Skip to content

build(deps): bump undici from 8.5.0 to 8.7.0#2936

Merged
kubernetes-prow[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/main/undici-8.7.0
Jul 13, 2026
Merged

build(deps): bump undici from 8.5.0 to 8.7.0#2936
kubernetes-prow[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/main/undici-8.7.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps undici from 8.5.0 to 8.7.0.

Release notes

Sourced from undici's releases.

v8.7.0

What's Changed

New Contributors

Full Changelog: nodejs/undici@v8.6.0...v8.7.0

v8.6.0

What's Changed

... (truncated)

Commits
  • cb4c2f1 Bumped v8.7.0 (#5501)
  • a8d1a95 fix: auto-detect HTTP proxy tunneling (#5116)
  • cb30e58 fix: add static buildDispatch method to RedirectHandler type definition (#5442)
  • 0c08579 fix(h2): requeue request on GOAWAY'd session instead of crashing (#5453)
  • e5b3364 fix(h2): guard onResponse against a 'response' event delivered after completi...
  • c0007f4 docs: add reproduction guide and update bug report template (#5451)
  • e529cab fix: ignore an unparseable Set-Cookie Expires attribute (#5488)
  • 754742c fix(h2): destroy the stream on abort instead of relying on close() (#5462)
  • db34f5f fix(readable): ignore late consume chunks (#5375)
  • 4ea05a8 fix: reject non-ascii octets in validateCookiePath (#5452)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [undici](https://github.com/nodejs/undici) from 8.5.0 to 8.7.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v8.5.0...v8.7.0)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 8.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 13, 2026
@kubernetes-prow kubernetes-prow Bot requested review from cjihrig and davidgamero July 13, 2026 02:06
@kubernetes-prow kubernetes-prow Bot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jul 13, 2026

@mstruebing mstruebing left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@kubernetes-prow kubernetes-prow Bot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 13, 2026
@kubernetes-prow

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dependabot[bot], mstruebing

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@kubernetes-prow kubernetes-prow Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 13, 2026
@kubernetes-prow kubernetes-prow Bot merged commit 1ec96b1 into main Jul 13, 2026
9 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/main/undici-8.7.0 branch July 13, 2026 06:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant