search

advanced-security / component-detection-dependency-submission-action

MIT License
8 stars 4 forks source link

Bump cross-fetch from 3.1.5 to 4.0.0 #38

Open dependabot[bot] opened 12 months ago

dependabot[bot] commented 12 months ago

Bumps cross-fetch from 3.1.5 to 4.0.0.

Release notes

Sourced from cross-fetch's releases.

v4.0.0

What's Changed

BREAKING CHANGES

  • Dropped support for Node 10 and 12. (Note: cross-fetch will likely continue working on those versions, but specs tests are not running on those Node versions and no support will be provided if issues come up.)
  • Please check implementation conflicts in the Fetch API tests.

FEATURES

  • Added support for Node 18 and 20.
  • Added support for Service and Cloudflare Workers (Fixes #69, #78, #148) by prioritizing native code over third-party implementation. Fetch API test suite now running against node-fetch, whatwg-fetch, native browser and native node fetch.
  • Upgraded whatwg-fetch to 3.6.2. Please refer to whatwg-fetch release notes between 3.0.0 and 3.6.2 for features and bug fixes.
  • fetch.ponyfill is set to true when custom implementation is used. This improves debuggability.

v3.1.8

What's Changed

  • Restored caret range to node-fetch version for automatic feature and fix updates.

Full Changelog: https://github.com/lquixada/cross-fetch/compare/v3.1.7...v3.1.8

v3.1.7

What's Changed

  • Updated node-fetch version to 2.6.12

Full Changelog: https://github.com/lquixada/cross-fetch/compare/v3.1.6...v3.1.7

v3.1.6

What's Changed

  • Updated node-fetch version to 2.6.11
  • Added caret range to node-fetch version for automatic feature and fix updates.

Full Changelog: https://github.com/lquixada/cross-fetch/compare/v3.1.5...v3.1.6

Changelog

Sourced from cross-fetch's changelog.

4.0.0 (2023-07-03)

Commits
  • 748a312 chore(release): 4.0.0
  • dc7a7e8 chore: improved inline comment on publish script
  • a89e3ce chore: renamed release target to version
  • 058c8ff chore: updated dev dependencies minor versions
  • 71bd113 chore: updated dev dependencies patch versions
  • 5b8eee6 chore: dedupped make release target
  • 762ae72 chore: restored caret range on node-fetch dependency
  • b6c073a chore: fixed README's Table of Content
  • 30581ca chore: added workers feature support on README
  • 3594c29 chore: renamed bin/release to bin/publish
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.