search

lquixada / cross-fetch

Universal WHATWG Fetch API for Node, Browsers and React Native.
MIT License
1.67k stars 104 forks source link

Vulnerability in node-fetch < 2.6.1 #75

Closed donoftime closed 4 years ago

donoftime commented 4 years ago

Please publish a new version of this package with an updated dependency on node-fetch to be 2.6.1 or greater. This will avoid the vulnerability described here:

https://github.com/advisories/GHSA-w7rc-rwvf-8q5r

lquixada commented 4 years ago

done! thanks for letting me know.