Open snyk-bot opened 3 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: đ§ View latest project report
đ Adjust project settings
đ Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 5.9
SNYK-JS-NODEFETCH-674311
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: isomorphic-fetch
The new version differs by 12 commits.- fc5e0d0 3.0.0
- 496fa43 Add version that was previously uncomitted to the package.json due to the previous release process
- 9f5a8b6 Add a list of alternatives
- 49280e6 Resolve minor security issue
- 0f5edd0 Explain why Isomorphic Fetch is needed in docs (#135)
- e32b006 Fix travis (#190)
- db0aa8c Update to latest version
- 8bf02c4 Bump node-fetch from 1.7.3 to 2.6.1 (#189)
- 89c7e70 Merge pull request #93 from paulmelnikow/fetch_ponyfill
- 25e3cab Add link to fetch-ponyfill
- 8d33aba Merge pull request #90 from josiah0/update-lintspaces-cli
- c22fcda Update lintspaces-cli
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
đ§ View latest project report
đ Adjust project settings
đ Read more about Snyk's upgrade and patch logic