devfaq
devfaq copied to clipboard
Published
20 hours ago •
typeofweb-org
typeofweb-org
chore(deps): bump undici from 5.14.0 to 5.26.2
Bumps undici from 5.14.0 to 5.26.2.
Release notes
Sourced from undici's releases.
v5.26.2
Security Release, CVE-2023-45143.
v5.26.1
What's Changed
- Fix publish undici-types once and for all! by
@Ethan-Arrowoodin nodejs/undici#2338- Fix node detection omfg by
@KhafraDevin nodejs/undici#2341Full Changelog: https://github.com/nodejs/undici/compare/v5.26.0...v5.26.1
v5.26.0
What's Changed
- use npm install instead of npm ci by
@Ethan-Arrowoodin nodejs/undici#2309- change default header to
nodeby@Ethan-Arrowoodin nodejs/undici#2310- chore: change order of the pseudo-headers by
@kyrylodolynskyiin nodejs/undici#2308- fix: Agent.Options.factory should accept URL object or string as parameter by
@nicole0707in nodejs/undici#2295- build(deps-dev): bump sinon from 15.2.0 to 16.1.0 by
@dependabotin nodejs/undici#2312- test: handle npm ignore-scripts settings by
@panvain nodejs/undici#2313- feat: respect
--max-http-header-sizeNode.js flag by@balazsorban44in nodejs/undici#2234- fix(#2311): End stream after body sent by
@metcoder95in nodejs/undici#2314- disallow setting host header in fetch by
@KhafraDevin nodejs/undici#2322- [StepSecurity] ci: Harden GitHub Actions by
@step-security-botin nodejs/undici#2325- fix fetch with coverage enabled by
@KhafraDevin nodejs/undici#2330- Fix stuck when using http2 POST Buffer by
@binseein nodejs/undici#2336- fix: 🏷️ add allowH2 to BuildOptions by
@binseein nodejs/undici#2334- fix: 🐛 fix process http2 header by
@binseein nodejs/undici#2332New Contributors
@kyrylodolynskyimade their first contribution in nodejs/undici#2308@nicole0707made their first contribution in nodejs/undici#2295@balazsorban44made their first contribution in nodejs/undici#2234@binseemade their first contribution in nodejs/undici#2336Full Changelog: https://github.com/nodejs/undici/compare/v5.23.4...v5.26.0
v5.25.3
What's Changed
- perf: improve parse-url implementation by
@anonrigin nodejs/undici#2286- test: enable websockets inclusion in WPTReport by
@panvain nodejs/undici#2284- remove npm run test from pre-commit hook by
@dancastilloin nodejs/undici#2296- perf: use
@fastify/busboyby@gurgundayin nodejs/undici#2211- Disable finalizationregistry if node code cov by
@mcollinain nodejs/undici#2298New Contributors
@gurgundaymade their first contribution in nodejs/undici#2211Full Changelog: https://github.com/nodejs/undici/compare/v5.25.2...v5.25.3
v5.25.2
... (truncated)
Commits
12a6218Bumped v5.26.2e041de3Merge pull request from GHSA-wqq4-5wpv-mx2gc8c80b15.26.17bcb80cFix node detection omfg (#2341)69ea7b9hopefully this fixes it for good (#2338)4006aafBumped v5.26.0df97958fix: 🐛 fix process http2 header (#2332)b9d8368fix: 🏷️ add allowH2 to BuildOptions (#2334)06380f6Fix stuck when using http2 POST Buffer (#2336)3a9f481fix fetch with coverage enabled (#2330)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}
The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| devfaq | ✅ Ready (Inspect) | Visit Preview | 💬 Add feedback | Oct 16, 2023 3:08pm |
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}
Kudos, SonarCloud Quality Gate passed! 
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
0.0% Duplication
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}