Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade node-fetch from 2.3.0 to 2.6.2 #6

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade node-fetch from 2.3.0 to 2.6.2 #6

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade node-fetch from 2.3.0 to 2.6.2.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 6 versions ahead of your current version.
  • The recommended version was released 23 days ago, on 2021-09-06.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Denial of Service
SNYK-JS-NODEFETCH-674311		 520/1000
Why? Has a fix available, CVSS 5.9		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: node-fetch
  • 2.6.2 - 2021-09-06

    fixed main path in package.json

  • 2.6.1 - 2020-09-05

    This is an important security release. It is strongly recommended to update as soon as possible.

    See CHANGELOG for details.

  • 2.6.0 - 2019-05-16
  • 2.5.0 - 2019-05-01
  • 2.4.1 - 2019-04-27
  • 2.4.0 - 2019-04-26
  • 2.3.0 - 2018-11-13
from node-fetch GitHub release notes
Commit messages
Package name: node-fetch
  • 152214c Fix(package.json): Corrected main file path in package.json (#1274)
  • b5e2e41 update version number
  • 2358a6c Honor the `size` option after following a redirect and revert data uri support
  • 8c197f8 docs: Fix typos and grammatical errors in README.md (#686)
  • 1e99050 fix: Change error message thrown with redirect mode set to error (#653)
  • 244e6f6 docs: Show backers in README
  • 6a5d192 fix: Properly parse meta tag when parameters are reversed (#682)
  • 47a24a0 chore: Add opencollective badge
  • 7b13662 chore: Add funding link
  • 5535c2e fix: Check for global.fetch before binding it (#674)
  • 1d5778a docs: Add Discord badge
  • eb3a572 feat: Data URI support (#659)
  • 086be6f Remove --save option as it isn't required anymore (#581)
  • 95286f5 v2.6.0 (#638)
  • bf8b4e8 Allow agent option to be a function (#632)
  • 0c2294e 2.5.0 release (#630)
  • 0fc414c Allow third party blob implementation (#629)
  • d8f5ba0 build: disable generation of package-lock since it is not used (#623)
  • 1fe1358 test: enable --throw-deprecation for tests (#625)
  • a35dcd1 chore(deps): address deprecated url-search-params package (#622)
  • b3ecba5 2.4.1 release (#619)
  • 1a88481 Fix Blob for older node versions and webpack. (#618)
  • c9805a2 2.4.0 release (#616)
  • 49d7760 Pass custom timeout to subsequent requests on redirect (#615)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot