Update package isomorphic-fetch to new version. Get this when installing existing @0x/utils package:
$ npm audit
# npm audit report
node-fetch <=2.6.6
Severity: high
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor - https://github.com/advisories/GHSA-r683-j2x4-v87g
The `size` option isn't honored after following a redirect in node-fetch - https://github.com/advisories/GHSA-w7rc-rwvf-8q5r
No fix available
node_modules/node-fetch
isomorphic-fetch 2.0.0 - 2.2.1
Depends on vulnerable versions of node-fetch
node_modules/isomorphic-fetch
@0x/utils *
Depends on vulnerable versions of isomorphic-fetch
node_modules/@0x/utils
3 high severity vulnerabilities
Some issues need review, and may require choosing
a different dependency.
Description
Testing instructions
Types of changes
Checklist:
[ ] Prefix PR title with [WIP] if necessary.
[ ] Add tests to cover changes as needed.
[ ] Update documentation as needed.
[ ] Add new entries to the relevant CHANGELOG.jsons.
dekz
commented
2 years ago
Update package
isomorphic-fetchto new version. Get this when installing existing@0x/utilspackage:Description
Testing instructions
Types of changes
Checklist:
[WIP]if necessary.