[Snyk] Upgrade undici from 5.25.4 to 6.19.2

[WontonSam]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade undici from 5.25.4 to 6.19.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 48 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Information Exposure SNYK-JS-UNDICI-5962466	90	No Known Exploit
	Permissive Cross-domain Policy with Untrusted Domains SNYK-JS-UNDICI-6252336	90	No Known Exploit
	Improper Access Control SNYK-JS-UNDICI-6564963	90	No Known Exploit
	Improper Authorization SNYK-JS-UNDICI-6564964	90	No Known Exploit

Release notes

Package name: undici

• 6.19.2 - 2024-06-18
  

  What's Changed

  • fix #3337 by @ KhafraDev in #3338
  • build: use husky as husky install is deprecated by @ jazelly in #3340
  • fix: interceptors.d.ts has no default export by @ Uzlopak in #3332

  Full Changelog: v6.19.1...v6.19.2

• 6.19.1 - 2024-06-17
  

  What's Changed

  • don't append empty origin by @ KhafraDev in #3335

  Full Changelog: v6.19.0...v6.19.1

• 6.19.0 - 2024-06-14
  

  What's Changed

  • build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @ dependabot in #3305
  • build(deps): bump codecov/codecov-action from 4.3.1 to 4.4.1 by @ dependabot in #3303
  • build(deps): bump step-security/harden-runner from 2.7.1 to 2.8.0 by @ dependabot in #3304
  • build(deps): bump github/codeql-action from 3.25.3 to 3.25.7 by @ dependabot in #3306
  • build(deps): bump node from 9e8f45f to dd7e693 in /build by @ dependabot in #3309
  • build(deps): bump node from dd7e693 to e6d4495 in /build by @ dependabot in #3313
  • remove websocket experimental warning by @ KhafraDev in #3311
  • perf: optimization of request instantiation by @ tsctx in #3107
  • perf: convert object to params by @ DarkGL in #3302
  • build(deps-dev): bump borp from 0.14.0 to 0.15.0 by @ dependabot in #3320
  • build(deps-dev): bump c8 from 9.1.0 to 10.0.0 by @ dependabot in #3321
  • fix: add missing error classes to types by @ maxbeatty in #3316
  • export interceptor to type def file by @ jakecastelli in #3318
  • build(deps): bump node from e6d4495 to 075a5cc in /build by @ dependabot in #3326
  • doc: clearify the behaviour of bodyTimeout in the request by @ jakecastelli in #3324
  • feature: support pre-shared sessions by @ tastypackets in #3325

  New Contributors

  • @ maxbeatty made their first contribution in #3316
  • @ jakecastelli made their first contribution in #3318

  Full Changelog: v6.18.2...v6.19.0

• 6.18.2 - 2024-05-29
  

  What's Changed

  • don't use internal header state for cookies by @ KhafraDev in #3295
  • build(deps-dev): bump borp from 0.13.0 to 0.14.0 by @ dependabot in #3298
  • fix: retry on body support by @ metcoder95 in #3294

  Full Changelog: v6.18.1...v6.18.2

• 6.18.1 - 2024-05-22
  

  What's Changed

  • docs: Update references to dispatcher in docs by @ haikyuu in #3281
  • fix: compatibility for global headers by @ tsctx in #3286
  • websocket: pre-calculated length by @ tsctx in #3284
  • ci: fix autobahn workflow by @ Uzlopak in #3291
  • revert: "websocket: pre-calculated length" by @ KhafraDev in #3290
  • websocket: use FixedQueue instead of Set by @ tsctx in #3283

  New Contributors

  • @ haikyuu made their first contribution in #3281

  Full Changelog: v6.18.0...v6.18.1

• 6.18.0 - 2024-05-20
  

  What's Changed

  • permessage-deflate decompression support in websocket by @ KhafraDev in #3263
  • fix: Fix server closing in tests. by @ ShogunPanda in #3279

  Full Changelog: v6.17.0...v6.18.0

• 6.17.0 - 2024-05-17
  

  What's Changed

  • fetch: fix captureStackTrace by @ Uzlopak in #3227
  • fetch: fix wpt test request-upload.any.js by @ Uzlopak in #3234
  • websocket: don't clone buffer by @ tsctx in #3240
  • Remove unecessary async from writeBuffer by @ DarkGL in #3245
  • refactor websocket control frame handling by @ KhafraDev in #3241
  • fix parsing continuation frames in websocket by @ KhafraDev in #3247
  • ci: node nightly test should use node 23 by @ Uzlopak in #3248
  • Add test to verify if the connection is correctly aborted on cancel by @ mcollina in #3219
  • Autobahn suite by @ KhafraDev in #3251
  • websocket: fix 6 autobahn tests by @ KhafraDev in #3254
  • websocket: checkout correct commit in autobahn workflow by @ Uzlopak in #3258
  • Cleanup websocket by @ KhafraDev in #3257
  • websocket: autobahn workflow should fail on error by @ Uzlopak in #3259
  • add bodymixin bytes by @ KhafraDev in #3262
  • perf: avoid buffer cloning by @ tsctx in #3264
  • feat: dump interceptor by @ metcoder95 in #3118
  • use private properties in Headers by @ KhafraDev in #3269
  • Revert "websocket: autobahn workflow should fail on error" by @ Uzlopak in #3270
  • build(deps): bump node from 487dc5d to 9e8f45f in /build by @ dependabot in #3271

  New Contributors

  • @ DarkGL made their first contribution in #3245

  Full Changelog: v6.16.1...v6.17.0

• 6.16.1 - 2024-05-10
  

  What's Changed

  • fix some typos by @ Uzlopak in #3217
  • websocket: move codeblock in parseCloseBody by @ Uzlopak in #3215
  • fetch: enable wpt test request-referrer.any.js by @ Uzlopak in #3223
  • fetch: wpt add /fetch/api/resources/cache.py to server.mjs by @ Uzlopak in #3225
  • add pipe support for wpt server by @ KhafraDev in #3228
  • test: reduce the number of requests in fire-and-forget.js by @ tsctx in #3229
  • ci: add node 22 in ci test matrix, use 22 for coverage by @ Uzlopak in #3226
  • fetch: don't set an invalid origin header by @ KhafraDev in #3235
  • fail wpt runner if expected failures does not match actual by @ KhafraDev in #3236
  • fix: ignore content-length when dumping HEAD by @ ronag in #3222

  Full Changelog: v6.16.0...v6.16.1

• 6.16.0 - 2024-05-07
  

  What's Changed

  • add index to sequence converter errors by @ KhafraDev in #3178
  • build(deps-dev): bump borp from 0.12.0 to 0.13.0 by @ dependabot in #3179
  • build(deps): bump node from 21-alpine3.19 to 22-alpine3.19 in /build by @ dependabot in #3180
  • build(deps): bump superagent from 8.1.2 to 9.0.2 in /benchmarks by @ dependabot in #3181
  • fix: keep raw header name by @ tsctx in #3183
  • fix(fetch): improve Headers and Request type-compatibility by @ kettanaito in #1964
  • fix 3 mimesniff tests by @ KhafraDev in #3185
  • build(deps): bump hendrikmuhs/ccache-action from 1.2.12 to 1.2.13 by @ dependabot in #3187
  • build(deps): bump codecov/codecov-action from 4.1.1 to 4.3.1 by @ dependabot in #3191
  • build(deps): bump github/codeql-action from 3.24.9 to 3.25.3 by @ dependabot in #3192
  • build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2 by @ dependabot in #3189
  • build(deps): bump step-security/harden-runner from 2.7.0 to 2.7.1 by @ dependabot in #3188
  • build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.3 by @ dependabot in #3190
  • build(deps): bump node from 9459e24 to 487dc5d in /build by @ dependabot in #3195
  • perf: avoid spread in makeRequest() by @ gunjam in #3193
  • refactor: code cleanup by @ tsctx in #3194
  • fix parsing when receiving empty body websocket by @ KhafraDev in #3205
  • fix: MockResponseCallbackOptions type by @ merojosa in #2951
  • docs(proxy): fix typo by @ kanadgupta in #3207
  • fix websocket receiving an invalid utf-8 in close frame by @ KhafraDev in #3206
  • perf: avoid setImmediate if body is reading by @ ronag in #3210
  • fix: request abort signal by @ ronag in #3209
  • fix: remove abort handler on close by @ ronag in #3211
  • fix: pass abort function by @ tsctx in #3212
  • websocket: 200x faster generate mask by @ tsctx in #3204
  • use FinalizationRegistry to cancel the body if response is collected by @ mcollina in #3199
  • websocket: don't clone buffer if it's not needed. by @ tsctx in #3214
  • websocket: use FastBuffer by @ tsctx in #3213

  New Contributors

  • @ kettanaito made their first contribution in #1964
  • @ gunjam made their first contribution in

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.