chore(deps): update dependency undici@>=5.0.0 to v6 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
undici@>=5.0.0 (source)	^5.28.5 -> ^6.21.2

GitHub Vulnerability Alerts

CVE-2025-47279

Impact

Applications that use undici to implement a webhook-like system are vulnerable. If the attacker set up a server with an invalid certificate, and they can force the application to call the webhook repeatedly, then they can cause a memory leak.

Patches

This has been patched in https://github.com/nodejs/undici/pull/4088.

Workarounds

If a webhook fails, avoid keep calling it repeatedly.

References

Reported as: https://github.com/nodejs/undici/issues/3895

---

Release Notes

nodejs/undici (undici@>=5.0.0)

v6.21.2

Compare Source

What's Changed

• fix(types): add missing DNS interceptor by @​slagiewka in #​4024
• [v6.x] fix wpts on windows by @​mcollina in #​4093
• Removed clients with unrecoverable errors from the Pool #​4088

New Contributors

• @​slagiewka made their first contribution in #​4024

Full Changelog: nodejs/undici@v6.21.1...v6.21.2

v6.21.1

Compare Source

⚠️ Security Release ⚠️

Fixes CVE CVE-2025-22150 GHSA-c76h-2ccp-4975 (embargoed until 22-01-2025).

What's Changed

• fix(#​3736): back-port 183f8e9 to v6.x by @​ggoodman in #​3855
• fix(#​3817): send servername for SNI on TLS (#​3821) [backport] by @​metcoder95 in #​3864
• fix: sending formdata bodies with http2 (#​3863) [backport] by @​metcoder95 in #​3866
• [Backport v6.x] fix: Fixed the issue that there is no running request when http2 goaway by @​github-actions in #​3877
• types: [backport] Update return type of RetryCallback (#​3851) by @​metcoder95 in #​3876

Full Changelog: nodejs/undici@v6.21.0...v6.21.1

v6.21.0

Compare Source

What's Changed

• [Backport v6.x] web: mark as uncloneable when possible (#​3709) by @​jazelly in #​3744
• [Backport v6.x] fetch: fix content-encoding order by @​github-actions in #​3764
• [Backport v6.x] fix: handle undefined deref() of WeakRef(socket) by @​github-actions in #​3822
• [Backport v6.x] fix: range end is zero-indexed by @​github-actions in #​3827

Full Changelog: nodejs/undici@v6.20.1...v6.21.0

v6.20.1

Compare Source

What's Changed

• [Backport v6.x] jsdoc: add jsdoc to lib/web/fetch/constants.js by @​github-actions in #​3710
• [Backport v6.x] feat: implement BodyReadable.bytes by @​github-actions in #​3711
• fix: add more expectsPayload methods by @​ronag in #​3715
• [Backport v6.x] chore(H2): onboard H2 into Undici queueing system (#​3707) by @​Uzlopak in #​3724
• [Backport v6.x] fix: PoolBase kClose and kDestroy should await and not return the Promise by @​github-actions in #​3723
• [Backport v6.x] fix: extract noop everywhere by @​Uzlopak in #​3727

Full Changelog: nodejs/undici@v6.20.0...v6.20.1

v6.20.0

Compare Source

What's Changed

• Remove patched dom types (v6.x branch) by @​eXhumer in #​3531
• docs(Backport v6.x): Fix signature of RetryHandler by @​github-actions in #​3594
• deps(dev): update @​types/node by @​metcoder95 in #​3618
• fix: throw on retry when payload is consume by downstream by @​github-actions in #​3596
• feat(Backport v6.x): move throwOnError to interceptor by @​github-actions in #​3595
• [Backport v6.x] fix: reduce memory usage in client-h1 by @​github-actions in #​3672
• [Backport v6.x] fix: refactor fast timers, fix UND_ERR_CONNECT_TIMEOUT on event loop blocking by @​github-actions in #​3673
• [Backport v6.x] fix: run asserts first if possible by @​github-actions in #​3674
• [Backport v6.x] fix: use fasttimers for all connection timeouts by @​github-actions in #​3675
• [Backport v6.x] ci: less flaky test/request-timeout.js test by @​github-actions in #​3678
• [Backport v6.x] test: less flaky timers acceptance test, rework fast timer tests to pass them faster by @​github-actions in #​3679
• [Backport v6.x] ignore leading and trailing crlfs in formdata body by @​github-actions in #​3681
• [Backport v6.x] mock: fix mocking of Uint8Array and ArrayBuffers as provided mock-responses by @​github-actions in #​3689
• [Backport v6.x] handle body errors by @​Uzlopak in #​3700

Full Changelog: nodejs/undici@v6.19.8...v6.20.0

v6.19.8

Compare Source

Full Changelog: nodejs/undici@v6.19.7...v6.19.8

v6.19.7

Compare Source

Full Changelog: nodejs/undici@v6.19.6...v6.19.7

v6.19.6

Compare Source

Full Changelog: nodejs/undici@v6.19.5...v6.19.6

v6.19.5

Compare Source

Full Changelog: nodejs/undici@v6.19.4...v6.19.5

v6.19.4

Compare Source

Full Changelog: nodejs/undici@v6.19.3...v6.19.4

v6.19.3

Compare Source

Full Changelog: nodejs/undici@v6.19.2...v6.19.3

v6.19.2

Compare Source

What's Changed

• fix #​3337 by @​KhafraDev in #​3338
• build: use husky as husky install is deprecated by @​jazelly in #​3340
• fix: interceptors.d.ts has no default export by @​Uzlopak in #​3332

Full Changelog: nodejs/undici@v6.19.1...v6.19.2

v6.19.1

Compare Source

What's Changed

• don't append empty origin by @​KhafraDev in #​3335

Full Changelog: nodejs/undici@v6.19.0...v6.19.1

v6.19.0

Compare Source

What's Changed

• build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @​dependabot in #​3305
• build(deps): bump codecov/codecov-action from 4.3.1 to 4.4.1 by @​dependabot in #​3303
• build(deps): bump step-security/harden-runner from 2.7.1 to 2.8.0 by @​dependabot in #​3304
• build(deps): bump github/codeql-action from 3.25.3 to 3.25.7 by @​dependabot in #​3306
• build(deps): bump node from 9e8f45f to dd7e693 in /build by @​dependabot in #​3309
• build(deps): bump node from dd7e693 to e6d4495 in /build by @​dependabot in #​3313
• remove websocket experimental warning by @​KhafraDev in #​3311
• perf: optimization of request instantiation by @​tsctx in #​3107
• perf: convert object to params by @​DarkGL in #​3302
• build(deps-dev): bump borp from 0.14.0 to 0.15.0 by @​dependabot in #​3320
• build(deps-dev): bump c8 from 9.1.0 to 10.0.0 by @​dependabot in #​3321
• fix: add missing error classes to types by @​maxbeatty in #​3316
• export interceptor to type def file by @​jakecastelli in #​3318
• build(deps): bump node from e6d4495 to 075a5cc in /build by @​dependabot in #​3326
• doc: clearify the behaviour of bodyTimeout in the request by @​jakecastelli in #​3324
• feature: support pre-shared sessions by @​tastypackets in #​3325

New Contributors

• @​maxbeatty made their first contribution in #​3316
• @​jakecastelli made their first contribution in #​3318

Full Changelog: nodejs/undici@v6.18.2...v6.19.0

v6.18.2

Compare Source

What's Changed

• don't use internal header state for cookies by @​KhafraDev in #​3295
• build(deps-dev): bump borp from 0.13.0 to 0.14.0 by @​dependabot in #​3298
• fix: retry on body support by @​metcoder95 in #​3294

Full Changelog: nodejs/undici@v6.18.1...v6.18.2

v6.18.1

Compare Source

What's Changed

• docs: Update references to dispatcher in docs by @​haikyuu in #​3281
• fix: compatibility for global headers by @​tsctx in #​3286
• websocket: pre-calculated length by @​tsctx in #​3284
• ci: fix autobahn workflow by @​Uzlopak in #​3291
• revert: "websocket: pre-calculated length" by @​KhafraDev in #​3290
• websocket: use FixedQueue instead of Set by @​tsctx in #​3283

New Contributors

• @​haikyuu made their first contribution in #​3281

Full Changelog: nodejs/undici@v6.18.0...v6.18.1

v6.18.0

Compare Source

What's Changed

• permessage-deflate decompression support in websocket by @​KhafraDev in #​3263
• fix: Fix server closing in tests. by @​ShogunPanda in #​3279

Full Changelog: nodejs/undici@v6.17.0...v6.18.0

v6.17.0

Compare Source

What's Changed

• fetch: fix captureStackTrace by @​Uzlopak in #​3227
• fetch: fix wpt test request-upload.any.js by @​Uzlopak in #​3234
• websocket: don't clone buffer by @​tsctx in #​3240
• Remove unecessary async from writeBuffer by @​DarkGL in #​3245
• refactor websocket control frame handling by @​KhafraDev in #​3241
• fix parsing continuation frames in websocket by @​KhafraDev in #​3247
• ci: node nightly test should use node 23 by @​Uzlopak in #​3248
• Add test to verify if the connection is correctly aborted on cancel by @​mcollina in #​3219
• Autobahn suite by @​KhafraDev in #​3251
• websocket: fix 6 autobahn tests by @​KhafraDev in #​3254
• websocket: checkout correct commit in autobahn workflow by @​Uzlopak in #​3258
• Cleanup websocket by @​KhafraDev in #​3257
• websocket: autobahn workflow should fail on error by @​Uzlopak in #​3259
• add bodymixin bytes by @​KhafraDev in #​3262
• perf: avoid buffer cloning by @​tsctx in #​3264
• feat: dump interceptor by @​metcoder95 in #​3118
• use private properties in Headers by @​KhafraDev in #​3269
• Revert "websocket: autobahn workflow should fail on error" by @​Uzlopak in #​3270
• build(deps): bump node from 487dc5d to 9e8f45f in /build by @​dependabot in #​3271

New Contributors

• @​DarkGL made their first contribution in #​3245

Full Changelog: nodejs/undici@v6.16.1...v6.17.0

v6.16.1

Compare Source

What's Changed

• fix some typos by @​Uzlopak in #​3217
• websocket: move codeblock in parseCloseBody by @​Uzlopak in #​3215
• fetch: enable wpt test request-referrer.any.js by @​Uzlopak in #​3223
• fetch: wpt add /fetch/api/resources/cache.py to server.mjs by @​Uzlopak in #​3225
• add pipe support for wpt server by @​KhafraDev in #​3228
• test: reduce the number of requests in fire-and-forget.js by @​tsctx in #​3229
• ci: add node 22 in ci test matrix, use 22 for coverage by @​Uzlopak in #​3226
• fetch: don't set an invalid origin header by @​KhafraDev in #​3235
• fail wpt runner if expected failures does not match actual by @​KhafraDev in #​3236
• fix: ignore content-length when dumping HEAD by @​ronag in #​3222

Full Changelog: nodejs/undici@v6.16.0...v6.16.1

v6.16.0

Compare Source

What's Changed

• add index to sequence converter errors by @​KhafraDev in #​3178
• build(deps-dev): bump borp from 0.12.0 to 0.13.0 by @​dependabot in #​3179
• build(deps): bump node from 21-alpine3.19 to 22-alpine3.19 in /build by @​dependabot in #​3180
• build(deps): bump superagent from 8.1.2 to 9.0.2 in /benchmarks by @​dependabot in #​3181
• fix: keep raw header name by @​tsctx in #​3183
• fix(fetch): improve Headers and Request type-compatibility by @​kettanaito in #​1964
• fix 3 mimesniff tests by @​KhafraDev in #​3185
• build(deps): bump hendrikmuhs/ccache-action from 1.2.12 to 1.2.13 by @​dependabot in #​3187
• build(deps): bump codecov/codecov-action from 4.1.1 to 4.3.1 by @​dependabot in #​3191
• build(deps): bump github/codeql-action from 3.24.9 to 3.25.3 by @​dependabot in #​3192
• build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2 by @​dependabot in #​3189
• build(deps): bump step-security/harden-runner from 2.7.0 to 2.7.1 by @​dependabot in #​3188
• build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.3 by @​dependabot in #​3190
• build(deps): bump node from 9459e24 to 487dc5d in /build by @​dependabot in #​3195
• perf: avoid spread in makeRequest() by @​gunjam in #​3193
• refactor: code cleanup by @​tsctx in #​3194
• fix parsing when receiving empty body websocket by @​KhafraDev in #​3205
• fix: MockResponseCallbackOptions type by @​merojosa in #​2951
• docs(proxy): fix typo by @​kanadgupta in #​3207
• fix websocket receiving an invalid utf-8 in close frame by @​KhafraDev in #​3206
• perf: avoid setImmediate if body is reading by @​ronag in #​3210
• fix: request abort signal by @​ronag in #​3209
• fix: remove abort handler on close by @​ronag in #​3211
• fix: pass abort function by @​tsctx in #​3212
• websocket: 200x faster generate mask by @​tsctx in #​3204
• use FinalizationRegistry to cancel the body if response is collected by @​mcollina in #​3199
• websocket: don't clone buffer if it's not needed. by @​tsctx in #​3214
• websocket: use FastBuffer by @​tsctx in #​3213

New Contributors

• @​kettanaito made their first contribution in #​1964
• @​gunjam made their first contribution in #​3193
• @​merojosa made their first contribution in #​2951
• @​kanadgupta made their first contribution in #​3207

Full Changelog: nodejs/undici@v6.15.0...v6.16.0

v6.15.0

Compare Source

What's Changed

• Expose EnvHttpProxyAgent to Node.js core bundle, so it can be turned … by @​mcollina in #​3148
• test: add headerslist copy check by @​tsctx in #​3156
• chore: ensure automated v6 release compared to v6 by @​mweberxyz in #​3149
• fetch: do not leak signal listeners by @​mcollina in #​3158
• fix: request cache mode is not the same as request mode by @​tsibley in #​3151
• fetch: don't re-lowercase HeadersList by @​tsctx in #​3159
• fix casing issue when cloning Headers object by @​KhafraDev in #​3160
• build(deps): bump node from 6d0f18a to db8772d in /build by @​dependabot in #​3163
• fix header cloning bug by @​tsctx in #​3162
• chore: change bench naming for h2 by @​metcoder95 in #​3165
• expose WebSocket related events in node bundle by @​KhafraDev in #​3167
• feat: add support for if-match on retry handler by @​metcoder95 in #​3144
• fix: correct firing order of abort events by @​tsctx in #​3169
• create fast MessageEvent by @​KhafraDev in #​3170
• chore: add explicitly @​fastify/busboy by @​Uzlopak in #​3172
• chore: remove sinon as dev dependency by @​Uzlopak in #​3171
• webidl changes by @​KhafraDev in #​3175
• preserve dictionary key name in webidl errors by @​KhafraDev in #​3176

New Contributors

• @​tsibley made their first contribution in #​3151

Full Changelog: nodejs/undici@v6.14.1...v6.15.0

v6.14.1

Compare Source

What's Changed

• fix: tweak keep-alive timeout implementation by @​mweberxyz in #​3145
• build(deps-dev): bump borp from 0.11.0 to 0.12.0 by @​dependabot in #​3153
• build(deps): bump node from ad255c6 to 6d0f18a in /build by @​dependabot in #​3154
• fix(EnvHttpProxyAgent): prefer lowercase env vars by @​10xLaCroixDrinker in #​3152

Full Changelog: nodejs/undici@v6.14.0...v6.14.1

v6.14.0

Compare Source

What's Changed

• bench: enable benchmarks for h2 by @​metcoder95 in #​3100
• perf: improve performance of isomorphicEncode by @​tsctx in #​3101
• util: remove isReadableAborted by @​Uzlopak in #​3104
• fix(types): The second parameter of EventSource is optional by @​zbinlin in #​3106
• fix: onConnect types by @​ronag in #​3116
• add dispatcher option to EventSource by @​KhafraDev in #​3119
• core: improve parseURL by @​Uzlopak in #​3102
• test: increase coverage by @​Uzlopak in #​3121
• docs: add directions to run docs and benchmarks by @​FatumaA in #​3092
• perf: avoid unnecessary clone by @​tsctx in #​3117
• build(deps-dev): bump borp from 0.10.0 to 0.11.0 by @​dependabot in #​3126
• drop node support for < v18.17.0 by @​KhafraDev in #​3125
• test: improve test and ci performance by @​Uzlopak in #​3135
• Added EnvHttpProxyAgent to support HTTP_PROXY by @​10xLaCroixDrinker in #​2994
• fetch: Change wording of "Body is unusable" error by @​nzakas in #​3105
• perf: use class instead of object literals with getters by @​tsctx in #​3138
• fix: unhandled exception or failing error body by @​ronag in #​3137
• reuse realm for Request/Response by @​KhafraDev in #​3142
• fix(H2-#​3140): abort requets upon GOAWAY by @​metcoder95 in #​3143
• don't store realm on Request/Response by @​KhafraDev in #​3146
• improve: wasm build by @​Uzlopak in #​3074

New Contributors

• @​10xLaCroixDrinker made their first contribution in #​2994
• @​nzakas made their first contribution in #​3105

Full Changelog: nodejs/undici@v6.13.0...v6.14.0

v6.13.0

Compare Source

What's Changed

• build(deps): bump node from 9696b26 to ad255c6 in /build by @​dependabot in #​3073
• test: remove only by @​metcoder95 in #​3077
• fix: defer errors with setImmediate by @​ronag in #​3081
• improve DecoratorHandler by @​Uzlopak in #​3079
• chore: removed unused escapeFormDataName by @​mcollina in #​3084
• Mention option to pass streams into FormData by @​JaoodxD in #​3086
• fetch: improve performance of isValidEncodedURL by @​Uzlopak in #​3090
• optimize utf8Decode by @​Uzlopak in #​3085
• refactor: h2 refactoring by @​metcoder95 in #​3082
• Skip the creation of a transform stream in fetch by @​mcollina in #​3093
• fetch: improve performance of urlHasHttpsScheme by @​Uzlopak in #​3094
• fetch: avoid creation of an intermediary ReadableStream by @​KhafraDev in #​3095
• test: duplicate jest unspecific tests to native runner by @​Uzlopak in #​3075
• build(deps): bump node from ad255c6 to 6d0f18a in /build by @​dependabot in #​3096
• fetch: improve performance of isValidHeaderValue by @​Uzlopak in #​3098
• chore: automate releases with pr by @​mweberxyz in #​3089

New Contributors

• @​github-actions made their first contribution in #​3099

Full Changelog: nodejs/undici@v6.12.0...v6.13.0

v6.12.0

Compare Source

What's Changed

• fix: broken test by @​tsctx in #​3045
• fix: http2 header parsing by @​climba03003 in #​3047
• types: fix Request.refererPolicy and RequestInit.refererPolicy are incompatible by @​zbinlin in #​3039
• fix(types): onHeaders always takes headers as an array of buffer by @​ronag in #​3050
• fix: ProxyAgent causes request.headers.host to be forcibly reset by @​1zilc in #​3026
• fallback to Buffer.isUtf8 on platforms without icu by @​KhafraDev in #​3006
• build(deps): bump github/codeql-action from 3.24.6 to 3.24.9 by @​dependabot in #​3037
• build(deps): bump actions/dependency-review-action from 4.1.3 to 4.2.5 by @​dependabot in #​3035
• build(deps): bump node from 577f8eb to 87524df in /build by @​dependabot in #​3055
• build(deps): bump node from 87524df to 9696b26 in /build by @​dependabot in #​3058
• fetch: Block ports 4190 & 6679 by @​KhafraDev in #​3059
• test: activate testing for interceptors and cache by @​Uzlopak in #​3061
• cache: improve test coverage by @​Uzlopak in #​3063
• feat: modernize fuzzing by @​Uzlopak in #​3060
• fix: request abort by @​ronag in #​3056
• fix: signal handling by @​ronag in #​3053
• fix(H2): handle goaway properly by @​metcoder95 in #​3057
• test: client, set body to null if bigger than CHUNK_LIMIT by @​Uzlopak in #​3064
• mock: improve mock interceptor by @​Uzlopak in #​3062
• fix: bad client destroy on servername change by @​ronag in #​3066
• perf: improve isBlobLike by @​Uzlopak in #​3070
• test: add sanity check for llhttp wasm files by @​Uzlopak in #​3068

New Contributors

• @​zbinlin made their first contribution in #​3039
• @​1zilc made their first contribution in #​3026

Full Changelog: nodejs/undici@v6.11.1...v6.12.0

v6.11.1

Compare Source

⚠️ Security Release ⚠️

What's Changed

• Fixes GHSA-m4v8-wqvr-p9f7 CVE-2024-30260
• Fixes GHSA-9qxr-qj54-h672 CVE-2024-30261
• Revert "fix: don't leak internal class (#​3024)" by @​mcollina in #​3044

Full Changelog: nodejs/undici@v6.11.0...v6.11.1

v6.11.0

Compare Source

What's Changed

• refactor(#​3023): Pass headers as array instead by @​metcoder95 in #​3025
• fix: don't leak internal class by @​ronag in #​3024
• build(deps): bump codecov/codecov-action from 4.1.0 to 4.1.1 by @​dependabot in #​3034
• build(deps-dev): bump tsd from 0.30.7 to 0.31.0 by @​dependabot in #​3038
• build(deps-dev): bump borp from 0.9.1 to 0.10.0 by @​dependabot in #​2947
• missing commits by @​ronag in #​3040
• build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @​dependabot in #​3036
• fix: regexp pattern by @​tsctx in #​3041

Full Changelog: nodejs/undici@v6.10.2...v6.11.0

v6.10.2

Compare Source

What's Changed

• Do not fail test if streams support typed arrays by @​mcollina in #​2978
• fix(fetch): properly redirect non-ascii location header url by @​Xvezda in #​2971
• perf: Remove double-stringify in setCookie by @​peterver in #​2980
• [fix #​2982] use DispatcherInterceptor type for Dispatcher#Compose by @​clovis-guillemot in #​2983
• fix: make EventSource properties enumerable by @​MattBidewell in #​2987
• docs: ✏️ fixed benchmark links by @​benhalverson in #​2991
• fix(#​2986): bad start check by @​metcoder95 in #​2992
• fix(H2 Client): bind stream 'data' listener only after received 'response' event by @​St3ffGv4 in #​2985
• feat: added search input by @​benhalverson in #​2993
• chore: validate responses can be consumed without a Content-Length or… by @​jacob-ebey in #​2995
• fix error message by @​KhafraDev in #​2998
• Revert "perf: reuse TextDecoder instance (#​2863)" by @​panva in #​2999
• test: remove only by @​metcoder95 in #​3001

New Contributors

• @​Xvezda made their first contribution in #​2971
• @​peterver made their first contribution in #​2980
• @​clovis-guillemot made their first contribution in #​2983
• @​MattBidewell made their first contribution in #​2987
• @​benhalverson made their first contribution in #​2991
• @​St3ffGv4 made their first contribution in #​2985
• @​jacob-ebey made their first contribution in #​2995

Full Changelog: nodejs/undici@v6.10.0...v6.10.2

v6.10.1

Compare Source

Full Changelog: nodejs/undici@v6.10.0...v6.10.1

v6.10.0

Compare Source

What's Changed

• test: fix flakyness of issue-803 test by @​Uzlopak in #​2960
• Cleanup format by @​KhafraDev in #​2959
• Chore: run tests daily against node nightly by @​mweberxyz in #​2969
• fix: fix retry handler option by @​acommodari in #​2962
• build(deps): bump node from 4999fa1 to 577f8eb in /build by @​dependabot in #​2974
• feat(TS): add types for composed dispatchers by @​metcoder95 in #​2967
• fix: count for error response and network errors by @​metcoder95 in #​2966

New Contributors

• @​mweberxyz made their first contribution in #​2969
• @​acommodari made their first contribution in #​2962

Full Changelog: nodejs/undici@v6.9.0...v6.10.0

v6.9.0

Compare Source

What's Changed

• feat: add new dispatch compose by @​metcoder95 in #​2826
• ci: add macos-latest to test-matrix by @​Uzlopak in #​2952
• types: align RequestInit.body type with lib.dom.ts by @​jdufresne in #​2956
• ci: pin versions of github actions by @​UlisesGascon in #​2957
• fetch: improve output for FormData, Response

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[netlify]

✅ Deploy Preview for brilliant-pasca-3e80ec canceled.

Name	Link
🔨 Latest commit	551f6ab
🔍 Latest deploy log	https://app.netlify.com/projects/brilliant-pasca-3e80ec/deploys/68ee7697b4a1d700081c3978

[github-actions]

🚀 Performance Test Results

Test Configuration:

• VUs: 4
• Duration: 1m0s

Test Metrics:

• Requests/s: 45.32
• Iterations/s: 15.12
• Failed Requests: 0.00% (0 of 2727)

📜 Logs

> performance@1.0.0 run-tests:testenv /home/runner/work/rafiki/rafiki/test/performance
> ./scripts/run-tests.sh -e test "-k" "-q" "--vus" "4" "--duration" "1m"

Cloud Nine GraphQL API is up: http://localhost:3101/graphql
Cloud Nine Wallet Address is up: http://localhost:3100/
Happy Life Bank Address is up: http://localhost:4100/
cloud-nine-wallet-test-backend already set
cloud-nine-wallet-test-auth already set
happy-life-bank-test-backend already set
happy-life-bank-test-auth already set
     data_received..................: 984 kB 16 kB/s
     data_sent......................: 2.1 MB 35 kB/s
     http_req_blocked...............: avg=5.8µs   min=2.38µs   med=4.75µs   max=374.82µs p(90)=6µs      p(95)=6.49µs  
     http_req_connecting............: avg=195ns   min=0s       med=0s       max=136.84µs p(90)=0s       p(95)=0s      
     http_req_duration..............: avg=87.65ms min=6.69ms   med=73.22ms  max=674.32ms p(90)=145.44ms p(95)=170.19ms
       { expected_response:true }...: avg=87.65ms min=6.69ms   med=73.22ms  max=674.32ms p(90)=145.44ms p(95)=170.19ms
     http_req_failed................: 0.00%  ✓ 0         ✗ 2727
     http_req_receiving.............: avg=79.55µs min=23.91µs  med=68.44µs  max=1.25ms   p(90)=104.98µs p(95)=132.41µs
     http_req_sending...............: avg=31.87µs min=9.87µs   med=24.85µs  max=1.13ms   p(90)=37.95µs  p(95)=50.67µs 
     http_req_tls_handshaking.......: avg=0s      min=0s       med=0s       max=0s       p(90)=0s       p(95)=0s      
     http_req_waiting...............: avg=87.53ms min=6.53ms   med=73.09ms  max=674.24ms p(90)=145.34ms p(95)=170.08ms
     http_reqs......................: 2727   45.318834/s
     iteration_duration.............: avg=264.2ms min=166.34ms med=251.87ms max=1.04s    p(90)=320.99ms p(95)=348.07ms
     iterations.....................: 910    15.122896/s
     vus............................: 4      min=4       max=4 
     vus_max........................: 4      min=4       max=4