Bump undici from 7.19.0 to 7.19.1

[dependabot]

Bumps undici from 7.19.0 to 7.19.1.

Release notes

Sourced from undici's releases.

v7.19.1

What's Changed

• fix: use commit hash when generating release (#4757) by @​fenichelar in nodejs/undici#4759
• fix fetch 401 loop by @​KhafraDev in nodejs/undici#4761

New Contributors

• @​fenichelar made their first contribution in nodejs/undici#4759

Full Changelog: nodejs/undici@v7.19.0...v7.19.1

Commits

• e2aeb52 Bumped v7.19.1 (#4760)
• 4920fc4 fix fetch 401 loop (#4761)
• c2307d0 Use commit hash when generating release (fixes #4757) (#4759)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
api	Ready	Preview, Comment	Jan 26, 2026 5:34pm

[claude]

PR Review: Bump undici from 7.19.0 to 7.19.1

Summary

This is a minor dependency bump from undici 7.19.0 to 7.19.1. This is a straightforward patch release that addresses bug fixes.

---

✅ What's Good

1. Legitimate Security/Bug Fix: The 7.19.1 release includes a fix for a fetch 401 loop issue (fix fetch 401 loop nodejs/undici#4761), which is a real bug fix that could improve reliability.

2. Minimal Changes: Only package.json and package-lock.json are modified—no code changes, which minimizes risk.

3. Appropriate Scope: A patch-level bump (7.19.0 → 7.19.1) is low-risk compared to major/minor version bumps.

4. Integrity Hash Updated: The package-lock.json integrity hash is properly updated to match the new version.

---

🔍 Code Quality & Compatibility

✅ No compatibility issues expected

• Patch releases are designed to be backwards compatible
• No breaking changes in undici 7.19.1 based on release notes
• The caret (^) in your package.json correctly allows this patch update

---

🚀 Recommendations

1. Merge with confidence: This patch release is safe to merge. It fixes a real bug (fetch 401 loop) that could improve HTTP client reliability.

2. Consider testing in staging: If you have staging/test environments, deploying this before production would be ideal practice (though it's a low-risk patch).

3. Monitor after deployment: The fix involves fetch behavior; monitor for any unexpected changes in HTTP request/response handling after deployment.

---

Summary

This is a good, routine dependency update with real bug fixes included. No concerns from a code quality, security, or compatibility perspective.