Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: bump up undici version to v6.11.1 [SECURITY] #6457

Merged
merged 1 commit into from
Apr 8, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Apr 4, 2024

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
undici (source) 6.6.2 -> 6.11.1 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2024-30260

Impact

Undici cleared Authorization and Proxy-Authorization headers for fetch(), but did not clear them for undici.request().

Patches

This has been patched in nodejs/undici@6805746.
Fixes has been released in v5.28.4 and v6.11.1.

Workarounds

use fetch() or disable maxRedirections.

References

Linzi Shang reported this.

CVE-2024-30261

Impact

If an attacker can alter the integrity option passed to fetch(), they can let fetch() accept requests as valid even if they have been tampered.

Patches

Fixed in nodejs/undici@d542b8c.
Fixes has been released in v5.28.4 and v6.11.1.

Workarounds

Ensure that integrity cannot be tampered with.

References

https://hackerone.com/reports/2377760


Release Notes

nodejs/undici (undici)

v6.11.1

Compare Source

v6.11.0

Compare Source

v6.10.2

Compare Source

What's Changed
New Contributors

Full Changelog: nodejs/undici@v6.10.0...v6.10.2

v6.10.1

Compare Source

v6.10.0

Compare Source

What's Changed

New Contributors

Full Changelog: nodejs/undici@v6.9.0...v6.10.0

v6.9.0

Compare Source

What's Changed

New Contributors

Full Changelog: nodejs/undici@v6.8.0...v6.9.0

v6.8.0

Compare Source

What's Changed

New Contributors

Full Changelog: nodejs/undici@v6.7.1...v6.8.0

v6.7.1

Compare Source

What's Changed

New Contributors

Full Changelog: nodejs/undici@v6.7.0...v6.7.1

v6.7.0

Compare Source

What's Changed

New Contributors

Full Changelog: nodejs/undici@v6.6.2...v6.7.0


Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Apr 4, 2024
Copy link

graphite-app bot commented Apr 4, 2024

Your org has enabled the Graphite merge queue for merging into canary

Add the label “merge” to the PR and Graphite will automatically add it to the merge queue when it’s ready to merge. Or use the label “hotfix” to add to the merge queue as a hot fix.

You must have a Graphite account in order to use the merge queue. Sign up using this link.

Copy link

nx-cloud bot commented Apr 4, 2024

☁️ Nx Cloud Report

CI is running/has finished running commands for commit 39c90a4. As they complete they will appear below. Click to see the status, the terminal output, and the build insights.

📂 See all runs for this CI Pipeline Execution


✅ Successfully ran 5 targets

Sent with 💌 from NxCloud.

Copy link

codecov bot commented Apr 4, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 38.71%. Comparing base (edef9b2) to head (39c90a4).

Additional details and impacted files
@@             Coverage Diff             @@
##           canary    #6457       +/-   ##
===========================================
- Coverage   62.32%   38.71%   -23.61%     
===========================================
  Files         519      363      -156     
  Lines       24016     7884    -16132     
  Branches     2267     1363      -904     
===========================================
- Hits        14967     3052    -11915     
+ Misses       8783     4600     -4183     
+ Partials      266      232       -34     
Flag Coverage Δ
server-test ?
unittest 38.71% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link

graphite-app bot commented Apr 8, 2024

Merge activity

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [undici](https://undici.nodejs.org) ([source](https://togithub.com/nodejs/undici)) | [`6.6.2` -> `6.11.1`](https://renovatebot.com/diffs/npm/undici/6.6.2/6.11.1) | [![age](https://developer.mend.io/api/mc/badges/age/npm/undici/6.11.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/undici/6.11.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/undici/6.6.2/6.11.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/undici/6.6.2/6.11.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) |

### GitHub Vulnerability Alerts

#### [CVE-2024-30260](https://togithub.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7)

### Impact

Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`.

### Patches

This has been patched in nodejs/undici@6805746.
Fixes has been released in v5.28.4 and v6.11.1.

### Workarounds

use `fetch()` or disable `maxRedirections`.

### References

Linzi Shang reported this.

* https://hackerone.com/reports/2408074
* GHSA-3787-6prv-h9w3

#### [CVE-2024-30261](https://togithub.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672)

### Impact

If an attacker can alter the `integrity` option passed to `fetch()`, they can let `fetch()` accept requests as valid even if they have been tampered.

### Patches

Fixed in nodejs/undici@d542b8c.
Fixes has been released in v5.28.4 and v6.11.1.

### Workarounds

Ensure that `integrity` cannot be tampered with.

### References

https://hackerone.com/reports/2377760

---

### Release Notes

<details>
<summary>nodejs/undici (undici)</summary>

### [`v6.11.1`](https://togithub.com/nodejs/undici/compare/v6.11.0...6df3c738d03dc4014a26640316bf699950d62024)

[Compare Source](https://togithub.com/nodejs/undici/compare/v6.11.0...v6.11.1)

### [`v6.11.0`](https://togithub.com/nodejs/undici/compare/v6.10.2...ee5f892f3955eaca37730ed30349153ba203e9cd)

[Compare Source](https://togithub.com/nodejs/undici/compare/v6.10.2...v6.11.0)

### [`v6.10.2`](https://togithub.com/nodejs/undici/releases/tag/v6.10.2)

[Compare Source](https://togithub.com/nodejs/undici/compare/v6.10.1...v6.10.2)

##### What's Changed

-   Do not fail test if streams support typed arrays by [@&#8203;mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2978](https://togithub.com/nodejs/undici/pull/2978)
-   fix(fetch): properly redirect non-ascii location header url by [@&#8203;Xvezda](https://togithub.com/Xvezda) in [https://github.com/nodejs/undici/pull/2971](https://togithub.com/nodejs/undici/pull/2971)
-   perf: Remove double-stringify in setCookie by [@&#8203;peterver](https://togithub.com/peterver) in [https://github.com/nodejs/undici/pull/2980](https://togithub.com/nodejs/undici/pull/2980)
-   \[fix [#&#8203;2982](https://togithub.com/nodejs/undici/issues/2982)] use DispatcherInterceptor type for Dispatcher#Compose by [@&#8203;clovis-guillemot](https://togithub.com/clovis-guillemot) in [https://github.com/nodejs/undici/pull/2983](https://togithub.com/nodejs/undici/pull/2983)
-   fix: make EventSource properties enumerable by [@&#8203;MattBidewell](https://togithub.com/MattBidewell) in [https://github.com/nodejs/undici/pull/2987](https://togithub.com/nodejs/undici/pull/2987)
-   docs: ✏️ fixed benchmark links by [@&#8203;benhalverson](https://togithub.com/benhalverson) in [https://github.com/nodejs/undici/pull/2991](https://togithub.com/nodejs/undici/pull/2991)
-   fix([#&#8203;2986](https://togithub.com/nodejs/undici/issues/2986)): bad start check by [@&#8203;metcoder95](https://togithub.com/metcoder95) in [https://github.com/nodejs/undici/pull/2992](https://togithub.com/nodejs/undici/pull/2992)
-   fix(H2 Client): bind stream 'data' listener only after received 'response' event by [@&#8203;St3ffGv4](https://togithub.com/St3ffGv4) in [https://github.com/nodejs/undici/pull/2985](https://togithub.com/nodejs/undici/pull/2985)
-   feat:  added search input by [@&#8203;benhalverson](https://togithub.com/benhalverson) in [https://github.com/nodejs/undici/pull/2993](https://togithub.com/nodejs/undici/pull/2993)
-   chore: validate responses can be consumed without a Content-Length or… by [@&#8203;jacob-ebey](https://togithub.com/jacob-ebey) in [https://github.com/nodejs/undici/pull/2995](https://togithub.com/nodejs/undici/pull/2995)
-   fix error message by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2998](https://togithub.com/nodejs/undici/pull/2998)
-   Revert "perf: reuse TextDecoder instance ([#&#8203;2863](https://togithub.com/nodejs/undici/issues/2863))" by [@&#8203;panva](https://togithub.com/panva) in [https://github.com/nodejs/undici/pull/2999](https://togithub.com/nodejs/undici/pull/2999)
-   test: remove only by [@&#8203;metcoder95](https://togithub.com/metcoder95) in [https://github.com/nodejs/undici/pull/3001](https://togithub.com/nodejs/undici/pull/3001)

##### New Contributors

-   [@&#8203;Xvezda](https://togithub.com/Xvezda) made their first contribution in [https://github.com/nodejs/undici/pull/2971](https://togithub.com/nodejs/undici/pull/2971)
-   [@&#8203;peterver](https://togithub.com/peterver) made their first contribution in [https://github.com/nodejs/undici/pull/2980](https://togithub.com/nodejs/undici/pull/2980)
-   [@&#8203;clovis-guillemot](https://togithub.com/clovis-guillemot) made their first contribution in [https://github.com/nodejs/undici/pull/2983](https://togithub.com/nodejs/undici/pull/2983)
-   [@&#8203;MattBidewell](https://togithub.com/MattBidewell) made their first contribution in [https://github.com/nodejs/undici/pull/2987](https://togithub.com/nodejs/undici/pull/2987)
-   [@&#8203;benhalverson](https://togithub.com/benhalverson) made their first contribution in [https://github.com/nodejs/undici/pull/2991](https://togithub.com/nodejs/undici/pull/2991)
-   [@&#8203;St3ffGv4](https://togithub.com/St3ffGv4) made their first contribution in [https://github.com/nodejs/undici/pull/2985](https://togithub.com/nodejs/undici/pull/2985)
-   [@&#8203;jacob-ebey](https://togithub.com/jacob-ebey) made their first contribution in [https://github.com/nodejs/undici/pull/2995](https://togithub.com/nodejs/undici/pull/2995)

**Full Changelog**: nodejs/undici@v6.10.0...v6.10.2

### [`v6.10.1`](https://togithub.com/nodejs/undici/compare/v6.10.0...dd3918fee4f90e02fb93ff1bc04e707144041938)

[Compare Source](https://togithub.com/nodejs/undici/compare/v6.10.0...v6.10.1)

### [`v6.10.0`](https://togithub.com/nodejs/undici/releases/tag/v6.10.0)

[Compare Source](https://togithub.com/nodejs/undici/compare/v6.9.0...v6.10.0)

#### What's Changed

-   test: fix flakyness of issue-803 test by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2960](https://togithub.com/nodejs/undici/pull/2960)
-   Cleanup format by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2959](https://togithub.com/nodejs/undici/pull/2959)
-   Chore: run tests daily against node nightly by [@&#8203;mweberxyz](https://togithub.com/mweberxyz) in [https://github.com/nodejs/undici/pull/2969](https://togithub.com/nodejs/undici/pull/2969)
-   fix: fix retry handler option by [@&#8203;acommodari](https://togithub.com/acommodari) in [https://github.com/nodejs/undici/pull/2962](https://togithub.com/nodejs/undici/pull/2962)
-   build(deps): bump node from `4999fa1` to `577f8eb` in /build by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2974](https://togithub.com/nodejs/undici/pull/2974)
-   feat(TS): add types for composed dispatchers by [@&#8203;metcoder95](https://togithub.com/metcoder95) in [https://github.com/nodejs/undici/pull/2967](https://togithub.com/nodejs/undici/pull/2967)
-   fix: count for error response and network errors by [@&#8203;metcoder95](https://togithub.com/metcoder95) in [https://github.com/nodejs/undici/pull/2966](https://togithub.com/nodejs/undici/pull/2966)

#### New Contributors

-   [@&#8203;mweberxyz](https://togithub.com/mweberxyz) made their first contribution in [https://github.com/nodejs/undici/pull/2969](https://togithub.com/nodejs/undici/pull/2969)
-   [@&#8203;acommodari](https://togithub.com/acommodari) made their first contribution in [https://github.com/nodejs/undici/pull/2962](https://togithub.com/nodejs/undici/pull/2962)

**Full Changelog**: nodejs/undici@v6.9.0...v6.10.0

### [`v6.9.0`](https://togithub.com/nodejs/undici/releases/tag/v6.9.0)

[Compare Source](https://togithub.com/nodejs/undici/compare/v6.8.0...v6.9.0)

#### What's Changed

-   feat: add new dispatch compose by [@&#8203;metcoder95](https://togithub.com/metcoder95) in [https://github.com/nodejs/undici/pull/2826](https://togithub.com/nodejs/undici/pull/2826)
-   ci: add macos-latest to test-matrix by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2952](https://togithub.com/nodejs/undici/pull/2952)
-   types: align RequestInit.body type with lib.dom.ts by [@&#8203;jdufresne](https://togithub.com/jdufresne) in [https://github.com/nodejs/undici/pull/2956](https://togithub.com/nodejs/undici/pull/2956)
-   ci: pin versions of github actions by [@&#8203;UlisesGascon](https://togithub.com/UlisesGascon) in [https://github.com/nodejs/undici/pull/2957](https://togithub.com/nodejs/undici/pull/2957)
-   fetch: improve output for FormData, Response, Request by [@&#8203;mertcanaltin](https://togithub.com/mertcanaltin) in [https://github.com/nodejs/undici/pull/2955](https://togithub.com/nodejs/undici/pull/2955)
-   perf: optimize collectASequenceOfBytes by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2958](https://togithub.com/nodejs/undici/pull/2958)

#### New Contributors

-   [@&#8203;jdufresne](https://togithub.com/jdufresne) made their first contribution in [https://github.com/nodejs/undici/pull/2956](https://togithub.com/nodejs/undici/pull/2956)
-   [@&#8203;UlisesGascon](https://togithub.com/UlisesGascon) made their first contribution in [https://github.com/nodejs/undici/pull/2957](https://togithub.com/nodejs/undici/pull/2957)

**Full Changelog**: nodejs/undici@v6.8.0...v6.9.0

### [`v6.8.0`](https://togithub.com/nodejs/undici/releases/tag/v6.8.0)

[Compare Source](https://togithub.com/nodejs/undici/compare/v6.7.1...v6.8.0)

#### What's Changed

-   fix: send correct SNI for proxy connections by [@&#8203;chrros95](https://togithub.com/chrros95) in [https://github.com/nodejs/undici/pull/2939](https://togithub.com/nodejs/undici/pull/2939)
-   build(deps): bump node from `8bf9240` to `7bfef1d` in /build by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2937](https://togithub.com/nodejs/undici/pull/2937)
-   fetch: improve util.inspect output for web specifications by [@&#8203;mertcanaltin](https://togithub.com/mertcanaltin) in [https://github.com/nodejs/undici/pull/2938](https://togithub.com/nodejs/undici/pull/2938)
-   ci: fix broken ci on windows and node v21 because of libuv bug by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2941](https://togithub.com/nodejs/undici/pull/2941)
-   perf: improve getResolveErrorBodyCallback by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2940](https://togithub.com/nodejs/undici/pull/2940)
-   fix: don't assign kAgent twice by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2942](https://togithub.com/nodejs/undici/pull/2942)
-   perf: dump immediatly if known size exceeds limit by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2882](https://togithub.com/nodejs/undici/pull/2882)
-   build(deps): bump node from `7bfef1d` to `4999fa1` in /build by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2946](https://togithub.com/nodejs/undici/pull/2946)
-   try to fix windows failure by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2950](https://togithub.com/nodejs/undici/pull/2950)
-   perf: improve parsing form-data by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2944](https://togithub.com/nodejs/undici/pull/2944)

#### New Contributors

-   [@&#8203;chrros95](https://togithub.com/chrros95) made their first contribution in [https://github.com/nodejs/undici/pull/2939](https://togithub.com/nodejs/undici/pull/2939)

**Full Changelog**: nodejs/undici@v6.7.1...v6.8.0

### [`v6.7.1`](https://togithub.com/nodejs/undici/releases/tag/v6.7.1)

[Compare Source](https://togithub.com/nodejs/undici/compare/v6.7.0...v6.7.1)

#### What's Changed

-   fetch: use EOL of os-module by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2915](https://togithub.com/nodejs/undici/pull/2915)
-   ci: only send codecov from ubuntu and node by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2914](https://togithub.com/nodejs/undici/pull/2914)
-   tests: improve skip for unix.js tests, remove skipped tests by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2916](https://togithub.com/nodejs/undici/pull/2916)
-   chore: fix typo in isHistoryNavigation comments by [@&#8203;kachick](https://togithub.com/kachick) in [https://github.com/nodejs/undici/pull/2920](https://togithub.com/nodejs/undici/pull/2920)
-   fix(benchmark): set body correctly by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2918](https://togithub.com/nodejs/undici/pull/2918)
-   chore: increase test coverage to 100% for /lib/api/api-request.js by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2912](https://togithub.com/nodejs/undici/pull/2912)
-   fix: chunksDecode cuts off 3 characters at the end if having BOM by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2922](https://togithub.com/nodejs/undici/pull/2922)
-   docs: clarify URI parsing behavior of ProxyAgent constructor by [@&#8203;rossilor95](https://togithub.com/rossilor95) in [https://github.com/nodejs/undici/pull/2893](https://togithub.com/nodejs/undici/pull/2893)
-   implement sync formdata parser by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2911](https://togithub.com/nodejs/undici/pull/2911)
-   Fix docs links and add examples to sidebar by [@&#8203;tastypackets](https://togithub.com/tastypackets) in [https://github.com/nodejs/undici/pull/2895](https://togithub.com/nodejs/undici/pull/2895)
-   doc: update diagnostics channel request headers type change by [@&#8203;jessezhang91](https://togithub.com/jessezhang91) in [https://github.com/nodejs/undici/pull/2925](https://togithub.com/nodejs/undici/pull/2925)
-   perf: optimize getResolveErrorBodyCallback by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2921](https://togithub.com/nodejs/undici/pull/2921)
-   override request dispatcher from init by [@&#8203;matthieusieben](https://togithub.com/matthieusieben) in [https://github.com/nodejs/undici/pull/2928](https://togithub.com/nodejs/undici/pull/2928)
-   add busboy tests by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2924](https://togithub.com/nodejs/undici/pull/2924)
-   fix(benchmark): make it fair by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2929](https://togithub.com/nodejs/undici/pull/2929)
-   Revert "chore: remove no-simd wasm" by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2935](https://togithub.com/nodejs/undici/pull/2935)
-   build(deps): bump node from `d3271e4` to `8bf9240` in /build by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2936](https://togithub.com/nodejs/undici/pull/2936)
-   Flip link between docs and README by [@&#8203;mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2933](https://togithub.com/nodejs/undici/pull/2933)

#### New Contributors

-   [@&#8203;kachick](https://togithub.com/kachick) made their first contribution in [https://github.com/nodejs/undici/pull/2920](https://togithub.com/nodejs/undici/pull/2920)
-   [@&#8203;tastypackets](https://togithub.com/tastypackets) made their first contribution in [https://github.com/nodejs/undici/pull/2895](https://togithub.com/nodejs/undici/pull/2895)
-   [@&#8203;jessezhang91](https://togithub.com/jessezhang91) made their first contribution in [https://github.com/nodejs/undici/pull/2925](https://togithub.com/nodejs/undici/pull/2925)
-   [@&#8203;matthieusieben](https://togithub.com/matthieusieben) made their first contribution in [https://github.com/nodejs/undici/pull/2928](https://togithub.com/nodejs/undici/pull/2928)

**Full Changelog**: nodejs/undici@v6.7.0...v6.7.1

### [`v6.7.0`](https://togithub.com/nodejs/undici/releases/tag/v6.7.0)

[Compare Source](https://togithub.com/nodejs/undici/compare/v6.6.2...v6.7.0)

#### What's Changed

-   test: remove t.diagnostics() calls in push-dont-push.js test by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2715](https://togithub.com/nodejs/undici/pull/2715)
-   fix: fix flaky debug test by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2714](https://togithub.com/nodejs/undici/pull/2714)
-   fix: HTTP2 tweaks by [@&#8203;metcoder95](https://togithub.com/metcoder95) in [https://github.com/nodejs/undici/pull/2711](https://togithub.com/nodejs/undici/pull/2711)
-   test: improve cookie tests by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2693](https://togithub.com/nodejs/undici/pull/2693)
-   test: response.url after redirect is set to target url by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2716](https://togithub.com/nodejs/undici/pull/2716)
-   chore: remove mocha and chai by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2696](https://togithub.com/nodejs/undici/pull/2696)
-   test: replace t.pass with t.ok by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2721](https://togithub.com/nodejs/undici/pull/2721)
-   perf: remove redundant operation in FormData by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2726](https://togithub.com/nodejs/undici/pull/2726)
-   Add support for passing iterable objects as headers by [@&#8203;JaoodxD](https://togithub.com/JaoodxD) in [https://github.com/nodejs/undici/pull/2708](https://togithub.com/nodejs/undici/pull/2708)
-   chore: refine esbuild & node detection by [@&#8203;mochaaP](https://togithub.com/mochaaP) in [https://github.com/nodejs/undici/pull/2677](https://togithub.com/nodejs/undici/pull/2677)
-   chore: rephrase some comments by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2717](https://togithub.com/nodejs/undici/pull/2717)
-   test: replace t.type with t.ok and instanceof by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2720](https://togithub.com/nodejs/undici/pull/2720)
-   remove useless options in web streams by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2729](https://togithub.com/nodejs/undici/pull/2729)
-   Let's add superagent to the benchmark. closes [#&#8203;2730](https://togithub.com/nodejs/undici/issues/2730) by [@&#8203;eddienubes](https://togithub.com/eddienubes) in [https://github.com/nodejs/undici/pull/2731](https://togithub.com/nodejs/undici/pull/2731)
-   convert node build to latin1 by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2673](https://togithub.com/nodejs/undici/pull/2673)
-   simplify formData body parsing by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2735](https://togithub.com/nodejs/undici/pull/2735)
-   chore: migrate a batch of tests to node test runner no. 1 by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2719](https://togithub.com/nodejs/undici/pull/2719)
-   chore: migrate a batch of tests to node test runner no. 2 by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2737](https://togithub.com/nodejs/undici/pull/2737)
-   chore: migrate a batch of tests to node test runner no. 4 by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2739](https://togithub.com/nodejs/undici/pull/2739)
-   chore: migrate a batch of tests to node test runner no. 5 by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2740](https://togithub.com/nodejs/undici/pull/2740)
-   chore: migrate a batch of tests to node test runner no. 3 by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2738](https://togithub.com/nodejs/undici/pull/2738)
-   chore: migrate a batch of tests to node test runner no. 6 by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2741](https://togithub.com/nodejs/undici/pull/2741)
-   chore: migrate a batch of tests to node test runner no. 8 by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2744](https://togithub.com/nodejs/undici/pull/2744)
-   chore: migrate a batch of tests to node test runner no. 7 by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2742](https://togithub.com/nodejs/undici/pull/2742)
-   build(deps-dev): bump cronometro from 2.0.2 to 3.0.1 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2749](https://togithub.com/nodejs/undici/pull/2749)
-   perf: always use the same prototype Iterator by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2743](https://togithub.com/nodejs/undici/pull/2743)
-   chore: migrate a batch of tests to node test runner no. 9, remove tap by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2746](https://togithub.com/nodejs/undici/pull/2746)
-   chore: remove usage of http-errors in proxy example by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2753](https://togithub.com/nodejs/undici/pull/2753)
-   fix: dont ship wasm files of llhttp via npm by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2752](https://togithub.com/nodejs/undici/pull/2752)
-   fix: handle request body as late as possible by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2734](https://togithub.com/nodejs/undici/pull/2734)
-   perf(tree): avoid recursive calls by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2755](https://togithub.com/nodejs/undici/pull/2755)
-   docs: fix favicon by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2758](https://togithub.com/nodejs/undici/pull/2758)
-   chore: use mermaid engine and mermaid in markdown by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2759](https://togithub.com/nodejs/undici/pull/2759)
-   chore: remove sinon dev dependency by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2767](https://togithub.com/nodejs/undici/pull/2767)
-   tests: skip test/node-test/debug on node 21.6.2 and windows by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2765](https://togithub.com/nodejs/undici/pull/2765)
-   chore: improve usage of skip in tests by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2761](https://togithub.com/nodejs/undici/pull/2761)
-   feat: improve mock error breadcrumbs by [@&#8203;rossilor95](https://togithub.com/rossilor95) in [https://github.com/nodejs/undici/pull/2774](https://togithub.com/nodejs/undici/pull/2774)
-   expose MessageEvent in fetch bundle by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2770](https://togithub.com/nodejs/undici/pull/2770)
-   test: always exit with 0 when running in Node's Daily WPT Report CI job by [@&#8203;panva](https://togithub.com/panva) in [https://github.com/nodejs/undici/pull/2778](https://togithub.com/nodejs/undici/pull/2778)
-   fix: add node prefix for util to fix issue in env with min version node 18 by [@&#8203;riderx](https://togithub.com/riderx) in [https://github.com/nodejs/undici/pull/2775](https://togithub.com/nodejs/undici/pull/2775)
-   perf: improve perf of parseRawHeaders by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2781](https://togithub.com/nodejs/undici/pull/2781)
-   fix: make mock-agent.js test more resilient by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2780](https://togithub.com/nodejs/undici/pull/2780)
-   chore: make some test run even without internet connection by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2786](https://togithub.com/nodejs/undici/pull/2786)
-   mock: improve validateReplyParameters by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2783](https://togithub.com/nodejs/undici/pull/2783)
-   perf: improve TernarySearchTree by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2782](https://togithub.com/nodejs/undici/pull/2782)
-   fix: convert HeadersInit to sequence/dictionary correctly by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2784](https://togithub.com/nodejs/undici/pull/2784)
-   chore: improve getFieldValue by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2785](https://togithub.com/nodejs/undici/pull/2785)
-   Add RetryHandler to sidebar by [@&#8203;mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2797](https://togithub.com/nodejs/undici/pull/2797)
-   Add RetryAgent by [@&#8203;mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2798](https://togithub.com/nodejs/undici/pull/2798)
-   build(deps): bump step-security/harden-runner from 2.6.0 to 2.7.0 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2690](https://togithub.com/nodejs/undici/pull/2690)
-   build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2393](https://togithub.com/nodejs/undici/pull/2393)
-   build(deps): bump actions/upload-artifact from 3.1.3 to 4.3.1 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2799](https://togithub.com/nodejs/undici/pull/2799)
-   build(deps): bump node from 20-alpine to 21-alpine in /build by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2803](https://togithub.com/nodejs/undici/pull/2803)
-   perf: improve sort algorithm by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2756](https://togithub.com/nodejs/undici/pull/2756)
-   refactor: move web stuff into their own folder by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2793](https://togithub.com/nodejs/undici/pull/2793)
-   `s/ dispactgher/dispatcher/` by [@&#8203;steveluscher](https://togithub.com/steveluscher) in [https://github.com/nodejs/undici/pull/2807](https://togithub.com/nodejs/undici/pull/2807)
-   Use paralellelRequests instead of connections to calculate req/sec in benchmarks by [@&#8203;mcollina](https://togithub.com/mcollina) in [https://github.com/nodejs/undici/pull/2800](https://togithub.com/nodejs/undici/pull/2800)
-   Split out documentation into separate directory by [@&#8203;Ethan-Arrowood](https://togithub.com/Ethan-Arrowood) in [https://github.com/nodejs/undici/pull/2788](https://togithub.com/nodejs/undici/pull/2788)
-   build(deps): bump fastify/github-action-merge-dependabot from 3.9.1 to 3.10.1 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2820](https://togithub.com/nodejs/undici/pull/2820)
-   build(deps): bump actions/dependency-review-action from 4.0.0 to 4.1.3 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2821](https://togithub.com/nodejs/undici/pull/2821)
-   build(deps): bump github/codeql-action from 3.23.2 to 3.24.4 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2818](https://togithub.com/nodejs/undici/pull/2818)
-   build(deps): bump actions/setup-node from 4.0.1 to 4.0.2 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2819](https://togithub.com/nodejs/undici/pull/2819)
-   fix: move CNAME and .nojekyll to root by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2822](https://togithub.com/nodejs/undici/pull/2822)
-   remove all fetchParam event handlers by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2823](https://togithub.com/nodejs/undici/pull/2823)
-   feat: refactor ProxyAgent constructor to also accept single URL argument by [@&#8203;rossilor95](https://togithub.com/rossilor95) in [https://github.com/nodejs/undici/pull/2810](https://togithub.com/nodejs/undici/pull/2810)
-   fix: isCTLExcludingHtab by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2790](https://togithub.com/nodejs/undici/pull/2790)
-   refactor: move files into logical folders by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2813](https://togithub.com/nodejs/undici/pull/2813)
-   refactor: move fixed-queeu to dispatcher and rm node folder by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2827](https://togithub.com/nodejs/undici/pull/2827)
-   chore: create package.json in benchmarks by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2766](https://togithub.com/nodejs/undici/pull/2766)
-   build(deps): bump github/codeql-action from 3.24.4 to 3.24.5 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2829](https://togithub.com/nodejs/undici/pull/2829)
-   chore: use lts for pubish types workflow by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2830](https://togithub.com/nodejs/undici/pull/2830)
-   add dispatcher option to Request by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2831](https://togithub.com/nodejs/undici/pull/2831)
-   fix url referrer wpt by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2832](https://togithub.com/nodejs/undici/pull/2832)
-   refactor: remove own sort logic by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2834](https://togithub.com/nodejs/undici/pull/2834)
-   fix(fetch): prevent crash when `fetch` is aborted with `null` as the `AbortSignal's` `reason` by [@&#8203;steveluscher](https://togithub.com/steveluscher) in [https://github.com/nodejs/undici/pull/2833](https://togithub.com/nodejs/undici/pull/2833)
-   refactor: avoid http2 dynamic dispatch in socket handlers by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2839](https://togithub.com/nodejs/undici/pull/2839)
-   build(deps-dev): bump proxy from 1.0.2 to 2.1.1 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2137](https://togithub.com/nodejs/undici/pull/2137)
-   perf(tree): reduce overhead of build TernarySearchTree by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2840](https://togithub.com/nodejs/undici/pull/2840)
-   webidl: implement resizable arraybuffer checks by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2094](https://togithub.com/nodejs/undici/pull/2094)
-   websocket server only needs to reply with a single subprotocol by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2845](https://togithub.com/nodejs/undici/pull/2845)
-   unite webidl stringification by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2843](https://togithub.com/nodejs/undici/pull/2843)
-   fix: deflake connect-timeout test by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2851](https://togithub.com/nodejs/undici/pull/2851)
-   fix: coverage reporting by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2763](https://togithub.com/nodejs/undici/pull/2763)
-   fix: pipelining logic is not relevant for h2 by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2850](https://togithub.com/nodejs/undici/pull/2850)
-   processBody doesn't need to return a promise by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2858](https://togithub.com/nodejs/undici/pull/2858)
-   refactor: split client into client-h1/h2 by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2848](https://togithub.com/nodejs/undici/pull/2848)
-   ci: fix concurrency by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2862](https://togithub.com/nodejs/undici/pull/2862)
-   perf: improve performance of isValidSubprotocol by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2861](https://togithub.com/nodejs/undici/pull/2861)
-   perf: reuse TextDecoder instance by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2863](https://togithub.com/nodejs/undici/pull/2863)
-   chore: restructure benchmarks, use kebab-case by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2864](https://togithub.com/nodejs/undici/pull/2864)
-   cookies: improve perf of toIMFDate by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2867](https://togithub.com/nodejs/undici/pull/2867)
-   cookies: fix validateCookiePath by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2866](https://togithub.com/nodejs/undici/pull/2866)
-   refactor: move out more h2 from core client by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2860](https://togithub.com/nodejs/undici/pull/2860)
-   mock: improve test coverage of buildHeadersFromArray by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2872](https://togithub.com/nodejs/undici/pull/2872)
-   fix: remove broken build request hack by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2874](https://togithub.com/nodejs/undici/pull/2874)
-   chore: filenames should use kebab-case by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2873](https://togithub.com/nodejs/undici/pull/2873)
-   refactor: split out last h1 specific code from core by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2876](https://togithub.com/nodejs/undici/pull/2876)
-   fix: make pipelining limit work for h2 by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2875](https://togithub.com/nodejs/undici/pull/2875)
-   fix: http2 doesn't have pipelining queue by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2878](https://togithub.com/nodejs/undici/pull/2878)
-   fix: minor connect cleanup by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2877](https://togithub.com/nodejs/undici/pull/2877)
-   Request headers types by [@&#8203;JaoodxD](https://togithub.com/JaoodxD) in [https://github.com/nodejs/undici/pull/2879](https://togithub.com/nodejs/undici/pull/2879)
-   ci: remove concurrency by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2880](https://togithub.com/nodejs/undici/pull/2880)
-   fix: prefer queueMicrotask by [@&#8203;ronag](https://togithub.com/ronag) in [https://github.com/nodejs/undici/pull/2881](https://togithub.com/nodejs/undici/pull/2881)
-   chore: remove no-simd wasm by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2871](https://togithub.com/nodejs/undici/pull/2871)
-   cookies: improve validateCookieValue by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2883](https://togithub.com/nodejs/undici/pull/2883)
-   cookies: improve validateCookieName by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2884](https://togithub.com/nodejs/undici/pull/2884)
-   Properly parse set-cookie header using http2 by [@&#8203;jeanp413](https://togithub.com/jeanp413) in [https://github.com/nodejs/undici/pull/2886](https://togithub.com/nodejs/undici/pull/2886)
-   doc deprecate bodymixin.formData by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2892](https://togithub.com/nodejs/undici/pull/2892)
-   perf: optimize check invalid field-vchar by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2889](https://togithub.com/nodejs/undici/pull/2889)
-   build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/nodejs/undici/pull/2897](https://togithub.com/nodejs/undici/pull/2897)
-   fix issue 2898 by [@&#8203;KhafraDev](https://togithub.com/KhafraDev) in [https://github.com/nodejs/undici/pull/2900](https://togithub.com/nodejs/undici/pull/2900)
-   tests: ignore catch block when requiring crypto module by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2901](https://togithub.com/nodejs/undici/pull/2901)
-   websocket: remove dead code in parseCloseBody by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2902](https://togithub.com/nodejs/undici/pull/2902)
-   fix: tests dont need process.exit by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2909](https://togithub.com/nodejs/undici/pull/2909)
-   chore: remove proxyquire by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2906](https://togithub.com/nodejs/undici/pull/2906)
-   chore: remove import-fresh as devDependency by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2908](https://togithub.com/nodejs/undici/pull/2908)
-   perf(headers): a single set-cookie by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2903](https://togithub.com/nodejs/undici/pull/2903)
-   websocket: improve .close() by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2865](https://togithub.com/nodejs/undici/pull/2865)
-   feat: add sending data benchmark by [@&#8203;tsctx](https://togithub.com/tsctx) in [https://github.com/nodejs/undici/pull/2905](https://togithub.com/nodejs/undici/pull/2905)
-   ci: integrate workflows into nodejs.yml by [@&#8203;Uzlopak](https://togithub.com/Uzlopak) in [https://github.com/nodejs/undici/pull/2899](https://togithub.com/nodejs/undici/pull/2899)

#### New Contributors

-   [@&#8203;JaoodxD](https://togithub.com/JaoodxD) made their first contribution in [https://github.com/nodejs/undici/pull/2708](https://togithub.com/nodejs/undici/pull/2708)
-   [@&#8203;eddienubes](https://togithub.com/eddienubes) made their first contribution in [https://github.com/nodejs/undici/pull/2731](https://togithub.com/nodejs/undici/pull/2731)
-   [@&#8203;riderx](https://togithub.com/riderx) made their first contribution in [https://github.com/nodejs/undici/pull/2775](https://togithub.com/nodejs/undici/pull/2775)
-   [@&#8203;steveluscher](https://togithub.com/steveluscher) made their first contribution in [https://github.com/nodejs/undici/pull/2807](https://togithub.com/nodejs/undici/pull/2807)
-   [@&#8203;jeanp413](https://togithub.com/jeanp413) made their first contribution in [https://github.com/nodejs/undici/pull/2886](https://togithub.com/nodejs/undici/pull/2886)

**Full Changelog**: nodejs/undici@v6.6.2...v6.7.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/toeverything/AFFiNE).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5In0=-->
@Brooooooklyn Brooooooklyn force-pushed the renovate/npm-undici-vulnerability branch from 96fb064 to 39c90a4 Compare April 8, 2024 01:42
@graphite-app graphite-app bot merged commit 39c90a4 into canary Apr 8, 2024
32 of 37 checks passed
@graphite-app graphite-app bot deleted the renovate/npm-undici-vulnerability branch April 8, 2024 01:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

1 participant