fix(deps): update dependency urllib to v4

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
urllib	^3.3.0 -> ^4.0.0

---

Release Notes

node-modules/urllib (urllib)

v4.8.2

Compare Source

• fix: enumerable WellFormed (0b1e89d)
• chore: ignore pnpm-lock.yaml (3cc8971)
• chore: migrate from ESLint to oxlint with @​eggjs/oxlint-config extension (#​590) (1ae3fd7), closes #​590
• chore: typo fix on release task name (54aa22a)

v4.8.1

Compare Source

• chore: add GIT_TOKEN (baabae9)
• chore: use npm trusted publisher (#​589) (8f2ed13), closes #​589
• chore(deps): update dependency cross-env to v10 (#​584) (ad4405a), closes #​584
• chore(deps): update dependency selfsigned to v3 (#​582) (9e62fb1), closes #​582
• fix: patch undici File support on Node.js < 20 (#​588) (0e5ad19), closes #​588

v4.8.0

Compare Source

Features

• add isSentByFetch/fetchOpaque to urllib message (#​581) (d7e9f40)

v4.7.1

Compare Source

Bug Fixes

• compatible with urllib@​2 timeout string format (#​580) (5eaf790)

v4.7.0

Compare Source

Features

• support multiple fetch_factory instances (#​579) (d09d316)

v4.6.12

Compare Source

Bug Fixes

• compatible with pool stats reading (#​578) (13a29af)

v4.6.11

Compare Source

Bug Fixes

• compressed option should be false by default (#​567) (a0a8dc5)

v4.6.10

Compare Source

Bug Fixes

• should HEAD request keepalive by default (#​566) (54c4a2c)

v4.6.9

Compare Source

Bug Fixes

• should got undici:client:sendHeaders message on H2 (#​553) (bd19f6d)

v4.6.8

Compare Source

Bug Fixes

• patch TransformStream on Node.js 16 (#​564) (503dbd8)

v4.6.7

Compare Source

Bug Fixes

• should not throw when fetch a Request with post (#​563) (6f9f353)

v4.6.6

Compare Source

Bug Fixes

• allow set rejectUnauthorized = true on urllib.request options (#​561) (88785e1)

v4.6.5

Compare Source

Bug Fixes

• set opaque on request (#​560) (8cf5c3b)

v4.6.4

Compare Source

Bug Fixes

• export WebFormData (#​559) (dec6b12)

v4.6.3

Compare Source

Bug Fixes

• only set extend notation on non-ascii filename (#​558) (0cd9b06)

v4.6.2

Compare Source

Bug Fixes

• fix socket info if fetch failed (#​556) (e9f4258)

v4.6.1

Compare Source

Bug Fixes

• compatible with pool stats reading (#​578) (13a29af)

v4.6.0

Compare Source

Features

• exports undici (#​554) (3c9fca7)

v4.5.1

Compare Source

Bug Fixes

• support use on Node.js 16 (#​550) (78e1336)

v4.5.0

Compare Source

Features

• upgrade to undici v7 (#​547) (9803c4e)

v4.4.0

Compare Source

Features

• impl fetch (#​542) (55a634c)

v4.3.1

Compare Source

Bug Fixes

• add export type (#​540) (1765806)

v4.3.0

Compare Source

Features

• Added support for x-www-authenticate header (#​533) (d52a3e0)

v4.2.2

Compare Source

Bug Fixes

• uncaught exception due to second response with digest auth (#​530) (9a7833e)

v4.2.1

Compare Source

Bug Fixes

• allow ":" character in digestAuth password (#​532) (c6b6f88)

v4.2.0

Compare Source

Features

• add hostname for checkAddress (#​525) (88b6e56)

v4.1.0

Compare Source

Features

• support HTTP2 (#​518) (21d4260)

v4.0.0

Compare Source

⚠ BREAKING CHANGES

• drop Node.js < 18.19.0 support

part of eggjs/egg#3644

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	urllib@​3.27.3 ⏵ 4.8.2	+1			+2

View full report

[fengmk2]

Temporarily need to be compatible with the old version of nodejs, do not upgrade it yet

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 4.x releases. But if you manually upgrade to 4.x then Renovate will re-enable minor and patch updates automatically.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.