chore(deps): update dependency undici to v6.11.1 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
undici (source)	6.6.1 -> 6.11.1

GitHub Vulnerability Alerts

CVE-2024-30260

Impact

Undici cleared Authorization and Proxy-Authorization headers for fetch(), but did not clear them for undici.request().

Patches

This has been patched in nodejs/undici@6805746.
Fixes has been released in v5.28.4 and v6.11.1.

Workarounds

use fetch() or disable maxRedirections.

References

Linzi Shang reported this.

• https://hackerone.com/reports/2408074
• GHSA-3787-6prv-h9w3

CVE-2024-30261

Impact

If an attacker can alter the integrity option passed to fetch(), they can let fetch() accept requests as valid even if they have been tampered.

Patches

Fixed in nodejs/undici@d542b8c.
Fixes has been released in v5.28.4 and v6.11.1.

Workarounds

Ensure that integrity cannot be tampered with.

References

https://hackerone.com/reports/2377760

---

Release Notes

nodejs/undici (undici)

v6.11.1

Compare Source

v6.11.0

Compare Source

v6.10.2

Compare Source

What's Changed

• Do not fail test if streams support typed arrays by @​mcollina in https://github.com/nodejs/undici/pull/2978
• fix(fetch): properly redirect non-ascii location header url by @​Xvezda in https://github.com/nodejs/undici/pull/2971
• perf: Remove double-stringify in setCookie by @​peterver in https://github.com/nodejs/undici/pull/2980
• [fix #​2982] use DispatcherInterceptor type for Dispatcher#Compose by @​clovis-guillemot in https://github.com/nodejs/undici/pull/2983
• fix: make EventSource properties enumerable by @​MattBidewell in https://github.com/nodejs/undici/pull/2987
• docs: ✏️ fixed benchmark links by @​benhalverson in https://github.com/nodejs/undici/pull/2991
• fix(#​2986): bad start check by @​metcoder95 in https://github.com/nodejs/undici/pull/2992
• fix(H2 Client): bind stream 'data' listener only after received 'response' event by @​St3ffGv4 in https://github.com/nodejs/undici/pull/2985
• feat: added search input by @​benhalverson in https://github.com/nodejs/undici/pull/2993
• chore: validate responses can be consumed without a Content-Length or… by @​jacob-ebey in https://github.com/nodejs/undici/pull/2995
• fix error message by @​KhafraDev in https://github.com/nodejs/undici/pull/2998
• Revert "perf: reuse TextDecoder instance (#​2863)" by @​panva in https://github.com/nodejs/undici/pull/2999
• test: remove only by @​metcoder95 in https://github.com/nodejs/undici/pull/3001

New Contributors

• @​Xvezda made their first contribution in https://github.com/nodejs/undici/pull/2971
• @​peterver made their first contribution in https://github.com/nodejs/undici/pull/2980
• @​clovis-guillemot made their first contribution in https://github.com/nodejs/undici/pull/2983
• @​MattBidewell made their first contribution in https://github.com/nodejs/undici/pull/2987
• @​benhalverson made their first contribution in https://github.com/nodejs/undici/pull/2991
• @​St3ffGv4 made their first contribution in https://github.com/nodejs/undici/pull/2985
• @​jacob-ebey made their first contribution in https://github.com/nodejs/undici/pull/2995

Full Changelog: nodejs/undici@v6.10.0...v6.10.2

v6.10.1

Compare Source

v6.10.0

Compare Source

What's Changed

• test: fix flakyness of issue-803 test by @​Uzlopak in https://github.com/nodejs/undici/pull/2960
• Cleanup format by @​KhafraDev in https://github.com/nodejs/undici/pull/2959
• Chore: run tests daily against node nightly by @​mweberxyz in https://github.com/nodejs/undici/pull/2969
• fix: fix retry handler option by @​acommodari in https://github.com/nodejs/undici/pull/2962
• build(deps): bump node from 4999fa1 to 577f8eb in /build by @​dependabot in https://github.com/nodejs/undici/pull/2974
• feat(TS): add types for composed dispatchers by @​metcoder95 in https://github.com/nodejs/undici/pull/2967
• fix: count for error response and network errors by @​metcoder95 in https://github.com/nodejs/undici/pull/2966

New Contributors

• @​mweberxyz made their first contribution in https://github.com/nodejs/undici/pull/2969
• @​acommodari made their first contribution in https://github.com/nodejs/undici/pull/2962

Full Changelog: nodejs/undici@v6.9.0...v6.10.0

v6.9.0

Compare Source

What's Changed

• feat: add new dispatch compose by @​metcoder95 in https://github.com/nodejs/undici/pull/2826
• ci: add macos-latest to test-matrix by @​Uzlopak in https://github.com/nodejs/undici/pull/2952
• types: align RequestInit.body type with lib.dom.ts by @​jdufresne in https://github.com/nodejs/undici/pull/2956
• ci: pin versions of github actions by @​UlisesGascon in https://github.com/nodejs/undici/pull/2957
• fetch: improve output for FormData, Response, Request by @​mertcanaltin in https://github.com/nodejs/undici/pull/2955
• perf: optimize collectASequenceOfBytes by @​tsctx in https://github.com/nodejs/undici/pull/2958

New Contributors

• @​jdufresne made their first contribution in https://github.com/nodejs/undici/pull/2956
• @​UlisesGascon made their first contribution in https://github.com/nodejs/undici/pull/2957

Full Changelog: nodejs/undici@v6.8.0...v6.9.0

v6.8.0

Compare Source

What's Changed

• fix: send correct SNI for proxy connections by @​chrros95 in https://github.com/nodejs/undici/pull/2939
• build(deps): bump node from 8bf9240 to 7bfef1d in /build by @​dependabot in https://github.com/nodejs/undici/pull/2937
• fetch: improve util.inspect output for web specifications by @​mertcanaltin in https://github.com/nodejs/undici/pull/2938
• ci: fix broken ci on windows and node v21 because of libuv bug by @​Uzlopak in https://github.com/nodejs/undici/pull/2941
• perf: improve getResolveErrorBodyCallback by @​Uzlopak in https://github.com/nodejs/undici/pull/2940
• fix: don't assign kAgent twice by @​ronag in https://github.com/nodejs/undici/pull/2942
• perf: dump immediatly if known size exceeds limit by @​ronag in https://github.com/nodejs/undici/pull/2882
• build(deps): bump node from 7bfef1d to 4999fa1 in /build by @​dependabot in https://github.com/nodejs/undici/pull/2946
• try to fix windows failure by @​ronag in https://github.com/nodejs/undici/pull/2950
• perf: improve parsing form-data by @​tsctx in https://github.com/nodejs/undici/pull/2944

New Contributors

• @​chrros95 made their first contribution in https://github.com/nodejs/undici/pull/2939

Full Changelog: nodejs/undici@v6.7.1...v6.8.0

v6.7.1

Compare Source

What's Changed

• fetch: use EOL of os-module by @​Uzlopak in https://github.com/nodejs/undici/pull/2915
• ci: only send codecov from ubuntu and node by @​Uzlopak in https://github.com/nodejs/undici/pull/2914
• tests: improve skip for unix.js tests, remove skipped tests by @​Uzlopak in https://github.com/nodejs/undici/pull/2916
• chore: fix typo in isHistoryNavigation comments by @​kachick in https://github.com/nodejs/undici/pull/2920
• fix(benchmark): set body correctly by @​tsctx in https://github.com/nodejs/undici/pull/2918
• chore: increase test coverage to 100% for /lib/api/api-request.js by @​Uzlopak in https://github.com/nodejs/undici/pull/2912
• fix: chunksDecode cuts off 3 characters at the end if having BOM by @​Uzlopak in https://github.com/nodejs/undici/pull/2922
• docs: clarify URI parsing behavior of ProxyAgent constructor by @​rossilor95 in https://github.com/nodejs/undici/pull/2893
• implement sync formdata parser by @​KhafraDev in https://github.com/nodejs/undici/pull/2911
• Fix docs links and add examples to sidebar by @​tastypackets in https://github.com/nodejs/undici/pull/2895
• doc: update diagnostics channel request headers type change by @​jessezhang91 in https://github.com/nodejs/undici/pull/2925
• perf: optimize getResolveErrorBodyCallback by @​tsctx in https://github.com/nodejs/undici/pull/2921
• override request dispatcher from init by @​matthieusieben in https://github.com/nodejs/undici/pull/2928
• add busboy tests by @​KhafraDev in https://github.com/nodejs/undici/pull/2924
• fix(benchmark): make it fair by @​tsctx in https://github.com/nodejs/undici/pull/2929
• Revert "chore: remove no-simd wasm" by @​Uzlopak in https://github.com/nodejs/undici/pull/2935
• build(deps): bump node from d3271e4 to 8bf9240 in /build by @​dependabot in https://github.com/nodejs/undici/pull/2936
• Flip link between docs and README by @​mcollina in https://github.com/nodejs/undici/pull/2933

New Contributors

• @​kachick made their first contribution in https://github.com/nodejs/undici/pull/2920
• @​tastypackets made their first contribution in https://github.com/nodejs/undici/pull/2895
• @​jessezhang91 made their first contribution in https://github.com/nodejs/undici/pull/2925
• @​matthieusieben made their first contribution in https://github.com/nodejs/undici/pull/2928

Full Changelog: nodejs/undici@v6.7.0...v6.7.1

v6.7.0

Compare Source

What's Changed

• test: remove t.diagnostics() calls in push-dont-push.js test by @​Uzlopak in https://github.com/nodejs/undici/pull/2715
• fix: fix flaky debug test by @​Uzlopak in https://github.com/nodejs/undici/pull/2714
• fix: HTTP2 tweaks by @​metcoder95 in https://github.com/nodejs/undici/pull/2711
• test: improve cookie tests by @​Uzlopak in https://github.com/nodejs/undici/pull/2693
• test: response.url after redirect is set to target url by @​Uzlopak in https://github.com/nodejs/undici/pull/2716
• chore: remove mocha and chai by @​Uzlopak in https://github.com/nodejs/undici/pull/2696
• test: replace t.pass with t.ok by @​Uzlopak in https://github.com/nodejs/undici/pull/2721
• perf: remove redundant operation in FormData by @​tsctx in https://github.com/nodejs/undici/pull/2726
• Add support for passing iterable objects as headers by @​JaoodxD in https://github.com/nodejs/undici/pull/2708
• chore: refine esbuild & node detection by @​mochaaP in https://github.com/nodejs/undici/pull/2677
• chore: rephrase some comments by @​Uzlopak in https://github.com/nodejs/undici/pull/2717
• test: replace t.type with t.ok and instanceof by @​Uzlopak in https://github.com/nodejs/undici/pull/2720
• remove useless options in web streams by @​KhafraDev in https://github.com/nodejs/undici/pull/2729
• Let's add superagent to the benchmark. closes #​2730 by @​eddienubes in https://github.com/nodejs/undici/pull/2731
• convert node build to latin1 by @​KhafraDev in https://github.com/nodejs/undici/pull/2673
• simplify formData body parsing by @​KhafraDev in https://github.com/nodejs/undici/pull/2735
• chore: migrate a batch of tests to node test runner no. 1 by @​Uzlopak in https://github.com/nodejs/undici/pull/2719
• chore: migrate a batch of tests to node test runner no. 2 by @​Uzlopak in https://github.com/nodejs/undici/pull/2737
• chore: migrate a batch of tests to node test runner no. 4 by @​Uzlopak in https://github.com/nodejs/undici/pull/2739
• chore: migrate a batch of tests to node test runner no. 5 by @​Uzlopak in https://github.com/nodejs/undici/pull/2740
• chore: migrate a batch of tests to node test runner no. 3 by @​Uzlopak in https://github.com/nodejs/undici/pull/2738
• chore: migrate a batch of tests to node test runner no. 6 by @​Uzlopak in https://github.com/nodejs/undici/pull/2741
• chore: migrate a batch of tests to node test runner no. 8 by @​Uzlopak in https://github.com/nodejs/undici/pull/2744
• chore: migrate a batch of tests to node test runner no. 7 by @​Uzlopak in https://github.com/nodejs/undici/pull/2742
• build(deps-dev): bump cronometro from 2.0.2 to 3.0.1 by @​dependabot in https://github.com/nodejs/undici/pull/2749
• perf: always use the same prototype Iterator by @​tsctx in https://github.com/nodejs/undici/pull/2743
• chore: migrate a batch of tests to node test runner no. 9, remove tap by @​Uzlopak in https://github.com/nodejs/undici/pull/2746
• chore: remove usage of http-errors in proxy example by @​Uzlopak in https://github.com/nodejs/undici/pull/2753
• fix: dont ship wasm files of llhttp via npm by @​Uzlopak in https://github.com/nodejs/undici/pull/2752
• fix: handle request body as late as possible by @​ronag in https://github.com/nodejs/undici/pull/2734
• perf(tree): avoid recursive calls by @​tsctx in https://github.com/nodejs/undici/pull/2755
• docs: fix favicon by @​Uzlopak in https://github.com/nodejs/undici/pull/2758
• chore: use mermaid engine and mermaid in markdown by @​Uzlopak in https://github.com/nodejs/undici/pull/2759
• chore: remove sinon dev dependency by @​Uzlopak in https://github.com/nodejs/undici/pull/2767
• tests: skip test/node-test/debug on node 21.6.2 and windows by @​Uzlopak in https://github.com/nodejs/undici/pull/2765
• chore: improve usage of skip in tests by @​Uzlopak in https://github.com/nodejs/undici/pull/2761
• feat: improve mock error breadcrumbs by @​rossilor95 in https://github.com/nodejs/undici/pull/2774
• expose MessageEvent in fetch bundle by @​KhafraDev in https://github.com/nodejs/undici/pull/2770
• test: always exit with 0 when running in Node's Daily WPT Report CI job by @​panva in https://github.com/nodejs/undici/pull/2778
• fix: add node prefix for util to fix issue in env with min version node 18 by @​riderx in https://github.com/nodejs/undici/pull/2775
• perf: improve perf of parseRawHeaders by @​Uzlopak in https://github.com/nodejs/undici/pull/2781
• fix: make mock-agent.js test more resilient by @​Uzlopak in https://github.com/nodejs/undici/pull/2780
• chore: make some test run even without internet connection by @​Uzlopak in https://github.com/nodejs/undici/pull/2786
• mock: improve validateReplyParameters by @​Uzlopak in https://github.com/nodejs/undici/pull/2783
• perf: improve TernarySearchTree by @​Uzlopak in https://github.com/nodejs/undici/pull/2782
• fix: convert HeadersInit to sequence/dictionary correctly by @​KhafraDev in https://github.com/nodejs/undici/pull/2784
• chore: improve getFieldValue by @​Uzlopak in https://github.com/nodejs/undici/pull/2785
• Add RetryHandler to sidebar by @​mcollina in https://github.com/nodejs/undici/pull/2797
• Add RetryAgent by @​mcollina in https://github.com/nodejs/undici/pull/2798
• build(deps): bump step-security/harden-runner from 2.6.0 to 2.7.0 by @​dependabot in https://github.com/nodejs/undici/pull/2690
• build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @​dependabot in https://github.com/nodejs/undici/pull/2393
• build(deps): bump actions/upload-artifact from 3.1.3 to 4.3.1 by @​dependabot in https://github.com/nodejs/undici/pull/2799
• build(deps): bump node from 20-alpine to 21-alpine in /build by @​dependabot in https://github.com/nodejs/undici/pull/2803
• perf: improve sort algorithm by @​tsctx in https://github.com/nodejs/undici/pull/2756
• refactor: move web stuff into their own folder by @​ronag in https://github.com/nodejs/undici/pull/2793
• s/ dispactgher/dispatcher/ by @​steveluscher in https://github.com/nodejs/undici/pull/2807
• Use paralellelRequests instead of connections to calculate req/sec in benchmarks by @​mcollina in https://github.com/nodejs/undici/pull/2800
• Split out documentation into separate directory by @​Ethan-Arrowood in https://github.com/nodejs/undici/pull/2788
• build(deps): bump fastify/github-action-merge-dependabot from 3.9.1 to 3.10.1 by @​dependabot in https://github.com/nodejs/undici/pull/2820
• build(deps): bump actions/dependency-review-action from 4.0.0 to 4.1.3 by @​dependabot in https://github.com/nodejs/undici/pull/2821
• build(deps): bump github/codeql-action from 3.23.2 to 3.24.4 by @​dependabot in https://github.com/nodejs/undici/pull/2818
• build(deps): bump actions/setup-node from 4.0.1 to 4.0.2 by @​dependabot in https://github.com/nodejs/undici/pull/2819
• fix: move CNAME and .nojekyll to root by @​Uzlopak in https://github.com/nodejs/undici/pull/2822
• remove all fetchParam event handlers by @​KhafraDev in https://github.com/nodejs/undici/pull/2823
• feat: refactor ProxyAgent constructor to also accept single URL argument by @​rossilor95 in https://github.com/nodejs/undici/pull/2810
• fix: isCTLExcludingHtab by @​Uzlopak in https://github.com/nodejs/undici/pull/2790
• refactor: move files into logical folders by @​ronag in https://github.com/nodejs/undici/pull/2813
• refactor: move fixed-queeu to dispatcher and rm node folder by @​ronag in https://github.com/nodejs/undici/pull/2827
• chore: create package.json in benchmarks by @​Uzlopak in https://github.com/nodejs/undici/pull/2766
• build(deps): bump github/codeql-action from 3.24.4 to 3.24.5 by @​dependabot in https://github.com/nodejs/undici/pull/2829
• chore: use lts for pubish types workflow by @​Uzlopak in https://github.com/nodejs/undici/pull/2830
• add dispatcher option to Request by @​KhafraDev in https://github.com/nodejs/undici/pull/2831
• fix url referrer wpt by @​KhafraDev in https://github.com/nodejs/undici/pull/2832
• refactor: remove own sort logic by @​tsctx in https://github.com/nodejs/undici/pull/2834
• fix(fetch): prevent crash when fetch is aborted with null as the AbortSignal's reason by @​steveluscher in https://github.com/nodejs/undici/pull/2833
• refactor: avoid http2 dynamic dispatch in socket handlers by @​ronag in https://github.com/nodejs/undici/pull/2839
• build(deps-dev): bump proxy from 1.0.2 to 2.1.1 by @​dependabot in https://github.com/nodejs/undici/pull/2137
• perf(tree): reduce overhead of build TernarySearchTree by @​tsctx in https://github.com/nodejs/undici/pull/2840
• webidl: implement resizable arraybuffer checks by @​KhafraDev in https://github.com/nodejs/undici/pull/2094
• websocket server only needs to reply with a single subprotocol by @​KhafraDev in https://github.com/nodejs/undici/pull/2845
• unite webidl stringification by @​KhafraDev in https://github.com/nodejs/undici/pull/2843
• fix: deflake connect-timeout test by @​Uzlopak in https://github.com/nodejs/undici/pull/2851
• fix: coverage reporting by @​Uzlopak in https://github.com/nodejs/undici/pull/2763
• fix: pipelining logic is not relevant for h2 by @​ronag in https://github.com/nodejs/undici/pull/2850
• processBody doesn't need to return a promise by @​KhafraDev in https://github.com/nodejs/undici/pull/2858
• refactor: split client into client-h1/h2 by @​ronag in https://github.com/nodejs/undici/pull/2848
• ci: fix concurrency by @​Uzlopak in https://github.com/nodejs/undici/pull/2862
• perf: improve performance of isValidSubprotocol by @​Uzlopak in https://github.com/nodejs/undici/pull/2861
• perf: reuse TextDecoder instance by @​Uzlopak in https://github.com/nodejs/undici/pull/2863
• chore: restructure benchmarks, use kebab-case by @​Uzlopak in https://github.com/nodejs/undici/pull/2864
• cookies: improve perf of toIMFDate by @​Uzlopak in https://github.com/nodejs/undici/pull/2867
• cookies: fix validateCookiePath by @​Uzlopak in https://github.com/nodejs/undici/pull/2866
• refactor: move out more h2 from core client by @​ronag in https://github.com/nodejs/undici/pull/2860
• mock: improve test coverage of buildHeadersFromArray by @​Uzlopak in https://github.com/nodejs/undici/pull/2872
• fix: remove broken build request hack by @​ronag in https://github.com/nodejs/undici/pull/2874
• chore: filenames should use kebab-case by @​Uzlopak in https://github.com/nodejs/undici/pull/2873
• refactor: split out last h1 specific code from core by @​ronag in https://github.com/nodejs/undici/pull/2876
• fix: make pipelining limit work for h2 by @​ronag in https://github.com/nodejs/undici/pull/2875
• fix: http2 doesn't have pipelining queue by @​ronag in https://github.com/nodejs/undici/pull/2878
• fix: minor connect cleanup by @​ronag in https://github.com/nodejs/undici/pull/2877
• Request headers types by @​JaoodxD in https://github.com/nodejs/undici/pull/2879
• ci: remove concurrency by @​Uzlopak in https://github.com/nodejs/undici/pull/2880
• fix: prefer queueMicrotask by @​ronag in https://github.com/nodejs/undici/pull/2881
• chore: remove no-simd wasm by @​Uzlopak in https://github.com/nodejs/undici/pull/2871
• cookies: improve validateCookieValue by @​Uzlopak in https://github.com/nodejs/undici/pull/2883
• cookies: improve validateCookieName by @​Uzlopak in https://github.com/nodejs/undici/pull/2884
• Properly parse set-cookie header using http2 by @​jeanp413 in https://github.com/nodejs/undici/pull/2886
• doc deprecate bodymixin.formData by @​KhafraDev in https://github.com/nodejs/undici/pull/2892
• perf: optimize check invalid field-vchar by @​tsctx in https://github.com/nodejs/undici/pull/2889
• build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @​dependabot in https://github.com/nodejs/undici/pull/2897
• fix issue 2898 by @​KhafraDev in https://github.com/nodejs/undici/pull/2900
• tests: ignore catch block when requiring crypto module by @​Uzlopak in https://github.com/nodejs/undici/pull/2901
• websocket: remove dead code in parseCloseBody by @​Uzlopak in https://github.com/nodejs/undici/pull/2902
• fix: tests dont need process.exit by @​Uzlopak in https://github.com/nodejs/undici/pull/2909
• chore: remove proxyquire by @​Uzlopak in https://github.com/nodejs/undici/pull/2906
• chore: remove import-fresh as devDependency by @​Uzlopak in https://github.com/nodejs/undici/pull/2908
• perf(headers): a single set-cookie by @​tsctx in https://github.com/nodejs/undici/pull/2903
• websocket: improve .close() by @​Uzlopak in https://github.com/nodejs/undici/pull/2865
• feat: add sending data benchmark by @​tsctx in https://github.com/nodejs/undici/pull/2905
• ci: integrate workflows into nodejs.yml by @​Uzlopak in https://github.com/nodejs/undici/pull/2899

New Contributors

• @​JaoodxD made their first contribution in https://github.com/nodejs/undici/pull/2708
• @​eddienubes made their first contribution in https://github.com/nodejs/undici/pull/2731
• @​riderx made their first contribution in https://github.com/nodejs/undici/pull/2775
• @​steveluscher made their first contribution in https://github.com/nodejs/undici/pull/2807
• @​jeanp413 made their first contribution in https://github.com/nodejs/undici/pull/2886

Full Changelog: nodejs/undici@v6.6.2...v6.7.0

v6.6.2

Compare Source

What's Changed

• fix: webidl.brandcheck non strict should throw by @​Uzlopak in https://github.com/nodejs/undici/pull/2683
• fix: expose EventSource for nodejs by @​Uzlopak in https://github.com/nodejs/undici/pull/2645
• test: more information from debug tests by @​Uzlopak in https://github.com/nodejs/undici/pull/2695
• Fix broken test on linux by @​mcollina in https://github.com/nodejs/undici/pull/2699
• fix: fix the linux patch by @​Uzlopak in https://github.com/nodejs/undici/pull/2703
• test(wpt): mark timed out tests as 'failed' by @​rossilor95 in https://github.com/nodejs/undici/pull/2644
• build(deps-dev): bump borp from 0.5.0 to 0.9.1 by @​dependabot in https://github.com/nodejs/undici/pull/2702
• perf: use insertion sort algorithm by @​tsctx in https://github.com/nodejs/undici/pull/2706
• fix: run node tests on merge by @​Uzlopak in https://github.com/nodejs/undici/pull/2707

New Contributors

• @​rossilor95 made their first contribution in https://github.com/nodejs/undici/pull/2644

Full Changelog: nodejs/undici@v6.6.1...v6.6.2

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

🎉 This PR is included in version 21.0.0-beta.3 🎉

The release is available on:

• GitHub release
• npm package (@beta dist-tag)

Your semantic-release bot 📦🚀

[github-actions]

🎉 This PR is included in version 20.1.1 🎉

The release is available on:

• GitHub release
• npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

[github-actions]

🎉 This PR is included in version 20.1.1 🎉

The release is available on:

• GitHub release
• npm package (@release-20.x dist-tag)

Your semantic-release bot 📦🚀