search

plaid / pattern

An example end-to-end Plaid integration to create items and fetch transaction data
MIT License
435 stars 217 forks source link

[Snyk] Upgrade node-fetch from 2.3.0 to 2.6.2 #169

Open snyk-bot opened 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade node-fetch from 2.3.0 to 2.6.2.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Denial of Service
SNYK-JS-NODEFETCH-674311		 520/1000
Why? Has a fix available, CVSS 5.9		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: node-fetch
  • 2.6.2 - 2021-09-06

    fixed main path in package.json

  • 2.6.1 - 2020-09-05

    This is an important security release. It is strongly recommended to update as soon as possible.

    See CHANGELOG for details.

  • 2.6.0 - 2019-05-16
  • 2.5.0 - 2019-05-01
  • 2.4.1 - 2019-04-27
  • 2.4.0 - 2019-04-26
  • 2.3.0 - 2018-11-13
from node-fetch GitHub release notes
Commit messages
Package name: node-fetch
  • 152214c Fix(package.json): Corrected main file path in package.json (#1274)
  • b5e2e41 update version number
  • 2358a6c Honor the `size` option after following a redirect and revert data uri support
  • 8c197f8 docs: Fix typos and grammatical errors in README.md (#686)
  • 1e99050 fix: Change error message thrown with redirect mode set to error (#653)
  • 244e6f6 docs: Show backers in README
  • 6a5d192 fix: Properly parse meta tag when parameters are reversed (#682)
  • 47a24a0 chore: Add opencollective badge
  • 7b13662 chore: Add funding link
  • 5535c2e fix: Check for global.fetch before binding it (#674)
  • 1d5778a docs: Add Discord badge
  • eb3a572 feat: Data URI support (#659)
  • 086be6f Remove --save option as it isn't required anymore (#581)
  • 95286f5 v2.6.0 (#638)
  • bf8b4e8 Allow agent option to be a function (#632)
  • 0c2294e 2.5.0 release (#630)
  • 0fc414c Allow third party blob implementation (#629)
  • d8f5ba0 build: disable generation of package-lock since it is not used (#623)
  • 1fe1358 test: enable --throw-deprecation for tests (#625)
  • a35dcd1 chore(deps): address deprecated url-search-params package (#622)
  • b3ecba5 2.4.1 release (#619)
  • 1a88481 Fix Blob for older node versions and webpack. (#618)
  • c9805a2 2.4.0 release (#616)
  • 49d7760 Pass custom timeout to subsequent requests on redirect (#615)
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs