Bump the npm_and_yarn group with 2 updates

Bumps the npm_and_yarn group with 2 updates: undici and braces.

Updates undici from 6.15.0 to 6.16.0

Release notes

v6.16.0

What's Changed

add index to sequence converter errors by @KhafraDev in nodejs/undici#3178

build(deps-dev): bump borp from 0.12.0 to 0.13.0 by @dependabot in nodejs/undici#3179

build(deps): bump node from 21-alpine3.19 to 22-alpine3.19 in /build by @dependabot in nodejs/undici#3180

build(deps): bump superagent from 8.1.2 to 9.0.2 in /benchmarks by @dependabot in nodejs/undici#3181

fix: keep raw header name by @tsctx in nodejs/undici#3183

fix(fetch): improve Headers and Request type-compatibility by @kettanaito in nodejs/undici#1964

fix 3 mimesniff tests by @KhafraDev in nodejs/undici#3185

build(deps): bump hendrikmuhs/ccache-action from 1.2.12 to 1.2.13 by @dependabot in nodejs/undici#3187

build(deps): bump codecov/codecov-action from 4.1.1 to 4.3.1 by @dependabot in nodejs/undici#3191

build(deps): bump github/codeql-action from 3.24.9 to 3.25.3 by @dependabot in nodejs/undici#3192

build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2 by @dependabot in nodejs/undici#3189

build(deps): bump step-security/harden-runner from 2.7.0 to 2.7.1 by @dependabot in nodejs/undici#3188

build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.3 by @dependabot in nodejs/undici#3190

build(deps): bump node from 9459e24 to 487dc5d in /build by @dependabot in nodejs/undici#3195

perf: avoid spread in makeRequest() by @gunjam in nodejs/undici#3193

refactor: code cleanup by @tsctx in nodejs/undici#3194

fix parsing when receiving empty body websocket by @KhafraDev in nodejs/undici#3205

fix: MockResponseCallbackOptions type by @merojosa in nodejs/undici#2951

docs(proxy): fix typo by @kanadgupta in nodejs/undici#3207

fix websocket receiving an invalid utf-8 in close frame by @KhafraDev in nodejs/undici#3206

perf: avoid setImmediate if body is reading by @ronag in nodejs/undici#3210

fix: request abort signal by @ronag in nodejs/undici#3209

fix: remove abort handler on close by @ronag in nodejs/undici#3211

fix: pass abort function by @tsctx in nodejs/undici#3212

websocket: 200x faster generate mask by @tsctx in nodejs/undici#3204

use FinalizationRegistry to cancel the body if response is collected by @mcollina in nodejs/undici#3199

websocket: don't clone buffer if it's not needed. by @tsctx in nodejs/undici#3214

websocket: use FastBuffer by @tsctx in nodejs/undici#3213

New Contributors

@kettanaito made their first contribution in nodejs/undici#1964

@gunjam made their first contribution in nodejs/undici#3193

@merojosa made their first contribution in nodejs/undici#2951

@kanadgupta made their first contribution in nodejs/undici#3207

Full Changelog: https://github.com/nodejs/undici/compare/v6.15.0...v6.16.0

Commits

f8978bd Bumped v6.16.0 (#3216)
18c0df2 websocket: use FastBuffer (#3213)
7150bed websocket: don't clone buffer if it's not needed. (#3214)
63b7794 use FinalizationRegistry to cancel the body if response is collected (#3199)
c0dc3dd websocket: 200x faster generate mask (#3204)
ee64eb5 fix: pass abort function (#3212)
8dc6a7e fix: remove abort handler on close (#3211)
9f26aff fix: request abort signal (#3209)
d51dabc perf: avoid setImmediate if body is reading (#3210)
94c9aa9 Revert "perf: avoid setImmediate if body is reading"
Additional commits viewable in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

74b2db2 3.0.3
88f1429 update eslint. lint, fix unit tests.
415d660 Snyk js braces 6838727 (#40)
190510f fix tests, skip 1 test in test/braces.expand
716eb9f readme bump
a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
98414f9 remove funding file
665ab5d update keepEscaping doc (#27)
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/actions/deploy-pages/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

actions / deploy-pages

Bump the npm_and_yarn group with 2 updates #353

v6.16.0

What's Changed

New Contributors