Closed snyk-bot closed 10 months ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 6.5
SNYK-JS-NODEFETCH-2342118
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: cross-fetch
The new version differs by 13 commits.- c6089df chore(release): 3.1.5
- a3b3a94 chore: updated node-fetch version to 2.6.7 (#124)
- efed703 chore: updated node-fetch version to 2.6.5
- 694ff77 refactor: removed ora from dependencies
- efc5956 refactor: added .vscode to .gitignore
- da605d5 refactor: renamed test/fetch/ to test/fetch-api/ and test/module/ to test/module-system/
- 0f0d51d chore: updated minor and patch versions of dev dependencies
- c6e34ea refactor: removed sinon.js
- f524a52 fix: yargs was incompatible with node 10
- 7906fcf chore: updated dev dependencies
- 24bc35a chore: added make browser task
- 6baf09d chore: added closeOnExec param to ./bin/server
- 80c46c1 chore: added exec param to ./bin/server
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic