chore(deps): bump undici and @vercel/blob

[dependabot]

Bumps undici to 7.22.0 and updates ancestor dependency @vercel/blob. These dependencies need to be updated together.

Updates undici from 7.16.0 to 7.22.0

Release notes

Sourced from undici's releases.

v7.22.0

What's Changed

• docs: fix syntax highlighting in WebSocket.md by @​styfle in nodejs/undici#4814
• fix: use OR operator in includesCredentials per WHATWG URL Standard by @​jackhax in nodejs/undici#4816
• feat(dispatcher/env-http-proxy-agent): strip leading dot and asterisk by @​SuperOleg39 in nodejs/undici#4676
• fix: route WebSocket upgrades through onRequestUpgrade by @​mcollina in nodejs/undici#4787
• build(deps-dev): bump esbuild from 0.25.12 to 0.27.3 by @​dependabot[bot] in nodejs/undici#4821
• fix(deduplicate): do not deduplicate non-safe methods by default by @​mcollina in nodejs/undici#4818
• feat: Support async cache stores in revalidation by @​marcopiraccini in nodejs/undici#4826

New Contributors

• @​jackhax made their first contribution in nodejs/undici#4816
• @​marcopiraccini made their first contribution in nodejs/undici#4826

Full Changelog: nodejs/undici@v7.21.0...v7.22.0

v7.21.0

What's Changed

• build(deps): bump actions/setup-node from 6.0.0 to 6.2.0 by @​dependabot[bot] in nodejs/undici#4796
• test: restore global dispatcher after fetch tests by @​mcollina in nodejs/undici#4790
• Add missing close method to WebSocketStream interface by @​piotr-cz in nodejs/undici#4802
• fix: error stream instead of canceling by @​KhafraDev in nodejs/undici#4804
• Fix clientTtl cleanup race in Agent by @​mcollina in nodejs/undici#4807
• feat(#4230): Implement pingInterval for dispatching PING frames by @​metcoder95 in nodejs/undici#4296
• fix: handle undefined __filename in bundled environments by @​mcollina in nodejs/undici#4812
• fix: set finalizer only for fetch responses by @​tsctx in nodejs/undici#4803

New Contributors

• @​piotr-cz made their first contribution in nodejs/undici#4802

Full Changelog: nodejs/undici@v7.20.0...v7.21.0

v7.20.0

What's Changed

• fix: preserve fetch stack traces by @​mcollina in nodejs/undici#4778
• Fix error handling in MockPool example by @​dave-kennedy in nodejs/undici#4781
• feat: expose statusText in request() ResponseData by @​domenic in nodejs/undici#4784
• test: reduce retry-after invalid date flake by @​mcollina in nodejs/undici#4788
• extractBody fixes by @​KhafraDev in nodejs/undici#4791
• fix: MockAgent delayed response with AbortSignal (#4693) by @​mcollina in nodejs/undici#4772
• fix: onParserTimeout potentially accessing undefined by @​vbfox in nodejs/undici#4758

New Contributors

• @​dave-kennedy made their first contribution in nodejs/undici#4781
• @​vbfox made their first contribution in nodejs/undici#4758

Full Changelog: nodejs/undici@v7.19.2...v7.20.0

v7.19.2

What's Changed

... (truncated)

Commits

• 0a23610 Bumped v7.22.0 (#4829)
• f3c5c61 feat: Support async cache stores in revalidation (#4826)
• 9b78a44 fix(deduplicate): avoid deduping methods not in methods option (#4818)
• 0ce57ba build(deps-dev): bump esbuild from 0.25.12 to 0.27.3 (#4821)
• 2453caf fix: route websocket upgrades through new handler API (#4787)
• 4658cdf feat(dispatcher/env-http-proxy-agent): strip leading dot and asterisk (#4676)
• a821c56 fix: use OR operator in includesCredentials per WHATWG URL Standard (#4816)
• b3326b5 docs: fix syntax highlighting in WebSocket.md (#4814)
• 393c0da Bumped v7.21.0 (#4813)
• 47f9b96 fix: set finalizer only for fetch responses (#4803)
• Additional commits viewable in compare view

Updates @vercel/blob from 2.0.0 to 2.2.0

Release notes

Sourced from @​vercel/blob's releases.

@​vercel/blob@​2.2.0

Minor Changes

• 2b1cbbc: Add ifMatch option to del() for conditional deletes (optimistic concurrency control). Only works for single-URL deletes.

@​vercel/blob@​2.1.0

Minor Changes

• 6c68442: Add ETag support for conditional writes (optimistic concurrency control)

  • Return etag in all blob responses (put, copy, head, list, multipart)
  • Accept ifMatch option in put/copy/createMultipartUpload for conditional writes
  • Add BlobPreconditionFailedError for ETag mismatch (HTTP 412)

  Usage Example: Preventing Lost Updates

  When multiple users or processes might update the same blob concurrently, use ifMatch to ensure you don't overwrite someone else's changes:

  import { put, head, BlobPreconditionFailedError } from "@vercel/blob";
  // User 1: Read the current blob and get its ETag
  const metadata = await head("config.json");
  console.log(metadata.etag); // e.g., '"abc123"'
  // User 2: Also reads the same blob (same ETag)
  const metadata2 = await head("config.json");
  // User 1: Updates the blob with ifMatch
  // This succeeds because the ETag matches
  const result1 = await put(
  "config.json",
  JSON.stringify({ setting: "user1" }),
  {
  access: "public",
  allowOverwrite: true, // Required when updating existing blobs
  ifMatch: metadata.etag, // Only write if ETag still matches
  }
  );
  console.log(result1.etag); // New ETag: '"def456"'
  // User 2: Tries to update with their (now stale) ETag
  // This fails because User 1 already changed the blob
  try {
  await put("config.json", JSON.stringify({ setting: "user2" }), {
  access: "public",
  allowOverwrite: true,
  ifMatch: metadata2.etag, // Stale ETag - blob was modified!
  });
  } catch (error) {

... (truncated)

Changelog

Sourced from @​vercel/blob's changelog.

2.2.0

Minor Changes

• 2b1cbbc: Add ifMatch option to del() for conditional deletes (optimistic concurrency control). Only works for single-URL deletes.

2.1.0

Minor Changes

• 6c68442: Add ETag support for conditional writes (optimistic concurrency control)

  • Return etag in all blob responses (put, copy, head, list, multipart)
  • Accept ifMatch option in put/copy/createMultipartUpload for conditional writes
  • Add BlobPreconditionFailedError for ETag mismatch (HTTP 412)

  Usage Example: Preventing Lost Updates

  When multiple users or processes might update the same blob concurrently, use ifMatch to ensure you don't overwrite someone else's changes:

  import { put, head, BlobPreconditionFailedError } from "@vercel/blob";
  // User 1: Read the current blob and get its ETag
  const metadata = await head("config.json");
  console.log(metadata.etag); // e.g., '"abc123"'
  // User 2: Also reads the same blob (same ETag)
  const metadata2 = await head("config.json");
  // User 1: Updates the blob with ifMatch
  // This succeeds because the ETag matches
  const result1 = await put(
  "config.json",
  JSON.stringify({ setting: "user1" }),
  {
  access: "public",
  allowOverwrite: true, // Required when updating existing blobs
  ifMatch: metadata.etag, // Only write if ETag still matches
  }
  );
  console.log(result1.etag); // New ETag: '"def456"'
  // User 2: Tries to update with their (now stale) ETag
  // This fails because User 1 already changed the blob
  try {
  await put("config.json", JSON.stringify({ setting: "user2" }), {
  access: "public",
  allowOverwrite: true,
  ifMatch: metadata2.etag, // Stale ETag - blob was modified!

... (truncated)

Commits

• 238dccf Version Packages (#966)
• 2b1cbbc feat(blob): add ifMatch option to del() for conditional deletes (#965)
• e626a0a chore(deps): update dependency @​types/node to v24.10.11 (#964)
• 28b27b0 Version Packages (#963)
• 6c68442 feat(blob): add ETag support for conditional writes (#960)
• dbc8c78 chore(deps): update dependency @​types/node to v24.10.10 (#958)
• 9879fa0 chore(deps): update dependency @​types/node to v24 (#944)
• c58c32d chore(deps): update dependency @​types/node to v22.19.7 (#931)
• 63738c2 chore(deps): update deps all at once (#932)
• d912c27 Version Packages (#930)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
portfolio	Error		Feb 17, 2026 7:06pm