Bump node-fetch and react

[dependabot[bot]]

Bumps node-fetch and react. These dependencies needed to be updated together. Updates node-fetch from 2.6.1 to 2.6.7

Release notes

Sourced from node-fetch's releases.

v2.6.7

Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred

What's Changed

• fix: don't forward secure headers to 3th party by @​jimmywarting in node-fetch/node-fetch#1453

Full Changelog: https://github.com/node-fetch/node-fetch/compare/v2.6.6...v2.6.7

v2.6.6

What's Changed

• fix(URL): prefer built in URL version when available and fallback to whatwg by @​jimmywarting in node-fetch/node-fetch#1352

Full Changelog: https://github.com/node-fetch/node-fetch/compare/v2.6.5...v2.6.6

v2.6.2

fixed main path in package.json

Commits

• 1ef4b56 backport of #1449 (#1453)
• 8fe5c4e 2.x: Specify encoding as an optional peer dependency in package.json (#1310)
• f56b0c6 fix(URL): prefer built in URL version when available and fallback to whatwg (...
• b5417ae fix: import whatwg-url in a way compatible with ESM Node (#1303)
• 18193c5 fix v2.6.3 that did not sending query params (#1301)
• ace7536 fix: properly encode url with unicode characters (#1291)
• 152214c Fix(package.json): Corrected main file path in package.json (#1274)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by endless, a new releaser for node-fetch since your current version.

Updates react from 15.7.0 to 18.2.0

Release notes

Sourced from react's releases.

18.2.0 (June 14, 2022)

React DOM

• Provide a component stack as a second argument to onRecoverableError. (@​gnoff in #24591)
• Fix hydrating into document causing a blank page on mismatch. (@​gnoff in #24523)
• Fix false positive hydration errors with Suspense. (@​gnoff in #24480 and @​acdlite in #24532)
• Fix ignored setState in Safari when adding an iframe. (@​gaearon in #24459)

React DOM Server

• Pass information about server errors to the client. (@​salazarm and @​gnoff in #24551 and #24591)
• Allow to provide a reason when aborting the HTML stream. (@​gnoff in #24680)
• Eliminate extraneous text separators in the HTML where possible. (@​gnoff in #24630)
• Disallow complex children inside <title> elements to match the browser constraints. (@​gnoff in #24679)
• Fix buffering in some worker environments by explicitly setting highWaterMark to 0. (@​jplhomer in #24641)

Server Components (Experimental)

• Add support for useId() inside Server Components. (@​gnoff) in #24172

18.1.0 (April 26, 2022)

React DOM

• Fix the false positive warning about react-dom/client when using UMD bundle. (@​alireza-molaee in #24274)
• Fix suppressHydrationWarning to work in production too. (@​gaearon in #24271)
• Fix componentWillUnmount firing twice inside of Suspense. (@​acdlite in #24308)
• Fix some transition updates being ignored. (@​acdlite in #24353)
• Fix useDeferredValue causing an infinite loop when passed an unmemoized value. (@​acdlite in #24247)
• Fix throttling of revealing Suspense fallbacks. (@​sunderls in #24253)
• Fix an inconsistency in whether the props object is the same between renders. (@​Andarist and @​acdlite in #24421)
• Fix a missing warning about a setState loop in useEffect. (@​gaearon in #24298)
• Fix a spurious hydration error. (@​gnoff in #24404)
• Warn when calling setState in useInsertionEffect. (@​gaearon in #24295)
• Ensure the reason for hydration errors is always displayed. (@​gaearon in #24276)

React DOM Server

• Fix escaping for the bootstrapScriptContent contents. (@​gnoff in #24385)
• Significantly improve performance of renderToPipeableStream. (@​gnoff in #24291)

ESLint Plugin: React Hooks

• Fix false positive errors with a large number of branches. (@​scyron6 in #24287)
• Don't consider a known dependency stable when the variable is reassigned. (@​afzalsayed96 in #24343)

Use Subscription

• Replace the implementation with the use-sync-external-store shim. (@​gaearon in #24289)

18.0.0 (March 29, 2022)

... (truncated)

Changelog

Sourced from react's changelog.

18.2.0 (June 14, 2022)

React DOM

• Provide a component stack as a second argument to onRecoverableError. (@​gnoff in #24591)
• Fix hydrating into document causing a blank page on mismatch. (@​gnoff in #24523)
• Fix false positive hydration errors with Suspense. (@​gnoff in #24480 and @​acdlite in #24532)
• Fix ignored setState in Safari when adding an iframe. (@​gaearon in #24459)

React DOM Server

• Pass information about server errors to the client. (@​salazarm and @​gnoff in #24551 and #24591)
• Allow to provide a reason when aborting the HTML stream. (@​gnoff in #24680)
• Eliminate extraneous text separators in the HTML where possible. (@​gnoff in #24630)
• Disallow complex children inside <title> elements to match the browser constraints. (@​gnoff in #24679)
• Fix buffering in some worker environments by explicitly setting highWaterMark to 0. (@​jplhomer in #24641)

Server Components (Experimental)

• Add support for useId() inside Server Components. (@​gnoff) in #24172

18.1.0 (April 26, 2022)

React DOM

• Fix the false positive warning about react-dom/client when using UMD bundle. (@​alireza-molaee in #24274)
• Fix suppressHydrationWarning to work in production too. (@​gaearon in #24271)
• Fix componentWillUnmount firing twice inside of Suspense. (@​acdlite in #24308)
• Fix some transition updates being ignored. (@​acdlite in #24353)
• Fix useDeferredValue causing an infinite loop when passed an unmemoized value. (@​acdlite in #24247)
• Fix throttling of revealing Suspense fallbacks. (@​sunderls in #24253)
• Fix an inconsistency in whether the props object is the same between renders. (@​Andarist and @​acdlite in #24421)
• Fix a missing warning about a setState loop in useEffect. (@​gaearon in #24298)
• Fix a spurious hydration error. (@​gnoff in #24404)
• Warn when calling setState in useInsertionEffect. (@​gaearon in #24295)
• Ensure the reason for hydration errors is always displayed. (@​gaearon in #24276)

React DOM Server

• Fix escaping for the bootstrapScriptContent contents. (@​gnoff in #24385)
• Significantly improve performance of renderToPipeableStream. (@​gnoff in #24291)

ESLint Plugin: React Hooks

• Fix false positive errors with a large number of branches. (@​scyron6 in #24287)
• Don't consider a known dependency stable when the variable is reassigned. (@​afzalsayed96 in #24343)

Use Subscription

• Replace the implementation with the use-sync-external-store shim. (@​gaearon in #24289)

... (truncated)

Commits

• 72b7462 Bump local package.json versions for 18.1 release (#24447)
• 22edb9f React version field should match package.json (#24445)
• 4175f05 Temporarily feature flag numeric fallback for symbols (#24401)
• e8f4a66 Fix import in example
• bb49abe Update some READMEs (#24290)
• 7e3121e Remove unstable_createMutableSource from experimental build (#24209)
• 34aa5cf Update local package.jsons for 18
• 72a933d Gate legacy hidden (#24047)
• d5f1b06 [ServerContext] Flight support for ServerContext (#23244)
• 1780659 Move createRoot/hydrateRoot to react-dom/client (#23385)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by gnoff, a new releaser for react since your current version.

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/brownplt/code.pyret.org/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[blerner]

@dependabot rebase

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.