parameter to benchmark by @​anonrig in https://github.com/nodejs/undici/pull/1676
• fix(fetch): multiple data: url fixes & move tests to wpt runner by @​KhafraDev in https://github.com/nodejs/undici/pull/1678
• feat(util): use node:querystring for buildURL by @​KhafraDev in https://github.com/nodejs/undici/pull/1677

New Contributors

• @​sidwebworks made their first contribution in https://github.com/nodejs/undici/pull/1619
• @​feugy made their first contribution in https://github.com/nodejs/undici/pull/1627
• @​GertSallaerts made their first contribution in https://github.com/nodejs/undici/pull/1628
• @​avanelli made their first contribution in https://github.com/nodejs/undici/pull/1625
• @​arontsang made their first contribution in https://github.com/nodejs/undici/pull/1338
• @​Nicholaiii made their first contribution in https://github.com/nodejs/undici/pull/1647
• @​silverwind made their first contribution in https://github.com/nodejs/undici/pull/1651
• @​protometa made their first contribution in https://github.com/nodejs/undici/pull/1624
• @​cameron-robey made their first contribution in https://github.com/nodejs/undici/pull/1606
• @​repsac-by made their first contribution in https://github.com/nodejs/undici/pull/1668
• @​anonrig made their first contribution in https://github.com/nodejs/undici/pull/1676

Full Changelog: nodejs/undici@v5.10.0...v5.11.0

v5.10.0

Compare Source

What's Changed

• fix(fetch): allow custom implementation of AbortSignal by @​SukkaW in https://github.com/nodejs/undici/pull/1608
• fix: make mock intercept agnostic to query key ordering by @​James1x0 in https://github.com/nodejs/undici/pull/1607
• fix: support ArrayBufferView and ArrayBuffer as body by @​LiviaMedeiros in https://github.com/nodejs/undici/pull/1584
• fix: allow third party AbortControllers by @​KhafraDev in https://github.com/nodejs/undici/pull/1609
• feat(fetch): implement spec compliant integrity checks by @​KhafraDev in https://github.com/nodejs/undici/pull/1613
• avoid body reordering on really fast lines by @​mcollina in https://github.com/nodejs/undici/pull/1615
• fix: use FinalizationRegistry compat if global is missing by @​Kikobeats in https://github.com/nodejs/undici/pull/1545

New Contributors

• @​SukkaW made their first contribution in https://github.com/nodejs/undici/pull/1608
• @​James1x0 made their first contribution in https://github.com/nodejs/undici/pull/1607

Full Changelog: nodejs/undici@v5.9.1...v5.10.0

v5.9.1

What's Changed

• fix: don't timeout while waiting for client to send request (#​1604)
• Fix array headers by @​mateonunez in https://github.com/nodejs/undici/pull/1598
• fix(fetch): implement fully read body algorithm by @​KhafraDev in https://github.com/nodejs/undici/pull/1597
• fix: add support for integrity option to Fetch by @​jelmervdl in https://github.com/nodejs/undici/pull/1596
• fix(File): respect typed array byteOffset and byteLength by @​mrbbot in https://github.com/nodejs/undici/pull/1601

New Contributors

• @​mateonunez made their first contribution in https://github.com/nodejs/undici/pull/1598
• @​jelmervdl made their first contribution in https://github.com/nodejs/undici/pull/1596
• @​mrbbot made their first contribution in https://github.com/nodejs/undici/pull/1601

Full Changelog: nodejs/undici@v5.8.2...v5.9.1

v5.8.2

Compare Source

⚠️ Security Release ⚠️

• CRLF Injection in Nodejs ‘undici’ via Content-Type GHSA-f772-66g8-q5h3 CVE-2022-35948
• undici.request vulnerable to SSRF using absolute URL on pathname GHSA-8qr4-xgw6-wmr3 CVE-2022-35949

What's Changed

• docs: mock different endpoints in a single file by @​ritvik130 in https://github.com/nodejs/undici/pull/1589
• feat(webidl): better error message for ByteString converter by @​KhafraDev in https://github.com/nodejs/undici/pull/1591

New Contributors

• @​ritvik130 made their first contribution in https://github.com/nodejs/undici/pull/1589

Full Changelog: nodejs/undici@v5.8.1...v5.8.2

v5.8.1

Compare Source

What's Changed

• Do not decode the body while we are following a redirect by @​mcollina in https://github.com/nodejs/undici/pull/1554
• docs: Fix spelling/grammar in "Mocking Request" by @​meyfa in https://github.com/nodejs/undici/pull/1555
• fix(MockInterceptor): callback options.headers w/ fetch by @​KhafraDev in https://github.com/nodejs/undici/pull/1559
• fix(fetch): ByteString checks & conversion in Headers by @​KhafraDev in https://github.com/nodejs/undici/pull/1560
• test: update client certificates with ones that expires in 100 years by @​jodevsa in https://github.com/nodejs/undici/pull/1566
• fix: x-www-form-urlencoded parser keep the BOM by @​cola119 in https://github.com/nodejs/undici/pull/1563
• fix: prioritise error events over timeouts by @​jodevsa in https://github.com/nodejs/undici/pull/1551
• fix: add isErrorLike by @​KhafraDev in https://github.com/nodejs/undici/pull/1570
• fix(types): add missing pool stats by @​SkeLLLa in https://github.com/nodejs/undici/pull/1573
• fix: fetch a long base64 url will crash and nothing happens (close: #​1574) by @​ahaoboy in https://github.com/nodejs/undici/pull/1575
• fix: follow signal.reason in Request by @​LiviaMedeiros in https://github.com/nodejs/undici/pull/1580
• docs: Fix DiagnosticsChannel sidebar link by @​trentm in https://github.com/nodejs/undici/pull/1582
• fix: make mock headers case-insensitive by @​cola119 in https://github.com/nodejs/undici/pull/1585

New Contributors

• @​meyfa made their first contribution in https://github.com/nodejs/undici/pull/1555
• @​cola119 made their first contribution in https://github.com/nodejs/undici/pull/1563
• @​SkeLLLa made their first contribution in https://github.com/nodejs/undici/pull/1573
• @​ahaoboy made their first contribution in https://github.com/nodejs/undici/pull/1575
• @​trentm made their first contribution in https://github.com/nodejs/undici/pull/1582

Full Changelog: nodejs/undici@v5.8.0...v5.8.1

v5.8.0

Compare Source

⚠️ Security Fixes ⚠️

• CRLF injection in request path, method, and headers GHSA-3cvr-822r-rqcc, CVE CVE-2022-31150, reported by @​Haxatron
• Cookies uncleared on cross-host / cross-origin redirect GHSA-q768-x9m6-m9qp, CVE CVE-20

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.

[renovate]

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.