[Snyk] Security upgrade undici from 4.7.0 to 5.19.1

[sergeysedoy97]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • example/package.json
  • example/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	623/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 4.6	CRLF Injection SNYK-JS-UNDICI-3323844	Yes	Proof of Concept
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-UNDICI-3323845	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: undici

The new version differs by 250 commits.

• 984d53b Bumped v5.19.1
• 6c32c0f lint fixes
• f2324e5 Merge pull request from GHSA-r6ch-mqf9-qc9w
• a2eff05 Merge pull request from GHSA-5r9g-qh6m-jxff
• f5c89e5 Bumped v5.19.0
• f7c6c6a Make the fetch() abort test pass locally, on Linux and Mac, Node 18 and 19 (#1927)
• aebb232 fix(types): add missing keepAlive params (#1918)
• e155c6d doc(mock): update out-of-date reply documentation (#1913)
• 87fa734 fix(headers): clone getSetCookie list & add getSetCookie type (#1917)
• ba5ef44 feat: add Headers.prototype.getSetCookie (#1915)
• 0a59535 fix: remove test (#1916)
• c0ba75f fix: content-disposition header parsing (#1911)
• 7827031 fix(fetch): raise AbortSignal max event listeners (#1910)
• 9dceb21 5.18.0
• 6641f93 fix: flaky test
• 3bc7b4c fix: ensure header value is a string (#1899)
• b06f19f use faster timers (#1908)
• b4c0e5a Add ability to set TCP keepalive (#1904)
• ce6a53b 5.17.1
• d2be675 fix: bad buffer slice
• 16b7a68 5.17.0
• 208f7cf perf: use FastBuffer (#1907)
• 0986381 fix(fetch): use semicolon for Cookie header delimiter (#1906)
• 2b260c9 fix: throw if invalid content-type header (#1901)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 CRLF Injection
🦉 Regular Expression Denial of Service (ReDoS)