[Snyk] Upgrade node-fetch from 2.6.1 to 2.6.11

[foxt]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade node-fetch from 2.6.1 to 2.6.11.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 10 versions ahead of your current version.
• The recommended version was released 24 days ago, on 2023-05-09.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Information Exposure SNYK-JS-NODEFETCH-2342118	539/1000 Why? Has a fix available, CVSS 6.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: node-fetch

• 2.6.11 - 2023-05-09

  2.6.11 (2023-05-09)

  Reverts

  • Revert "fix: handle bom in text and json (#1739)" (#1741) (afb36f6), closes #1739 #1741
• 2.6.10 - 2023-05-08

  2.6.10 (2023-05-08)

  Bug Fixes

  • handle bom in text and json (#1739) (29909d7)
• 2.6.9 - 2023-01-30

  2.6.9 (2023-01-30)

  Bug Fixes

  • "global is not defined" (#1704) (70f592d)
• 2.6.8 - 2023-01-13

  2.6.8 (2023-01-13)

  Bug Fixes

  • headers: don't forward secure headers on protocol change (#1605) (fddad0e), closes #1599
  • premature close with chunked transfer encoding and for async iterators in Node 12 (#1172) (50536d1), closes #1064 /github.com/node-fetch/node-fetch/pull/1064#issuecomment-849167400
  • prevent hoisting of the undefined global variable in browser.js (#1534) (8bb6e31)
• 2.6.7 - 2022-01-16
• 2.6.6 - 2021-10-31
• 2.6.5 - 2021-09-22
• 2.6.4 - 2021-09-21
• 2.6.3 - 2021-09-20
• 2.6.2 - 2021-09-06
• 2.6.1 - 2020-09-05

from node-fetch GitHub release notes

Commit messages

Package name: node-fetch

• afb36f6 Revert "fix: handle bom in text and json (#1739)" (#1741)
• 29909d7 fix: handle bom in text and json (#1739)
• 70f592d fix: "global is not defined" (#1704)
• 0f1ebb0 Prevent error when response is null (#1699)
• 6e9464d ci(release): install dependencies
• dd2a0ba ci(release): install dependencies
• 49bef02 ci(release): use latest Node LTS
• ce37bcd ci(semantic-release): config
• 1768eaa ci(release): initial version
• 8bb6e31 fix: prevent hoisting of the undefined `global` variable in `browser.js` (#1534)
• e218f8d Add missing changelog entries. (#1613)
• fddad0e fix(headers): don't forward secure headers on protocol change (#1605)
• 50536d1 fix: premature close with chunked transfer encoding and for async iterators in Node 12 (#1172)
• 838d971 Handle zero-length OK deflate responses (#903)
• 1ef4b56 backport of #1449 (#1453)
• 8fe5c4e 2.x: Specify encoding as an optional peer dependency in package.json (#1310)
• f56b0c6 fix(URL): prefer built in URL version when available and fallback to whatwg (#1352)
• b5417ae fix: import whatwg-url in a way compatible with ESM Node (#1303)
• 18193c5 fix v2.6.3 that did not sending query params (#1301)
• ace7536 fix: properly encode url with unicode characters (#1291)
• 152214c Fix(package.json): Corrected main file path in package.json (#1274)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs