Upgrade undici to v5.8.0

[yusukebe]

Hi! Upgraded undici to v5.8.0. This release fixed the vulnerabilities.

https://github.com/nodejs/undici/releases/tag/v5.8.0

[yusukebe]

This undici updating has breaking changes. We can't adapt as it is.
But, I think we should fix the vulnerabilities. Hmm...

[mrbbot]

Hey! 👋 Apologies for the delayed response. I've recently returned from a long holiday and am catching up on issues and PRs now.

It looks like undici's fetch implementation now requires at least Node 16.8.0 as opposed to 16.7.0, hence most of the test failures.

There's also another issue with the File constructor which I've PRed a fix for: nodejs/undici#1601. Hopefully that gets merged & released soon.

Will check we can bump the minimum supported Node version (in Wrangler too), but these security issues are unlikely to affect Miniflare users, as it's only intended as a local development and testing tool.

[yusukebe]

Hi @mrbbot ! Thank you for checking this PR.

Will check we can bump the minimum supported Node version (in Wrangler too)

Please!

but these security issues are unlikely to affect Miniflare users, as it's only intended as a local development and testing tool.

Ah, you're definitely right!

[mrbbot]

Closed in favour of #333. Thanks again for bringing these issues to our attention. 🙂