pagopa
Bump node-fetch from 2.6.1 to 2.6.7
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| node-fetch | dependencies | patch | 2.6.1 -> 2.6.7 |
For further information on security, please refer to the Confluence page link
Release Notes
node-fetch/node-fetch (node-fetch)
v2.6.7
Security patch release
Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred
What's Changed
- fix: don't forward secure headers to 3th party by @jimmywarting in https://github.com/node-fetch/node-fetch/pull/1453
Full Changelog: https://github.com/node-fetch/node-fetch/compare/v2.6.6...v2.6.7
v2.6.6
What's Changed
- fix(URL): prefer built in URL version when available and fallback to whatwg by @jimmywarting in https://github.com/node-fetch/node-fetch/pull/1352
Full Changelog: https://github.com/node-fetch/node-fetch/compare/v2.6.5...v2.6.6
v2.6.5
v2.6.4
v2.6.3
v2.6.2
fixed main path in package.json
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Renovate Bot.
![renovate-pagopa[bot] avatar](https://avatars.githubusercontent.com/u/57742367?v=4 "Published by a pub.dev verified publisher"){kind=small}
Jira Pull request Link
It seems this Pull Request has no issues that refers to Jira!!! Please check it out.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarCloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarQube Cloud
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarQube Cloud