chore(deps): update all non-major dependencies (v1)

docs/2.utils/1.request.md

@@ -289,6 +289,8 @@ Captures a stream from a request.
 
 Reads request body and tries to safely parse using [destr](https://github.com/unjs/destr).
 
+Be aware that this utility is not restricted to `application/json` and will parse `application/x-www-form-urlencoded` content types. Because of this, authenticated `GET`/`POST` handlers may be at risk of a [CSRF](https://owasp.org/www-community/attacks/csrf) attack, and must check the `content-type` header manually.
+
 **Example:**
 
 ```ts

docs/package.json

@@ -6,6 +6,6 @@
     "dev": "undocs dev"
   },
   "devDependencies": {
-    "undocs": "^0.2.26"
+    "undocs": "^0.2.29"
   }
 }

package.json

@@ -31,7 +31,7 @@
   },
   "dependencies": {
     "cookie-es": "^1.2.2",
-    "crossws": "^0.2.4",
+    "crossws": "^0.3.1",
     "defu": "^6.1.4",
     "destr": "^2.0.3",
     "iron-webcrypto": "^1.2.1",
@@ -68,5 +68,5 @@
     "vitest": "^2.1.2",
     "zod": "^3.23.8"
   },
-  "packageManager": "pnpm@9.7.1"
+  "packageManager": "pnpm@9.12.0"
 }

src/utils/body.ts

@@ -139,10 +139,10 @@ export function readRawBody<E extends Encoding = "utf8">(
 
 /**
  * Reads request body and tries to safely parse using [destr](https://github.com/unjs/destr).
- * 
- * Be aware that this utility is not restricted to `application/json` and will parse `application/x-www-form-urlencoded` content types. 
+ *
+ * Be aware that this utility is not restricted to `application/json` and will parse `application/x-www-form-urlencoded` content types.
  * Because of this, authenticated `GET`/`POST` handlers may be at risk of a [CSRF](https://owasp.org/www-community/attacks/csrf) attack, and must check the `content-type` header manually.
- * 
+ *
  * @example
  * export default defineEventHandler(async (event) => {
  *   const body = await readBody(event);