build(release): 1.9.3 [skip ci]

## [1.9.3](v1.9.2...v1.9.3) (2024-04-04)

### Bug Fixes

* **deps:** bump undici from 6.10.2 to 6.11.1 ([#125](#125)) ([3c223c7](3c223c7)), closes [#3024](https://github.com/actions/create-github-app-token/issues/3024) [nodejs/undici#3044](nodejs/undici#3044) [#3023](https://github.com/actions/create-github-app-token/issues/3023) [nodejs/undici#3025](nodejs/undici#3025) [nodejs/undici#3024](nodejs/undici#3024) [nodejs/undici#3034](nodejs/undici#3034) [nodejs/undici#3038](nodejs/undici#3038) [nodejs/undici#2947](nodejs/undici#2947) [nodejs/undici#3040](nodejs/undici#3040) [nodejs/undici#3036](nodejs/undici#3036) [nodejs/undici#3041](nodejs/undici#3041) [#3024](https://github.com/actions/create-github-app-token/issues/3024) [#3041](https://github.com/actions/create-github-app-token/issues/3041) [#3036](https://github.com/actions/create-github-app-token/issues/3036)

Author: semantic-release-bot

dist/main.cjs

@@ -13168,8 +13168,6 @@ var require_util = __commonJS({
       return tree.lookup(value) ?? value.toString("latin1").toLowerCase();
     }
     function parseHeaders(headers, obj) {
-      if (!Array.isArray(headers))
-        return headers;
       if (obj === void 0)
         obj = {};
       for (let i = 0; i < headers.length; i += 2) {
@@ -14962,9 +14960,9 @@ var require_data_url = __commonJS({
     var assert = require("node:assert");
     var encoder = new TextEncoder();
     var HTTP_TOKEN_CODEPOINTS = /^[!#$%&'*+-.^_|~A-Za-z0-9]+$/;
-    var HTTP_WHITESPACE_REGEX = /[\u000A|\u000D|\u0009|\u0020]/;
+    var HTTP_WHITESPACE_REGEX = /[\u000A\u000D\u0009\u0020]/;
     var ASCII_WHITESPACE_REPLACE_REGEX = /[\u0009\u000A\u000C\u000D\u0020]/g;
-    var HTTP_QUOTED_STRING_TOKENS = /[\u0009|\u0020-\u007E|\u0080-\u00FF]/;
+    var HTTP_QUOTED_STRING_TOKENS = /[\u0009\u0020-\u007E\u0080-\u00FF]/;
     function dataURLProcessor(dataURL) {
       assert(dataURL.protocol === "data:");
       let input = URLSerializer(dataURL, true);
@@ -15726,9 +15724,12 @@ var require_util2 = __commonJS({
     var assert = require("node:assert");
     var { isUint8Array } = require("node:util/types");
     var { webidl } = require_webidl();
+    var supportedHashes = [];
     var crypto4;
     try {
       crypto4 = require("node:crypto");
+      const possibleRelevantHashes = ["sha256", "sha384", "sha512"];
+      supportedHashes = crypto4.getHashes().filter((hash) => possibleRelevantHashes.includes(hash));
     } catch {
     }
     function responseURL(response) {
@@ -16009,45 +16010,37 @@ var require_util2 = __commonJS({
       if (parsedMetadata.length === 0) {
         return true;
       }
-      const list = parsedMetadata.sort((c, d) => d.algo.localeCompare(c.algo));
-      const strongest = list[0].algo;
-      const metadata = list.filter((item) => item.algo === strongest);
+      const strongest = getStrongestMetadata(parsedMetadata);
+      const metadata = filterMetadataListByAlgorithm(parsedMetadata, strongest);
       for (const item of metadata) {
         const algorithm = item.algo;
-        let expectedValue = item.hash;
-        if (expectedValue.endsWith("==")) {
-          expectedValue = expectedValue.slice(0, -2);
-        }
+        const expectedValue = item.hash;
         let actualValue = crypto4.createHash(algorithm).update(bytes).digest("base64");
-        if (actualValue.endsWith("==")) {
-          actualValue = actualValue.slice(0, -2);
-        }
-        if (actualValue === expectedValue) {
-          return true;
-        }
-        let actualBase64URL = crypto4.createHash(algorithm).update(bytes).digest("base64url");
-        if (actualBase64URL.endsWith("==")) {
-          actualBase64URL = actualBase64URL.slice(0, -2);
+        if (actualValue[actualValue.length - 1] === "=") {
+          if (actualValue[actualValue.length - 2] === "=") {
+            actualValue = actualValue.slice(0, -2);
+          } else {
+            actualValue = actualValue.slice(0, -1);
+          }
         }
-        if (actualBase64URL === expectedValue) {
+        if (compareBase64Mixed(actualValue, expectedValue)) {
           return true;
         }
       }
       return false;
     }
-    var parseHashWithOptions = /(?<algo>sha256|sha384|sha512)-(?<hash>[A-Za-z0-9+/]+={0,2}(?=\s|$))( +[!-~]*)?/i;
+    var parseHashWithOptions = /(?<algo>sha256|sha384|sha512)-((?<hash>[A-Za-z0-9+/]+|[A-Za-z0-9_-]+)={0,2}(?:\s|$)( +[!-~]*)?)?/i;
     function parseMetadata(metadata) {
       const result = [];
       let empty = true;
-      const supportedHashes = crypto4.getHashes();
       for (const token of metadata.split(" ")) {
         empty = false;
         const parsedToken = parseHashWithOptions.exec(token);
-        if (parsedToken === null || parsedToken.groups === void 0) {
+        if (parsedToken === null || parsedToken.groups === void 0 || parsedToken.groups.algo === void 0) {
           continue;
         }
-        const algorithm = parsedToken.groups.algo;
-        if (supportedHashes.includes(algorithm.toLowerCase())) {
+        const algorithm = parsedToken.groups.algo.toLowerCase();
+        if (supportedHashes.includes(algorithm)) {
           result.push(parsedToken.groups);
         }
       }
@@ -16056,6 +16049,51 @@ var require_util2 = __commonJS({
       }
       return result;
     }
+    function getStrongestMetadata(metadataList) {
+      let algorithm = metadataList[0].algo;
+      if (algorithm[3] === "5") {
+        return algorithm;
+      }
+      for (let i = 1; i < metadataList.length; ++i) {
+        const metadata = metadataList[i];
+        if (metadata.algo[3] === "5") {
+          algorithm = "sha512";
+          break;
+        } else if (algorithm[3] === "3") {
+          continue;
+        } else if (metadata.algo[3] === "3") {
+          algorithm = "sha384";
+        }
+      }
+      return algorithm;
+    }
+    function filterMetadataListByAlgorithm(metadataList, algorithm) {
+      if (metadataList.length === 1) {
+        return metadataList;
+      }
+      let pos = 0;
+      for (let i = 0; i < metadataList.length; ++i) {
+        if (metadataList[i].algo === algorithm) {
+          metadataList[pos++] = metadataList[i];
+        }
+      }
+      metadataList.length = pos;
+      return metadataList;
+    }
+    function compareBase64Mixed(actualValue, expectedValue) {
+      if (actualValue.length !== expectedValue.length) {
+        return false;
+      }
+      for (let i = 0; i < actualValue.length; ++i) {
+        if (actualValue[i] !== expectedValue[i]) {
+          if (actualValue[i] === "+" && expectedValue[i] === "-" || actualValue[i] === "/" && expectedValue[i] === "_") {
+            continue;
+          }
+          return false;
+        }
+      }
+      return true;
+    }
     function tryUpgradeRequestToAPotentiallyTrustworthyURL(request2) {
     }
     function sameOrigin(A, B) {
@@ -18499,6 +18537,14 @@ var require_client_h2 = __commonJS({
         HTTP2_HEADER_STATUS
       }
     } = http2;
+    function parseH2Headers(headers) {
+      headers = Object.entries(headers).flat(2);
+      const result = [];
+      for (const header of headers) {
+        result.push(Buffer.from(header));
+      }
+      return result;
+    }
     async function connectH2(client, socket) {
       client[kSocket] = socket;
       if (!h2ExperimentalWarned) {
@@ -18734,7 +18780,13 @@ var require_client_h2 = __commonJS({
       stream.once("response", (headers2) => {
         const { [HTTP2_HEADER_STATUS]: statusCode, ...realHeaders } = headers2;
         request2.onResponseStarted();
-        if (request2.onHeaders(Number(statusCode), realHeaders, stream.resume.bind(stream), "") === false) {
+        if (request2.aborted || request2.completed) {
+          const err = new RequestAbortedError();
+          errorRequest(client, request2, err);
+          util.destroy(stream, err);
+          return;
+        }
+        if (request2.onHeaders(Number(statusCode), parseH2Headers(realHeaders), stream.resume.bind(stream), "") === false) {
           stream.pause();
         }
         stream.on("data", (chunk) => {
@@ -19054,9 +19106,9 @@ var require_redirect_handler = __commonJS({
       if (removeContent && util.headerNameToString(header).startsWith("content-")) {
         return true;
       }
-      if (unknownOrigin && (header.length === 13 || header.length === 6)) {
+      if (unknownOrigin && (header.length === 13 || header.length === 6 || header.length === 19)) {
         const name = util.headerNameToString(header);
-        return name === "authorization" || name === "cookie";
+        return name === "authorization" || name === "cookie" || name === "proxy-authorization";
       }
       return false;
     }
@@ -22379,6 +22431,8 @@ var require_pending_interceptors_formatter = __commonJS({
     "use strict";
     var { Transform } = require("node:stream");
     var { Console } = require("node:console");
+    var PERSISTENT = process.versions.icu ? "\u2705" : "Y ";
+    var NOT_PERSISTENT = process.versions.icu ? "\u274C" : "N ";
     module2.exports = class PendingInterceptorsFormatter {
       constructor({ disableColors } = {}) {
         this.transform = new Transform({
@@ -22400,7 +22454,7 @@ var require_pending_interceptors_formatter = __commonJS({
             Origin: origin,
             Path: path,
             "Status code": statusCode,
-            Persistent: persist ? "\u2705" : "\u274C",
+            Persistent: persist ? PERSISTENT : NOT_PERSISTENT,
             Invocations: timesInvoked,
             Remaining: persist ? Infinity : times - timesInvoked
           })
@@ -22670,7 +22724,7 @@ var require_headers = __commonJS({
     } = require_util2();
     var { webidl } = require_webidl();
     var assert = require("node:assert");
-    var util = require("util");
+    var util = require("node:util");
     var kHeadersMap = Symbol("headers map");
     var kHeadersSortedMap = Symbol("headers map sorted");
     function isHTTPWhiteSpaceCharCode(code) {
@@ -25161,24 +25215,6 @@ var require_fetch = __commonJS({
                   codings = contentEncoding.toLowerCase().split(",").map((x) => x.trim());
                 }
                 location = headersList.get("location", true);
-              } else {
-                const keys = Object.keys(rawHeaders);
-                for (let i = 0; i < keys.length; ++i) {
-                  const key = keys[i];
-                  const value = rawHeaders[key];
-                  if (key === "set-cookie") {
-                    for (let j = 0; j < value.length; ++j) {
-                      headersList.append(key, value[j], true);
-                    }
-                  } else {
-                    headersList.append(key, value, true);
-                  }
-                }
-                const contentEncoding = rawHeaders["content-encoding"];
-                if (contentEncoding) {
-                  codings = contentEncoding.toLowerCase().split(",").map((x) => x.trim()).reverse();
-                }
-                location = rawHeaders.location;
               }
               this.body = new Readable({ read: resume });
               const decoders = [];