Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Miniflare 2] Bump undici to 5.28.2 #742

Merged
merged 1 commit into from
Jan 4, 2024
Merged

[Miniflare 2] Bump undici to 5.28.2 #742

merged 1 commit into from
Jan 4, 2024

Conversation

mrbbot
Copy link
Contributor

@mrbbot mrbbot commented Nov 13, 2023

Hey! 馃憢 This PR bumps undici to 5.27.2, addressing a low severity npm audit warning: GHSA-wqq4-5wpv-mx2g. I only needed to make a small change for tests to pass. 馃憤

Fixes #607
Fixes #738

@mrbbot mrbbot requested a review from a team November 13, 2023 10:00
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Nov 13, 2023
edited
Loading

鈿狅笍 No Changeset found

Latest commit: 127c2d1

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@harryzcy
Copy link

Maybe it can be upgraded to v5.28.0 at this point?

RamIdeas
RamIdeas approved these changes Dec 20, 2023
View reviewed changes
Copy link

@RamIdeas RamIdeas left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any reason we can't also bump to 5.28.0 (or even 5.28.2)?

@mrbbot
Bump undici to 5.28.2
127c2d1 
Addresses low severity `npm audit` warning:
GHSA-wqq4-5wpv-mx2g

Fixes #607
Fixes #738
@mrbbot mrbbot changed the title [Miniflare 2] Bump undici to 5.27.2 [Miniflare 2] Bump undici to 5.28.2 Jan 4, 2024
@mrbbot mrbbot merged commit bee57ff into master Jan 4, 2024
6 checks passed
@mrbbot mrbbot deleted the bcoll/bump-undici-5.27.2 branch January 4, 2024 10:47
@mrbbot
Copy link
Contributor Author

mrbbot commented Jan 4, 2024

Bumped to 5.28.2 instead, 6.0.0 drops support for Node 16 (EOL) which would be a semver major change for Miniflare 2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RamIdeas RamIdeas RamIdeas approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@mrbbot @harryzcy @RamIdeas