[Snyk] Security upgrade node-fetch from 2.6.1 to 3.1.1

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	611/1000 Why? Recently disclosed, Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: node-fetch

The new version differs by 187 commits.

• 36e47e8 3.1.1 release (#1451)
• 5304f3f Don't change relative location header on manual redirect (#1105)
• f5d3cf5 fix(Headers): don't forward secure headers to 3th party (#1449)
• f2c3d56 Create SECURITY.md (#1445)
• 4ae3538 core: Warn when using data (#1421)
• 41f53b9 fix: use more node: protocol imports (#1428)
• f674875 ci: fix main branch (#1429)
• 1493d04 core: Don't use global buffer (#1422)
• eb33090 Chore: Fix logical operator priority (regression) to disallow GET/HEAD with non-empty body (#1369)
• 7ba5bc9 update readme for TS @ type/node-fetch (#1405)
• 6956bf8 core: Don't use buffer to make a blob (#1402)
• 6e4c1e4 fix(Redirect): Better handle wrong redirect header in a response (#1387)
• 2d5399e fix: handle errors from the request body stream (#1392)
• 0284826 fix(http.request): Cast URL to string before sending it to NodeJS core (#1378)
• 3f0e0c2 docs: Fix typo around sending a file (#1381)
• 30c3cfe update fetch-blob (#1371)
• 109bd21 release minor change (3.1.0) (#1364)
• ff71348 docs: Update code examples (#1365)
• 1068c8a template: Make PR template more task oriented (#1224)
• 3944f24 feat(Body): Added support for `BodyMixin.formData()` and constructing bodies with FormData (#1314)
• 37ac459 docs: Improve clarity of "Loading and configuring" (#1323)
• a3a5b63 chore: Correct stuff in README.md (#1361)
• ff7e950 Add typing for Response.redirect(url, status) (#1169)
• 2d80b0b Add support for Referrer and Referrer Policy (#1057)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.