Bump undici and wrangler #46

dependabot · 2023-04-08T01:07:23Z

Bumps undici to 5.20.0 and updates ancestor dependency wrangler. These dependencies need to be updated together.

Updates undici from 5.9.1 to 5.20.0

Release notes

v5.20.0

What's Changed

perf: improve cookie parsing performance by @KhafraDev in nodejs/undici#1931

fix: disable websocket wpts in ci :( by @KhafraDev in nodejs/undici#1932

fix: Allow “undefined“ as value in headers by @pan93412 in nodejs/undici#1929

feat: Support autoSelectFamily when connecting. by @ShogunPanda in nodejs/undici#1914

fix: copy cookies when cloning haders by @KhafraDev in nodejs/undici#1936

test: more logs in wpt runner by @KhafraDev in nodejs/undici#1933

feat: change headersTimeout and bodyTimeout to 300s by @kyrylkov in nodejs/undici#1937

Full Changelog: nodejs/undici@v5.19.1...v5.20.0

v5.19.1

⚠️ Security Release ⚠️

Regular Expression Denial of Service in Headers with CVE-2023-24807

CRLF Injection in Nodejs ‘undici’ via host with CVE-2023-23936

This release is part of the Node.js security release train: https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/

v5.19.0

What's Changed

fix(fetch): raise AbortSignal max event listeners by @KhafraDev in nodejs/undici#1910

fix: content-disposition header parsing by @climba03003 in nodejs/undici#1911

fix: remove test by @KhafraDev in nodejs/undici#1916

feat: add Headers.prototype.getSetCookie by @KhafraDev in nodejs/undici#1915

fix(headers): clone getSetCookie list & add getSetCookie type by @KhafraDev in nodejs/undici#1917

doc(mock): update out-of-date reply documentation by @p9f in nodejs/undici#1913

fix(types): add missing keepAlive params by @SkeLLLa in nodejs/undici#1918

Make the fetch() abort test pass locally, on Linux and Mac, Node 18/19. by @mcollina in nodejs/undici#1927

New Contributors

@climba03003 made their first contribution in nodejs/undici#1911

@p9f made their first contribution in nodejs/undici#1913

Full Changelog: nodejs/undici@v5.18.0...v5.19.0

v5.18.0

What's Changed

Add ability to set TCP keepalive by @xconverge in nodejs/undici#1904

use faster timers by @ronag in nodejs/undici#1908

fix: ensure header value is a string by @ronag in nodejs/undici#1899

Full Changelog: nodejs/undici@v5.17.1...v5.18.0

v5.17.1

What's Changed

fix: bad buffer slice (nodejs/undici@d2be675)

... (truncated)

Commits

28b9dea Bumped v5.20.0
30dafe3 feat: change headersTimeout and bodyTimeout to 300s (#1937)
eaf4dc9 test: more logs in wpt runner (#1933)
8b8bfa7 fix: copy cookies when cloning haders (#1936)
eae6807 feat: Support autoSelectFamily when connecting. (#1914)
c2387e8 fix: Allow “undefined“ as value in headers (#1929)
f73ec63 fix: disable websocket wpts in ci :( (#1932)
2971280 perf: improve cookie parsing performance (#1931)
984d53b Bumped v5.19.1
6c32c0f lint fixes
Additional commits viewable in compare view

Updates wrangler from 2.8.1 to 2.14.0

Release notes

Sourced from wrangler's releases.

wrangler@2.14.0

Minor Changes

#2942 dc1465ea Thanks @mrbbot! - chore: upgrade miniflare to 2.13.0

#2914 9af1a640 Thanks @edevil! - feat: add support for send email bindings

Support send email bindings in order to send emails from a worker. There are three types of bindings:

Unrestricted: can send email to any verified destination address.

Restricted: can only send email to the supplied destination address (which does not need to be specified when sending the email but also needs to be a verified destination address).

Allowlist: can only send email to the supplied list of verified destination addresses.

Patch Changes

#2931 5f6c4c0c Thanks @Skye-31! - Fix: Pages Dev incorrectly allowing people to turn off local mode

Local mode is not currently supported in Pages Dev, and errors when people attempt to use it. Previously, wrangler hid the "toggle local mode" button when using Pages dev, but this got broken somewhere along the line.

wrangler@2.13.0

Minor Changes

#2905 6fd06241 Thanks @edevil! - feat: support external imports from cloudflare:... prefixed modules

Going forward Workers will be providing built-in modules (similar to node:...) that can be imported using the cloudflare:... prefix. This change adds support to the Wrangler bundler to mark these imports as external.

#2607 163dccf4 Thanks @jspspike@gmail.com! - feature: add wrangler deployment view and wrangler rollback subcommands

wrangler deployments view [deployment-id] will get the details of a deployment, including bindings and usage model information. This information can be used to help debug bad deployments.

wrangler rollback [deployment-id] will rollback to a specific deployment in the runtime. This will be useful in situations like recovering from a bad deployment quickly while resolving issues. If a deployment id is not specified wrangler will rollback to the previous deployment. This rollback only changes the code in the runtime and doesn't affect any code or configurations in a developer's local setup.

wrangler deployments list will list the 10 most recent deployments. This command originally existed as wrangler deployments

example of view <deployment-id> output:
Deployment ID: 07d7143d-0284-427e-ba22-2d5e6e91b479
Created on:    2023-03-02T21:05:15.622446Z
Author:        jspspike@gmail.com
Source:        Upload from Wrangler 🤠
</tr></table> 

... (truncated)

Changelog

Sourced from wrangler's changelog.

2.14.0

Minor Changes

#2942 dc1465ea Thanks @mrbbot! - chore: upgrade miniflare to 2.13.0

#2914 9af1a640 Thanks @edevil! - feat: add support for send email bindings

Support send email bindings in order to send emails from a worker. There are three types of bindings:

Unrestricted: can send email to any verified destination address.

Restricted: can only send email to the supplied destination address (which does not need to be specified when sending the email but also needs to be a verified destination address).

Allowlist: can only send email to the supplied list of verified destination addresses.

Patch Changes

#2931 5f6c4c0c Thanks @Skye-31! - Fix: Pages Dev incorrectly allowing people to turn off local mode

Local mode is not currently supported in Pages Dev, and errors when people attempt to use it. Previously, wrangler hid the "toggle local mode" button when using Pages dev, but this got broken somewhere along the line.

2.13.0

Minor Changes

#2905 6fd06241 Thanks @edevil! - feat: support external imports from cloudflare:... prefixed modules

Going forward Workers will be providing built-in modules (similar to node:...) that can be imported using the cloudflare:... prefix. This change adds support to the Wrangler bundler to mark these imports as external.

#2607 163dccf4 Thanks @jspspike@gmail.com! - feature: add wrangler deployment view and wrangler rollback subcommands

wrangler deployments view [deployment-id] will get the details of a deployment, including bindings and usage model information. This information can be used to help debug bad deployments.

wrangler rollback [deployment-id] will rollback to a specific deployment in the runtime. This will be useful in situations like recovering from a bad deployment quickly while resolving issues. If a deployment id is not specified wrangler will rollback to the previous deployment. This rollback only changes the code in the runtime and doesn't affect any code or configurations in a developer's local setup.

wrangler deployments list will list the 10 most recent deployments. This command originally existed as wrangler deployments

example of view <deployment-id> output:
Deployment ID: 07d7143d-0284-427e-ba22-2d5e6e91b479
Created on:    2023-03-02T21:05:15.622446Z
Author:        jspspike@gmail.com
Source:        Upload from Wrangler 🤠
</tr></table> 

... (truncated)

Commits

1fc414e Version Packages (#2932)
4eea0ce [wrangler]: Remove unused txt/html esbuild loaders, configured for bundling P...
084b2c5 Respect querystring params passed to .fetch exposed by unstable_dev (#2957)
eebad0d Fix local registry being able to start only once in unstable_dev (#2044)
0a77990 Support modules with --no-bundle (#2769)
191b23f nit: fix typo (#2946)
dc1465e chore: upgrade miniflare to 2.13.0 (#2942)
9af1a64 enable the use of send email bindings (#2914)
e062180 Add basic smoke tests (#2796)
5f6c4c0 fix: local mode should be forced on pages dev (#2931)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [undici](https://github.com/nodejs/undici) to 5.20.0 and updates ancestor dependency [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler). These dependencies need to be updated together. Updates `undici` from 5.9.1 to 5.20.0 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.9.1...v5.20.0) Updates `wrangler` from 2.8.1 to 2.14.0 - [Release notes](https://github.com/cloudflare/workers-sdk/releases) - [Changelog](https://github.com/cloudflare/workers-sdk/blob/main/packages/wrangler/CHANGELOG.md) - [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@2.14.0/packages/wrangler) --- updated-dependencies: - dependency-name: undici dependency-type: indirect - dependency-name: wrangler dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Apr 8, 2023

dependabot bot mentioned this pull request Apr 8, 2023

Bump wrangler from 2.8.1 to 2.13.0 #41

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump undici and wrangler #46

Bump undici and wrangler #46

dependabot bot commented on behalf of github Apr 8, 2023

Bump undici and wrangler #46

Are you sure you want to change the base?

Bump undici and wrangler #46

Conversation

dependabot bot commented on behalf of github Apr 8, 2023

v5.20.0

What's Changed

v5.19.1

⚠️ Security Release ⚠️

v5.19.0

What's Changed

New Contributors

v5.18.0

What's Changed

v5.17.1

What's Changed

wrangler@2.14.0

Minor Changes

Patch Changes

wrangler@2.13.0

Minor Changes

2.14.0

Minor Changes

Patch Changes

2.13.0

Minor Changes