Skip to content

Commit

Permalink
Bump undici to 5.28.2
Browse files Browse the repository at this point in the history
Addresses low severity `npm audit` warning:
GHSA-wqq4-5wpv-mx2g

Fixes #607
Fixes #738
  • Loading branch information
mrbbot committed Jan 4, 2024
1 parent b6addc8 commit 127c2d1
Show file tree
Hide file tree
Showing 11 changed files with 56 additions and 43 deletions.
67 changes: 40 additions & 27 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion packages/cache/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
"@miniflare/core": "2.14.1",
"@miniflare/shared": "2.14.1",
"http-cache-semantics": "^4.1.0",
"undici": "5.20.0"
"undici": "5.28.2"
},
"devDependencies": {
"@miniflare/shared-test": "2.14.1",
Expand Down
2 changes: 1 addition & 1 deletion packages/core/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@
"dotenv": "^10.0.0",
"kleur": "^4.1.4",
"set-cookie-parser": "^2.4.8",
"undici": "5.20.0",
"undici": "5.28.2",
"urlpattern-polyfill": "^4.0.3"
},
"devDependencies": {
Expand Down
14 changes: 7 additions & 7 deletions packages/core/src/standards/http.ts
Original file line number Diff line number Diff line change
Expand Up @@ -796,14 +796,10 @@ class MiniflareDispatcher extends Dispatcher {
options: Dispatcher.DispatchOptions,
handler: Dispatcher.DispatchHandlers
): boolean {
// Remove any default fetch headers that the user didn't explicitly set,
// `headers` has the form `["key1", "value1", "key2", "value2", ...]`
const headers = options.headers;
if (headers) {
// Note: I'm fully expecting this to break in future undici versions
// and need to be updated, but that's why we pin our undici version and
// have tests
assert(Array.isArray(headers));
// Remove any default fetch headers that the user didn't explicitly set,
// `headers` has the form `["key1", "value1", "key2", "value2", ...]`
if (Array.isArray(headers)) {
let i = 0;
while (i < headers.length) {
if (this.removeHeaders.includes(headers[i].toLowerCase())) {
Expand All @@ -812,6 +808,10 @@ class MiniflareDispatcher extends Dispatcher {
i += 2;
}
}
} else if (headers != null) {
for (const key in headers) {
if (this.removeHeaders.includes(key.toLowerCase())) delete headers[key];
}
}
return this.inner.dispatch(options, handler);
}
Expand Down
2 changes: 1 addition & 1 deletion packages/durable-objects/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
"@miniflare/core": "2.14.1",
"@miniflare/shared": "2.14.1",
"@miniflare/storage-memory": "2.14.1",
"undici": "5.20.0"
"undici": "5.28.2"
},
"devDependencies": {
"@miniflare/cache": "2.14.1",
Expand Down
2 changes: 1 addition & 1 deletion packages/html-rewriter/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
"@miniflare/core": "2.14.1",
"@miniflare/shared": "2.14.1",
"html-rewriter-wasm": "^0.4.1",
"undici": "5.20.0"
"undici": "5.28.2"
},
"devDependencies": {
"@miniflare/shared-test": "2.14.1"
Expand Down
2 changes: 1 addition & 1 deletion packages/http-server/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
"@miniflare/web-sockets": "2.14.1",
"kleur": "^4.1.4",
"selfsigned": "^2.0.0",
"undici": "5.20.0",
"undici": "5.28.2",
"ws": "^8.2.2",
"youch": "^2.2.2"
},
Expand Down
2 changes: 1 addition & 1 deletion packages/miniflare/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@
"kleur": "^4.1.4",
"semiver": "^1.1.0",
"source-map-support": "^0.5.20",
"undici": "5.20.0"
"undici": "5.28.2"
},
"devDependencies": {
"@miniflare/shared-test": "2.14.1",
Expand Down
2 changes: 1 addition & 1 deletion packages/r2/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
"dependencies": {
"@miniflare/core": "2.14.1",
"@miniflare/shared": "2.14.1",
"undici": "5.20.0"
"undici": "5.28.2"
},
"devDependencies": {
"@miniflare/shared-test": "2.14.1"
Expand Down
2 changes: 1 addition & 1 deletion packages/vitest-environment-miniflare/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@
"@miniflare/queues": "2.14.1",
"@miniflare/shared": "2.14.1",
"@miniflare/shared-test-environment": "2.14.1",
"undici": "5.20.0"
"undici": "5.28.2"
},
"peerDependencies": {
"vitest": ">=0.23.0"
Expand Down
2 changes: 1 addition & 1 deletion packages/web-sockets/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
"dependencies": {
"@miniflare/core": "2.14.1",
"@miniflare/shared": "2.14.1",
"undici": "5.20.0",
"undici": "5.28.2",
"ws": "^8.2.2"
},
"devDependencies": {
Expand Down

0 comments on commit 127c2d1

Please sign in to comment.