The Wire · Showcase
UNDICI FIXES RETRY HANG ON LARGE DOWNLOADS
By RepoJournal · Filed · About Node.js
Undici patched a critical bug where retried Range requests hung indefinitely under backpressure, reproducibly freezing downloads over 1GB from S3.
The RetryAgent was losing flow-control wiring when transparently resuming a connection mid-stream, leaving the socket live but the reader dead [1]. This is the kind of silent hang that kills production jobs without error logs. In parallel, esbuild 0.28.1 shipped a security fix blocking backslash characters in local dev server HTTP requests [2], a small but necessary hardening. Across the Node.js ecosystem, maintenance is steady: full-icu-npm completed its actions/checkout migration to v7 [3], fixing fork PR security checks, while corepack bumped to 6.0.3 [4]. Most of these are dependency hygiene. The undici retry fix is the one that matters for anyone streaming large files or resuming downloads.
Action items
- → Update undici to pick up the RetryAgent backpressure fix [ref:8] nodejs/undici [immediate]
- → Upgrade esbuild to 0.28.1 if you run a local dev server [ref:7] evanw/esbuild [plan]
- → Monitor retry patterns in production after undici upgrade for any edge cases nodejs/undici [monitor]
References
- [1] fix(retry): keep flow-control wired to the active connection across resumes ↗ nodejs/undici
- [2] build(deps-dev): bump esbuild from 0.28.0 to 0.28.1 ↗ nodejs/undici
- [3] Bump actions/checkout from 6 to 7 ↗ nodejs/full-icu-npm
- [4] build(deps): bump actions/checkout from 6.0.2 to 6.0.3 ↗ nodejs/corepack
FAQ
- What changed in Node.js on June 19, 2026?
- Undici patched a critical bug where retried Range requests hung indefinitely under backpressure, reproducibly freezing downloads over 1GB from S3.
- What should Node.js teams do about it?
- Update undici to pick up the RetryAgent backpressure fix [ref:8] • Upgrade esbuild to 0.28.1 if you run a local dev server [ref:7] • Monitor retry patterns in production after undici upgrade for any edge cases
- Which Node.js repositories shipped on June 19, 2026?
- nodejs/undici, nodejs/full-icu-npm, nodejs/corepack