chore(deps): bump undici from 6.23.0 to 6.27.0#4838
Conversation
Bumps [undici](https://github.com/nodejs/undici) from 6.23.0 to 6.27.0. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v6.23.0...v6.27.0) --- updated-dependencies: - dependency-name: undici dependency-version: 6.27.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
|
✅ Deploy Preview for module-federation-docs ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
@module-federation/devtools
@module-federation/cli
create-module-federation
@module-federation/dts-plugin
@module-federation/enhanced
@module-federation/error-codes
@module-federation/esbuild
@module-federation/managers
@module-federation/manifest
@module-federation/metro
@module-federation/metro-plugin-rnc-cli
@module-federation/metro-plugin-rnef
@module-federation/metro-plugin-rock
@module-federation/modern-js
@module-federation/modern-js-v3
@module-federation/native-federation-tests
@module-federation/native-federation-typescript
@module-federation/nextjs-mf
@module-federation/node
@module-federation/observability-plugin
@module-federation/retry-plugin
@module-federation/rsbuild-plugin
@module-federation/rspack
@module-federation/rspress-plugin
@module-federation/runtime
@module-federation/runtime-core
@module-federation/runtime-tools
@module-federation/sdk
@module-federation/storybook-addon
@module-federation/third-party-dts-extractor
@module-federation/treeshake-frontend
@module-federation/treeshake-server
@module-federation/typescript
@module-federation/utilities
@module-federation/webpack-bundler-runtime
@module-federation/bridge-react
@module-federation/bridge-react-webpack-plugin
@module-federation/bridge-shared
@module-federation/bridge-vue3
@module-federation/inject-external-runtime-core-plugin
commit: |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f01b5ce3f4
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| '@rsbuild/core': | ||
| specifier: 2.0.0-beta.2 | ||
| version: 2.0.0-beta.2(@module-federation/runtime-tools@2.2.2(node-fetch@2.7.0(encoding@0.1.13)))(core-js@3.49.0) | ||
| version: 2.0.0-beta.2(@module-federation/runtime-tools@0.21.6)(core-js@3.49.0) |
There was a problem hiding this comment.
Keep Rspack's runtime-tools peer in range
This lockfile churn is outside the undici update and changes packages/storybook-addon's @rsbuild/core virtual package to use @module-federation/runtime-tools@0.21.6. The same lockfile declares @rspack/core@2.0.0-beta.0's peer requirement as >=0.22.0, so installing/building the Storybook Rsbuild addon from this lockfile gives Rspack an unsupported runtime-tools peer instead of the previous 2.2.2 resolution; please regenerate the lockfile so that peer stays in range.
Useful? React with 👍 / 👎.
Bundle Size Report10 package(s) changed, 31 unchanged. Package dist + ESM entry
Bundle targets
Consumer scenarios
Total dist (raw): 6.81 MB (no change) Bundle sizes are generated with rslib (Rspack). Package-root metrics preserve the historical report. Tracked subpath exports such as |
Bumps undici from 6.23.0 to 6.27.0.
Release notes
Sourced from undici's releases.
... (truncated)
Commits
551138cBumped v6.27.0 (#5431)b7f252eBackport WebSocket maxPayloadSize fixes to v7.x (#5423) (#5428)25efa44fix(cookies): preserve values and parse SameSite strictlyf4c31d6fix: guard idle socket validation to skip fresh sockets (#5400)768beacBumped v6.26.0 (#5323)7917b25fix: validate EOF for chunked h1 responses (#5308)3420499Bumped v6.25.0 (#5029)d7a1e55feat: add configurable maxPayloadSize for WebSocket (#4955)a9d1848Do not mark v6.x releases as latest0126586Ignore local agent configuration filesDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.