This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade node-fetch from 2.6.1 to 2.6.11.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **10 versions** ahead of your current version.
- The recommended version was released **24 days ago**, on 2023-05-09.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Information Exposure [SNYK-JS-NODEFETCH-2342118](https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118) | **539/1000** **Why?** Has a fix available, CVSS 6.5 | No Known Exploit
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: node-fetch
8fe5c4e 2.x: Specify encoding as an optional peer dependency in package.json (#1310)
f56b0c6 fix(URL): prefer built in URL version when available and fallback to whatwg (#1352)
b5417ae fix: import whatwg-url in a way compatible with ESM Node (#1303)
18193c5 fix v2.6.3 that did not sending query params (#1301)
ace7536 fix: properly encode url with unicode characters (#1291)
152214c Fix(package.json): Corrected main file path in package.json (#1274)
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/thelmgn/project/00e6a3ef-e6d5-441b-822c-44f1fb39233b?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/thelmgn/project/00e6a3ef-e6d5-441b-822c-44f1fb39233b/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/thelmgn/project/00e6a3ef-e6d5-441b-822c-44f1fb39233b/settings/integration?pkg=node-fetch&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade node-fetch from 2.6.1 to 2.6.11.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **10 versions** ahead of your current version. - The recommended version was released **24 days ago**, on 2023-05-09. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Information Exposure
[SNYK-JS-NODEFETCH-2342118](https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118) | **539/1000**
**Why?** Has a fix available, CVSS 6.5 | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: node-fetch
2.6.11 (2023-05-09)
Reverts
2.6.10 (2023-05-08)
Bug Fixes
2.6.9 (2023-01-30)
Bug Fixes
2.6.8 (2023-01-13)
Bug Fixes
global
variable inbrowser.js
(#1534) (8bb6e31)Commit messages
Package name: node-fetch
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/thelmgn/project/00e6a3ef-e6d5-441b-822c-44f1fb39233b?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/thelmgn/project/00e6a3ef-e6d5-441b-822c-44f1fb39233b/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/thelmgn/project/00e6a3ef-e6d5-441b-822c-44f1fb39233b/settings/integration?pkg=node-fetch&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)