Skip to content

[Snyk] Upgrade undici from 5.28.4 to 5.29.0#18

Merged
hashim21223445 merged 1 commit into
mainfrom
snyk-upgrade-d43d2f2312b94c26bd0a8b2073aecae4
Oct 13, 2025
Merged

[Snyk] Upgrade undici from 5.28.4 to 5.29.0#18
hashim21223445 merged 1 commit into
mainfrom
snyk-upgrade-d43d2f2312b94c26bd0a8b2073aecae4

Conversation

@hashim21223445

Copy link
Copy Markdown
Owner

snyk-top-banner

Snyk has created this PR to upgrade undici from 5.28.4 to 5.29.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 2 versions ahead of your current version.

  • The recommended version was released 5 months ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-CROSSSPAWN-8303230
140 Proof of Concept
high severity Insecure Randomness
SNYK-JS-UNDICI-8641354
140 Proof of Concept
high severity Incorrect Authorization
SNYK-JS-VITE-9653016
140 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BABELHELPERS-9397697
140 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BABELRUNTIME-10044504
140 Proof of Concept
medium severity Cross-site Scripting (XSS)
SNYK-JS-SOLIDJS-8743940
140 Proof of Concept
medium severity Access Control Bypass
SNYK-JS-VITE-9576207
140 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BRACEEXPANSION-9789073
140 Proof of Concept
critical severity Predictable Value Range from Previous Values
SNYK-JS-FORMDATA-10841150
140 Proof of Concept
medium severity Improper Handling of Unexpected Data Type
SNYK-JS-ONHEADERS-10773729
140 No Known Exploit
medium severity Incorrect Authorization
SNYK-JS-VITE-9512410
140 Mature
medium severity Information Exposure
SNYK-JS-VITE-9685035
140 Proof of Concept
medium severity Directory Traversal
SNYK-JS-VITE-9919777
140 Proof of Concept
low severity Missing Release of Memory after Effective Lifetime
SNYK-JS-UNDICI-10176064
140 Proof of Concept
Release notes
Package name: undici from undici GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade undici from 5.28.4 to 5.29.0.

See this package in npm:
undici

See this project in Snyk:
https://app.snyk.io/org/hashim21223445/project/74503d3c-ab71-42b3-9360-aea29c9d91ac?utm_source=github&utm_medium=referral&page=upgrade-pr
@semanticdiff-com

semanticdiff-com Bot commented Aug 9, 2025

Copy link
Copy Markdown

Review changes with  SemanticDiff

Changed Files
File Status
  package.json  0% smaller

@snyk-io

snyk-io Bot commented Aug 9, 2025

Copy link
Copy Markdown
Contributor

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

@hashim21223445 hashim21223445 merged commit 8bfda14 into main Oct 13, 2025
3 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants